All Projects → pow-auth → Assent

pow-auth / Assent

Licence: mit
Multi-provider framework in Elixir

Programming Languages

elixir
2628 projects

Projects that are alternatives of or similar to Assent

Pow assent
Multi-provider authentication for your Pow enabled app
Stars: ✭ 236 (+87.3%)
Mutual labels:  google, discord, slack, oauth2, oauth, twitter, facebook, instagram, vk
Oauth
🔗 OAuth 2.0 implementation for various providers in one place.
Stars: ✭ 336 (+166.67%)
Mutual labels:  google, discord, oauth2, oauth, facebook, instagram, gitlab
Nemiro.oauth.dll
Nemiro.OAuth is a class library for authorization via OAuth protocol in .NET Framework
Stars: ✭ 45 (-64.29%)
Mutual labels:  google, oauth, twitter, facebook, instagram, vk, vkontakte
Hackathon Starter Kit
A Node-Typescript/Express Boilerplate with Authentication(Local, Github, Facebook, Twitter, Google, Dropbox, LinkedIn, Discord, Slack), Authorization, and CRUD functionality + PWA Support!
Stars: ✭ 242 (+92.06%)
Mutual labels:  google, discord, slack, oauth2, twitter, facebook
Socialcounters
jQuery/PHP - Collection of Social Media APIs that display number of your social media fans. Facebook Likes, Twitter Followers, Instagram Followers, YouTube Subscribers, etc..
Stars: ✭ 104 (-17.46%)
Mutual labels:  google, twitter, facebook, instagram, vk
Yii2 Authclient
Yii 2 authclient extension.
Stars: ✭ 430 (+241.27%)
Mutual labels:  google, oauth, twitter, facebook, vk
Skraper
Kotlin/Java library and cli tool for scraping posts and media from various sources with neither authorization nor full page rendering (Facebook, Instagram, Twitter, Youtube, Tiktok, Telegram, Twitch, Reddit, 9GAG, Pinterest, Flickr, Tumblr, IFunny, VK, Pikabu)
Stars: ✭ 72 (-42.86%)
Mutual labels:  twitter, facebook, instagram, vk
Play Pac4j
Security library for Play framework 2 in Java and Scala: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Stars: ✭ 375 (+197.62%)
Mutual labels:  oauth, openid-connect, twitter, facebook
Social Login Helper Deprecated
A simple android library to easily implement social login into your android project
Stars: ✭ 81 (-35.71%)
Mutual labels:  google, twitter, facebook, instagram
Spring Webmvc Pac4j
Security library for Spring Web MVC: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Stars: ✭ 110 (-12.7%)
Mutual labels:  oauth, openid-connect, twitter, facebook
Buji Pac4j
pac4j security library for Shiro: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Stars: ✭ 444 (+252.38%)
Mutual labels:  oauth, openid-connect, twitter, facebook
Keyring
Keyring is an authentication framework for WordPress. It comes with definitions for a variety of HTTP Basic, OAuth1 and OAuth2 web services. Use it as a common foundation for working with other web services from within WordPress code.
Stars: ✭ 52 (-58.73%)
Mutual labels:  google, twitter, facebook, instagram
Timeliner
In general, Timeliner obtains items from data sources and stores them in a timeline.
Stars: ✭ 2,911 (+2210.32%)
Mutual labels:  oauth2, twitter, facebook, instagram
Sns auth
通用第三方登录SDK,支持微信,微信扫码,QQ,微博登录,支付宝登录,Facebook,Line,Twitter,Google
Stars: ✭ 520 (+312.7%)
Mutual labels:  google, oauth2, twitter, facebook
Play Authenticate
An authentication plugin for Play Framework 2.x (Java)
Stars: ✭ 813 (+545.24%)
Mutual labels:  google, oauth, facebook, vkontakte
Auth
:atom: Social (OAuth1\OAuth2\OpenID\OpenIDConnect) sign with PHP
Stars: ✭ 457 (+262.7%)
Mutual labels:  oauth2, oauth, twitter, facebook
Authing
🔥Authing - IDaaS/IAM solution that can Auth to web and mobile applications.
Stars: ✭ 247 (+96.03%)
Mutual labels:  oauth2, oauth, openid-connect, auth0
Login With
Stateless login-with microservice for OAuth
Stars: ✭ 2,301 (+1726.19%)
Mutual labels:  google, oauth, twitter, facebook
Cloudfront Auth
An AWS CloudFront [email protected] function to authenticate requests using Google Apps, Microsoft, Auth0, OKTA, and GitHub login
Stars: ✭ 471 (+273.81%)
Mutual labels:  google, oauth2, openid-connect, auth0
Socialite
Socialite is an OAuth2 Authentication tool. It is inspired by laravel/socialite, you can easily use it without Laravel.
Stars: ✭ 1,026 (+714.29%)
Mutual labels:  google, oauth2, oauth, facebook

Assent

Github CI hex.pm

Multi-provider authentication framework.

Features

  • Includes the following base strategies:
    • OAuth 1.0 - Assent.Strategy.OAuth
    • OAuth 2.0 - Assent.Strategy.OAuth2
    • OpenID Connect - Assent.Strategy.OIDC
  • Includes the following provider strategies:
    • Apple Sign In - Assent.Strategy.Apple
    • Auth0 - Assent.Strategy.Auth0
    • Azure AD - Assent.Strategy.AzureAD
    • Basecamp - Assent.Strategy.Basecamp
    • DigitalOcean - Assent.Strategy.DigitalOcean
    • Discord - Assent.Strategy.Discord
    • Facebook - Assent.Strategy.Facebook
    • Github - Assent.Strategy.Github
    • Gitlab - Assent.Strategy.Gitlab
    • Google - Assent.Strategy.Google
    • Instagram - Assent.Strategy.Instagram
    • LINE Login - Assent.Strategy.LINE
    • Slack - Assent.Strategy.Slack
    • Stripe Connect - Assent.Strategy.Stripe
    • Twitter - Assent.Strategy.Twitter
    • VK - Assent.Strategy.VK

Installation

Add Assent to your list of dependencies in mix.exs:

defp deps do
  [
    # ...
    {:assent, "~> 0.1.23"},

    # Optional, but recommended for SSL validation with :httpc adapter
    {:certifi, "~> 2.4"},
    {:ssl_verify_fun, "~> 1.1"}
  ]
end

Run mix deps.get to install it.

By default :httpc will be used for HTTP requests. To compile the app with :httpc support, please add :inets to :extra_applications in mix.exs:

def application do
  [
    # ...
    extra_applications: [
      # ...
      :inets
    ]
  ]
end

This is not necessary if you'll use another HTTP adapter, such as Mint.

Assent requires Erlang OTP 22.1 or greater.

Getting started

A strategy consists of two phases; request and callback. In the request phase the user would normally be redirected to the provider for authentication, and then returned back to initiate the callback phase.

Single provider example

config = [
  client_id: "REPLACE_WITH_CLIENT_ID",
  client_secret: "REPLACE_WITH_CLIENT_SECRET",
  redirect_uri: "http://localhost:4000/oauth/callback"
]

# Redirect user to provider
{:ok, %{url: url, session_params: session_params}} =
  Assent.Strategy.Github.authorize_url(config)

# Handle callback
{:ok, %{user: user, token: token}} =
  config
  |> Assent.Config.put(:session_params, session_params)
  |> Assent.Strategy.Github.callback(params)

Multi-provider example

This is a generalized flow that's similar to what's used in PowAssent.

config :my_app, :strategies,
  github: [
    client_id: "REPLACE_WITH_CLIENT_ID",
    client_secret: "REPLACE_WITH_CLIENT_SECRET",
    strategy: Assent.Strategy.Github
  ],
  # ...
defmodule MultiProvider do
  @spec request(atom()) :: {:ok, map()} | {:error, term()}
  def request(provider) do
    config = config!(provider)

    config[:strategy].authorize_url(config)
  end

  @spec callback(atom(), map(), map()) :: {:ok, map()} | {:error, term()}
  def callback(provider, params, session_params \\ %{}) do
    config =
      provider
      |> config!()
      |> Assent.Config.put(:session_params, session_params)

    config[:strategy].callback(config, params)
  end

  defp config!(provider) do
    Application.get_env(:my_app, :strategies)[provider] || raise "No provider configuration for #{provider}"
  end
end

Custom provider

You can add your own custom strategy.

Here's an example of an OAuth 2.0 implementation using Assent.Strategy.OAuth2.Base:

defmodule TestProvider do
  use Assent.Strategy.OAuth2.Base

  @impl true
  def default_config(_config) do
    [
      site: "http://localhost:4000/api/v1", # The base URL to use for any paths below
      authorize_url: "http://localhost:4000/oauth/authorize", # Full URL will not use the `:site` option
      token_url: "/oauth/access_token",
      user_url: "/user",
      authorization_params: [scope: "email profile"],
      auth_method: :client_secret_post
    ]
  end

  @impl true
  def normalize(_config, user) do
    {:ok,
      # Conformed to https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.5.1
      %{
        "sub"      => user["sub"],
        "name"     => user["name"],
        "nickname" => user["username"],
        "email"    => user["email"]
      # },
      # # Provider specific data not part of the standard claims spec
      # %{
      #   "test_provider_bio" => user["bio"]
      }
    }
  end
end

The normalized user map should conform to the OpenID Connect Core 1.0 Standard Claims spec, and should return either {:ok, userinfo_claims} or {:ok, userinfo_claims, additional}. Any keys defined in the userinfo claims that isn't part of the specs will not be included in the user map. Instead they should be set in the additional data that will then be merged on top of the userinfo claims excluding any keys that already was set.

You can also use Assent.Strategy:

defmodule TestProvider do
  @behaviour Assent.Strategy

  @spec authorize_url(Keyword.t()) :: {:ok, %{url: binary()}} | {:error, term()}
  def authorize_url(config) do
    # Generate authorization url
  end

  @spec callback(Keyword.t(), map()) :: {:ok, %{user: map(), token: map()}} | {:error, term()}
  def callback(config, params) do
    # Handle callback response
  end
end

HTTP Adapter

By default Erlangs built-in :httpc is used for requests. SSL verification is automatically enabled when :certifi and :ssl_verify_fun packages are available. :httpc only supports HTTP/1.1.

If you would like HTTP/2 support, you should consider adding Mint to your project.

Update mix.exs:

defp deps do
  [
    # ...
    {:mint, "~> 1.0"},
    {:castore, "~> 0.1.0"} # Required for SSL validation
  ]
end

Pass the :http_adapter with your provider configuration:

config = [
  client_id: "REPLACE_WITH_CLIENT_ID",
  client_secret: "REPLACE_WITH_CLIENT_SECRET",
  http_adapter: Assent.HTTPAdapter.Mint
]

JWT Adapter

By default the built-in Assent.JWTAdapter.AssentJWT is used for JWT parsing, but you can change it to any third-party library with a custom Assent.JWTAdapter. A JOSE adapter Assent.JWTAdapter.JOSE is included.

To use JOSE, update mix.exs:

defp deps do
  [
    # ...
    {:jose, "~> 1.8"}
  ]
end

And pass the :jwt_adapter with your provider configuration:

config = [
  client_id: "REPLACE_WITH_CLIENT_ID",
  client_secret: "REPLACE_WITH_CLIENT_SECRET",
  jwt_adapter: Assent.JWTAdapter.JOSE
]

LICENSE

(The MIT License)

Copyright (c) 2019-present Dan Schultzer & the Contributors

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the 'Software'), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].