View Source oidcc_userinfo (Oidcc v3.2.6)
OpenID Connect Userinfo
See https://openid.net/specs/openid-connect-core-1_0.html#UserInfo
Telemetry
See Oidcc.Userinfo.
Summary
Types
Configure userinfo request
Functions
Load userinfo for the given token
Types
-type error() :: {distributed_claim_not_found, {ClaimSource :: binary(), ClaimName :: binary()}} | no_access_token | invalid_content_type | bad_subject | oidcc_jwt_util:error() | oidcc_http_util:error().
-type retrieve_opts() :: #{refresh_jwks => oidcc_jwt_util:refresh_jwks_for_unknown_kid_fun(), expected_subject => binary() | any, dpop_nonce => binary()}.
Configure userinfo request
See https://openid.net/specs/openid-connect-core-1_0.html#UserInfoRequest
Parameters
refresh_jwks- How to handle tokens with an unknownkid. Seeoidcc_jwt_util:refresh_jwks_for_unknown_kid_fun/0expected_subject- expected subject for the userinfo (subfrom id token)dpop_nonce- if using DPoP, thenoncevalue to use in the proof claim
-type retrieve_opts_no_sub() :: #{refresh_jwks => oidcc_jwt_util:refresh_jwks_for_unknown_kid_fun(), dpop_nonce => binary()}.
See retrieve_opts/0.
Functions
-spec retrieve(Token, ClientContext, Opts) -> {ok, oidcc_jwt_util:claims()} | {error, error()} when Token :: oidcc_token:t(), ClientContext :: oidcc_client_context:t(), Opts :: retrieve_opts_no_sub(); (Token, ClientContext, Opts) -> {ok, oidcc_jwt_util:claims()} | {error, error()} when Token :: oidcc_token:access() | binary(), ClientContext :: oidcc_client_context:t(), Opts :: retrieve_opts().
Load userinfo for the given token
For a high level interface using oidcc_provider_configuration_worker, see
oidcc:retrieve_userinfo/5.
Examples
{ok, ClientContext} =
oidcc_client_context:from_configuration_worker(provider_name,
<<"client_id">>,
<<"client_secret">>),
%% Get Token
{ok, #{<<"sub">> => Sub}} =
oidcc_userinfo:retrieve(Token, ClientContext, #{}).