defmodule Ueberauth.Strategy.IcyNet.OAuth do @moduledoc """ An implementation of OAuth2 for icynet. To add your `client_id` and `client_secret` include these values in your configuration. config :ueberauth, Ueberauth.Strategy.IcyNet.OAuth, client_id: System.get_env("ICYNET_CLIENT_ID"), client_secret: System.get_env("ICYNET_CLIENT_SECRET") """ use OAuth2.Strategy @defaults [ strategy: __MODULE__, site: "https://secure.icynet.eu", authorize_url: "https://secure.icynet.eu/oauth2/authorize", token_url: "https://secure.icynet.eu/oauth2/token", token_method: :post ] @doc """ Construct a client for requests to IcyNet. Optionally include any OAuth2 options here to be merged with the defaults. Ueberauth.Strategy.IcyNet.OAuth.client(redirect_uri: "http://localhost:4000/auth/icynet/callback") This will be setup automatically for you in `Ueberauth.Strategy.IcyNet`. These options are only useful for usage outside the normal callback phase of Ueberauth. """ def client(opts \\ []) do config = :ueberauth |> Application.fetch_env!(Ueberauth.Strategy.IcyNet.OAuth) |> check_credential(:client_id) |> check_credential(:client_secret) client_opts = @defaults |> Keyword.merge(config) |> Keyword.merge(opts) json_library = Ueberauth.json_library() OAuth2.Client.new(client_opts) |> OAuth2.Client.put_serializer("application/json", json_library) end @doc """ Provides the authorize url for the request phase of Ueberauth. No need to call this usually. """ def authorize_url!(params \\ [], opts \\ []) do opts |> client |> OAuth2.Client.authorize_url!(params) end def get(token, url, headers \\ [], opts \\ []) do [token: token] |> client |> put_param("access_token", token) |> OAuth2.Client.get(url, headers, opts) end def get_token!(params \\ [], options \\ []) do headers = Keyword.get(options, :headers, []) options = Keyword.get(options, :options, []) client_options = Keyword.get(options, :client_options, []) client = OAuth2.Client.get_token!(client(client_options), params, headers, options) client.token end # Strategy Callbacks def authorize_url(client, params) do client |> put_param("client_id", client.client_id) |> put_param("response_type", "code") |> put_param("redirect_uri", client().redirect_uri) OAuth2.Strategy.AuthCode.authorize_url(client, params) end def get_token(client, params, headers) do client |> put_param("client_id", client.client_id) |> put_param("client_secret", client.client_secret) |> put_param("grant_type", "authorization_code") |> put_param("redirect_uri", client().redirect_uri) |> put_header("Accept", "application/json") |> OAuth2.Strategy.AuthCode.get_token(params, headers) end defp check_credential(config, key) do check_config_key_exists(config, key) case Keyword.get(config, key) do value when is_binary(value) -> config {:system, env_key} -> case System.get_env(env_key) do nil -> raise "#{inspect (env_key)} missing from environment, expected in config :ueberauth, Ueberauth.Strategy.IcyNet" value -> Keyword.put(config, key, value) end end end defp check_config_key_exists(config, key) when is_list(config) do unless Keyword.has_key?(config, key) do raise "#{inspect (key)} missing from config :ueberauth, Ueberauth.Strategy.IcyNet" end config end defp check_config_key_exists(_, _) do raise "Config :ueberauth, Ueberauth.Strategy.IcyNet is not a keyword list, as expected" end end