Lockspire.Clients (lockspire v1.0.0)

Copy Markdown

Durable client registration API for secure Phase 2 client onboarding.

Summary

Types

error_detail()
validation_error()

Functions

frontchannel_logout_origin_matches_redirect_uri?(logout_uri, redirect_uris)
generate_client_id()
register_client(attrs)
rotate_secret_hash()
validate_allowed_scopes(scopes)
validate_logout_uri(uri)
validate_redirect_uris(redirect_uris)

Types

error_detail()

@type error_detail() :: %{field: atom(), reason: validation_error(), detail: term()}

validation_error()

@type validation_error() ::
  :invalid_client_type
  | :invalid_token_endpoint_auth_method
  | :invalid_redirect_uri
  | :invalid_logout_uri
  | :invalid_scope
  | :invalid_grant_type
  | :invalid_response_type
  | :pkce_required
  | :client_secret_not_allowed
  | :persistence_failed

Functions

frontchannel_logout_origin_matches_redirect_uri?(logout_uri, redirect_uris)

@spec frontchannel_logout_origin_matches_redirect_uri?(String.t(), [String.t()]) ::
  boolean()

generate_client_id()

@spec generate_client_id() :: String.t()

register_client(attrs)

@spec register_client(map() | keyword()) ::
  {:ok, Lockspire.Clients.RegistrationResult.t()} | {:error, [error_detail()]}

rotate_secret_hash()

@spec rotate_secret_hash() :: {String.t(), String.t()}

validate_allowed_scopes(scopes)

@spec validate_allowed_scopes([String.t()] | String.t() | nil) ::
  :ok | {:error, [error_detail()]}

validate_logout_uri(uri)

@spec validate_logout_uri(String.t() | nil) :: :ok | {:error, error_detail()}

validate_redirect_uris(redirect_uris)

@spec validate_redirect_uris([String.t()] | String.t() | nil) ::
  :ok | {:error, [error_detail()]}