OAuth2.Strategy behaviour (OAuth2 v2.1.0) View Source

The OAuth2 strategy specification.

This module defines the required callbacks for all strategies.

Examples

Here's an example strategy for authenticating with GitHub.

defmodule GitHub do
  use OAuth2.Strategy

  # Public API

  def new do
    OAuth2.Client.new([
      strategy: __MODULE__,
      client_id: "abc123",
      client_secret: "abcdefg",
      redirect_uri: "http://myapp.com/auth/callback",
      site: "https://api.github.com",
      authorize_url: "https://github.com/login/oauth/authorize",
      token_url: "https://github.com/login/oauth/access_token"
    ])
  end

  def authorize_url!(params \\ []) do
    new()
    |> put_param(:scope, "user,public_repo")
    |> OAuth2.Client.authorize_url!(params)
  end

  def get_token!(params \\ [], headers \\ []) do
    OAuth2.Client.get_token!(new(), params, headers)
  end

  # Strategy Callbacks

  def authorize_url(client, params) do
    OAuth2.Strategy.AuthCode.authorize_url(client, params)
  end

  def get_token(client, params, headers) do
    client
    |> put_header("Accept", "application/json")
    |> OAuth2.Strategy.AuthCode.get_token(params, headers)
  end
end

Usage

Generate the authorize URL and redirect the client for authorization.

GitHub.authorize_url!

Capture the code in your callback route on your server and use it to obtain an access token.

token = GitHub.get_token!(code: code)

Use the access token to access desired resources.

user = OAuth2.AccessToken.get!(token, "/user")

Link to this section Summary

Callbacks

authorize_url(t, params)

Builds the URL to the authorization endpoint.

get_token(t, params, headers)

Builds the URL to the token endpoint.

Link to this section Callbacks