View Source Ueberauth.Strategy.Auth0 (Ueberauth Auth0 v2.1.0)
Provides an Ueberauth strategy for authenticating with Auth0.
You can edit the behaviour of the Strategy by including some options when you register your provider.
To set the uid_field
config :ueberauth, Ueberauth,
providers: [
auth0: { Ueberauth.Strategy.Auth0, [uid_field: :email] }
]Default is :sub
To set the default 'scope' (permissions):
config :ueberauth, Ueberauth,
providers: [
auth0: { Ueberauth.Strategy.Auth0, [default_scope: "openid profile email"] }
]Default is "openid profile email".
To set the audience
config :ueberauth, Ueberauth,
providers: [
auth0: { Ueberauth.Strategy.Auth0, [default_audience: "example-audience"] }
]Not used by default (set to "").
To set the connection, mostly useful if
you want to use a social identity provider like facebook or google-oauth2. If empty
it will redirect to Auth0's Login widget. See https://auth0.com/docs/api/authentication#social
config :ueberauth, Ueberauth,
providers: [
auth0: { Ueberauth.Strategy.Auth0, [default_connection: "facebook"] }
]Not used by default (set to "")
To set the state. This is useful
to prevent from CSRF attacks and redirect users to the state before the authentication flow
started.
config :ueberauth, Ueberauth,
providers: [
auth0: { Ueberauth.Strategy.Auth0, [default_state: "some-opaque-state"] }
]Not used by default (set to "")
These 4 parameters can also be set in the request to authorization. e.g.
You can call the auth0 authentication endpoint with values:
/auth/auth0?scope="some+new+scope&audience=events:read&connection=facebook&state=opaque_value
about-the-state-param
About the state param
Usually a static state value is not very useful so it's best to pass it to
the request endpoint as a parameter. You can then read back the state after
authentication in a private value set in the connection: auth0_state.
example
Example
state_signed = Phoenix.Token.sign(MyApp.Endpoint, "return_url", Phoenix.Controller.current_url(conn))
Routes.auth_path(conn, :request, "auth0", state: state_signed)
# authentication happens ...
# the state ends up in `conn.private.auth0_state` after the authentication process
{:ok, redirect_to} = Phoenix.Token.verify(MyApp.Endpoint, "return_url", conn.private.auth0_state, max_age: 900)Link to this section Summary
Functions
Includes the credentials from the Auth0 response.
Populates the extra section of the Ueberauth.Auth struct with auth0's
additional information from the /userinfo user profile and includes the
token received from Auth0 callback.
Cleans up the private area of the connection used for passing the raw Auth0 response around during the callback.
Handles the redirect to Auth0.
Fetches the fields to populate the info section of the Ueberauth.Auth struct.
Fetches the uid field from the Auth0 response.
Link to this section Functions
Includes the credentials from the Auth0 response.
Populates the extra section of the Ueberauth.Auth struct with auth0's
additional information from the /userinfo user profile and includes the
token received from Auth0 callback.
Cleans up the private area of the connection used for passing the raw Auth0 response around during the callback.
Handles the redirect to Auth0.
Fetches the fields to populate the info section of the Ueberauth.Auth struct.
This field has been changed from 0.5.0 to 0.6.0 to better reflect
fields of the OpenID standard claims. Extra fields provided by
auth0 are in the Extra struct.
Fetches the uid field from the Auth0 response.