View Source MyApp.CharonOauth2.Authorizations (CharonOauth2 v0.5.1)

Context to manage authorizations

Summary

Functions

Get a list of all oauth2 authorizations.

Delete an authorization.

Get a single authorization by one or more clauses, optionally with preloads. Returns nil if Authorization cannot be found.

Insert a new authorization

Update an authorization.

Functions

all(filters \\ %{}, preloads \\ [])

Get a list of all oauth2 authorizations.

Doctests

iex> insert_test_authorization!(resource_owner_id: insert_test_user().id)
iex> [%Authorization{}] = Authorizations.all()

# can be filtered
iex> authorization = insert_test_authorization!(resource_owner_id: insert_test_user().id)
iex> [%Authorization{}] = Authorizations.all(%{resource_owner_id: authorization.resource_owner_id})
iex> [%Authorization{}] = Authorizations.all(%{scope: authorization.scope |> List.first()})
iex> [] = Authorizations.all(%{resource_owner_id: authorization.resource_owner_id + 1})

delete(authorization)

@spec delete(MyApp.CharonOauth2.Authorization.t() | keyword() | map()) ::
  {:ok, MyApp.CharonOauth2.Authorization.t()} | {:error, :not_found}

Delete an authorization.

Examples / doctests

# authorization must exist
iex> {:error, :not_found} = Authorizations.delete(id: -1)

# succesfully deletes an authorization
iex> authorization = insert_test_authorization!(resource_owner_id: insert_test_user().id)
iex> {:ok, _} = Authorizations.delete([id: authorization.id])
iex> {:error, :not_found} = Authorizations.delete([id: authorization.id])

get_by(clauses, preloads \\ [])

Get a single authorization by one or more clauses, optionally with preloads. Returns nil if Authorization cannot be found.

Doctests

iex> authorization = insert_test_authorization!(resource_owner_id: insert_test_user().id)
iex> %Authorization{} = Authorizations.get_by(id: authorization.id)
iex> nil = Authorizations.get_by(id: authorization.id + 1)

# preloads things
iex> authorization = insert_test_authorization!(resource_owner_id: insert_test_user().id)
iex> %{resource_owner: %{id: _}, client: %{id: _}} = Authorizations.get_by([id: authorization.id], Authorization.supported_preloads)

insert(params)

@spec insert(map()) ::
  {:ok, MyApp.CharonOauth2.Authorization.t()} | {:error, Ecto.Changeset.t()}

Insert a new authorization

Examples / doctests

# succesfully creates an authorization
iex> {:ok, _} = insert_test_authorization(resource_owner_id: insert_test_user().id)

# a user can authorize a client only once
iex> {:ok, authorization} = insert_test_authorization(resource_owner_id: insert_test_user().id)
iex> insert_test_authorization(resource_owner_id: authorization.resource_owner_id, client_id: authorization.client_id) |> errors_on()
%{client_id: ["user already authorized this client"]}

# owner and client must exist
iex> insert_test_authorization(resource_owner_id: -1, client_id: insert_test_client!(owner_id: insert_test_user().id).id) |> errors_on()
%{resource_owner: ["does not exist"]}
iex> insert_test_authorization(resource_owner_id: insert_test_user().id, client_id: Ecto.UUID.generate()) |> errors_on()
%{client: ["does not exist"]}

iex> Authorizations.insert(%{}) |> errors_on()
%{scope: ["can't be blank"], client_id: ["can't be blank"], resource_owner_id: ["can't be blank"]}

update(authorization, params)

@spec update(MyApp.CharonOauth2.Authorization.t() | keyword() | map(), map()) ::
  {:ok, MyApp.CharonOauth2.Authorization.t()}
  | {:error, Ecto.Changeset.t()}
  | {:error, :not_found}

Update an authorization.

TODO: fix ~(write write) test by implementing overrides

Examples / doctests

# scopes must be subset of configured scopes and of client scopes
iex> insert_test_authorization!(resource_owner_id: insert_test_user().id) |> Authorizations.update(%{scope: ~w(cry)}) |> errors_on()
%{scope: ["must be subset of party, read, write"]}
iex> insert_test_authorization!(resource_owner_id: insert_test_user().id) |> Authorizations.update(%{scope: ~w(write write)}) |> errors_on()
%{scope: ["client not allowed to access scope(s): write"]}

# client and resource owner can't be updated
iex> %{id: id, client_id: client_id, resource_owner_id: owner_id} = insert_test_authorization!(resource_owner_id: insert_test_user().id)
iex> {:ok, %{client_id: ^client_id, resource_owner_id: ^owner_id}} = Authorizations.update([id: id], %{client_id: -1, owner_id: -1})