Skip to content

titaniumcoder/ueberauth_bexio

BranchesTags

Repository files navigation

Überauth Bexio

Continuous Integration Module Version Hex Docs Total Download License Last Updated

Bexio OAuth2 strategy for Überauth.

Installation

  1. Setup your application at Bexio Developer.

  2. Add :ueberauth_bexio to your list of dependencies in mix.exs:

    def deps do
  [
    {:ueberauth_bexio, "~> 0.3.0"}
  ]
end

  3. Add Bexio to your Überauth configuration:

    config :ueberauth, Ueberauth,
  providers: [
    bexio: {Ueberauth.Strategy.Bexio, []}
  ]

  4. Update your provider configuration:

    Use that if you want to read client ID/secret from the environment variables in the compile time:

    config :ueberauth, Ueberauth.Strategy.Bexio.OAuth,
  client_id: System.get_env("BEXIO_CLIENT_ID"),
  client_secret: System.get_env("BEXIO_CLIENT_SECRET")

    Use that if you want to read client ID/secret from the environment variables in the run time:

    config :ueberauth, Ueberauth.Strategy.Bexio.OAuth,
  client_id: {System, :get_env, ["BEXIO_CLIENT_ID"]},
  client_secret: {System, :get_env, ["BEXIO_CLIENT_SECRET"]}

  5. Include the Überauth plug in your controller:

    defmodule MyApp.AuthController do
  use MyApp.Web, :controller
  plug Ueberauth
  ...
end

  6. Create the request and callback routes if you haven't already:

    scope "/auth", MyApp do
  pipe_through :browser

  get "/:provider", AuthController, :request
  get "/:provider/callback", AuthController, :callback
end

  7. Your controller needs to implement callbacks to deal with Ueberauth.Auth and Ueberauth.Failure responses.

For an example implementation see the Überauth Example application.

Calling

Depending on the configured url you can initiate the request through:

/auth/bexio

Or with options:

/auth/bexio?scope=email%20profile

By default the requested scope is "email". Scope can be configured either explicitly as a scope query value on the request path or in your configuration:

config :ueberauth, Ueberauth,
  providers: [
    bexio: {Ueberauth.Strategy.Bexio, [default_scope: "openid email profile company_profile"]}
  ]

TODO: decide what we want to write here!

To guard against client-side request modification, it's important to still check the domain in info.urls[:website] within the Ueberauth.Auth struct if you want to limit sign-in to a specific domain.

Copyright and License

Copyright (c) 2024 Smart Software Engineering SRL

Released under the MIT License, which can be found in the repository in LICENSE.

About

A short definition of an Uberauth Strategy to use Bexio OpenID.

Topics

open-source

Resources

Readme

License

MIT license

Contributing

Contributing
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

10 tags

Packages

No packages published

Languages