Skip to content

tanguilp/plugoid

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Plugoid

OpenID Connect Plug for Phoenix

Plugoid lets you protect some routes with OpenID Connect authentication, for instance:

defmodule PlugoidDemoWeb.Router do
  use PlugoidDemoWeb, :router
  use Plugoid.RedirectURI

  pipeline :oidc_auth do
    plug Plugoid,
      issuer: "https://repentant-brief-fishingcat.gigalixirapp.com",
      client_id: "client1",
      client_config: PlugoidDemo.OpenIDConnect.Client
  end

  scope "/private", PlugoidDemoWeb do
    pipe_through :browser
    pipe_through :oidc_auth

    get "/", PageController, :index
    post "/", PageController, :index
  end
end

Documentation

Installation

def deps do
  [
    {:plugoid, "~> 0.6.0"},
    {:hackney, "~> 1.0"}
  ]
end

The hackney dependency is used as the default adapter for Tesla (for outbound HTTP requests). Another one can be used instead (see https://github.com/teamon/tesla#adapters) and then has to be configured in your config.exs:

config :tesla, adapter: Tesla.Adapter.AnotherOne

When to use it

Possible uses are:

  • when you entirely delegate user authentication to an external OpenID Connect Provider (OP)
  • when you want to integrate with third-party providers ("social login"). Note that:
    • this library and the library it uses are very strict and might fail with some social login providers that don't strictly follows the standard
    • it has not been tested with any public OpenID Connect Provider (social login provider)
    • it does not support pure OAuth2 authentication providers

Project status

The implementation of the standard is comprehsensive but as for all security related libraries, care should be taken when assessing it. This library is not (yet?) widely used and has received little scrutiny by other programmers or security specialists.

This project is also looking for contributors. Feel free to take a look at issues opened in the following projects:

Protocol support

About

OpenID Connect Plug for Elixir's Phoenix web framework

Resources

License

Stars

Watchers

Forks

Sponsor this project

 

Packages

No packages published