OAuth2 Provider Library - Authly is an OAuth2 Library for creating Authorization Servers that follows OAuth2 authorization mechanisms.
MIT License
Authly is an OAuth2 Library for creating Authorization Servers that supports OAuth2 authorization mechanisms. Example OAuth 2.0 Server Implementation https://github.com/azutoolkit/authority/
Authly implements the OAuth 2.0 specification as described at https://www.oauth.com/
OAuth 2.0 is a flexibile authorization framework that describes a number of grants (methods) for a client application to acquire an access token (which represents a users permission for the client to access their data) which can be used to authenticate a request to an API endpoint.
The specification describes five grants for acquiring an access token:
The first step of OAuth 2 is to get authorization from the user. For browser-based or mobile apps, this is usually accomplished by displaying an interface provided by the service to the user.
OAuth 2 provides several "grant types" for different use cases. The grant types defined are:
Entity that can grant access to a protected resource. Typically, this is the end-user.
Server hosting the protected resources. This is the API you want to access.
Server that authenticates the Resource Owner and issues Access Tokens after getting proper authorization. In this case, Auth0.
Application requesting access to a protected resource on behalf of the Resource Owner.
Agent used by the Resource Owner to interact with the Client (for example, a browser or a native application).
Note This implementation uses JWT tokens for storage by default.
Add the dependency to your shard.yml
:
dependencies:
authly:
github: azutoolkit/authly
Run shards install
require "authly"
# In memory storage of clients (3rd Party Apps)
Authly.clients << Authly::Client.new("example", "secret", "https://www.example.com/callback", "1")
#
Authly.owners << Authly::Owner.new("username", "password")
# Or use your own classes and implement interface
# Clients
class AppService
include AuthorizableClient
end
# Owners
class UserService
include AuthorizableOwner
end
# Configure
Authly.configure do |c|
# Secret Key for JWT Tokens
c.secret_key = "Some Secret"
c.algorithm = JWT::Algorithm::HS256
# Refresh Token Time To Live
c.refresh_ttl = 1.hour
# Authorization Code Time To Live
c.code_ttl = 1.hour
# Access Token Time To Live
c.access_ttl = 1.hour
# Using your own classes
c.owners = UserService.new
c.clients = AppService.new
end
Authly.access_token(grant_type, **args)
Authly.code(response_type, *args)
Authly returns exceptions according to the OAuth2 protocol of type Error
with code
, type
and message
properties.
invalid_redirect_uri: "Invalid redirect uri",
invalid_state: "Invalid state",
invalid_scope: "Invalid scope value in the request",
invalid_client: "Client authentication failed, such as if the request contains an invalid client ID or secret.",
owner_credentials: "Invalid owner credentials",
invalid_request: "The request is missing a parameter so the server cant proceed with the request",
invalid_grant: "The authorization code is invalid or expired.",
unauthorized_client: "This client is not authorized to use the requested grant type",
unsupported_grant_type: "Invalid or unknown grant type",
access_denied: "The user or authorization server denied the request",
git checkout -b my-new-feature
)git commit -am 'Add some feature'
)git push origin my-new-feature
)