Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

optionally parse refresh tokens from authorization code exchange #25

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

optionally parse refresh tokens from authorization code exchange #25

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions src/friend_oauth2/util.clj
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,14 @@
[{body :body}]
(-> body (parse-string true) :access_token))

(defn make-access-token-parser
"creates an fn [resp] that applies the provided parser and
wraps its result (if available) in a map"
[parser]
(fn [token-resp]
(when-let [t (extract-access-token token-resp)]
{:access-token t})))

(defn get-access-token-from-params
"Alternate function to allow retrieve
access_token when passed in as form params."
Expand Down
23 changes: 13 additions & 10 deletions src/friend_oauth2/workflow.clj
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,15 +17,18 @@
(or (:login-uri config) (-> request ::friend/auth-config :login-uri)))))

(defn- request-token
"POSTs request to OAauth2 provider for authorization token."
[{:keys [uri-config access-token-parsefn]} code]
"Exchanges authorization code for access token & refresh token if provided. Response
from provider is parsed with response-parse-fn if provided, otherwise access-token-parsefn
is used if given."
[{:keys [uri-config access-token-parsefn response-parse-fn]} code]
(let [access-token-uri (:access-token-uri uri-config)
query-map (merge {:grant_type "authorization_code"}
(util/replace-authz-code access-token-uri code))
token-url (assoc access-token-uri :query query-map)
token-response (client/post (:url token-url) {:form-params (:query token-url)})
token-parse-fn (or access-token-parsefn util/extract-access-token)]
(token-parse-fn token-response)))
query-map (assoc (util/replace-authz-code access-token-uri code)
:grant_type "authorization_code")
token-parse-fn (or response-parse-fn
(util/make-access-token-parser (or access-token-parsefn
util/extract-access-token)))]
(token-parse-fn (client/post (:url access-token-uri)
{:form-params query-map}))))

(defn- redirect-to-provider!
"Redirects user to OAuth2 provider. Code should be in response."
Expand All @@ -48,9 +51,9 @@
session-state (util/extract-anti-forgery-token request)]
(if (and (not (nil? code))
(= state session-state))
(when-let [access-token (request-token config code)]
(when-let [token (request-token config code)]
(when-let [auth-map ((:credential-fn config default-credential-fn)
{:access-token access-token})]
token)]
(vary-meta auth-map merge {::friend/workflow :oauth2
::friend/redirect-on-auth? true
:type ::friend/auth})))
Expand Down