View Source oidcc_authorization (Oidcc v3.2.0)
Summary
Functions
Create Auth Redirect URL
Types
Link to this type
error/0
View Source (since 3.0.0 -------------------------------------------------------------------)-type error() :: {grant_type_not_supported, authorization_code} | par_required | request_object_required | pkce_verifier_required | purpose_required | no_supported_code_challenge | oidcc_http_util:error().
Link to this type
opts/0
View Source (since 3.0.0 -------------------------------------------------------------------)-type opts() :: #{scopes => oidcc_scope:scopes(), state => binary(), nonce => binary(), pkce_verifier => binary(), require_pkce => boolean(), purpose => binary(), require_purpose => boolean(), redirect_uri => uri_string:uri_string(), url_extension => oidcc_http_util:query_params(), response_mode => binary()}.
Configure authorization redirect url
See https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest
Parameters
scopes
- list of scopes to request (defaults to[<<"openid">>]
)state
- state to pass to the providernonce
- nonce to pass to the providerpurpose
- purpose of the authorization request, seehttps://cdn.connectid.com.au/specifications/oauth2-purpose-01.html
require_purpose
- whether to require apurpose
valuepkce_verifier
- pkce verifier (random string), seehttps://datatracker.ietf.org/doc/html/rfc7636#section-4.1
require_pkce
- whether to require PKCE when getting the tokenredirect_uri
- redirect target after authorization is completedurl_extension
- add custom query parameters to the authorization urlresponse_mode
- response mode to use (defaults to<<"query">>
)
Functions
-spec create_redirect_url(ClientContext, Opts) -> {ok, Uri} | {error, error()} when ClientContext :: oidcc_client_context:t(), Opts :: opts(), Uri :: uri_string:uri_string().
Create Auth Redirect URL
For a high level interface using oidcc_provider_configuration_worker
see oidcc:create_redirect_url/4
.
Examples
{ok, ClientContext} =
oidcc_client_context:from_configuration_worker(provider_name,
<<"client_id">>,
<<"client_secret">>),
{ok, RedirectUri} =
oidcc_authorization:create_redirect_url(ClientContext,
#{redirect_uri: <<"https://my.server/return"}),
%% RedirectUri = https://my.provider/auth?scope=openid&response_type=code&client_id=client_id&redirect_uri=https%3A%2F%2Fmy.server%2Freturn