solcates / solcates-elm-oauth2 / OAuth.ClientCredentials

The client can request an access token using only its client credentials (or other supported means of authentication) when the client is requesting access to the protected resources under its control, or those of another resource owner that have been previously arranged with the authorization server (the method of which is beyond the scope of this specification).

There's only one step in this process:

After this step, the client owns a Token that can be used to authorize any subsequent request.

Authenticate

makeTokenRequest : (Result Http.Error AuthenticationSuccess -> msg) -> Authentication -> RequestParts msg

Builds a the request components required to get a token from client credentials

let req : Http.Request TokenResponse
    req = makeTokenRequest toMsg authentication |> Http.request


type alias Authentication =
{ credentials : Credentials
, url : Url
, scope : List String 
}

Request configuration for a ClientCredentials authentication


type alias Credentials =
{ clientId : String
, secret : String 
}

Describes a couple of client credentials used for Basic authentication

  { clientId = "<my-client-id>"
  , secret = "<my-client-secret>"
  }


type alias AuthenticationSuccess =
{ token : OAuth.Token
, refreshToken : Maybe OAuth.Token
, expiresIn : Maybe Basics.Int
, scope : List String 
}

The response obtained as a result of an authentication (implicit or not)


type alias AuthenticationError =
{ error : OAuth.ErrorCode
, errorDescription : Maybe String
, errorUri : Maybe String 
}

Describes an OAuth error as a result of a request failure


type alias RequestParts a =
{ method : String
, headers : List Http.Header
, url : String
, body : Http.Body
, expect : Http.Expect a
, timeout : Maybe Basics.Float
, tracker : Maybe String 
}

Parts required to build a request. This record is given to Http.request in order to create a new request and may be adjusted at will.

JSON Decoders

defaultAuthenticationSuccessDecoder : Json.Decode.Decoder AuthenticationSuccess

Json decoder for a positive response. You may provide a custom response decoder using other decoders from this module, or some of your own craft.

defaultAuthenticationSuccessDecoder : Decoder AuthenticationSuccess
defaultAuthenticationSuccessDecoder =
    D.map4 AuthenticationSuccess
        tokenDecoder
        refreshTokenDecoder
        expiresInDecoder
        scopeDecoder

defaultAuthenticationErrorDecoder : Json.Decode.Decoder AuthenticationError

Json decoder for an errored response.

case res of
    Err (Http.BadStatus { body }) ->
        case Json.decodeString OAuth.ClientCredentials.defaultAuthenticationErrorDecoder body of
            Ok { error, errorDescription } ->
                doSomething

            _ ->
                parserFailed

    _ ->
        someOtherError

JSON Decoders (advanced)

defaultExpiresInDecoder : Json.Decode.Decoder (Maybe Basics.Int)

Json decoder for an 'expire' timestamp

defaultScopeDecoder : Json.Decode.Decoder (List String)

Json decoder for a 'scope'

lenientScopeDecoder : Json.Decode.Decoder (List String)

Json decoder for a 'scope', allowing comma- or space-separated scopes

defaultTokenDecoder : Json.Decode.Decoder OAuth.Token

Json decoder for an 'access_token'

defaultRefreshTokenDecoder : Json.Decode.Decoder (Maybe OAuth.Token)

Json decoder for a 'refresh_token'

defaultErrorDecoder : Json.Decode.Decoder OAuth.ErrorCode

Json decoder for 'error' field

defaultErrorDescriptionDecoder : Json.Decode.Decoder (Maybe String)

Json decoder for 'error_description' field

defaultErrorUriDecoder : Json.Decode.Decoder (Maybe String)

Json decoder for 'error_uri' field