{"id":21953799,"url":"https://github.com/erlef/oidcc_plug","last_synced_at":"2026-04-09T16:19:40.118Z","repository":{"id":194089412,"uuid":"690082923","full_name":"erlef/oidcc_plug","owner":"erlef","description":"Plug Integration for the oidcc OpenID Connect Library","archived":false,"fork":false,"pushed_at":"2024-11-10T21:39:17.000Z","size":104,"stargazers_count":7,"open_issues_count":2,"forks_count":5,"subscribers_count":6,"default_branch":"main","last_synced_at":"2024-11-10T22:30:10.140Z","etag":null,"topics":["client","elixir","openid","openid-client","openid-connect","plug","security-wg"],"latest_commit_sha":null,"homepage":"https://hexdocs.pm/oidcc_plug","language":"Elixir","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/erlef.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":".github/CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":".github/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":".github/SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"custom":"https://members.erlef.org/join-us"}},"created_at":"2023-09-11T13:52:55.000Z","updated_at":"2024-11-10T21:39:20.000Z","dependencies_parsed_at":"2024-09-16T11:00:53.239Z","dependency_job_id":null,"html_url":"https://github.com/erlef/oidcc_plug","commit_stats":null,"previous_names":["erlang-openid/oidcc_plug","erlef/oidcc_plug"],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Foidcc_plug","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Foidcc_plug/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Foidcc_plug/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/erlef%2Foidcc_plug/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/erlef","download_url":"https://codeload.github.com/erlef/oidcc_plug/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":227066908,"owners_count":17725737,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["client","elixir","openid","openid-client","openid-connect","plug","security-wg"],"created_at":"2024-11-29T07:13:07.922Z","updated_at":"2026-04-09T16:19:40.110Z","avatar_url":"https://github.com/erlef.png","language":"Elixir","readme":"\u003cdiv style=\"margin-right: 15px; float: left;\"\u003e\n  \u003cimg\n    align=\"left\"\n    src=\"assets/logo.svg\"\n    alt=\"OpenID Connect Logo\"\n    width=\"170px\"\n  /\u003e\n\u003c/div\u003e\n\n# Oidcc.Plug\n\nPlug Integration for [`oidcc`](https://hex.pm/packages/oidcc) library.\n\n[![EEF Security WG project](https://img.shields.io/badge/EEF-Security-black)](https://github.com/erlef/security-wg)\n[![Main Branch](https://github.com/erlef/oidcc_plug/actions/workflows/branch_main.yml/badge.svg?branch=main)](https://github.com/erlef/oidcc_plug/actions/workflows/branch_main.yml)\n[![Module Version](https://img.shields.io/hexpm/v/oidcc_plug.svg)](https://hex.pm/packages/oidcc_plug)\n[![Total Download](https://img.shields.io/hexpm/dt/oidcc_plug.svg)](https://hex.pm/packages/oidcc_plug)\n[![License](https://img.shields.io/hexpm/l/oidcc_plug.svg)](https://github.com/erlef/oidcc_plug/blob/main/LICENSE)\n[![Last Updated](https://img.shields.io/github/last-commit/erlef/oidcc_plug.svg)](https://github.com/erlef/oidcc_plug/commits/master)\n[![Coverage Status](https://coveralls.io/repos/github/erlef/oidcc_plug/badge.svg?branch=main)](https://coveralls.io/github/erlef/oidcc_plug?branch=main)\n\n\u003cbr clear=\"left\"/\u003e\n\n\u003cpicture style=\"margin-right: 15px; float: left;\"\u003e\n  \u003csource\n    media=\"(prefers-color-scheme: dark)\"\n    srcset=\"assets/certified-dark.svg\"\n    width=\"170px\"\n    align=\"left\"\n  /\u003e\n  \u003csource\n    media=\"(prefers-color-scheme: light)\"\n    srcset=\"assets/certified-light.svg\"\n    width=\"170px\"\n    align=\"left\"\n  /\u003e\n  \u003cimg\n    src=\"assets/certified-light.svg\"\n    alt=\"OpenID Connect Certified Logo\"\n    width=\"170px\"\n    align=\"left\"\n  /\u003e\n\u003c/picture\u003e\n\nOpenID Certified by [Jonatan Männchen](https://github.com/maennchen) at the\n[Erlang Ecosystem Foundation](https://github.com/erlef) of multiple Relaying\nParty conformance profiles of the OpenID Connect protocol:\nFor details, check the\n[Conformance Test Suite](https://github.com/erlef/oidcc_conformance).\n\n\u003cbr clear=\"left\"/\u003e\n\n\u003cpicture style=\"margin-right: 15px; float: left;\"\u003e\n  \u003csource\n    media=\"(prefers-color-scheme: dark)\"\n    srcset=\"assets/erlef-logo-dark.svg\"\n    width=\"170px\"\n    align=\"left\"\n  /\u003e\n  \u003csource\n    media=\"(prefers-color-scheme: light)\"\n    srcset=\"assets/erlef-logo-light.svg\"\n    width=\"170px\"\n    align=\"left\"\n  /\u003e\n  \u003cimg\n    src=\"assets/erlef-logo-light.svg\"\n    alt=\"Erlang Ecosystem Foundation Logo\"\n    width=\"170px\"\n    align=\"left\"\n  /\u003e\n\u003c/picture\u003e\n\nThe development of the library and the certification is funded as an\n[Erlang Ecosystem Foundation](https://erlef.org/) stipend entered by the\n[Security Working Group](https://erlef.org/wg/security).\n\n\u003cbr clear=\"left\"/\u003e\n\n## Installation\n\nThe package can be installed by adding `oidcc_plug` to your list of dependencies\nin `mix.exs`:\n\n```elixir\ndef deps do\n  [\n    {:oidcc_plug, \"~\u003e 0.4.0\"}\n  ]\nend\n```\n\nYou can use [`igniter`](https://hex.pm/packages/igniter) to generate a basic\nsetup for phoenix:\n\n```bash\n# If you haven't created your phoenix project yet\n# See: https://hexdocs.pm/igniter/readme.html#creating-a-new-mix-project-using-igniter\nmix igniter.new test \\\n  --install phoenix,oidcc,oidcc_plug \\\n  --with phx.new\n\n# Add Igniter Phoenix Extension\nmix igniter.add_extension phoenix\n\n# Generate Provider, Controller, Router \u0026 Config\nmix oidcc_plug.gen.controller \\\n    --name MyAppWeb.AuthController \\\n    --provider MyApp.OpenIDProvider \\\n    --base-url /auth \\\n    --issuer https://account.google.com \\\n    --client-id client-id\n```\n\n## Usage\n\n### Setup\n\n```elixir\ndefmodule SampleApp.Application do\n  # ...\n\n  @impl Application\n  def start(_type, _args) do\n    children = [\n      # ...\n\n      {Oidcc.ProviderConfiguration.Worker, %{\n        issuer: \"https://accounts.google.com\",\n        name: SampleApp.GoogleOpenIdConfigurationProvider\n      }},\n\n      # Start the Endpoint (http/https)\n      SampleAppWeb.Endpoint\n    ]\n\n    # See https://hexdocs.pm/elixir/Supervisor.html\n    # for other strategies and supported options\n    opts = [strategy: :one_for_one, name: SampleApp.Supervisor]\n    Supervisor.start_link(children, opts)\n  end\n\n  # ...\nend\n```\n\n### Authorization Flow\n\n```elixir\ndefmodule SampleAppWeb.OidccController do\n  use SampleAppWeb, :controller\n\n  plug Oidcc.Plug.Authorize,\n    [\n      provider: TestWorks.OpenIdConfigurationProvider,\n      client_id: \"client_id\",\n      client_secret: \"client_secret\",\n      redirect_uri: \u0026__MODULE__.callback_uri/0\n    ]\n    when action in [:authorize]\n\n  plug Oidcc.Plug.AuthorizationCallback,\n    [\n      provider: TestWorks.OpenIdConfigurationProvider,\n      client_id: \"client_id\",\n      client_secret: \"client_secret\",\n      redirect_uri: \u0026__MODULE__.callback_uri/0\n    ]\n    when action in [:callback]\n\n  @doc false\n  def callback_uri, do: url(~p\"/oidcc/callback\")\n\n  def authorize(conn, _params), do: conn\n\n  def callback(%Plug.Conn{private: %{\n    Oidcc.Plug.AuthorizationCallback =\u003e {:ok, {_token, userinfo}}}\n  } = conn, params) do\n    conn\n    |\u003e put_session(\"oidcc_claims\", userinfo)\n    |\u003e redirect(to: \"/\")\n  end\n\n  def callback(%Plug.Conn{private: %{\n    Oidcc.Plug.AuthorizationCallback =\u003e {:error, reason}\n  }} = conn, _params) do\n    conn\n    |\u003e put_status(400)\n    |\u003e render(:error, reason: reason)\n  end\nend\n```\n\n### API (Check access token header)\n\n```elixir\ndefmodule SampleAppWeb.Endpoint do\n  use Phoenix.Endpoint, otp_app: :sample_app\n\n  # ...\n\n  plug Oidcc.Plug.ExtractAuthorization\n\n  @client_id Application.compile_env!(:sample_app, [:openid_credentials, :client_id])\n  @client_secret Application.compile_env!(:sample_app, [:openid_credentials, :client_secret])\n\n  # Ensure Authorization Token provided\n  plug Oidcc.Plug.RequireAuthorization\n\n  # Check Token via Introspection\n  plug Oidcc.Plug.IntrospectToken,\n    provider: SampleApp.GoogleOpenIdConfigurationProvider,\n    client_id: @client_id,\n    client_secret: @client_secret\n\n  # OR: Check Token via Userinfo\n  plug Oidcc.Plug.LoadUserinfo,\n    provider: SampleApp.GoogleOpenIdConfigurationProvider,\n    client_id: @client_id,\n    client_secret: @client_secret\n\n  # OR: Check Token via JWT validation\n  plug Oidcc.Plug.ValidateJwtToken,\n    provider: SampleApp.GoogleOpenIdConfigurationProvider,\n    client_id: @client_id,\n    client_secret: @client_secret\n\n  plug SampleAppWeb.Router\nend\n```\n","funding_links":["https://members.erlef.org/join-us"],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ferlef%2Foidcc_plug","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ferlef%2Foidcc_plug","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ferlef%2Foidcc_plug/lists"}