danschultzer

danschultzer

Pow Core Team

Assent: Multi-provider framework for Elixir

I’ve moved the strategies out of PowAssent and created a multi-provider framework for Elixir. This way the strategies can be used in any context, and not be limited to Pow, Phoenix, Plug, etc.

Please don’t hesitate with feedback or PR’s!

Github: GitHub - pow-auth/assent: Multi-provider framework in Elixir · GitHub
Hex: assent | Hex

Features

  • OAuth 1.0, OAuth 2.0, and OIDC protocol support
  • Many out-of-the-box providers including Apple Sign In
  • Conforms userinfo to OpenID Connect Core 1.0 Standard Claims
  • Add your custom strategy in no time
  • Support for client_secret_jwt and private_key_jwt authentication in OAuth 2.0 and OIDC
  • Nearly no dependency requirements
  • Self-contained - the strategies consists of very little code and are easy to manage

Few dependencies

As with PowAssent, there are near zero dependency requirements for Assent.

:httpc is used as the default HTTP client with built-in SSL validation. Mint can be added for HTTP/2 support.

A JWT parser is built-in, but can be easily switched out with JOSE.

Custom strategies

Adding a custom strategy takes no time. This is all you need to set up an OAuth 2.0 strategy:

defmodule TestProvider do
  use Assent.Strategy.OAuth2.Base

  @impl true
  def default_config(_config) do
    [
      site: "http://localhost:4000/",
      authorize_url: "http://localhost:4000/oauth/authorize",
      token_url: "http://localhost:4000/oauth/access_token",
      user_url: "/user",
      authorization_params: [scope: "email profile"]
    ]
  end

  @impl true
  def normalize(_config, user) do
    {:ok, %{
      "sub"   => user["sub"],
      "name"  => user["name"],
      "email" => user["email"]
    }}
  end
end

The normalize/2 method expects userinfo that conforms to OpenID Connect Core 1.0 Standard Claims specs. All non-standard values will be rejected.

Non-standard values can be added to the user response by returning it in this way:

  def normalize(_config, user) do
    {:ok, %{
      "sub"   => user["sub"],
      "name"  => user["name"],
      "email" => user["email"]
    },
    %{
      "test_provider_bio" => user["bio"]
    }}
  end

What about Ueberauth?

I explained in the thread for PowAssent the main difference:

I hope you’ll find this library useful :rocket:

Most Liked

danschultzer

danschultzer

Pow Core Team

Use PowAssent. Follow the instructions in the readme: GitHub - pow-auth/pow_assent: Multi-provider authentication for your Pow enabled app · GitHub

Got no sample repo or tutorial, but you just have to set up PowAssent as described above and then add the strategy like detailed further down the readme here: GitHub - pow-auth/pow_assent: Multi-provider authentication for your Pow enabled app · GitHub

As for the config, you should put it in the config file (dev.exs). For prod you can use prod.secret.exs, or env var for the credentials:

config :my_app, :pow_assent,
  providers: [
    facebook: [
      client_id: System.get_env("FACEBOOK_CLIENT_ID"),
      client_secret: System.get_env("FACEBOOK_CLIENT_SECRET"),
      strategy: Assent.Strategy.Facebook 
    ]
  ]

Assent is a low-level multi-provider library without any of the conveniences that PowAssent has such as Phoenix/Ecto integration.

tenzil

tenzil

Thanks dan, for a fast reply. This is very helpful. Long back I tried pow and I went with assent as I already had pow , will go with PowAssent now. Thanks again. I appreciate your help

Where Next?

Popular in Announcing Top

Hal9000
Here is my first stab at this. README pasted below. https://github.com/Hal9000/elixir_random Comments and critiques are welcome. Thank...
New
kelvinst
Hey everyone! Well, we made this lib a while ago and now we decided to finally go out and public with it! It’s a tool for creating and m...
New
michalmuskala
Hello everybody. I have just released Jason - a new JSON library. You might be wondering, why do we need a new library? The primary foc...
New
mbuhot
Leverage Open Api 3.0 (Swagger) to document, test, validate and explore your Plug and Phoenix APIs. Generate and serve a JSON Open API ...
New
josevalim
EDIT: since Ecto 3.0 final version is out, this post was amended to use the final versions in the instructions below. Hi everyone, We a...
New
fuelen
Hey folks! Want to present a toolkit for writing command-line user interfaces. It provides a convenient interface for colorizing text...
New
wojtekmach
Hey everyone! Req is an HTTP client for Elixir that I’ve been working on for quite some time. There is already a lot of HTTP clients out...
New
Jskalc
Hi! Today, after a couple weeks of development I’ve released v0.1 of LiveVue. It’s a seamless integration of Vue and Phoenix LiveView, i...
New
bluzky
You may know https://ui.shadcn.com/, a UI component library for React. I really love it’s design style and components. I’ve built some co...
384 13736 119
New
markmark206
simple_feature_flags is a tiny package that lets you turn features on or off based on which environment (e.g. localhost, staging, product...
New

Other popular topics Top

electic
Hi, I am new to Elixir. I am trying to use the DateTime component to insert a date into MySQL however the there seems to be no way to fo...
New
vegabook
I’m brand new to Phoenix and I have stripped one of the demo applications to the bone. I just want to get an svg up on the screen. Here i...
New
joaquinalcerro
Hi there, I am working with Ecto-Postgresql and I need to call all of the records from a specific table but the table has 40,000 records...
New
lanycrost
Hi everyone! I need implement if…else if…else condition from my elixir code, and anymore of this control flow structures not work proper...
New
dogweather
I wrote this comment on r/haskell, and it’s not popular there. :wink: But I think I’m on to something… Haskell reminds me of Java, and e...
New
AstonJ
We’ve put together this wiki for Phoenix LiveView - please feel free to add any info you feel is worth including. What is Phoenix LiveV...
New
sen
Hi All, I set a environment variables in dev.exs , like below code. when i start server, how can i set the ${enable} value? thanks. d...
New
gausby
I asked this very same question on twitter and got some interesting feedback, but I thought it would be a good question to ask here as we...
1207 39297 209
New
aalberti333
As the title describes, I’m trying to run Enum.map() over a list of key/value pairs, where the value is a map. My data looks like this: ...
New
WestKeys
Currently suffering from paralysis by [HTTP client] analysis. This is rather unusual in Elixirland as there tends to be consensus on the ...
New

We're in Beta

About us Mission Statement