Oidcc.Plug.LoadUserinfo (Oidcc Plug v0.2.1)
View SourceValidate extracted authorization token using userinfo retrieval.
See: https://openid.net/specs/openid-connect-core-1_0.html#UserInfo
This module should be used together with Oidcc.Plug.ExtractAuthorization
.
This plug will send a userinfo request for every request. To avoid this,
provide a cache
to opts/0
.
defmodule SampleAppWeb.Endpoint do
use Phoenix.Endpoint, otp_app: :sample_app
# ...
plug Oidcc.Plug.ExtractAuthorization
plug Oidcc.Plug.LoadUserinfo,
provider: SampleApp.GoogleOpenIdConfigurationProvider,
client_id: Application.compile_env!(:sample_app, [Oidcc.Plug.LoadUserinfo, :client_id]),
client_secret: Application.compile_env!(:sample_app, [Oidcc.Plug.LoadUserinfo, :client_secret])
plug SampleAppWeb.Router
end
Summary
Types
@type opts() :: [ provider: GenServer.name(), client_id: String.t() | (-> String.t()), client_secret: String.t() | (-> String.t()), userinfo_retrieve_opts: :oidcc_userinfo.retrieve_opts(), send_inactive_token_response: (conn :: Plug.Conn.t() -> Plug.Conn.t()), cache: Oidcc.Plug.Cache.t() ]
Plug Configuration Options
Options
provider
- name of theOidcc.ProviderConfiguration.Worker
client_id
- OAuth Client ID to use for the userinfo retrievalclient_secret
- OAuth Client Secret to use for the userinfo retrievaluserinfo_retrieve_opts
- Options to pass to userinfo loadingsend_inactive_token_response
- Customize Error Response for inactive tokencache
- Cache userinfo response - SeeOidcc.Plug.Cache