oauth2_token_manager v0.1.0 OAuth2TokenManager.Claims View Source
Link to this section Summary
Functions
Returns the claims for a subject
Returns an ID token for the subject
Register a new ID token
Link to this section Functions
Specs
get_claims( OAuth2TokenManager.issuer(), OAuth2TokenManager.subject(), OAuth2TokenManager.client_config(), OAuth2TokenManager.opts() ) :: {:ok, OAuth2TokenManager.claims()} | {:error, Exception.t()}
Returns the claims for a subject
It merges the claims retrieved from the userinfo
endpoint and those in the ID token returned
by get_id_token/2
. The claims of the most recent source take precedence over the others.
ID token "technical" claims are removed from the output: ["iss", "sub", "aud", "exp", "iat", "auth_time", "nonce", "acr", "amr", "azp"]
Specs
get_id_token(OAuth2TokenManager.issuer(), OAuth2TokenManager.subject()) :: {:ok, OAuth2TokenManager.id_token()} | {:ok, nil} | {:error, Exception.t()}
Returns an ID token for the subject
The latest retrieved ID token is returned (unless register_id_token/2
was called by a third-
party library). It is always unencrypted, but may not be valid anymore (it may have expired).
If there is no ID token registered, {:ok, nil}
is returned. The {:error, e}
tuple is
returned only when something went wrong with the backend store.
Specs
register_id_token(OAuth2TokenManager.issuer(), OAuth2TokenManager.id_token()) :: :ok | {:error, Exception.t()}
Register a new ID token
Ideally, only the latest retrieved ID token should be saved using this function.