ElixirAuthMicrosoft (elixir_auth_microsoft v1.3.0)
Minimalist Microsoft OAuth Authentication for Elixir Apps. Tested, documented and maintained. Offers simple access to tokens and basic user profile info.
Summary
Functions
generate_oauth_url_authorize/1 creates an OAuth2 URL with client_id, redirect_uri and scopes (be sure to create the app registration in Azure Portal AD).
The redirect_uri will be the URL Microsoft will redirect after successful sign-in.
This is the URL that you should be used in a "Login with Microsoft"-type button.
generate_oauth_url_authorize/2 is the same as generate_oauth_url_authorize/1 but with a state parameter.
This state parameter should be compared with the one that is sent as query param in the redirect URI after the sign-in is successful.
generate_oauth_url_logout/0 creates a logout URL.
This should the URL the person is redirected to when they want to logout.
To define the redirect URL (the URL that the user will be redirected to after successful logout from Microsoft ),
you need to set the MICROSOFT_POST_LOGOUT_REDIRECT_URI env variable
or :post_logout_redirect_uri in the config file.
get_token/2 fetches the ID token using the authorization code that was previously obtained.
Env variables are used to encode information while fetching the ID token from Microsoft, including the registered client ID that was created in Azure Portal AD.
get_user_profile/1 fetches the signed-in Microsoft User info according to the token that is passed by calling get_token/1.
http/0 injects a TestDouble in test envs.
When testing, it uses a mocked version of HTTPoison with predictible results. When in production, it uses the original version.
parse_body_response/1 parses the response from Microsoft's endpoints.
The keys of the decoded map are converted in atoms, for easier access in templates.
Functions
generate_oauth_url_authorize(conn)
@spec generate_oauth_url_authorize(Conn.t()) :: String.t()
generate_oauth_url_authorize/1 creates an OAuth2 URL with client_id, redirect_uri and scopes (be sure to create the app registration in Azure Portal AD).
The redirect_uri will be the URL Microsoft will redirect after successful sign-in.
This is the URL that you should be used in a "Login with Microsoft"-type button.
generate_oauth_url_authorize(conn, state)
@spec generate_oauth_url_authorize( %{:host => any(), optional(any()) => any()}, binary() ) :: String.t()
generate_oauth_url_authorize/2 is the same as generate_oauth_url_authorize/1 but with a state parameter.
This state parameter should be compared with the one that is sent as query param in the redirect URI after the sign-in is successful.
generate_oauth_url_logout()
generate_oauth_url_logout/0 creates a logout URL.
This should the URL the person is redirected to when they want to logout.
To define the redirect URL (the URL that the user will be redirected to after successful logout from Microsoft ),
you need to set the MICROSOFT_POST_LOGOUT_REDIRECT_URI env variable
or :post_logout_redirect_uri in the config file.
get_token(code, conn)
get_token/2 fetches the ID token using the authorization code that was previously obtained.
Env variables are used to encode information while fetching the ID token from Microsoft, including the registered client ID that was created in Azure Portal AD.
get_user_profile(token)
get_user_profile/1 fetches the signed-in Microsoft User info according to the token that is passed by calling get_token/1.
http()
http/0 injects a TestDouble in test envs.
When testing, it uses a mocked version of HTTPoison with predictible results. When in production, it uses the original version.
parse_body_response(arg)
parse_body_response/1 parses the response from Microsoft's endpoints.
The keys of the decoded map are converted in atoms, for easier access in templates.
##TODO check cases where the parsed code when fetching fails.