Client Providers

Overview

Client providers are responsible for managing OAuth clients in the Authority authentication system. They represent applications that request access to user resources on behalf of the users.

Configuring Client Providers

To set up a client provider, you'll need to configure Authly config/authly.cr settings for your application. This is typically done by defining a Client Provider class that has access to the registered client data.

Create a class similar to the example below

Example:

module Authority
  class ClientProvider
    include Authly::AuthorizableClient

    def valid_redirect?(client_id : String, redirect_uri : String) : Bool
      ClientRepo.valid_redirect?(client_id, redirect_uri)
    end

    def authorized?(client_id : String, client_secret : String) : Bool
      ClientRepo.authorized?(client_id, client_secret)
    end
  end
end

Register the class in config/authly.cr

Example

require "authly"

# Configure
Authly.configure do |c|
  ...
 
  c.clients = Authority::ClientProvider.new
end

Using Client Providers

Once configured, your application can initiate the OAuth flow by redirecting users to the provider's authorization page. Here's an example of how the flow works:

1. The user is redirected to the OAuth provider.

2. After authentication, the user is redirected back to your application with an authorization code.

3. Use this code to request an access token.

In your CLIENT application, you must use the client_id and client_secret generated by the provider

OAuth::Client.new do |client|
  client.client_id = ENV["CLIENT_ID"]
  client.client_secret = ENV["CLIENT_SECRET"]
end

Client providers allow your application to securely interact with OAuth providers on behalf of users.

Performing HTTP client requests with OAuth2 authentication https://crystal-lang.org/api/1.13.3/OAuth2.html