Liking cljdoc? Tell your friends :D

oauth2-client.ring


default-authorization-error-responseclj

(default-authorization-error-response {:keys [params] :as request})

Returns 500 error response for a problem with the authorization request to the provider. See: https://tools.ietf.org/html/rfc6749#section-4.1.2.1

Returns 500 error response for a problem with the authorization
request to the provider. See:
https://tools.ietf.org/html/rfc6749#section-4.1.2.1
sourceraw docstring

default-authorization-failure-responseclj

(default-authorization-failure-response {:keys [data] :as clj-http-exception})
source

default-state-mismatch-responseclj

(default-state-mismatch-response redirect-response original-request)

Returns 500 error response for state (for CSRF protection) mismatch.

Returns 500 error response for state (for CSRF protection) mismatch.
sourceraw docstring

default-token-request-error-responseclj

(default-token-request-error-response {:keys [body] :as request})

Returns 500 error response for a problem with the token request to the provider. See: https://tools.ietf.org/html/rfc6749#section-5.2

Returns 500 error response for a problem with the token request to
the provider. See: https://tools.ietf.org/html/rfc6749#section-5.2
sourceraw docstring

do-authorizedclj

(do-authorized oauth2-config request resource-request-fn)
(do-authorized oauth2-config request resource-request-fn format-response-fn)
(do-authorized oauth2-config
               request
               resource-request-fn
               format-response-fn
               authorization-failure-response)

Makes an authorized request via authorized-fn, passing in the access_token stored in the session at the path [:oauth2 <provider> :access_token], or alternatively, if no access_token exists, it will initiate the process of requesting an authorization grant per

(<provider> will either be the value explicitly set at the :provider key in the oauth2-config map, or the authorization-uri will be used as a placeholder for this.)

RFC6749 section 4.1 (https://tools.ietf.org/html/rfc6749#section-4.1).

TODO: Handle refresh tokens (https://tools.ietf.org/html/rfc6749#section-1.5)

Makes an authorized request via authorized-fn, passing in the
access_token stored in the session at the path [:oauth2 <provider>
:access_token], or alternatively, if no access_token exists, it will
initiate the process of requesting an authorization grant per

(<provider> will either be the value explicitly set at the :provider
key in the oauth2-config map, or the authorization-uri will be used
as a placeholder for this.)

RFC6749 section 4.1
(https://tools.ietf.org/html/rfc6749#section-4.1).

TODO: Handle refresh tokens (https://tools.ietf.org/html/rfc6749#section-1.5)
sourceraw docstring

IParseBodycljprotocol

parse-bodyclj

(parse-body body)
source

oauth2-authorization-redirectclj

(oauth2-authorization-redirect oauth2-config session-path original-request-uri)

Creates a ring redirect response with the authoriation-uri for the provider. Adds a state value to the session for confirmation when the callback endpoint is hit, and sets the original request uri for later use, upon receiving the access_token.

Creates a ring redirect response with the authoriation-uri for the
provider. Adds a state value to the session for confirmation when
the callback endpoint is hit, and sets the original request uri for
later use, upon receiving the access_token.
sourceraw docstring

oauth2-callback-handlerclj

(oauth2-callback-handler oauth2-config request)
(oauth2-callback-handler oauth2-config
                         {:keys [session params] :as request}
                         {:keys [state-mismatch-response
                                 authorization-error-response
                                 token-request-error-response]})

Takes an oauth2-config and the resource owner's redirect Ring request back to the client after the user has authenticated.

The state value returned by the resource owner is compared to the state value set and stored in the session at the path [:oauth :state]. If there is a mismatch, the state-mismatch-response is returned. Otherwise, the access token is requested from the resource owner, and the user is redirected to the route originally requested, stored in the session at the path [:oauth <provider> :redirect-on-auth].

(<provider> will either be the value explicitly set at the :provider key in the oauth2-config map, or the authorization-uri will be used as a placeholder for this.)

By default the function default-state-mismatch-response is used to generate the state-mismatch response, but an alternative response can optionally be passed in as the third argument.

This function implements functionality corresponding to sections 4.1.2 through 4.1.4 of RFC6749.

https://tools.ietf.org/html/rfc6749#section-4.1.2

TODO: implement error handling for authorization code grant error response (per section 4.1.2.1) https://tools.ietf.org/html/rfc6749#section-4.1.2.1

TODO: implement error handling for token error response (per section 5.2) https://tools.ietf.org/html/rfc6749#section-5.2

Takes an oauth2-config and the resource owner's redirect Ring
request back to the client after the user has authenticated.

The state value returned by the resource owner is compared to the
state value set and stored in the session at the path [:oauth
:state]. If there is a mismatch, the state-mismatch-response is
returned. Otherwise, the access token is requested from the resource
owner, and the user is redirected to the route originally requested,
stored in the session at the path [:oauth <provider> :redirect-on-auth].

(<provider> will either be the value explicitly set at the :provider
key in the oauth2-config map, or the authorization-uri will be used
as a placeholder for this.)

By default the function default-state-mismatch-response is used
to generate the state-mismatch response, but an alternative response
can optionally be passed in as the third argument.

This function implements functionality corresponding to sections
4.1.2 through 4.1.4 of RFC6749.

https://tools.ietf.org/html/rfc6749#section-4.1.2

TODO: implement error handling for authorization code grant error
 response (per section 4.1.2.1) https://tools.ietf.org/html/rfc6749#section-4.1.2.1

TODO: implement error handling for token error response
 (per section 5.2) https://tools.ietf.org/html/rfc6749#section-5.2
sourceraw docstring

oauth2-redirect-responseclj

(oauth2-redirect-response oauth2-config session)

Accepts a session map and returns a redirect response for the path at the session key-path [:oauth2 :redirect-on-auth], with the session added back into the response.

Accepts a session map and returns a redirect response for the path
at the session key-path [:oauth2 :redirect-on-auth], with the
session added back into the response.
sourceraw docstring

set-session-pathclj

(set-session-path {:keys [session-path authorization-uri] :as oauth2-config})

Helper to produce a valid path for OAuth2 data which needs to be stored in the session. Heuristics are: if we have a vector for session-path, we return that; if we have a keyword we return a vector prefixed with the :oauth2 keyword; otherwise we return a vector in the format [:oauth2 <authorization-url>].

Helper to produce a valid path for OAuth2 data which needs to be
stored in the session.  Heuristics are: if we have a vector for
session-path, we return that; if we have a keyword we return a vector
prefixed with the :oauth2 keyword; otherwise we return a vector in
the format [:oauth2 <authorization-url>].
sourceraw docstring

store-access-tokenclj

(store-access-token access-token-response response oauth2-config)

Extracts the values returned in the access token response and returns the Ring response passed in with these values stored in the session.

Extracts the values returned in the access token response and
returns the Ring response passed in with these values stored in
the session.
sourceraw docstring

cljdoc is a website building & hosting documentation for Clojure/Script libraries

× close