lib/boruta/oauth/contexts/resource_owners.ex

Select File:
lib/boruta/oauth/contexts/resource_owners.ex

defmodule Boruta.Oauth.ResourceOwners do
  @moduledoc """
  Resource owner context
  """

  alias Boruta.Oauth.ResourceOwner

  @doc """
  Returns a resource owner by (username, password) or (id). Returns nil for non matching results.
  """
  @callback get_by([username: String.t()] | [sub: String.t()]) ::
              {:ok, resource_owner :: ResourceOwner.t()} | {:error, String.t()}

  @doc """
  Determines if given password is correct.
  """
  @callback check_password(resource_owner :: ResourceOwner.t(), password :: String.t()) ::
              :ok | {:error, String.t()}

  @doc """
  Returns a list of authorized scopes for a given resource owner. These scopes will be granted is requested for the user.
  """
  @callback authorized_scopes(resource_owner :: ResourceOwner.t()) :: list(Boruta.Oauth.Scope.t())

  @doc """
  Returns `id_token` identity claims for the given resource owner
  """
  @type claims :: %{
          String.t() => String.t() | claims()
        }
  @callback claims(sub :: String.t(), scope :: String.t()) :: claims :: claims()

  @optional_callbacks claims: 2
end