View Source Ueberauth.Strategy.Auth0 (Ueberauth Auth0 v2.1.0)

Provides an Ueberauth strategy for authenticating with Auth0.

You can edit the behaviour of the Strategy by including some options when you register your provider.

To set the uid_field

config :ueberauth, Ueberauth,
  providers: [
    auth0: { Ueberauth.Strategy.Auth0, [uid_field: :email] }
  ]

Default is :sub

To set the default 'scope' (permissions):

config :ueberauth, Ueberauth,
  providers: [
    auth0: { Ueberauth.Strategy.Auth0, [default_scope: "openid profile email"] }
  ]

Default is "openid profile email".

To set the audience

config :ueberauth, Ueberauth,
  providers: [
    auth0: { Ueberauth.Strategy.Auth0, [default_audience: "example-audience"] }
  ]

Not used by default (set to "").

To set the connection, mostly useful if you want to use a social identity provider like facebook or google-oauth2. If empty it will redirect to Auth0's Login widget. See https://auth0.com/docs/api/authentication#social

config :ueberauth, Ueberauth,
  providers: [
    auth0: { Ueberauth.Strategy.Auth0, [default_connection: "facebook"] }
  ]

Not used by default (set to "")

To set the state. This is useful to prevent from CSRF attacks and redirect users to the state before the authentication flow started.

config :ueberauth, Ueberauth,
  providers: [
    auth0: { Ueberauth.Strategy.Auth0, [default_state: "some-opaque-state"] }
  ]

Not used by default (set to "")

These 4 parameters can also be set in the request to authorization. e.g. You can call the auth0 authentication endpoint with values: /auth/auth0?scope="some+new+scope&audience=events:read&connection=facebook&state=opaque_value

about-the-state-param

About the state param

Usually a static state value is not very useful so it's best to pass it to the request endpoint as a parameter. You can then read back the state after authentication in a private value set in the connection: auth0_state.

example

Example

state_signed = Phoenix.Token.sign(MyApp.Endpoint, "return_url", Phoenix.Controller.current_url(conn))
Routes.auth_path(conn, :request, "auth0", state: state_signed)
# authentication happens ...
# the state ends up in `conn.private.auth0_state` after the authentication process
{:ok, redirect_to} = Phoenix.Token.verify(MyApp.Endpoint, "return_url", conn.private.auth0_state, max_age: 900)

Link to this section Summary

Functions

Includes the credentials from the Auth0 response.

Populates the extra section of the Ueberauth.Auth struct with auth0's additional information from the /userinfo user profile and includes the token received from Auth0 callback.

Cleans up the private area of the connection used for passing the raw Auth0 response around during the callback.

Handles the redirect to Auth0.

Fetches the fields to populate the info section of the Ueberauth.Auth struct.

Fetches the uid field from the Auth0 response.

Link to this section Functions

Includes the credentials from the Auth0 response.

Populates the extra section of the Ueberauth.Auth struct with auth0's additional information from the /userinfo user profile and includes the token received from Auth0 callback.

Cleans up the private area of the connection used for passing the raw Auth0 response around during the callback.

Handles the redirect to Auth0.

Fetches the fields to populate the info section of the Ueberauth.Auth struct.

This field has been changed from 0.5.0 to 0.6.0 to better reflect fields of the OpenID standard claims. Extra fields provided by auth0 are in the Extra struct.

Fetches the uid field from the Auth0 response.