geheimtur.impl.oauth2
authenticate-handlerclj
(authenticate-handler providers-map-or-fn)Creates a handler that redirects users to OAuth2 service providers using a providers configuration map or a function.
Example: (def providers {:github {:auth-url "https://github.com/login/oauth/authorize" :client-id "your-client-id" :client-secret "your-client-secret" :scope "user:email" :client-params {:foo "bar"} :create-state-fn (fn [req] (generate-a-token req)) :check-state-fn (fn [context state token] (and state token (= state token))) :token-url "https://github.com/login/oauth/access_token" :token-parse-fn (fn [resp] (parse-string (:body resp))) :user-info-url "https://api.github.com/user" :user-info-parse-fn (fn [resp] (parse-string (:body resp))) :on-success-handler on-github-success}})
The following keys in provider's configuration are optional: :client-params - a map of extra query parameters to be included in the authorization request :create-state-fn - a function that accepts the authentication request and returns a state token. :check-state-fn - a function that accepts the context, the state token in the callback request, and the one stored in the session and returns true if they match. :token-parse-fn - a function that accepts the token endpoint response and returns a map with the parsed OAuth2 token response. The successfuly parsed response must have at least :access_token key. :user-info-url - if defined, will be used to get user's details after successful access token acquisition :user-info-parse-fn - if defined, will be applied to the response of user's details endpoint :on-success-handler - a function that accepts a request context and an obtained identity/access token map and returns a correct ring response. It is called only if an identity/access token is resolved.
Creates a handler that redirects users to OAuth2 service providers using a providers configuration map or a function.
Example:
(def providers
{:github {:auth-url "https://github.com/login/oauth/authorize"
:client-id "your-client-id"
:client-secret "your-client-secret"
:scope "user:email"
:client-params {:foo "bar"}
:create-state-fn (fn [req] (generate-a-token req))
:check-state-fn (fn [context state token] (and state token (= state token)))
:token-url "https://github.com/login/oauth/access_token"
:token-parse-fn (fn [resp] (parse-string (:body resp)))
:user-info-url "https://api.github.com/user"
:user-info-parse-fn (fn [resp] (parse-string (:body resp)))
:on-success-handler on-github-success}})
The following keys in provider's configuration are optional:
:client-params - a map of extra query parameters to be included in the authorization request
:create-state-fn - a function that accepts the authentication request and returns a state token.
:check-state-fn - a function that accepts the context, the state token in the callback request,
and the one stored in the session and returns true if they match.
:token-parse-fn - a function that accepts the token endpoint response and returns a map with the parsed
OAuth2 token response. The successfuly parsed response must have at least :access_token key.
:user-info-url - if defined, will be used to get user's details after successful access token acquisition
:user-info-parse-fn - if defined, will be applied to the response of user's details endpoint
:on-success-handler - a function that accepts a request context and an obtained identity/access token map and returns a correct ring response.
It is called only if an identity/access token is resolved.callback-handlerclj
(callback-handler providers-map-or-fn)Creates an OAuth callback handler using on a service providers configuration map or a function.
If authentication flow fails for any reason, the user will be redirected to /unauthorized url.
Creates an OAuth callback handler using on a service providers configuration map or a function. If authentication flow fails for any reason, the user will be redirected to /unauthorized url.
create-afs-tokenclj
(create-afs-token _)Creates a random state token to prevent request forgery.
Creates a random state token to prevent request forgery.
create-urlclj
(create-url url query)Creates a URL from a url string and a map with query parameters.
Creates a URL from a url string and a map with query parameters.
fetch-tokenclj
(fetch-token code
{:keys [token-url client-id client-secret callback-uri
token-parse-fn]
:as provider})Fetches an OAuth access token using the given code and provider's configuration.
Fetches an OAuth access token using the given code and provider's configuration.
fetch-user-infoclj
(fetch-user-info token url response-parse-fn)resolve-identityclj
(resolve-identity {:keys [access_token expires_in refresh_token] :as token}
{:keys [user-info-url user-info-parse-fn]})Resolves user's identity based on provider's configuration.
Accepts: token - an OAuth access token response. Must contain at least :access_token. provider - a provider's configuration
Resolves user's identity based on provider's configuration.
Accepts:
token - an OAuth access token response. Must contain at least :access_token.
provider - a provider's configurationcljdoc is a website building & hosting documentation for Clojure/Script libraries
× close