49 lines
1.3 KiB
Elixir
49 lines
1.3 KiB
Elixir
defmodule SsoBsn.Interactive do
|
|
def allow_registrations(allow \\ true),
|
|
do: Application.put_env(:sso_bsn, :enable_registration, allow)
|
|
|
|
def migrate(),
|
|
do:
|
|
Ecto.Migrator.run(SsoBsn.Repo, Application.app_dir(:sso_bsn, "priv/repo/migrations"), :up,
|
|
all: true
|
|
)
|
|
|
|
def add_oauth_client(name, redirects, opts \\ []) do
|
|
id = SecureRandom.uuid()
|
|
secret = SecureRandom.hex(64)
|
|
|
|
Boruta.Ecto.Admin.create_client(
|
|
%{
|
|
# OAuth client_id
|
|
id: id,
|
|
# OAuth client_secret
|
|
secret: secret,
|
|
# Display name
|
|
name: name,
|
|
# OAuth client redirect_uris
|
|
redirect_uris: redirects,
|
|
# PKCE enabled
|
|
pkce: false,
|
|
# do not require client_secret for refreshing tokens
|
|
public_refresh_token: true,
|
|
# do not require client_secret for revoking tokens
|
|
public_revoke: false,
|
|
# see OAuth 2.0 confidentiality (requires client secret for some flows)
|
|
confidential: false,
|
|
# activable client authentication methods
|
|
token_endpoint_auth_methods: [
|
|
"client_secret_basic",
|
|
"client_secret_post",
|
|
"client_secret_jwt",
|
|
"private_key_jwt"
|
|
],
|
|
id_token_signature_alg: "RS256"
|
|
}
|
|
|> Map.merge(opts |> Enum.into(%{}))
|
|
)
|
|
|> dbg()
|
|
|
|
{id, secret}
|
|
end
|
|
end
|