mod_oauth2

OAuth2 provider module for app/client/token management and authorization flows.

Accepted Events

This module handles the following notifier callbacks:

  • observe_admin_menu: Add OAuth2 administration entries to the admin menu.

  • observe_request_context: Check if there is a valid Authorization header or 'access_token' argument using z_context:get.

  • observe_search_query: Queries to find OAuth2 tokens using z_datetime:next_hour.

  • observe_tick_24h: Periodically delete expired server side tokens using m_oauth2:delete_expired_tokens.

  • observe_tick_3h: Periodically try to extend tokens that are expiring in the next 8 hours using z_datetime:next_hour.

  • observe_url_fetch_options: Check if the current user has a token for the given host using z_acl:user.

Delegate callbacks:

  • event/2 with postback messages: oauth2_app_delete, oauth2_app_token_delete, oauth2_app_token_generate, oauth2_consumer_delete, oauth2_consumer_token_delete, oauth2_fetch_consumer_token.

  • event/2 with submit messages: oauth2_app_insert, oauth2_app_token_new, oauth2_app_update, oauth2_authorize, oauth2_consumer_insert, oauth2_consumer_token_new, oauth2_consumer_update.

Edit on GitHub

Models

oauth2

Model for OAuth2 app/client/token administration and user token listings.

oauth2_consumer

Model for OAuth2 consumer configuration and token access, including consumer lists and per-consumer token retrieval.

oauth2_service

Model for OAuth2 service flow helpers, including redirect URL generation and oauth redirect processing.

Controllers

controller_oauth2_access_token

Todo

controller_oauth2_service_authorize

Todo

controller_oauth2_service_redirect

Todo

Dispatch rules

dispatch

Dispatch rules Name Path Resource Args oauth2_consumer_authorize [“oauth-service”,”authorize”,”zotonic”

Referred by

All dispatch rules

All the dispatch rules from all modules. For a background on dispatch rules, see The URL dispatch system.