OAuth 2.0 client-side utils in Elm
Softly deprecate Implicit and put AuthorizationCode and AuthorizationCode w/ PKCE more in the spotlights, as per security recommendations.
Documentation tweaks and improvements (better cross-link references, better code highlights, links to examples).
Allow more advanced control for tweaking parsers, decoders and url builders. This is particularly useful for applications integrating with systems which are either not strictly following the OAuth2.0 specifications, or, systems who introduce custom fields of some importance for the underlying application. (see #29, #23, #21)
Update dependencies for base64 encoding
OAuth
- MINORAdded:
type GrantType
= AuthorizationCode
| Password
| ClientCredentials
| RefreshToken
| CustomGrant String
grantTypeToString : GrantType -> String
type ResponseType
= Code
| Token
| CustomResponse String
responseTypeToString : ResponseType -> String
OAuth.Implicit
- MAJORAdded:
makeAuthorizationUrlWith :
ResponseType
-> Dict String String
-> Authorization
-> Url
Changed:
-- type alias Parsers =
-- { tokenParser :
-- Query.Parser (Maybe Token)
-- , errorParser :
-- Query.Parser (Maybe ErrorCode)
-- , authorizationSuccessParser :
-- String -> Query.Parser AuthorizationSuccess
-- , authorizationErrorParser :
-- ErrorCode -> Query.Parser AuthorizationError
-- }
type alias Parsers error success =
{ tokenParser :
Query.Parser (Maybe Token)
, errorParser :
Query.Parser (Maybe ErrorCode)
, authorizationSuccessParser :
String -> Query.Parser success
, authorizationErrorParser :
ErrorCode -> Query.Parser error
}
-- defaultParsers : Parsers
defaultParsers : Parsers AuthorizationError AuthorizationSuccess
-- parseTokenWith : Parsers -> Url -> AuthorizationResult
parseTokenWith : Parsers error success -> Url -> AuthorizationResultWith error success
OAuth.AuthorizationCode
- MAJORAdded:
makeAuthorizationUrlWith :
ResponseType
-> Dict String String
-> Authorization
-> Url
makeTokenRequestWith :
OAuth.GrantType
-> Json.Decoder success
-> Dict String String
-> (Result Http.Error success -> msg)
-> Authentication
-> RequestParts msg
Changed:
-- type AuthorizationResult
-- = Empty
-- | Error AuthorizationError
-- | Success AuthorizationSuccess
type alias AuthorizationResult =
AuthorizationResultWith AuthorizationError AuthorizationSuccess
type AuthorizationResultWith error success
= Empty
| Error error
| Success success
-- type alias Parsers =
-- { codeParser :
-- Query.Parser (Maybe String)
-- , errorParser :
-- Query.Parser (Maybe ErrorCode)
-- , authorizationSuccessParser :
-- String -> Query.Parser AuthorizationSuccess
-- , authorizationErrorParser :
-- ErrorCode -> Query.Parser AuthorizationError
-- }
type alias Parsers error success =
{ codeParser :
Query.Parser (Maybe String)
, errorParser :
Query.Parser (Maybe ErrorCode)
, authorizationSuccessParser :
String -> Query.Parser success
, authorizationErrorParser :
ErrorCode -> Query.Parser error
}
-- defaultParsers : Parsers
defaultParsers : Parsers AuthorizationError AuthorizationSuccess
-- parseCodeWith : Parsers -> Url -> AuthorizationResult
parseCodeWith : Parsers error success -> Url -> AuthorizationResultWith error success
OAuth.AuthorizationCode.PKCE
- MAJORAdded:
makeAuthorizationUrlWith :
ResponseType
-> Dict String String
-> Authorization
-> Url
makeTokenRequestWith :
OAuth.GrantType
-> Json.Decoder success
-> Dict String String
-> (Result Http.Error success -> msg)
-> Authentication
-> RequestParts msg
Changed:
-- type AuthorizationResult
-- = Empty
-- | Error AuthorizationError
-- | Success AuthorizationSuccess
type alias AuthorizationResult =
AuthorizationResultWith AuthorizationError AuthorizationSuccess
type AuthorizationResultWith error success
= Empty
| Error error
| Success success
-- type alias Parsers =
-- { codeParser :
-- Query.Parser (Maybe String)
-- , errorParser :
-- Query.Parser (Maybe ErrorCode)
-- , authorizationSuccessParser :
-- String -> Query.Parser AuthorizationSuccess
-- , authorizationErrorParser :
-- ErrorCode -> Query.Parser AuthorizationError
-- }
type alias Parsers error success =
{ codeParser :
Query.Parser (Maybe String)
, errorParser :
Query.Parser (Maybe ErrorCode)
, authorizationSuccessParser :
String -> Query.Parser success
, authorizationErrorParser :
ErrorCode -> Query.Parser error
}
-- defaultParsers : Parsers
defaultParsers : Parsers AuthorizationError AuthorizationSuccess
-- parseCodeWith : Parsers -> Url -> AuthorizationResult
parseCodeWith : Parsers error success -> Url -> AuthorizationResultWith error success
OAuth.ClientCredentials
- MINORAdded:
makeTokenRequestWith :
GrantType
-> Json.Decoder success
-> Dict String String
-> (Result Http.Error success -> msg)
-> Authentication
-> RequestParts msg
OAuth.Password
- MINORAdded:
makeTokenRequestWith :
GrantType
-> Json.Decoder success
-> Dict String String
-> (Result Http.Error success -> msg)
-> Authentication
-> RequestParts msg
OAuth.Refresh
- MINORAdded:
makeTokenRequestWith :
GrantType
-> Json.Decoder success
-> Dict String String
-> (Result Http.Error success -> msg)
-> Authentication
-> RequestParts msg
ivadzy/[email protected]
renamed as chelovek0v/[email protected]
---- ADDED MODULES - MINOR ----
OAuth.AuthorizationCode.PKCE
---- OAuth.AuthorizationCode - MAJOR ----
Added:
type alias AuthorizationCode = String.String
Changed:
- type alias AuthorizationSuccess =
{ code : String, state : Maybe String }
+ type alias AuthorizationSuccess =
{ code : OAuth.AuthorizationCode.AuthorizationCode
, state : Maybe.Maybe String.String
}
f1f648a76fcc0e8e33ef06cd9867600164d709d7 add support for RFC7636 - Proof Key for Code Exchange
Auth 2.0 public clients utilizing the Authorization Code Grant are susceptible to the authorization code interception attack. This specification describes the attack as well as a technique to mitigate against the threat through the use of Proof Key for Code Exchange (PKCE, pronounced "pixy").
3dc3c9d6a0aa6d20b84d8ffc79e55aec06beb683 remove double dependency on base64 and favor only one
6199c78126d59fe0da5ed491f04835087285188a several doc revision on all grants (diagrams, type description etc ...)
0d969a08dd90079933f747c24cea8c13b9954a07 put PKCE as recommended in README and start reviewing demos / guides
b712fcdec341bb3b07a95fbcf5e77c6794f7da01 rework examples
68383cfa0d22c29733a219a2849db3cfc2731e63 revise deployment scripts, in particular examples
Nothing
is provided as a scope