EVE SSO OAuth2 strategy for Überauth
-
Setup your application at the EVE third party developer page.
-
Add
:ueberauth_eve_sso
to your list of dependencies inmix.exs
:def deps do [{:ueberauth_github, "~> 0.1}] end
-
Add the strategy to your applications:
def application do [applications: [:ueberauth_eve_sso]] end
-
Add EVESSO to your ueberauth configuration:
config :ueberauth, Ueberauth, providers: [ evesso: {Ueberauth.Strategy.EVESSO, []} ]
-
Update your provider configuration:
config :ueberauth, Ueberauth.Strategy.EVESSO.OAuth, client_id: System.get_env("EVESSO_CLIENT_ID"), client_secret: System.get_env("EVESSO_SECRET_KEY")
Or, to read the client credentials at runtime:
config :ueberauth, Ueberauth.Strategy.EVESSO.OAuth, client_id: {:system, "EVESSO_CLIENT_ID"}, client_secret: {:system, "EVESSO_SECRET_KEY"}
-
Include the Ueberauth plug in your controller:
defmodule MyApp.AuthController do use MyApp.Web, :controller pipeline :browser do plug Ueberauth ... end end
-
Create the request and callback routes if you haven't already:
scope "/auth", MyApp do pipe_through :browser get "/:provider", AuthController, :request get "/:provider/callback", AuthController, :callback end
-
Your controller needs to implement callbacks to deal with
Ueberauth.Auth
andUeberauth.Failure
responses.
Depending on the configured url you can initiate the request through:
/auth/evesso
Or with options:
/auth/evesso?scope=esi-clones.read_implants.v1&state=nonce
By default the requested scope is empty (""). This allows access to all public endpoints and identifies the EVE Character.
Scope can be configured either explicitly as a scope
query value on the request path or in your configuration:
```elixir
config :ueberauth, Ueberauth,
providers: [
evesso: {Ueberauth.Strategy.EVESSO, [default_scope: "esi-clones.read_implants.v1"]}
]
The state
param is required by EVE SSO and should be a nonce generated for each request.
Please see LICENSE for licensing details.