Giters

danhawkins / ueberauth_token

UeberauthToken is a library which helps validate an oauth2 token received by the resource server. The token should be validated against the authorization server and an ueberauth struct constructed.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

UeberauthToken Build Status Coverage Status Hex docs Hex Version License

Description

UeberauthToken is a library which helps validate an oauth2 token received by the resource server. The token should be validated against the authorization server and an ueberauth struct constructed.

Features

  • Helper function to validate the oauth2 token in a request to a resource server
  • Plug to validate the oauth2 token in a request to a resource server
  • Cache the ueberauth struct response using the excellent whitfin/cachex library.
  • Perform asynchronyous validity checks for each token key in the cache.

Prerequisites

  • Definition of a provider module which implements the following callbacks
@callback get_payload(token :: String.t(), opts :: list()) :: {:ok, map()} | {:error, map()}
@callback valid_token?(token :: String.t(), opts :: list) :: boolean()
@callback get_uid(conn :: Conn.t()) :: any()
@callback get_credentials(conn :: Conn.t()) :: Credentials.t()
@callback get_info(conn :: Conn.t()) :: Info.t()
@callback get_extra(conn :: Conn.t()) :: Extra.t()
@callback get_ttl(conn :: Conn.t()) :: integer()

Basic Usage

1. By adding a plug in a plug pipeline

pipeline :api do
  plug :accepts, ["json"]
  plug UeberauthToken.Plug, provider: UeberauthToken.TestProvider
end

The output from the pipeline should be in one of the two forms as follows:

# Failed validation
Plug.Conn{assigns: %{ueberauth_failure: %Ueberauth.Failure{}}}

# Successful validation
Plug.Conn{assigns: %{ueberauth_auth: %Ueberauth.Auth{}}}

2. By calling UeberauthToken.token_auth/3

UeberauthToken.token_auth("a2b62c2a-74de-417a-9038-deaf6a98c6c0", UeberauthToken.TestProvider, [])

The output from the pipeline should be in one of the two forms as follows:

# Failed validation
%Ueberauth.Failure{}

# Successful validation
%Ueberauth.Auth{}

Installation

Add package as a dependency

The ueberauth_token package can be installed by adding ueberauth_token to your list of dependencies in mix.exs:

def deps do
  [
    {:ueberauth_token, "~> 0.1.1"}
  ]
end

Define an adapter module

See UeberauthToken.TestProvider as an example approach to writing an adapter.

Add the configuration to config/config.exs

config :ueberauth_token, UeberauthToken.Config,
  providers: [SomeProvider]

config :ueberauth_token, SomeProvider,
  use_cache: false,
  cache_name: :ueberauth_token_some_provider,
  background_checks: false,
  background_frequency: 600,
  background_worker_log_level: :warn

Note: The configuration also supports confex style configurations.

Tests

MIX_ENV=test mix test

Authors

License

MIT License. See LICENSE.md for further details.

About

UeberauthToken is a library which helps validate an oauth2 token received by the resource server. The token should be validated against the authorization server and an ueberauth struct constructed.

License:MIT License

Languages

Language:Elixir 100.0%