# `Oidcc.Plug.LoadUserinfo`
[🔗](https://github.com/erlef/oidcc_plug/blob/989b809174070ef71c9dc545de149854f86d8f7c
/lib/oidcc/plug/load_userinfo.ex#L1)

Validate extracted authorization token using userinfo retrieval.

See: https://openid.net/specs/openid-connect-core-1_0.html#UserInfo

This module should be used together with `Oidcc.Plug.ExtractAuthorization`.

This plug will send a userinfo request for every request. To avoid this,
provide a `cache` to `t:opts/0`.

```elixir
defmodule SampleAppWeb.Endpoint do
  use Phoenix.Endpoint, otp_app: :sample_app

  # ...

  plug Oidcc.Plug.ExtractAuthorization

  plug Oidcc.Plug.LoadUserinfo,
    provider: SampleApp.GoogleOpenIdConfigurationProvider,
    client_id: Application.compile_env!(:sample_app, [Oidcc.Plug.LoadUserinfo, :client_id]),
    client_secret: Application.compile_env!(:sample_app, [Oidcc.Plug.LoadUserinfo, :client_secret])

  plug SampleAppWeb.Router
end
```

# `opts`
*since 0.1.0* 

```elixir
@type opts() :: [
  provider: GenServer.name(),
  client_id: String.t() | (-> String.t()) | (Plug.Conn.t() -> String.t()),
  client_secret: String.t() | (-> String.t()) | (Plug.Conn.t() -> String.t()),
  userinfo_retrieve_opts: :oidcc_userinfo.retrieve_opts(),
  send_inactive_token_response: (conn :: Plug.Conn.t() -> Plug.Conn.t()),
  cache: Oidcc.Plug.Cache.t()
]
```

Plug Configuration Options

## Options

* `provider` - name of the `Oidcc.ProviderConfiguration.Worker`
* `client_id` - OAuth Client ID to use for the userinfo retrieval
* `client_secret` - OAuth Client Secret to use for the userinfo retrieval
* `userinfo_retrieve_opts` - Options to pass to userinfo loading
* `send_inactive_token_response` - Customize Error Response for inactive token
* `cache` - Cache userinfo response - See `Oidcc.Plug.Cache`

---

*Consult [api-reference.md](api-reference.md) for complete listing*