I’ve moved the strategies out of PowAssent and created a multi-provider framework for Elixir. This way the strategies can be used in any context, and not be limited to Pow, Phoenix, Plug, etc.
Please don’t hesitate with feedback or PR’s!
Github: GitHub - pow-auth/assent: Multi-provider framework in Elixir
Hex: assent | Hex
Features
- OAuth 1.0, OAuth 2.0, and OIDC protocol support
- Many out-of-the-box providers including Apple Sign In
- Conforms userinfo to OpenID Connect Core 1.0 Standard Claims
- Add your custom strategy in no time
- Support for
client_secret_jwt
andprivate_key_jwt
authentication in OAuth 2.0 and OIDC - Nearly no dependency requirements
- Self-contained - the strategies consists of very little code and are easy to manage
Few dependencies
As with PowAssent, there are near zero dependency requirements for Assent.
:httpc
is used as the default HTTP client with built-in SSL validation. Mint can be added for HTTP/2 support.
A JWT parser is built-in, but can be easily switched out with JOSE.
Custom strategies
Adding a custom strategy takes no time. This is all you need to set up an OAuth 2.0 strategy:
defmodule TestProvider do
use Assent.Strategy.OAuth2.Base
@impl true
def default_config(_config) do
[
site: "http://localhost:4000/",
authorize_url: "http://localhost:4000/oauth/authorize",
token_url: "http://localhost:4000/oauth/access_token",
user_url: "/user",
authorization_params: [scope: "email profile"]
]
end
@impl true
def normalize(_config, user) do
{:ok, %{
"sub" => user["sub"],
"name" => user["name"],
"email" => user["email"]
}}
end
end
The normalize/2
method expects userinfo that conforms to OpenID Connect Core 1.0 Standard Claims specs. All non-standard values will be rejected.
Non-standard values can be added to the user response by returning it in this way:
def normalize(_config, user) do
{:ok, %{
"sub" => user["sub"],
"name" => user["name"],
"email" => user["email"]
},
%{
"test_provider_bio" => user["bio"]
}}
end
What about Ueberauth?
I explained in the thread for PowAssent the main difference:
I hope you’ll find this library useful