View Source oidcc_authorization (Oidcc v3.1.2-beta.1)

Functions to start an OpenID Connect Authorization

Summary

Types

error/0
opts/0

Configure authorization redirect url

quirks/0

Allow Specification Non-compliance

Functions

create_redirect_url(ClientContext, Opts)

Create Auth Redirect URL

Types

Link to this type

error/0

View Source (since 3.0.0 -------------------------------------------------------------------) 
-type error() :: {grant_type_not_supported, authorization_code}.
Link to this type

opts/0

View Source (since 3.0.0 -------------------------------------------------------------------) 
-type opts() ::
    #{scopes => oidcc_scope:scopes(),
      state => binary(),
      nonce => binary(),
      pkce_verifier => binary(),
      redirect_uri := uri_string:uri_string(),
      url_extension => oidcc_http_util:query_params(),
      quirks => quirks()}.

Configure authorization redirect url

See https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest

Parameters

  • scopes - list of scopes to request (defaults to [<<"openid">>])
  • state - state to pass to the provider
  • nonce - nonce to pass to the provider
  • pkce_verifier - pkce verifier (random string), see https://datatracker.ietf.org/doc/html/rfc7636#section-4.1
  • redirect_uri - redirect target after authorization is completed
  • url_extension - add custom query parameters to the authorization url
Link to this type

quirks/0

View Source (since 3.0.0 -------------------------------------------------------------------) 
-type quirks() :: #{allow_unsupported_grant_types => boolean()}.

Allow Specification Non-compliance

Exceptions

  • allow_unsupported_grant_types - Allow to proceed with a grant type that has not been registered in grant_types_supported

Functions

Link to this function

create_redirect_url(ClientContext, Opts)

View Source (since 3.0.0) 
-spec create_redirect_url(ClientContext, Opts) -> {ok, Uri} | {error, error()}
                       when
                           ClientContext :: oidcc_client_context:t(),
                           Opts :: opts(),
                           Uri :: uri_string:uri_string().

Create Auth Redirect URL

For a high level interface using oidcc_provider_configuration_worker see oidcc:create_redirect_url/4.

Examples 

  {ok, ClientContext} =
      oidcc_client_context:from_configuration_worker(provider_name,
                                                     <<"client_id">>,
                                                     <<"client_secret">>),
 
  {ok, RedirectUri} =
      oidcc_authorization:create_redirect_url(ClientContext,
                                              #{redirect_uri: <<"https://my.server/return"}),
 
  %% RedirectUri = https://my.provider/auth?scope=openid&response_type=code&client_id=client_id&redirect_uri=https%3A%2F%2Fmy.server%2Freturn