CPub v0.3.0

CPub.Web.Authorization (CPub v0.3.0) View Source

An OAuth 2.0 Authorization.

An CPub.Web.Authorization.Authorization includes a code that can be used to obtain a CPub.Web.Authorization.Token. The token can be used to access resources. The Authorization can only be used once and is valid for only 10 minutes after creation.

The CPub.Web.Authorization.Authorization remains in the database and can be reused to refresh a token (see https://tools.ietf.org/html/rfc6749#section-6) until it is explicitly revoked (deleted). On deletion all CPub.Web.Authorization.Tokens that were created based on the Authorization are revoked (deleted).

Protected routes have a authorization assigned (see CPub.Web.Authorization.AuthorizationPlug).

Link to this section Summary

Types

t()

Functions

create(user, scope)

Create a new Authorization for the given user and scope without associating a client.

create(user, client, scope)

Create a new Authorization for the given user, client and scope.

expired?(authentication)

Returns true if the Authorization has expired (has been created more than 10 minutes ago).

get(id)

Get an authorization by id.

get_by_code(code)

Get an authorization by the code.

get_by_refresh_token(token)

Get an authorization by the refresh token.

use_code!(authorization)

Mark the authorization code as used.

valid_for()

Returns the number of seconds the Authorization code is valid for after initial creation.

Link to this section Types

Link to this type

t()

View Source

Specs

t() :: %CPub.Web.Authorization{
  __meta__: term(),
  authorization_code: String.t(),
  client: String.t(),
  code_used: bool(),
  created_at: NaiveDateTime.t(),
  id: String.t(),
  refresh_token: String.t(),
  scope: [atom()],
  user: String.t()
}

Link to this section Functions

Link to this function

create(user, scope)

View Source

Specs

create(CPub.User.t(), [String.t()]) :: {:ok, t()} | {:error, any()}

Create a new Authorization for the given user and scope without associating a client.

Link to this function

create(user, client, scope)

View Source

Specs

create(CPub.User.t(), CPub.Web.Authorization.Client.t(), [String.t() | atom()]) ::
  {:ok, t()} | {:error, any()}

Create a new Authorization for the given user, client and scope.

Link to this function

expired?(authentication)

View Source

Specs

expired?(t()) :: bool()

Returns true if the Authorization has expired (has been created more than 10 minutes ago).

Link to this function

get(id)

View Source

Specs

get(String.t()) :: {:ok, t()} | {:error, any()}

Get an authorization by id.

Link to this function

get_by_code(code)

View Source

Specs

get_by_code(String.t()) :: {:ok, t()} | {:error, any()}

Get an authorization by the code.

Link to this function

get_by_refresh_token(token)

View Source

Specs

get_by_refresh_token(String.t()) :: {:ok, t()} | {:error, any()}

Get an authorization by the refresh token.

Link to this function

use_code!(authorization)

View Source

Specs

use_code!(t()) :: {:ok, t()} | {:error, any()}

Mark the authorization code as used.

Link to this function

valid_for()

View Source

Specs

valid_for() :: non_neg_integer()

Returns the number of seconds the Authorization code is valid for after initial creation.