oauth2-client.ring
default-authorization-error-responseclj
(default-authorization-error-response {:keys [params] :as request})Returns 500 error response for a problem with the authorization request to the provider. See: https://tools.ietf.org/html/rfc6749#section-4.1.2.1
Returns 500 error response for a problem with the authorization request to the provider. See: https://tools.ietf.org/html/rfc6749#section-4.1.2.1
default-authorization-failure-responseclj
(default-authorization-failure-response {:keys [data] :as clj-http-exception})default-state-mismatch-responseclj
(default-state-mismatch-response redirect-response original-request)Returns 500 error response for state (for CSRF protection) mismatch.
Returns 500 error response for state (for CSRF protection) mismatch.
default-token-request-error-responseclj
(default-token-request-error-response {:keys [body] :as request})Returns 500 error response for a problem with the token request to the provider. See: https://tools.ietf.org/html/rfc6749#section-5.2
Returns 500 error response for a problem with the token request to the provider. See: https://tools.ietf.org/html/rfc6749#section-5.2
do-authorizedclj
(do-authorized oauth2-config request resource-request-fn)(do-authorized oauth2-config request resource-request-fn format-response-fn)(do-authorized oauth2-config
request
resource-request-fn
format-response-fn
authorization-failure-response)Makes an authorized request via authorized-fn, passing in the access_token stored in the session at the path [:oauth2 <provider> :access_token], or alternatively, if no access_token exists, it will initiate the process of requesting an authorization grant per
(<provider> will either be the value explicitly set at the :provider key in the oauth2-config map, or the authorization-uri will be used as a placeholder for this.)
RFC6749 section 4.1 (https://tools.ietf.org/html/rfc6749#section-4.1).
TODO: Handle refresh tokens (https://tools.ietf.org/html/rfc6749#section-1.5)
Makes an authorized request via authorized-fn, passing in the access_token stored in the session at the path [:oauth2 <provider> :access_token], or alternatively, if no access_token exists, it will initiate the process of requesting an authorization grant per (<provider> will either be the value explicitly set at the :provider key in the oauth2-config map, or the authorization-uri will be used as a placeholder for this.) RFC6749 section 4.1 (https://tools.ietf.org/html/rfc6749#section-4.1). TODO: Handle refresh tokens (https://tools.ietf.org/html/rfc6749#section-1.5)
oauth2-authorization-redirectclj
(oauth2-authorization-redirect oauth2-config session-path original-request-uri)Creates a ring redirect response with the authoriation-uri for the provider. Adds a state value to the session for confirmation when the callback endpoint is hit, and sets the original request uri for later use, upon receiving the access_token.
Creates a ring redirect response with the authoriation-uri for the provider. Adds a state value to the session for confirmation when the callback endpoint is hit, and sets the original request uri for later use, upon receiving the access_token.
oauth2-callback-handlerclj
(oauth2-callback-handler oauth2-config request)(oauth2-callback-handler oauth2-config
{:keys [session params] :as request}
{:keys [state-mismatch-response
authorization-error-response
token-request-error-response]})Takes an oauth2-config and the resource owner's redirect Ring request back to the client after the user has authenticated.
The state value returned by the resource owner is compared to the state value set and stored in the session at the path [:oauth :state]. If there is a mismatch, the state-mismatch-response is returned. Otherwise, the access token is requested from the resource owner, and the user is redirected to the route originally requested, stored in the session at the path [:oauth <provider> :redirect-on-auth].
(<provider> will either be the value explicitly set at the :provider key in the oauth2-config map, or the authorization-uri will be used as a placeholder for this.)
By default the function default-state-mismatch-response is used to generate the state-mismatch response, but an alternative response can optionally be passed in as the third argument.
This function implements functionality corresponding to sections 4.1.2 through 4.1.4 of RFC6749.
https://tools.ietf.org/html/rfc6749#section-4.1.2
TODO: implement error handling for authorization code grant error response (per section 4.1.2.1) https://tools.ietf.org/html/rfc6749#section-4.1.2.1
TODO: implement error handling for token error response (per section 5.2) https://tools.ietf.org/html/rfc6749#section-5.2
Takes an oauth2-config and the resource owner's redirect Ring request back to the client after the user has authenticated. The state value returned by the resource owner is compared to the state value set and stored in the session at the path [:oauth :state]. If there is a mismatch, the state-mismatch-response is returned. Otherwise, the access token is requested from the resource owner, and the user is redirected to the route originally requested, stored in the session at the path [:oauth <provider> :redirect-on-auth]. (<provider> will either be the value explicitly set at the :provider key in the oauth2-config map, or the authorization-uri will be used as a placeholder for this.) By default the function default-state-mismatch-response is used to generate the state-mismatch response, but an alternative response can optionally be passed in as the third argument. This function implements functionality corresponding to sections 4.1.2 through 4.1.4 of RFC6749. https://tools.ietf.org/html/rfc6749#section-4.1.2 TODO: implement error handling for authorization code grant error response (per section 4.1.2.1) https://tools.ietf.org/html/rfc6749#section-4.1.2.1 TODO: implement error handling for token error response (per section 5.2) https://tools.ietf.org/html/rfc6749#section-5.2
oauth2-redirect-responseclj
(oauth2-redirect-response oauth2-config session)Accepts a session map and returns a redirect response for the path at the session key-path [:oauth2 :redirect-on-auth], with the session added back into the response.
Accepts a session map and returns a redirect response for the path at the session key-path [:oauth2 :redirect-on-auth], with the session added back into the response.
set-session-pathclj
(set-session-path {:keys [session-path authorization-uri] :as oauth2-config})Helper to produce a valid path for OAuth2 data which needs to be stored in the session. Heuristics are: if we have a vector for session-path, we return that; if we have a keyword we return a vector prefixed with the :oauth2 keyword; otherwise we return a vector in the format [:oauth2 <authorization-url>].
Helper to produce a valid path for OAuth2 data which needs to be stored in the session. Heuristics are: if we have a vector for session-path, we return that; if we have a keyword we return a vector prefixed with the :oauth2 keyword; otherwise we return a vector in the format [:oauth2 <authorization-url>].
store-access-tokenclj
(store-access-token access-token-response response oauth2-config)Extracts the values returned in the access token response and returns the Ring response passed in with these values stored in the session.
Extracts the values returned in the access token response and returns the Ring response passed in with these values stored in the session.
cljdoc is a website building & hosting documentation for Clojure/Script libraries
× close