spotless/oauth_2_1

Types

Configuration of a OAuth client

pub type App {
  App(
    client_type: ClientType,
    client_id: String,
    redirect_uris: non_empty_list.NonEmptyList(uri.Uri),
  )
}

Constructors

Metadata of an authorization server.

Names follow the RFC8414 specification. Where a list of values is expected and a server does not support the feature, e.g. PKCE, add an empty list

pub type AuthorizationServer {
  AuthorizationServer(
    issuer: String,
    authorization_endpoint: #(origin.Origin, String),
    token_endpoint: #(origin.Origin, String),
    scopes_supported: List(String),
    pushed_authorization_request_endpoint: option.Option(
      #(#(origin.Origin, String), Bool),
    ),
    code_challenge_methods_supported: List(String),
  )
}

Constructors

  • AuthorizationServer(
      issuer: String,
      authorization_endpoint: #(origin.Origin, String),
      token_endpoint: #(origin.Origin, String),
      scopes_supported: List(String),
      pushed_authorization_request_endpoint: option.Option(
        #(#(origin.Origin, String), Bool),
      ),
      code_challenge_methods_supported: List(String),
    )
pub type ClientType {
  Public
  Confidential(client_secret: String)
}

Constructors

  • Public
  • Confidential(client_secret: String)

Values

pub fn add_parameter(
  request: authorization.Request,
  key: String,
  value: String,
) -> authorization.Request
pub fn authorization_response_from_uri(
  redirect: uri.Uri,
) -> Result(authorization.Response, snag.Snag)
pub fn authorize(
  server: AuthorizationServer,
  client_id: String,
  redirect_uri: uri.Uri,
  keypair: option.Option(effect.KeyPair(a)),
  scope: List(String),
  state: String,
  code_challenge_method: proof_key_for_code_exchange.CodeChallengeMethod,
) -> effect.Effect(Result(token.Response, snag.Snag), a)
pub fn get_token(
  code: String,
  server: AuthorizationServer,
  app: App,
  code_verifier: String,
) -> effect.Effect(Result(token.Response, snag.Snag), a)

Get a token response from a code. This endpoint is more useful that the grant function as working out which app and token verifier should be used depend on getting back a valid, signed, state

pub fn grant(
  redirect: uri.Uri,
  server: AuthorizationServer,
  app: App,
  code_verifier: String,
) -> effect.Effect(
  Result(
    #(
      token.Response,
      option.Option(String),
      option.Option(String),
    ),
    snag.Snag,
  ),
  a,
)

Copy/Paste of main authorize function but without DPoP and with state, iss returned

pub fn start(
  server: AuthorizationServer,
  client_id: String,
  redirect_uri: uri.Uri,
  scope: List(String),
  state: String,
  code_challenge_method: proof_key_for_code_exchange.CodeChallengeMethod,
) -> effect.Effect(
  Result(#(authorization.Request, String), snag.Snag),
  a,
)
pub fn token_response_from_http(
  response: response.Response(BitArray),
) -> Result(
  Result(token.Response, token.ErrorResponse),
  snag.Snag,
)
Search Document