oidcc_provider_configuration_worker (Oidcc v3.5.1)
View SourceOIDC Config Provider Worker
Loads and continuously refreshes the OIDC configuration and JWKs.
The worker supports reading values concurrently via an ETS table. To use
this performance improvement, the worker has to be registered with a
{local, Name}. No name / {global, Name} and {via, RegModule, ViaName}
are not supported.
Summary
Functions
Get Parsed Jwks.
Get Configuration.
Refresh Configuration.
Refresh JWKs.
Refresh JWKs if the provided Kid is not matching any currently loaded keys.
Start Configuration Provider.
Types
-type opts() :: #{name => gen_server:server_name(), issuer := uri_string:uri_string(), provider_configuration_opts => oidcc_provider_configuration:opts(), backoff_min => oidcc_backoff:min(), backoff_max => oidcc_backoff:max(), backoff_type => oidcc_backoff:type()}.
Configuration Options
name- The gen_server name of the provider.issuer- The issuer URI.provider_configuration_opts- Options for the provider configuration fetching.backoff_min- The minimum backoff interval in ms (default:1_000).backoff_max- The maximum backoff interval in ms (default:30_000).backoff_type- The backoff strategy,stopfor no backoff and to stop,exponentialfor exponential,randomfor random, andrandom_exponentialfor random exponential (default:stop).
Functions
-spec get_jwks(Name :: gen_server:server_ref()) -> jose_jwk:key() | undefined.
Get Parsed Jwks.
-spec get_provider_configuration(Name :: gen_server:server_ref()) -> oidcc_provider_configuration:t() | undefined.
Get Configuration.
-spec refresh_configuration(Name :: gen_server:server_ref()) -> ok.
Refresh Configuration.
Examples
{ok, Pid} =
oidcc_provider_configuration_worker:start_link(#{
issuer => <<"https://accounts.google.com">>
}).
%% Later
oidcc_provider_configuration_worker:refresh_configuration(Pid).-spec refresh_jwks(Name :: gen_server:server_ref()) -> ok.
Refresh JWKs.
Examples
{ok, Pid} =
oidcc_provider_configuration_worker:start_link(#{
issuer => <<"https://accounts.google.com">>
}).
%% Later
oidcc_provider_configuration_worker:refresh_jwks(Pid).-spec refresh_jwks_for_unknown_kid(Name :: gen_server:server_ref(), Kid :: binary()) -> ok.
Refresh JWKs if the provided Kid is not matching any currently loaded keys.
Examples
{ok, Pid} =
oidcc_provider_configuration_worker:start_link(#{
issuer => <<"https://accounts.google.com">>
}).
oidcc_provider_configuration_worker:refresh_jwks_for_unknown_kid(Pid, <<"kid">>).-spec start_link(Opts :: opts()) -> gen_server:start_ret().
Start Configuration Provider.
Examples
{ok, Pid} =
oidcc_provider_configuration_worker:start_link(#{
issuer => <<"https://accounts.google.com">>,
name => {local, google_config_provider}
}).%% ...
-behaviour(supervisor).
%% ...
init(_opts) ->
SupFlags = #{strategy => one_for_one, intensity => 1, period => 5},
ChildSpecs = [#{id => google_config_provider,
start => {oidcc_provider_configuration_worker,
start_link,
[
#{issuer => <<"https://accounts.google.com">>}
]},
restart => permanent,
type => worker,
modules => [oidcc_provider_configuration_worker]}],
{ok, {SupFlags, ChildSpecs}}.