ilusm.dev

oau

OAuth 2.0, OpenID Connect, token handling.

Load with: use oau

Quick example

use oau

result = oauur(10, "hello", "./example", "value", "value")
prn(result)

Functions

Authorization URL

oauur(auth_endpoint, client_id, redirect_uri, scope, state)

Performs the operation. Takes auth_endpoint, client_id, redirect_uri, scope, state.

oaurl(auth_endpoint, client_id, redirect_uri, scope, state, code_challenge)

Performs the operation. Takes auth_endpoint, client_id, redirect_uri, scope, state, code_challenge.

Token exchange

oauto(token_endpoint, code, client_id, client_secret, redirect_uri)

Converts to another format. Takes token_endpoint, code, client_id, client_secret, redirect_uri.

oauth(token_endpoint, username, password, client_id, client_secret)

Performs the operation. Takes token_endpoint, username, password, client_id, client_secret.

oauth(token_endpoint, client_id, client_secret, scope)

Performs the operation. Takes token_endpoint, client_id, client_secret, scope.

oauth(token_endpoint, refresh_token, client_id, client_secret)

Performs the operation. Takes token_endpoint, refresh_token, client_id, client_secret.

PKCE

oauth()

Performs the operation.

Token validation

oauth(token)

Performs the operation. Takes token.

oauth(token, jwks)

Performs the operation. Takes token, jwks.

OIDC

oidcu(userinfo_endpoint, access_token)

Performs the operation. Takes userinfo_endpoint, access_token.

oidci(id_token)

Performs the operation. Takes id_token.

oidcg(id_token)

Performs the operation. Takes id_token.

oidcg(id_token)

Performs the operation. Takes id_token.

Device flow

oauth(device_endpoint, client_id, scope)

Performs the operation. Takes device_endpoint, client_id, scope.

oauth(token_endpoint, device_code, client_id, client_secret)

Performs the operation. Takes token_endpoint, device_code, client_id, client_secret.

Implicit flow (deprecated)

oauth(url_fragment)

Performs the operation. Takes url_fragment.

Common attacks

oauth(auth_url, victim_state)

Performs the operation. Takes auth_url, victim_state.

oauth(auth_url, evil_redirect)

Performs the operation. Takes auth_url, evil_redirect.

oauth(auth_url, extra_scope)

Performs the operation. Takes auth_url, extra_scope.

Token introspection

oauth(introspection_endpoint, token, client_id, client_secret)

Performs the operation. Takes introspection_endpoint, token, client_id, client_secret.

Revocation

oauth(revocation_endpoint, token, client_id, client_secret)

Performs the operation. Takes revocation_endpoint, token, client_id, client_secret.

JWKS handling

oauth(jwks_uri)

Performs the operation. Takes jwks_uri.

oauth(jwks, new_key)

Performs the operation. Takes jwks, new_key.

OpenID Configuration

oidcd(issuer_url)

Performs the operation. Takes issuer_url.

Client registration

oauth(reg_endpoint, client_name, redirect_uris)

Performs the operation. Takes reg_endpoint, client_name, redirect_uris.

Notes

  • OAuth2 client - authorisation code, PKCE, token refresh.