defmodule Ueberauth.Strategy.Duo.OAuth do use OAuth2.Strategy alias Ueberauth alias OAuth2.Client alias OAuth2.Strategy.AuthCode def client(opts \\ []) do config = Application.get_env(:ueberauth, __MODULE__) json_library = Ueberauth.json_library() defaults() |> Keyword.merge(config) |> Keyword.merge(opts) |> validate_config_option!(:client_id) |> validate_config_option!(:client_secret) |> validate_config_option!(:site) |> Client.new() |> OAuth2.Client.put_serializer("application/json", json_library) end def authorize_url!(params \\ [], opts \\ []) do opts |> client |> Client.authorize_url!(params) end def get_token!(params \\ [], opts \\ []) do opts |> client |> Client.get_token!(params) end def get_user_info(headers \\ [], opts \\ []) do config = Application.get_env(:ueberauth, __MODULE__) userinfo_url = Keyword.get(opts, :userinfo_url) || Keyword.get(config, :userinfo_url, "/userinfo") client(opts) |> Client.get(userinfo_url, headers, opts) |> case do {:ok, %{status_code: 200, body: user}} -> {:ok, user} {:ok, result} -> {:error, result} err -> err end end # oauth2 Strategy Callbacks def authorize_url(client, params) do AuthCode.authorize_url(client, params) end def get_token(client, params, headers) do client |> put_param(:client_secret, client.client_secret) |> put_header("Accept", "application/json") |> AuthCode.get_token(params, headers) end defp defaults() do [ strategy: __MODULE__, authorize_url: "/authorize", token_url: "/token", request_opts: [ssl_options: [versions: [:"tlsv1.2"]]] ] end defp validate_config_option!(config, key) when is_list(config) do case Keyword.take(config, [key]) do [] -> raise "[Ueberauth.Strategy.Duo.OAuth] missing required key: #{inspect(key)} " [{_, ""}] -> raise "[Ueberauth.Strategy.Duo.OAuth] #{inspect(key)} is an empty string" [{:site, "http" <> _}] -> config [{:site, val}] -> raise "[Ueberauth.Strategy.Duo.OAuth] invalid :site - #{inspect(val)}" [{_, val}] when is_binary(val) -> config _ -> raise "[Ueberauth.Strategy.Duo.OAuth] #{inspect(key)} must be a string" end end defp validate_config_option!(_, _) do raise "[Ueberauth.Strategy.Duo.OAuth] strategy options must be a keyword list" end end