View Source oidcc_token_introspection (Oidcc v3.2.1)

OAuth Token Introspection

See https://datatracker.ietf.org/doc/html/rfc7662

Records

To use the records, import the definition:

  -include_lib(["oidcc/include/oidcc_token_introspection.hrl"]).

Telemetry

See 'Elixir.Oidcc.TokenIntrospection'

Summary

Types

t/0

Introspection Result

Functions

Introspect the given access token

Types

Link to this type

error/0

View Source (since 3.0.0 -------------------------------------------------------------------)
-type error() :: client_id_mismatch | introspection_not_supported | oidcc_http_util:error().
Link to this type

opts/0

View Source (since 3.0.0 -------------------------------------------------------------------)
-type opts() ::
          #{preferred_auth_methods => [oidcc_auth_util:auth_method(), ...],
            request_opts => oidcc_http_util:request_opts(),
            dpop_nonce => binary()}.
Link to this type

t/0

View Source (since 3.0.0 -------------------------------------------------------------------)
-type t() ::
          #oidcc_token_introspection{active :: boolean(),
                                     client_id :: binary(),
                                     exp :: pos_integer(),
                                     scope :: oidcc_scope:scopes(),
                                     username :: binary(),
                                     token_type :: binary() | undefined,
                                     iat :: pos_integer() | undefined,
                                     nbf :: pos_integer() | undefined,
                                     sub :: binary() | undefined,
                                     aud :: binary() | undefined,
                                     iss :: binary() | undefined,
                                     jti :: binary() | undefined,
                                     extra :: #{binary() := term()}}.

Introspection Result

See https://datatracker.ietf.org/doc/html/rfc7662#section-2.2

Functions

Link to this function

introspect(Token, ClientContext, Opts)

View Source (since 3.0.0)
-spec introspect(Token, ClientContext, Opts) -> {ok, t()} | {error, error()}
                    when
                        Token :: oidcc_token:t() | binary(),
                        ClientContext :: oidcc_client_context:authenticated_t(),
                        Opts :: opts().

Introspect the given access token

For a high level interface using oidcc_provider_configuration_worker see oidcc:introspect_token/5.

Examples

  {ok, ClientContext} =
    oidcc_client_context:from_configuration_worker(provider_name,
                                                   <<"client_id">>,
                                                   <<"client_secret">>),
 
  %% Get AccessToken
 
  {ok, #oidcc_token_introspection{active = True}} =
    oidcc_token_introspection:introspect(AccessToken, ClientContext, #{}).