Zoth v1.0.1

View Source Zoth.OpenId (Zoth v1.0.1)

Logic to allow working with Open ID.

Link to this section Summary

Types

id_token()

Functions

end_session(request_params, opts)

End the current session for the given user based on the request params. If the given ID Token is valid then we revoke all access tokens for the user that are associated to the application that issued the token. Users must re-authenticate after this.

fetch_nonce(request_params)

Returns the nonce if present in the request params.

generate_id_token(access_token, context, config)

Returns an ID token based on the given access token and context.

get_config(opts)

See Zoth.OpenId.OpenIdConfig.get/1.

get_public_key(open_id_config)

Returns the public key used for signing ID tokens.

in_scope?(scopes)

Returns true if "openid" is in the given scopes.

list_claims(open_id_config)

Returns all of the claims supported by the current config.

sign_id_token!(id_token, opts)

Sign the given ID token. This relies on the configured signing_key, algorithm and key ID. See OpenIdConfig for more info.

Link to this section Types

Link to this type

id_token()

View Source 
@type id_token() :: %{
  :aud => String.t(),
  :exp => non_neg_integer(),
  :iat => non_neg_integer(),
  :iss => String.t(),
  :sub => String.t(),
  optional(:auth_time) => non_neg_integer(),
  optional(:email) => String.t(),
  optional(:email_verified) => boolean(),
  optional(:nonce) => String.t()
}

Link to this section Functions

Link to this function

end_session(request_params, opts)

View Source 
@spec end_session(request_params :: map(), opts :: keyword()) ::
  :ok | {:ok, {:redirect, String.t()}} | {:error, any()}

End the current session for the given user based on the request params. If the given ID Token is valid then we revoke all access tokens for the user that are associated to the application that issued the token. Users must re-authenticate after this.

See OpenID documentation for more information.

Link to this function

fetch_nonce(request_params)

View Source 
@spec fetch_nonce(request_params :: map()) :: {:ok, String.t()} | :not_found

Returns the nonce if present in the request params.

Link to this function

generate_id_token(access_token, context, config)

View Source 
@spec generate_id_token(
  access_token :: Zoth.AccessTokens.AccessToken.t(),
  context :: map(),
  config :: keyword()
) :: id_token()

Returns an ID token based on the given access token and context.

Link to this function

get_config(opts)

View Source

See Zoth.OpenId.OpenIdConfig.get/1.

Link to this function

get_public_key(open_id_config)

View Source 
@spec get_public_key(config :: Zoth.OpenId.OpenIdConfig.t()) :: map()

Returns the public key used for signing ID tokens.

Link to this function

in_scope?(scopes)

View Source 
@spec in_scope?(scopes :: [String.t()] | String.t()) :: boolean()

Returns true if "openid" is in the given scopes.

Link to this function

list_claims(open_id_config)

View Source 
@spec list_claims(config :: Zoth.OpenId.OpenIdConfig.t()) :: [Zoth.OpenId.Claim.t()]

Returns all of the claims supported by the current config.

Link to this function

sign_id_token!(id_token, opts)

View Source 
@spec sign_id_token!(id_token :: id_token(), opts :: keyword()) :: String.t()

Sign the given ID token. This relies on the configured signing_key, algorithm and key ID. See OpenIdConfig for more info.