Authorization endpoint implementation for OAuth2/OIDC.
Authorization endpoint implementation for OAuth2/OIDC.
Malli schema for authorization request parameters.
Malli schema for authorization request parameters.
Malli schema for authorization response.
Malli schema for authorization response.
(build-redirect-url {:keys [redirect-uri params]})Builds the redirect URL with query parameters.
Takes an authorization response map (from handle-authorization-approval or
handle-authorization-denial) containing a redirect URI and parameters. URL-encodes
the parameters and appends them to the redirect URI as query parameters, properly
handling whether the URI already contains a query string. Returns the complete
redirect URL string.
Builds the redirect URL with query parameters. Takes an authorization response map (from [[handle-authorization-approval]] or [[handle-authorization-denial]]) containing a redirect URI and parameters. URL-encodes the parameters and appends them to the redirect URI as query parameters, properly handling whether the URI already contains a query string. Returns the complete redirect URL string.
(handle-authorization-approval {:keys [response_type client_id redirect_uri
scope state nonce code_challenge
code_challenge_method resource]}
user-id
provider-config
code-store)Handles user approval of authorization request.
Takes a parsed authorization request (from parse-authorization-request), the
user ID of the approving user, provider configuration, and an AuthorizationCodeStore.
Generates an authorization code, calculates its expiry time, parses the requested
scopes, and saves the authorization code to the store. Returns an authorization
response map containing the redirect URI and response parameters (including the code
and optional state). Currently supports response_type "code"; throws ex-info for
unsupported response types.
Handles user approval of authorization request. Takes a parsed authorization request (from [[parse-authorization-request]]), the user ID of the approving user, provider configuration, and an AuthorizationCodeStore. Generates an authorization code, calculates its expiry time, parses the requested scopes, and saves the authorization code to the store. Returns an authorization response map containing the redirect URI and response parameters (including the code and optional state). Currently supports response_type "code"; throws ex-info for unsupported response types.
(handle-authorization-denial {:keys [redirect_uri state]}
error-code
error-description)Handles user denial of authorization request.
Takes a parsed authorization request, an OAuth2 error code (defaults to "access_denied" if not provided), and a human-readable error description. Builds an authorization response map containing the redirect URI and error parameters. Returns the response map with the error, optional error description, and optional state parameter.
Handles user denial of authorization request. Takes a parsed authorization request, an OAuth2 error code (defaults to "access_denied" if not provided), and a human-readable error description. Builds an authorization response map containing the redirect URI and error parameters. Returns the response map with the error, optional error description, and optional state parameter.
(parse-authorization-request query-string client-store)Parses and validates an authorization request.
Takes a URL query string from the authorization endpoint and a ClientStore implementation. Parses the query parameters, validates them against the AuthorizationRequest schema, looks up the client, and validates the redirect URI, response type, scopes, and PKCE parameters. Returns the validated request map. Throws ex-info on validation errors or if the client is unknown.
Parses and validates an authorization request. Takes a URL query string from the authorization endpoint and a ClientStore implementation. Parses the query parameters, validates them against the AuthorizationRequest schema, looks up the client, and validates the redirect URI, response type, scopes, and PKCE parameters. Returns the validated request map. Throws ex-info on validation errors or if the client is unknown.
cljdoc builds & hosts documentation for Clojure/Script libraries
| Ctrl+k | Jump to recent docs |
| ← | Move to previous article |
| → | Move to next article |
| Ctrl+/ | Jump to the search field |