Elm OAuth 2

This package offers some utilities to implement a client-side OAuth 2 authorization in Elm. It covers all four basic grant types as well as the PKCE extension:

• (RECOMMENDED) Authorization Code w/ PKCE: An extension of the original OAuth 2.0 specification to mitigate authorization code interception attacks through the use of Proof Key for Code Exchange (PKCE). FOR PUBLIC & CONFIDENTIAL CLIENTS such as the device operating system or a highly privileged application that has been issued credentials for authenticating with the authorization server (e.g. a client id).

• Authorization Code: The token is obtained as a result of an authentication, from a code obtained as a result of a user redirection to an OAuth provider. The authorization code grant type is used to obtain both access tokens and refresh tokens and is optimized FOR PUBLIC & CONFIDENTIAL CLIENTS such as the device operating system or a highly privileged application that has been issued credentials for authenticating with the authorization server (e.g. a client id).

• Client Credentials: The token is obtained directly by exchanging application credentials with an OAuth provider. The client credentials grant type must only be USED BY CONFIDENTIAL CLIENTS.

• Resource Owner Password Credentials: The token is obtained directly by exchanging the user credentials with an OAuth provider. The resource owner password credentials grant type is suitable in cases WHERE THE RESOURCE OWNER HAS A TRUST RELATIONSHIP WITH THE CLIENT.

• (DEPRECATED)* Implicit: The token is obtained directly as a result of a user redirection to an OAuth provider. The implicit grant type is used to obtain access tokens (it does not support the issuance of refresh tokens) and is optimized FOR PUBLIC CLIENTS.

  (*) https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics-16#section-2.1.2

Getting Started

Installation

elm install truqu/elm-oauth2

Examples / Demos

• Auth0
• Facebook
• Google
• Spotify

Troubleshooting

TROUBLESHOOTING.md

Changelog

CHANGELOG.md