PowAssent v0.1.0 PowAssent.Strategy.AzureOAuth2 View Source
Azure AD OAuth 2.0 strategy.
Usage
config :my_app, :pow_assent,
providers: [
azure: [
client_id: "REPLACE_WITH_CLIENT_ID",
client_secret: "REPLACE_WITH_CLIENT_SECRET",
strategy: PowAssent.Strategy.AzureOAuth2
]
]
A tenant id can be set to limit scope of users who can get access (defaults to “common”):
config :my_app, :pow_assent,
providers: [
azure: [
client_id: "REPLACE_WITH_CLIENT_ID",
client_secret: "REPLACE_WITH_CLIENT_SECRET",
tenant_id: "8eaef023-2b34-4da1-9baa-8bc8c9d6a490",
strategy: PowAssent.Strategy.AzureOAuth2,
]
]
The resource that client should pull a token for defaults to
https://graph.microsoft.com/
. It can be overridden with the
resource
key (or the authorization_params
key):
config :my_app, :pow_assent,
providers: [
azure: [
client_id: "REPLACE_WITH_CLIENT_ID",
client_secret: "REPLACE_WITH_CLIENT_SECRET",
tenant_id: "8eaef023-2b34-4da1-9baa-8bc8c9d6a490",
resource: "https://service.contoso.com/",
strategy: PowAssent.Strategy.AzureOAuth2
]
]
Setting up Azure AD
Login to Azure, and set up a new application: https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code#register-your-application-with-your-ad-tenant
client_id
is the “Application ID”.client_secret
has to be created with a new key for the application.- The callback URL (http://localhost:4000/auth/azure/callback) should be added to Reply URL’s for the application
- “Sign in and read user profile” permission has to be enabled.
App ID URI for resource
To find the App ID URI to be used for resource
, in the Azure Portal, click
Azure Active Directory, click Application registrations, open the
application’s Settings page, then click Properties.
Link to this section Summary
Functions
Callback implementation for PowAssent.Strategy.authorize_url/2
Callback implementation for PowAssent.Strategy.callback/3
Callback implementation for PowAssent.Strategy.OAuth2.Base.default_config/1
Callback implementation for PowAssent.Strategy.OAuth2.Base.get_user/2
Callback implementation for PowAssent.Strategy.OAuth2.Base.normalize/2
Link to this section Functions
authorize_url(Keyword.t(), Plug.Conn.t()) :: {:ok, %{conn: Plug.Conn.t(), state: binary(), url: binary()}}
Callback implementation for PowAssent.Strategy.authorize_url/2
.
callback(Keyword.t(), Plug.Conn.t(), map()) :: {:ok, %{conn: Plug.Conn.t(), user: map()}} | {:error, %{conn: Plug.Conn.t(), error: any()}}
Callback implementation for PowAssent.Strategy.callback/3
.
Callback implementation for PowAssent.Strategy.OAuth2.Base.default_config/1
.
Callback implementation for PowAssent.Strategy.OAuth2.Base.get_user/2
.
Callback implementation for PowAssent.Strategy.OAuth2.Base.normalize/2
.