Ueberauth EVE SSO v0.1.0 Ueberauth.Strategy.EVESSO View Source
Provides an Ueberauth strategy for authenticating with EVE SSO v2.
Setup
Create an SSO Application on the EVE Developers page.
After registering an application get the client id and secret key from the application details page.
Include the credentials in the configuration for EVESSO
config :ueberauth, Ueberauth.Strategy.EVESSO.OAuth,
client_id: System.get_env("EVESSO_CLIENT_ID"),
client_secret: System.get_env("EVESSO_SECRET_KEY")
If you haven't already, create a pipeline and set up routes for your callback handler
pipeline :auth do
Ueberauth.plug "/auth"
end
scope "/auth" do
pipe_through [:browser, :auth]
get "/:provider/callback", AuthController, :callback
end
Create an endpoint for the callback where you will handle the Ueberauth.Auth struct
defmodule MyApp.AuthController do
use MyApp.Web, :controller
def callback_phase(%{assigns: %{ueberauth_failure: fails}} = conn, _params) do
#do things with the failure
end
def callback_phase(%{assigns: %{ueberauth_auth: auth}} = conn, params) do
# do things with the auth
end
end
You can edit the behaviour of the Strategy by including some options when you register your provider
To set the uid_field
config :ueberauth, Ueberauth,
providers: [
evesso: {Ueberauth.Strategy.EVESSO, [uid_field: :character_id]}
]
Default is :owner_hash
, others available are :character_id
and :name
To set the default scopes:
config :ueberauth, Ueberauth,
providers: [
evesso: {Ueberauth.Strategy.EVESSO, [default_scope: "esi-clones.read_implants.v1 esi-characters.read_notifications.v1"]}
]
Default is empty ("") which doesn't grant any extra permissions beyond public endpoints but enables you to verify character ownership. Scopes are provided as a space-separated list.
Link to this section Summary
Functions
Includes the credentials from the SSO response.
Stores the raw information, including the token, obtained from the SSO callback.
Handles failure of SSO where no auth code is returned
Cleans up the private area of the connection used for passing the raw SSO response around during the callback phase
Handles the initial redirect to the EVE SSO authentication page
Fetches the fields to populate the info section of the Ueberauth.Auth
struct.
Fetches the uid field from the token payload. This defaults to the option uid_field
which in turn defaults to owner_hash
Link to this section Functions
Includes the credentials from the SSO response.
Stores the raw information, including the token, obtained from the SSO callback.
Handles failure of SSO where no auth code is returned
Cleans up the private area of the connection used for passing the raw SSO response around during the callback phase
Handles the initial redirect to the EVE SSO authentication page
To customize the scopes that are requested from SSO include them as part of your url:
"/auth/evesso?scope=esi-clones.read_implants.v1"
EVE SSO v2 also requires a state
param that will be returned and can be used to guard against MITM attacks.
Fetches the fields to populate the info section of the Ueberauth.Auth
struct.
Fetches the uid field from the token payload. This defaults to the option uid_field
which in turn defaults to owner_hash