Atex.OAuth.Plug (atex v0.6.0)

View Source

Plug router for handling AT Protocol's OAuth flow.

This module provides three endpoints:

  • GET /login?handle=<handle> - Initiates the OAuth authorization flow for a given handle
  • GET /callback - Handles the OAuth callback after user authorization
  • GET /client-metadata.json - Serves the OAuth client metadata

Usage

This module requires Plug.Session to be in your pipeline, as well as secret_key_base to have been set on your connections. Ideally it should be routed to via Plug.Router.forward/2, under a route like "/oauth".

Example

Example implementation showing how to set up the OAuth plug with proper session handling:

defmodule ExampleOAuthPlug do
  use Plug.Router

  plug :put_secret_key_base

  plug Plug.Session,
    store: :cookie,
    key: "atex-oauth",
    signing_salt: "signing-salt"

  plug :match
  plug :dispatch

  forward "/oauth", to: Atex.OAuth.Plug

  def put_secret_key_base(conn, _) do
    put_in(
      conn.secret_key_base,
      "very long key base with at least 64 bytes"
    )
  end
end

Session Storage

After successful authentication, the plug stores these in the session:

  • :tokens - The access token response containing access_token, refresh_token, did, and expires_at
  • :dpop_nonce -
  • :dpop_key - The DPoP JWK for generating DPoP proofs

Summary

Functions

call(conn, opts)

Callback implementation for Plug.call/2.

init(opts)

Callback implementation for Plug.init/1.

Functions

call(conn, opts)

Callback implementation for Plug.call/2.

init(opts)

Callback implementation for Plug.init/1.