View Source Oidcc.ProviderConfiguration (Oidcc v3.2.6)
Tooling to load and parse Openid Configuration
Telemetry
[:oidcc, :load_configuration, :start]- Description: Emitted at the start of loading the provider configuration
- Measurements:
%{system_time: non_neg_integer(), monotonic_time: integer()} - Metadata:
%{issuer: :uri_string.uri_string()}
[:oidcc, :load_configuration, :stop]- Description: Emitted at the end of loading the provider configuration
- Measurements:
%{duration: integer(), monotonic_time: integer()} - Metadata:
%{issuer: :uri_string.uri_string()}
[:oidcc, :load_configuration, :exception]- Description: Emitted at the end of loading the provider configuration
- Measurements:
%{duration: integer(), monotonic_time: integer()} - Metadata:
%{issuer: :uri_string.uri_string()}
[:oidcc, :load_jwks, :start]- Description: Emitted at the start of loading the provider jwks
- Measurements:
%{system_time: non_neg_integer(), monotonic_time: integer()} - Metadata:
%{jwks_uri: :uri_string.uri_string()}
[:oidcc, :load_jwks, :stop]- Description: Emitted at the end of loading the provider jwks
- Measurements:
%{duration: integer(), monotonic_time: integer()} - Metadata:
%{jwks_uri: :uri_string.uri_string()}
[:oidcc, :load_jwks, :exception]- Description: Emitted at the end of loading the provider jwks
- Measurements:
%{duration: integer(), monotonic_time: integer()} - Metadata:
%{jwks_uri: :uri_string.uri_string()}
Summary
Types
@type t() :: %Oidcc.ProviderConfiguration{ acr_values_supported: [String.t()] | :undefined, authorization_encryption_alg_values_supported: [String.t()] | :undefined, authorization_encryption_enc_values_supported: [String.t()] | :undefined, authorization_endpoint: :uri_string.uri_string(), authorization_response_iss_parameter_supported: boolean(), authorization_signing_alg_values_supported: [String.t()] | :undefined, claim_types_supported: [:normal | :aggregated | :distributed], claims_locales_supported: [String.t()] | :undefined, claims_parameter_supported: boolean(), claims_supported: [String.t()] | :undefined, code_challenge_methods_supported: [String.t()] | :undefined, display_values_supported: [String.t()] | :undefined, dpop_signing_alg_values_supported: [String.t()] | :undefined, end_session_endpoint: :uri_string.uri_string() | :undefined, extra_fields: %{required(String.t()) => term()}, grant_types_supported: [String.t()], id_token_encryption_alg_values_supported: [String.t()] | :undefined, id_token_encryption_enc_values_supported: [String.t()] | :undefined, id_token_signing_alg_values_supported: [String.t()], introspection_endpoint: :uri_string.uri_string() | :undefined, introspection_endpoint_auth_methods_supported: [String.t()], introspection_endpoint_auth_signing_alg_values_supported: [String.t()] | :undefined, issuer: :uri_string.uri_string(), jwks_uri: :uri_string.uri_string() | :undefined, mtls_endpoint_aliases: %{required(binary()) => :uri_string.uri_string()}, op_policy_uri: :uri_string.uri_string() | :undefined, op_tos_uri: :uri_string.uri_string() | :undefined, pushed_authorization_request_endpoint: :uri_string.uri_string() | :undefined, registration_endpoint: :uri_string.uri_string() | :undefined, request_object_encryption_alg_values_supported: [String.t()] | :undefined, request_object_encryption_enc_values_supported: [String.t()] | :undefined, request_object_signing_alg_values_supported: [String.t()] | :undefined, request_parameter_supported: boolean(), request_uri_parameter_supported: boolean(), require_pushed_authorization_requests: boolean(), require_request_uri_registration: boolean(), require_signed_request_object: boolean(), response_modes_supported: [String.t()], response_types_supported: [String.t()], revocation_endpoint: :uri_string.uri_string() | :undefined, revocation_endpoint_auth_methods_supported: [String.t()], revocation_endpoint_auth_signing_alg_values_supported: [String.t()] | :undefined, scopes_supported: [String.t()] | :undefined, service_documentation: :uri_string.uri_string() | :undefined, subject_types_supported: [:pairwise | :public], tls_client_certificate_bound_access_tokens: boolean(), token_endpoint: :uri_string.uri_string() | :undefined, token_endpoint_auth_methods_supported: [String.t()], token_endpoint_auth_signing_alg_values_supported: [String.t()] | :undefined, ui_locales_supported: [String.t()] | :undefined, userinfo_encryption_alg_values_supported: [String.t()] | :undefined, userinfo_encryption_enc_values_supported: [String.t()] | :undefined, userinfo_endpoint: :uri_string.uri_string() | :undefined, userinfo_signing_alg_values_supported: [String.t()] | :undefined }
Configuration Struct
For details on the fields see:
Functions
@spec decode_configuration( configuration :: map(), opts :: :oidcc_provider_configuration.opts() ) :: {:ok, t()} | {:error, :oidcc_provider_configuration.error()}
Decode JSON into OpenID configuration
Examples
iex> {:ok, {{~c"HTTP/1.1",200, ~c"OK"}, _headers, body}} =
...> :httpc.request("https://accounts.google.com/.well-known/openid-configuration")
...>
...> decoded_json = body |> to_string() |> JOSE.decode()
...>
...> {:ok, %ProviderConfiguration{issuer: "https://accounts.google.com"}} =
...> Oidcc.ProviderConfiguration.decode_configuration(decoded_json)@spec load_configuration( issuer :: :uri_string.uri_string(), opts :: :oidcc_provider_configuration.opts() ) :: {:ok, {configuration :: t(), expiry :: pos_integer()}} | {:error, :oidcc_provider_configuration.error()}
Load OpenID Configuration
Examples
iex> {:ok, {
...> %ProviderConfiguration{issuer: "https://accounts.google.com"},
...> _expiry
...> }} = Oidcc.ProviderConfiguration.load_configuration("https://accounts.google.com")@spec load_jwks( jwks_uri :: :uri_string.uri_string(), opts :: :oidcc_provider_configuration.opts() ) :: {:ok, {jwks :: JOSE.JWK.t(), expiry :: pos_integer()}} | {:error, :oidcc_provider_configuration.error()}
Load JWKs
Examples
iex> {:ok, {%JOSE.JWK{}, _expiry}} =
...> Oidcc.ProviderConfiguration.load_jwks("https://www.googleapis.com/oauth2/v3/certs")