The commonly used library weavejester/ring-oauth2, providing a Ring middleware that acts as a OAuth 2.0 client, does not work with reitit.

The reason why it doesn't work with reitit is related to sessions and you can find the explanation of the problem in this issue.

As for now, only access-token is handled (refresh-token is not handled yet).

The API function provides reitit routes for oauth2 (launch oauth2 and redirect) that you can merge with the rest of your app routes. the API function takes a map with the different services config (you can find an example of configs here).

In the google dev console, create a project.

In the oauth consent screen tab, fill the app info that is going to be displayed to the user upon giving permissions.

You can also select the permsissions you want the user to give to you.

In the credentials tab, click create crednetials then OAuth client ID with type Web application.

For Authorised JavaScript origins, you need to specify you app URI. For local development, you need to add localhost as well and one entry per port. For example, if you have a backend port 8123 and a fighweel front-end port 9500 you will add 2 URIs.

For Authorised redirect URIs, same remarks, one callback per port.

Here is an example:

Once you save, you should get your client-id and client-secret.

We then advice to store the configs in a edn file that you will slurp in your code or env variables and of course never pushing the credentials to your online repo (at least the client-secret).

For our google example, our google config edn file look like this

{:google {:project-id       "my-website"
          :authorize-uri    "https://accounts.google.com/o/oauth2/auth"
          :access-token-uri "https://oauth2.googleapis.com/token"
          :client-id        "CLIENT-ID"
          :client-secret    "CLIENT-SECRET"
          :scopes           ["https://www.googleapis.com/auth/userinfo.email"
                             "https://www.googleapis.com/auth/userinfo.profile"]
          :launch-uri       "/oauth/google/login"
          :redirect-uri     "http://localhost:8123/oauth/google/callback" ;; would need be sure to change the port depending if you need to.
          :landing-uri      "/oauth/google/success"}}

A good example written by the author of the upstream library can be found alongside the source in this repo to get you started.

In order to make the session works, you must follow the workaround highlighted in this issue

• wrap-params must be in the middleware stack (or any middleware adding params and body-params to the request such as muuntaja/format-middleware for instance).

• Be aware of the order of your middlewares, for more details, see this issue.

Released under the MIT License, same as the ring-oauth2 project.