View Source Boruta.Oauth.ResourceOwners behaviour (Boruta core v2.3.3)

Resource owner context

Summary

Callbacks

Returns a list of authorized scopes for a given resource owner. These scopes will be granted is requested for the user.

Determines if given password is valid for the given resource owner.

Returns id_token identity claims for the given resource owner. Those claims will be present in resulting id_token of OpenID Connect flows.

Returns a resource owner by (username) or (id).

Callbacks

Link to this callback

authorized_scopes(resource_owner)

View Source
@callback authorized_scopes(resource_owner :: Boruta.Oauth.ResourceOwner.t()) :: [
  Boruta.Oauth.Scope.t()
]

Returns a list of authorized scopes for a given resource owner. These scopes will be granted is requested for the user.

Link to this callback

check_password(resource_owner, password)

View Source
@callback check_password(
  resource_owner :: Boruta.Oauth.ResourceOwner.t(),
  password :: String.t()
) ::
  :ok | {:error, String.t()}

Determines if given password is valid for the given resource owner.

Link to this callback

claims(resource_owner, scope)

View Source (optional)
@callback claims(resource_owner :: Boruta.Oauth.ResourceOwner.t(), scope :: String.t()) ::
  claims :: Boruta.Oauth.IdToken.claims()

Returns id_token identity claims for the given resource owner. Those claims will be present in resulting id_token of OpenID Connect flows.

@callback get_by([{:username, String.t()}] | [{:sub, String.t()}]) ::
  {:ok, resource_owner :: Boruta.Oauth.ResourceOwner.t()} | {:error, String.t()}

Returns a resource owner by (username) or (id).