oauth2-client.ring documentation

oauth2-client.ring

default-state-mismatch-response

(default-state-mismatch-response)

Returns 500 error response for state (for CSRF protection) mismatch.

do-authorized

(do-authorized {:keys [provider authorization-uri], :as oauth2-config} request authorized-fn)

Makes an authorized request via authorized-fn, passing in the
access_token stored in the session at the path [:oauth2 <provider>
:access_token], or alternatively, if no access_token exists, it will
initiate the process of requesting an authorization grant per

(<provider> will either be the value explicitly set at the :provider
key in the oauth2-config map, or the authorization-uri will be used
as a placeholder for this.)

RFC6749 section 4.1
(https://tools.ietf.org/html/rfc6749#section-4.1).

TODO: Handle refresh tokens (https://tools.ietf.org/html/rfc6749#section-1.5)

oauth2-callback-handler

(oauth2-callback-handler oauth2-config request)

(oauth2-callback-handler {:keys [provider authorization-uri], :as oauth2-config} {:keys [session params], :as request} state-mismatch-response)

Takes an oauth2-config and the resource owner's redirect Ring
request back to the client after the user has authenticated.

The state value returned by the resource owner is compared to the
state value set and stored in the session at the path [:oauth
:state]. If there is a mismatch, the state-mismatch-response is
returned. Otherwise, the access token is requested from the resource
owner, and the user is redirected to the route originally requested,
stored in the session at the path [:oauth <provider> :redirect-on-auth].

(<provider> will either be the value explicitly set at the :provider
key in the oauth2-config map, or the authorization-uri will be used
as a placeholder for this.)

By default the function default-state-mismatch-response is used
to generate the state-mismatch response, but an alternative response
can optionally be passed in as the third argument.

This function implements functionality corresponding to sections
4.1.2 through 4.1.4 of RFC6749.

https://tools.ietf.org/html/rfc6749#section-4.1.2

TODO: implement error handling (per section 4.1.2.1)

oauth2-redirect-response

(oauth2-redirect-response {:keys [provider authorization-uri], :as oauth2-config} session)

Accepts a session map and returns a redirect response for the path
at the session key-path [:oauth2 :redirect-on-auth], with the
session added back into the response.

store-access-token

(store-access-token access-token-response response {:keys [provider authorization-uri], :as oauth2-config})

Extracts the values returned in the access token response and
returns the Ring response passed in with these values stored in
the session.

Generated by Codox

Oauth2-client 0.1.0 API documentation