OAuth2.Strategy behaviour (OAuth2 v2.1.0) View Source
The OAuth2 strategy specification.
This module defines the required callbacks for all strategies.
Examples
Here's an example strategy for authenticating with GitHub.
defmodule GitHub do
use OAuth2.Strategy
# Public API
def new do
OAuth2.Client.new([
strategy: __MODULE__,
client_id: "abc123",
client_secret: "abcdefg",
redirect_uri: "http://myapp.com/auth/callback",
site: "https://api.github.com",
authorize_url: "https://github.com/login/oauth/authorize",
token_url: "https://github.com/login/oauth/access_token"
])
end
def authorize_url!(params \\ []) do
new()
|> put_param(:scope, "user,public_repo")
|> OAuth2.Client.authorize_url!(params)
end
def get_token!(params \\ [], headers \\ []) do
OAuth2.Client.get_token!(new(), params, headers)
end
# Strategy Callbacks
def authorize_url(client, params) do
OAuth2.Strategy.AuthCode.authorize_url(client, params)
end
def get_token(client, params, headers) do
client
|> put_header("Accept", "application/json")
|> OAuth2.Strategy.AuthCode.get_token(params, headers)
end
end
Usage
Generate the authorize URL and redirect the client for authorization.
GitHub.authorize_url!
Capture the code
in your callback route on your server and use it to obtain an access token.
token = GitHub.get_token!(code: code)
Use the access token to access desired resources.
user = OAuth2.AccessToken.get!(token, "/user")
Link to this section Summary
Link to this section Callbacks
Specs
authorize_url(OAuth2.Client.t(), OAuth2.Client.params()) :: OAuth2.Client.t()
Builds the URL to the authorization endpoint.
Example
def authorize_url(client, params) do
client
|> put_param(:response_type, "code")
|> put_param(:client_id, client.client_id)
|> put_param(:redirect_uri, client.redirect_uri)
|> merge_params(params)
end
Specs
get_token(OAuth2.Client.t(), OAuth2.Client.params(), OAuth2.Client.headers()) :: OAuth2.Client.t()
Builds the URL to the token endpoint.
Example
def get_token(client, params, headers) do
client
|> put_param(:code, params[:code])
|> put_param(:grant_type, "authorization_code")
|> put_param(:client_id, client.client_id)
|> put_param(:client_secret, client.client_secret)
|> put_param(:redirect_uri, client.redirect_uri)
|> merge_params(params)
|> put_headers(headers)
end