View Source Zoth.OpenId.OpenIdConfig (Zoth v1.0.1)
Configuration for OpenID.
At present this is very, very basic and supports defining which claims you'd like to support aside from the ones required in the OpenID Connect definition.
To define a claim you just need to provide a map with the name of the field and optionally the alias which is the name of the field in the user struct.
examples
Examples
Here is the most basic setup.
open_id: %{
claims: [
%{name: :email},
]}
You can also tell it to use a different field for the claim.
open_id: %{
claims: [
%{name: :email, alias: :personal_email},
]}
Including additional claims when one is requested is supported too.
open_id: %{
claims: [
%{
name: :email,
including: [
%{name: :email_verified}
]
}
]}
configuration
Configuration
The following is a synopsis of configuration keys and their usage.
required-keys
Required Keys
:id_token_issuer- The value to put for theissclaim inthe ID token.:id_token_signing_key_algorithm- The algorithm to use when signing.The key represented by the pem should rely on this algorithm.:id_token_signing_key_pem- The private key pem content. Thiswill be converted to a JOSE.JWK.
optional-keys
Optional Keys
:claims- A map of claims that should be included.:id_token_lifespan- The number of seconds that the ID token isvalid for. Default is one week.:id_token_signing_key_id- When defined the kid attribute will beadded to the JWS header.
todo
TODO
- Add a global enforcement policy to control it's use globally.
- Add additional claims features as needed.
Link to this section Summary
Functions
Return the current config. You can pass in overrides optionally.
Link to this section Types
@type t() :: %Zoth.OpenId.OpenIdConfig{ claims: [Zoth.OpenId.Claim.t()], id_token_issuer: String.t(), id_token_lifespan: non_neg_integer(), id_token_signing_key: JOSE.JWK.t(), id_token_signing_key_algorithm: String.t(), id_token_signing_key_id: String.t() | nil }
Link to this section Functions
Return the current config. You can pass in overrides optionally.