Handles the OAuth authentication flow for KeenAuth.
This controller provides the core endpoints for OAuth authentication:
new/2- Initiates the OAuth flow by redirecting to the providercallback/2- Handles the OAuth callback from the providerdelete/2- Signs out the user
Usage
You can use this controller directly via KeenAuth.authentication_routes/0 or create
your own controller that uses this module:
defmodule MyAppWeb.AuthController do
use KeenAuth.AuthenticationController
# Override any callback as needed
def callback(conn, params) do
# Custom logic before
result = super(conn, params)
# Custom logic after
result
end
endAuthentication Flow
- User visits
/auth/:provider/new - Controller redirects to OAuth provider with authorization URL
- Provider redirects back to
/auth/:provider/callback - Controller processes the callback through the pipeline:
- Strategy fetches user data from provider
- Mapper normalizes the user data
- Processor handles business logic (validation, database, etc.)
- Storage persists the session
- User is redirected to the original destination
Summary
Functions
Handles the OAuth callback from the provider.
Signs out the user by delegating to the processor's sign_out/3 callback.
Initiates the OAuth flow by redirecting to the provider's authorization URL.
Types
@type oauth_callback_response() :: %{ user: KeenAuth.User.t() | map(), token: tokens_map() }
Callbacks
@callback callback(conn :: Plug.Conn.t(), any()) :: Plug.Conn.t()
@callback delete(conn :: Plug.Conn.t(), any()) :: Plug.Conn.t()
@callback new(conn :: Plug.Conn.t(), any()) :: Plug.Conn.t()
Functions
Handles the OAuth callback from the provider.
Processes the authentication response through the full pipeline:
- Validates the OAuth callback and fetches user data
- Maps the raw user data to a normalized format
- Processes the user through custom business logic
- Stores the authentication in the configured storage
On success, redirects the user to their original destination.
Signs out the user by delegating to the processor's sign_out/3 callback.
If a provider is specified in params, uses that provider. Otherwise, retrieves the provider from storage. Redirects back if no user is signed in.
@spec get_authorization_uri(Plug.Conn.t(), atom()) :: {:ok, %{session_params: map(), url: binary()}}
@spec make_callback_back(Plug.Conn.t(), atom(), map(), map()) :: {:ok, oauth_callback_response()}
@spec map_user(Plug.Conn.t(), atom(), map()) :: KeenAuth.User.t()
@spec maybe_put_redirect_to(Plug.Conn.t(), map()) :: Plug.Conn.t()
Initiates the OAuth flow by redirecting to the provider's authorization URL.
Stores session parameters and optional redirect URL, then redirects the user to the OAuth provider for authentication.
@spec process(Plug.Conn.t(), atom(), KeenAuth.User.t() | map(), any()) :: any()
@spec store( Plug.Conn.t(), atom(), KeenAuth.User.t() | map(), oauth_callback_response() ) :: any()