Overviewerlang logo

Module oauth2

Erlang OAuth 2.0 implementation.

Description

Erlang OAuth 2.0 implementation

This library is designed to simplify the implementation of the server side of OAuth2 (http://tools.ietf.org/html/rfc6749).

Data Types

appctx()

appctx() = term()

auth()

auth() = #a{client = undefined | term(), resowner = undefined | term(), scope = scope(), ttl = non_neg_integer()}

client()

client() = any()

Opaque Client Object

context()

context() = proplists:proplist()

error()

error() = access_denied | invalid_client | invalid_grant | invalid_request | invalid_authorization | invalid_scope | unauthorized_client | unsupported_grant_type | unsupported_response_type | server_error | temporarily_unavailable

lifetime()

lifetime() = non_neg_integer()

rediruri()

rediruri() = any()

Opaque Redirection URI

response()

response() = oauth2_response:response()

scope()

scope() = [binary()] | binary()

token()

token() = binary()

user()

user() = any()

Opaque User Object

Function Index

authorize_client_credentials/3Validates a request for an access token from client's credentials.
authorize_code_grant/4Validates a request for an access token from an authorization code.
authorize_code_request/5Validates a request for an authorization code from client and resource owner's credentials.
authorize_password/3Validates a request for an access token from resource owner's credentials.
authorize_password/4Validates a request for an access token from client and resource owner's credentials.
authorize_password/5Validates a request for an access token from client and resource owner's credentials.
issue_code/2Issues an authorization code from an authorization.
issue_token/2Issues an access token without refresh token from an authorization.
issue_token_and_refresh/2Issues access and refresh tokens from an authorization.
refresh_access_token/4Validates a request for an access token from a refresh token, issuing a new access token if valid.
verify_access_code/2Verifies an access code AccessCode, returning its associated context if successful.
verify_access_code/3Verifies an access code AccessCode and it's corresponding Identity, returning its associated context if successful.
verify_access_token/2Verifies an access token AccessToken, returning its associated context if successful.

Function Details

authorize_client_credentials/3

authorize_client_credentials(Client::client(), Scope0::scope(), Ctx0::appctx()) -> {ok, {appctx(), auth()}} | {error, error()}

Validates a request for an access token from client's credentials. Use it to implement the following steps of RFC 6749: - 4.4.2. Client Credentials Grant > Access Token Request.

authorize_code_grant/4

authorize_code_grant(Client::client(), Code::binary(), RedirUri::rediruri(), Ctx0::appctx()) -> {ok, {appctx(), auth()}} | {error, error()}

Validates a request for an access token from an authorization code. Use it to implement the following steps of RFC 6749: - 4.1.3. Authorization Code Grant > Access Token Request.

authorize_code_request/5

authorize_code_request(User::user(), Client::client(), RedirUri::rediruri(), Scope::scope(), Ctx0::appctx()) -> {ok, {appctx(), auth()}} | {error, error()}

Validates a request for an authorization code from client and resource owner's credentials. Use it to implement the following steps of RFC 6749: - 4.1.1. Authorization Code Grant > Authorization Request.

authorize_password/3

authorize_password(User::user(), Scope::scope(), Ctx0::appctx()) -> {ok, {appctx(), auth()}} | {error, error()}

Validates a request for an access token from resource owner's credentials. Use it to implement the following steps of RFC 6749: - 4.3.2. Resource Owner Password Credentials Grant > Access Token Request, when the client is public.

authorize_password/4

authorize_password(User::user(), Client::client(), Scope::scope(), Ctx0::appctx()) -> {ok, {appctx(), auth()}} | {error, error()}

Validates a request for an access token from client and resource owner's credentials. Use it to implement the following steps of RFC 6749: - 4.3.2. Resource Owner Password Credentials Grant > Access Token Request, when the client is confidential.

authorize_password/5

authorize_password(User::user(), Client::client(), RedirUri::rediruri(), Scope::scope(), Ctx0::appctx()) -> {ok, {appctx(), auth()}} | {error, error()}

Validates a request for an access token from client and resource owner's credentials. Use it to implement the following steps of RFC 6749: - 4.2.1. Implicit Grant > Authorization Request, when the client is public.

issue_code/2

issue_code(A::auth(), Ctx0::appctx()) -> {ok, {appctx(), response()}}

Issues an authorization code from an authorization. Use it to implement the following steps of RFC 6749: - 4.1.2. Authorization Code Grant > Authorization Response, with the result of authorize_code_request/6.

issue_token/2

issue_token(A::auth(), Ctx0::appctx()) -> {ok, {appctx(), response()}}

Issues an access token without refresh token from an authorization. Use it to implement the following steps of RFC 6749: - 4.1.4. Authorization Code Grant > Authorization Response, with the result of authorize_code_grant/5 when no refresh token must be issued. - 4.2.2. Implicit Grant > Access Token Response, with the result of authorize_password/7. - 4.3.3. Resource Owner Password Credentials Grant > Access Token Response, with the result of authorize_password/4 or authorize_password/6 when the client is public or no refresh token must be issued. - 4.4.3. Client Credentials Grant > Access Token Response, with the result of authorize_client_credentials/4.

issue_token_and_refresh/2

issue_token_and_refresh(A::auth(), Ctx::appctx()) -> {ok, {appctx(), response()}} | {error, invalid_authorization}

Issues access and refresh tokens from an authorization. Use it to implement the following steps of RFC 6749: - 4.1.4. Authorization Code Grant > Access Token Response, with the result of authorize_code_grant/5 when a refresh token must be issued. - 4.3.3. Resource Owner Password Credentials Grant > Access Token Response, with the result of authorize_password/6 when the client is confidential and a refresh token must be issued.

refresh_access_token/4

refresh_access_token(Client::client(), RefreshToken::token(), Scope::scope(), Ctx0::appctx()) -> {ok, {appctx(), response()}} | {error, error()}

Validates a request for an access token from a refresh token, issuing a new access token if valid. Use it to implement the following steps of RFC 6749: - 6. Refreshing an Access Token.

verify_access_code/2

verify_access_code(AccessCode::token(), Ctx0::appctx()) -> {ok, {appctx(), context()}} | {error, error()}

Verifies an access code AccessCode, returning its associated context if successful. Otherwise, an OAuth2 error code is returned.

verify_access_code/3

verify_access_code(AccessCode::token(), Client::client(), Ctx0::appctx()) -> {ok, {appctx(), context()}} | {error, error()}

Verifies an access code AccessCode and it's corresponding Identity, returning its associated context if successful. Otherwise, an OAuth2 error code is returned.

verify_access_token/2

verify_access_token(AccessToken::token(), Ctx0::appctx()) -> {ok, {appctx(), context()}} | {error, error()}

Verifies an access token AccessToken, returning its associated context if successful. Otherwise, an OAuth2 error code is returned.

Overviewerlang logo

Generated by EDoc