- create-authcode-store
- create-client
- create-client-store
- create-session-store
- create-token-store
- create-user
- create-user-store
- delete-client
- delete-user
- disable-client
- disable-user
- enable-client
- enable-user
- find-access-token
- find-client
- find-refresh-tokens
- find-user
- init-clients
- init-users
- regenerate-tokens
- revoke-access-token
- revoke-client-tokens
- set-authcode-valid-for!
- set-authentication-url!
- set-landing-url!
- set-realm!
- set-session-valid-for!
- set-token-valid-for!
- set-unauthorized-url!
- update-settings
cerber.oauth2.core
create-authcode-storeclj
(create-authcode-store type config)Initializes empty authcode store of given type - :in-memory, :sql or :redis one.
Redis-based authcode store expects redis connection spec passed in a config parameter
whereas SQL-based one requires an initialized database connection.
Initializes empty authcode store of given type - :in-memory, :sql or :redis one. Redis-based authcode store expects redis connection spec passed in a `config` parameter whereas SQL-based one requires an initialized database connection.
create-clientclj
(create-client info redirects grants scopes enabled? approved?)(create-client info redirects grants scopes enabled? approved? id secret)Creates new OAuth client.
info : a non-validated info string (typically client's app name or URL to client's homepage)
redirects : a validated vector of approved redirect-uris.
redirect-uri provided with token request should match one of these entries.
grants : an optional vector of allowed grants: authorization_code, token, password or client_credentials; all grants allowed if set to nil
scopes : an optional vector of OAuth scopes that client may request an access to
enabled? : should client be automatically enabled?
approved? : should client be auto-approved?
Example:
(c/create-client "http://defunkt.pl"
["http://defunkt.pl/callback"]
["authorization_code" "password"]
["photo:read" "photo:list"]
true
false)
Creates new OAuth client.
`info` : a non-validated info string (typically client's app name or URL to client's homepage)
`redirects` : a validated vector of approved redirect-uris.
redirect-uri provided with token request should match one of these entries.
`grants` : an optional vector of allowed grants: authorization_code, token, password or client_credentials; all grants allowed if set to nil
`scopes` : an optional vector of OAuth scopes that client may request an access to
`enabled?` : should client be automatically enabled?
`approved?` : should client be auto-approved?
Example:
(c/create-client "http://defunkt.pl"
["http://defunkt.pl/callback"]
["authorization_code" "password"]
["photo:read" "photo:list"]
true
false)create-client-storeclj
(create-client-store type config)Initializes empty client store of given type - :in-memory, :sql or :redis one.
Redis-based client store expects redis connection spec passed in a config parameter
whereas SQL-based one requires an initialized database connection.
Initializes empty client store of given type - :in-memory, :sql or :redis one. Redis-based client store expects redis connection spec passed in a `config` parameter whereas SQL-based one requires an initialized database connection.
create-session-storeclj
(create-session-store type config)Initializes empty session store of given type - :in-memory, :sql or :redis one.
Redis-based session store expects redis connection spec passed in a config parameter
whereas SQL-based one requires an initialized database connection.
Initializes empty session store of given type - :in-memory, :sql or :redis one. Redis-based session store expects redis connection spec passed in a `config` parameter whereas SQL-based one requires an initialized database connection.
create-token-storeclj
(create-token-store type config)Initializes empty token store of given type - :in-memory, :sql or :redis one.
Redis-based token store expects redis connection spec passed in a config parameter
whereas SQL-based one requires an initialized database connection.
Initializes empty token store of given type - :in-memory, :sql or :redis one. Redis-based token store expects redis connection spec passed in a `config` parameter whereas SQL-based one requires an initialized database connection.
create-userclj
(create-user {:keys [login name email roles enabled?] :or {enabled? true}}
password)Creates new user with all the details like login, descriptive name, email and user's password.
Example:
(c/create-user {:login "foobar"
:name "Foo Bar"
:email "foo@bar.bazz"
:roles #{"user/admin"}
:enabled? true}
"secret")
Creates new user with all the details like login, descriptive name, email and user's password.
Example:
(c/create-user {:login "foobar"
:name "Foo Bar"
:email "foo@bar.bazz"
:roles #{"user/admin"}
:enabled? true}
"secret")create-user-storeclj
(create-user-store type config)Initializes empty user store of given type - :in-memory, :sql or :redis one.
Redis-based user store expects redis connection spec passed in a config parameter
whereas SQL-based one requires an initialized database connection.
Initializes empty user store of given type - :in-memory, :sql or :redis one. Redis-based user store expects redis connection spec passed in a `config` parameter whereas SQL-based one requires an initialized database connection.
delete-clientclj
(delete-client client-id)Removes client from store along with all its access- and refresh-tokens.
Removes client from store along with all its access- and refresh-tokens.
delete-userclj
(delete-user login)Removes user from store.
Removes user from store.
disable-clientclj
(disable-client client-id)Disables client.
Revokes all client's tokens and prevents from gaining new ones. When disabled, client is no longer able to request permissions to any resource.
Disables client. Revokes all client's tokens and prevents from gaining new ones. When disabled, client is no longer able to request permissions to any resource.
disable-userclj
(disable-user login)Disables user.
Disabled user is no longer able to authenticate and all access tokens created based on his grants become immediately invalid.
Disables user. Disabled user is no longer able to authenticate and all access tokens created based on his grants become immediately invalid.
enable-clientclj
(enable-client client-id)Enables client.
When enabled, client is able to request access to user's resource and (when accepted) get corresponding access-token in response.
Enables client. When enabled, client is able to request access to user's resource and (when accepted) get corresponding access-token in response.
enable-userclj
(enable-user login)Enables user.
Enabled user is able to authenticate and approve or deny access to resources requested by OAuth clients.
Enables user. Enabled user is able to authenticate and approve or deny access to resources requested by OAuth clients.
find-access-tokenclj
(find-access-token secret)Returns access-token bound to given secret.
Returns access-token bound to given secret.
find-clientclj
(find-client client-id)Looks up for client with given identifier.
Looks up for client with given identifier.
find-refresh-tokensclj
(find-refresh-tokens client-id)(find-refresh-tokens client-id login)Returns list of refresh tokens generated for given client (and optional user).
Returns list of refresh tokens generated for given client (and optional user).
find-userclj
(find-user login)Looks up for a user with given login.
Looks up for a user with given login.
init-clientsclj
(init-clients clients)Initializes client-store with predefined collection of clients.
Initializes client-store with predefined collection of clients.
init-usersclj
(init-users users)Initializes users-store with predefined collection of users.
Initializes users-store with predefined collection of users.
regenerate-tokensclj
(regenerate-tokens client-id login scope)Generates both access- and refresh-tokens for given client-user pair. Revokes and overrides existing tokens, if any exist.
Generates both access- and refresh-tokens for given client-user pair. Revokes and overrides existing tokens, if any exist.
revoke-access-tokenclj
(revoke-access-token secret)Revokes single access-token.
Revokes single access-token.
revoke-client-tokensclj
(revoke-client-tokens client-id)(revoke-client-tokens client-id login)Revokes all access- and refresh-tokens bound with given client (and optional user).
Revokes all access- and refresh-tokens bound with given client (and optional user).
set-authcode-valid-for!clj
(set-authcode-valid-for! valid-for)Sets up an auth-code time-to-live (TTL) which essentially says how long OAuth2 authcodes are valid. Returns newly set value.
Sets up an auth-code time-to-live (TTL) which essentially says how long OAuth2 authcodes are valid. Returns newly set value.
set-authentication-url!clj
(set-authentication-url! auth-url)Sets up an OAuth2 authentication URL. Returns newly set value.
Sets up an OAuth2 authentication URL. Returns newly set value.
set-landing-url!clj
(set-landing-url! landing-url)Sets up a landing URL that browser should redirect to after successful authentication. Returns newly set value.
Sets up a landing URL that browser should redirect to after successful authentication. Returns newly set value.
set-realm!clj
(set-realm! realm)Sets up a global OAuth2 realm. Returns newly set value.
Sets up a global OAuth2 realm. Returns newly set value.
set-session-valid-for!clj
(set-session-valid-for! valid-for)Sets up a session time-to-live (TTL) which essentially says how long OAuth2 sessions are valid. Returns newly set value.
Sets up a session time-to-live (TTL) which essentially says how long OAuth2 sessions are valid. Returns newly set value.
set-token-valid-for!clj
(set-token-valid-for! valid-for)Sets up a token time-to-live (TTL) which essentially says how long OAuth2 tokens are valid. Returns newly set value.
Sets up a token time-to-live (TTL) which essentially says how long OAuth2 tokens are valid. Returns newly set value.
set-unauthorized-url!clj
(set-unauthorized-url! auth-url)Sets up a location that browser should redirect to in case of HTTP 401 Unauthorized. Returns newly set value.
Sets up a location that browser should redirect to in case of HTTP 401 Unauthorized. Returns newly set value.
update-settingsclj
(update-settings settings)Bulk update of OAuth2 global settings with provided settings map.
Bulk update of OAuth2 global settings with provided `settings` map.
cljdoc is a website building & hosting documentation for Clojure/Script libraries
× close