Skip to content
/ reitit-oauth2 Public
forked from green-coder/reitit-oauth2

Adaptation of ring-oauth2 to reitit routes + example of usage

License

MIT license
0 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

skydread1/reitit-oauth2

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
example
example
 
 
src/reitit
src/reitit
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
deps.edn
deps.edn
 
 

Repository files navigation

Reitit-oauth2

Rational

The commonly used library weavejester/ring-oauth2, providing a Ring middleware that acts as a OAuth 2.0 client, does not work with reitit.

The reason why it doesn't work with reitit is related to sessions and you can find the explanation of the problem in this issue.

Goals

As for now, only access-token is handled (refresh-token is not handled yet).

The API function provides reitit routes for oauth2 (launch oauth2 and redirect) that you can merge with the rest of your app routes. the API function takes a map with the different services config (you can find an example of configs here).

Oauth2 setup steps (GOOGLE example)

1) Create project in google dev console

In the google dev console, create a project.

2) Oauth consent screen

In the oauth consent screen tab, fill the app info that is going to be displayed to the user upon giving permissions.

You can also select the permsissions you want the user to give to you.

3) Credentials

In the credentials tab, click create crednetials then OAuth client ID with type Web application.

For Authorised JavaScript origins, you need to specify you app URI. For local development, you need to add localhost as well and one entry per port. For example, if you have a backend port 8123 and a fighweel front-end port 9500 you will add 2 URIs.

For Authorised redirect URIs, same remarks, one callback per port.

Here is an example:

image

Once you save, you should get your client-id and client-secret.

4) Save credentials and create config.

We then advice to store the configs in a edn file that you will slurp in your code or env variables and of course never pushing the credentials to your online repo (at least the client-secret).

For our google example, our google config edn file look like this

{:google {:project-id       "my-website"
          :authorize-uri    "https://accounts.google.com/o/oauth2/auth"
          :access-token-uri "https://oauth2.googleapis.com/token"
          :client-id        "CLIENT-ID"
          :client-secret    "CLIENT-SECRET"
          :scopes           ["https://www.googleapis.com/auth/userinfo.email"
                             "https://www.googleapis.com/auth/userinfo.profile"]
          :launch-uri       "/oauth/google/login"
          :redirect-uri     "http://localhost:8123/oauth/google/callback" ;; would need be sure to change the port depending if you need to.
          :landing-uri      "/oauth/google/success"}}

Implementation Example

A good example written by the author of the upstream library can be found alongside the source in this repo to get you started.

Caveats

wrap-session

In order to make the session works, you must follow the workaround highlighted in this issue

wrap-params and middleware orders

  • wrap-params must be in the middleware stack (or any middleware adding params and body-params to the request such as muuntaja/format-middleware for instance).

  • Be aware of the order of your middlewares, for more details, see this issue.

License

Released under the MIT License, same as the ring-oauth2 project.

About

Adaptation of ring-oauth2 to reitit routes + example of usage

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Clojure 100.0%