happyapi.oauth2.auth

Liking cljdoc? Tell your friends :D

Clojure only.

base64
credential-scopes
exchange-code
has-some-scope?
provider-login-url
refresh-credentials
refreshable?
revoke-token
valid?
with-timestamp

Helpers for getting an OAuth 2.0 token. See https://developers.google.com/identity/protocols/OAuth2WebServer

Helpers for getting an OAuth 2.0 token.
See https://developers.google.com/identity/protocols/OAuth2WebServer

raw docstring

base64^clj

(base64 to-encode)

source

credential-scopes^clj

(credential-scopes credentials)

source

exchange-code^clj

(exchange-code request
               {:as config
                :keys [token_uri client_id client_secret redirect_uri]}
               code
               code_verifier)

Step 5: Exchange authorization code for refresh and access tokens. When the user is redirected back to your app from Google with a short-lived code, exchange the code for a long-lived access token.

Step 5: Exchange authorization code for refresh and access tokens.
When the user is redirected back to your app from Google with a short-lived code,
exchange the code for a long-lived access token.

source raw docstring

has-some-scope?^clj

(has-some-scope? credentials scopes)

Test if any of the sufficient scopes is present in the token.

While scopes in APIs can have a hierarchy, all sufficient scopes for an API need to be listed explicitly.

E.g. Google's discovery docs follow that rule and list all possible scopes. whenever you see a https://www.googleapis.com/auth/spreadsheets.readonly scope, the more powerful https://www.googleapis.com/auth/spreadsheets scope will be listed, too.

Test if any of the sufficient scopes is present in the token.

While scopes in APIs can have a hierarchy,
all sufficient scopes for an API need to be listed explicitly.

E.g. Google's discovery docs follow that rule and list all possible scopes.
whenever you see a https://www.googleapis.com/auth/spreadsheets.readonly scope,
the more powerful https://www.googleapis.com/auth/spreadsheets scope will be listed, too.

source raw docstring

(provider-login-url config scopes)

(provider-login-url {:as config
                     :keys [auth_uri client_id redirect_uri]
                     {:keys [query-string]} :fns}
                    scopes
                    optional)

Step 1: Set authorization parameters. Builds the URL to send the user to for them to authorize your app. For local testing you can paste this URL into your browser, or call (clojure.java.browse/browse-url (provider-login-url my-config scopes optional)). In your app you need to send your user to this URL, usually with a redirect response. For valid optional params, see https://developers.google.com/identity/protocols/oauth2/web-server#httprest_1, noting that state is strongly recommended.

Step 1: Set authorization parameters.
Builds the URL to send the user to for them to authorize your app.
For local testing you can paste this URL into your browser,
or call (clojure.java.browse/browse-url (provider-login-url my-config scopes optional)).
In your app you need to send your user to this URL, usually with a redirect response.
For valid optional params, see https://developers.google.com/identity/protocols/oauth2/web-server#httprest_1,
noting that `state` is strongly recommended.

source raw docstring

refresh-credentials^clj

(refresh-credentials request
                     {:as config
                      :keys [token_uri client_id client_secret client_email
                             private_key]}
                     scopes
                     {:as credentials :keys [refresh_token]})

Given a config map, and a credentials map containing either a refresh_token or private_key, fetches a new access token. Returns credentials if successful (a map containing an access token). Refresh tokens eventually expire, and attempts to refresh will fail with 401. Therefore, calls that could cause a refresh should catch 401 exceptions, call set-authorization-parameters and redirect.

Given a config map, and a credentials map containing either a refresh_token or private_key,
fetches a new access token.
Returns credentials if successful (a map containing an access token).
Refresh tokens eventually expire, and attempts to refresh will fail with 401.
Therefore, calls that could cause a refresh should catch 401 exceptions,
call set-authorization-parameters and redirect.

source raw docstring

refreshable?^clj

(refreshable? {:as config :keys [private_key]}
              {:as credentials :keys [refresh_token]})

source

revoke-token^clj

(revoke-token request
              {:as config :keys [token_uri]}
              {:as credentials :keys [access_token refresh_token]})

Given a credentials map containing either an access token or refresh token, revokes it.

Given a credentials map containing either an access token or refresh token, revokes it.

source raw docstring

valid?^clj

(valid? {:as credentials :keys [expires_at access_token]})

source

with-timestamp^clj

(with-timestamp {:as credentials :keys [expires_in]})

The server won't give us the time of day, so let's check our clock.

The server won't give us the time of day, so let's check our clock.

source raw docstring

cljdoc builds & hosts documentation for Clojure/Script libraries

Keyboard shortcuts

`Ctrl`+`k`	Jump to recent docs
`←`	Move to previous article
`→`	Move to next article
`Ctrl`+`/`	Jump to the search field

Raise an issue Browse cljdoc source Chat on Slack

× close