Dynamic client registration per RFC 7591 and client configuration management per RFC 7592.
Provides handle-registration-request for processing client registration
requests, handle-client-read for reading client configuration,
handle-client-update for replacing client metadata, and
handle-client-delete for deregistration. Accepts keyword maps and converts
to kebab-case for internal storage via oidc-provider.protocol/ClientStore.
Dynamic client registration per RFC 7591 and client configuration management per RFC 7592. Provides [[handle-registration-request]] for processing client registration requests, [[handle-client-read]] for reading client configuration, [[handle-client-update]] for replacing client metadata, and [[handle-client-delete]] for deregistration. Accepts keyword maps and converts to kebab-case for internal storage via [[oidc-provider.protocol/ClientStore]].
(handle-client-delete store client-id access-token)Handles RFC 7592 §2.3 client delete (deregistration) requests.
Takes the store, client-id, and bearer access-token. Authenticates the
request and removes the client from the store. Returns nil on success.
Throws ex-info with "invalid_token" on auth failure.
Handles RFC 7592 §2.3 client delete (deregistration) requests. Takes the `store`, `client-id`, and bearer `access-token`. Authenticates the request and removes the client from the store. Returns nil on success. Throws `ex-info` with `"invalid_token"` on auth failure.
(handle-client-read store client-id access-token)Handles RFC 7592 client read requests.
Takes the store implementing oidc-provider.protocol/ClientStore,
client-id, and the bearer access-token presented by the caller.
Returns the client configuration map if the token is valid.
Throws ex-info with "invalid_token" when the client is unknown or the
token does not match.
Handles RFC 7592 client read requests. Takes the `store` implementing [[oidc-provider.protocol/ClientStore]], `client-id`, and the bearer `access-token` presented by the caller. Returns the client configuration map if the token is valid. Throws `ex-info` with `"invalid_token"` when the client is unknown or the token does not match.
(handle-client-update store client-id access-token request)Handles RFC 7592 §2.2 client update requests.
Takes the store, client-id, bearer access-token, and the updated
metadata request map with keyword keys. The request is a full replacement
of mutable metadata; immutable fields (client_id, client_secret,
registration_access_token) are ignored per RFC 7592 §2.2.
Returns the updated client configuration map.
Throws ex-info with "invalid_token" on auth failure or
"invalid_client_metadata" on validation errors.
Handles RFC 7592 §2.2 client update requests. Takes the `store`, `client-id`, bearer `access-token`, and the updated metadata `request` map with keyword keys. The request is a full replacement of mutable metadata; immutable fields (`client_id`, `client_secret`, `registration_access_token`) are ignored per RFC 7592 §2.2. Returns the updated client configuration map. Throws `ex-info` with `"invalid_token"` on auth failure or `"invalid_client_metadata"` on validation errors.
(handle-registration-request request client-store)(handle-registration-request request client-store opts)Processes a dynamic client registration request per RFC 7591.
Takes a request map with keyword keys, a client-store implementing
oidc-provider.protocol/ClientStore, and an optional opts map. The opts
map supports :clock (a java.time.Clock, defaults to UTC) for generating
client_id_issued_at, :registration-endpoint (a base URL string) for
constructing registration_client_uri per RFC 7592, and :scopes-supported
(a sequence of scope strings) used as the default scopes when the client
omits the scope field per RFC 7591 §2.
Throws ex-info with "invalid_client_metadata" message on validation errors.
Processes a dynamic client registration request per RFC 7591. Takes a `request` map with keyword keys, a `client-store` implementing [[oidc-provider.protocol/ClientStore]], and an optional `opts` map. The `opts` map supports `:clock` (a `java.time.Clock`, defaults to UTC) for generating `client_id_issued_at`, `:registration-endpoint` (a base URL string) for constructing `registration_client_uri` per RFC 7592, and `:scopes-supported` (a sequence of scope strings) used as the default scopes when the client omits the `scope` field per RFC 7591 §2. Throws `ex-info` with `"invalid_client_metadata"` message on validation errors.
Malli schema for an RFC 7591 client registration request.
Malli schema for an RFC 7591 client registration request.
Malli schema for an RFC 7591 client registration response.
Malli schema for an RFC 7591 client registration response.
cljdoc builds & hosts documentation for Clojure/Script libraries
| Ctrl+k | Jump to recent docs |
| ← | Move to previous article |
| → | Move to next article |
| Ctrl+/ | Jump to the search field |