oauth2_token_manager v0.1.0 OAuth2TokenManager.AccessToken View Source

Link to this section Summary

Functions

Deletes all access tokens related to a subject or a client (in the client credentials flow)

Revokes an access token on the authorization server

Link to this section Functions

Link to this function

delete(at, iss, client_conf, opts \\ [])

View Source

Specs

Deletes an access token

The access token is deleted in the local token data base. If the :revoke_on_delete is set, an attempt is made to revoke it on the server (but there is no way to know whether it was successful or not).

Link to this function

delete_all(iss, sub_or_cc, client_conf, opts \\ [])

View Source

Specs

Deletes all access tokens related to a subject or a client (in the client credentials flow)

Link to this function

get(iss, sub_or_cc, client_conf, requested_scope_or_nil, opts \\ [])

View Source

Specs

Gets an access token for API access

Requesting scopes

The requested_scope_or_nil allows requesting an access token with certain scopes as follows:

  • if the parameter is set to a list of scopes (for instance ["scope_a", "scope_b"]):

    • if there is an existing valid access token available with these exact scopes (and no more), it returns it
    • otherwise it tries using an refresh token registered for the subject and the issuer passed as parameters to retrieve an access token with just these scopes
  • if the parameter is nil, returns any valid access token
Link to this function

introspect(at, iss, client_conf, opts \\ [])

View Source

Specs

Introspect an access token

A request is performed to the introspection endpoint of the authorization server if saved metadata is not fresh (:min_introspect_interval option, see OAuth2TokenManager.opts/0).

The response is not saved. Use register/6 if you want to do so.

Link to this function

register(at, at_type, at_metadata, iss, client_conf, opts \\ [])

View Source

Specs

Registers an access token

Link to this function

revoke(at, iss, client_conf, opts \\ [])

View Source

Specs

Revokes an access token on the authorization server

It does not delete the access token locally. To do so, refer to delete/4