oauth_client_req_auth: OAuth client authentication
In r-lib/httr2: Perform HTTP Requests and Process the Responses
oauth_client_req_auth R Documentation
OAuth client authentication
Description
oauth_client_req_auth() authenticates a request using the authentication
strategy defined by the auth and auth_param arguments to oauth_client().
This is used to authenticate the client as part of the OAuth flow, not
to authenticate a request on behalf of a user.
There are three built-in strategies:
-
oauth_client_req_body() adds the client id and (optionally) the secret
to the request body, as described in Section 2.3.1 of RFC 6749.
-
oauth_client_req_header() adds the client id and secret using HTTP
basic authentication with the Authorization header, as described
in Section 2.3.1 of RFC 6749.
-
oauth_client_jwt_rs256() adds a client assertion to the body using a
JWT signed with jwt_sign_rs256() using a private key, as described
in Section 2.2 of RFC 7523.
You will generally not call these functions directly but will instead
specify them through the auth argument to oauth_client(). The req and
client parameters are automatically filled in; other parameters come from
the auth_params argument.
Usage
oauth_client_req_auth(req, client)
oauth_client_req_auth_header(req, client)
oauth_client_req_auth_body(req, client)
oauth_client_req_auth_jwt_sig(req, client, claim, size = 256, header = list())
Arguments
req
A httr2 request object.
client
An oauth_client.
claim
Claim set produced by jwt_claim().
size
Size, in bits, of sha2 signature, i.e. 256, 384 or 512.
Only for HMAC/RSA, not applicable for ECDSA keys.
header
A named list giving additional fields to include in the
JWT header.
Value
A modified HTTP request.
Examples
# Show what the various forms of client authentication look like
req <- request("https://example.com/whoami")
client1 <- oauth_client(
id = "12345",
secret = "56789",
token_url = "https://example.com/oauth/access_token",
name = "oauth-example",
auth = "body" # the default
)
# calls oauth_client_req_auth_body()
req_dry_run(oauth_client_req_auth(req, client1))
client2 <- oauth_client(
id = "12345",
secret = "56789",
token_url = "https://example.com/oauth/access_token",
name = "oauth-example",
auth = "header"
)
# calls oauth_client_req_auth_header()
req_dry_run(oauth_client_req_auth(req, client2))
client3 <- oauth_client(
id = "12345",
key = openssl::rsa_keygen(),
token_url = "https://example.com/oauth/access_token",
name = "oauth-example",
auth = "jwt_sig",
auth_params = list(claim = jwt_claim())
)
# calls oauth_client_req_auth_header_jwt_sig()
req_dry_run(oauth_client_req_auth(req, client3))
r-lib/httr2 documentation built on Jan. 11, 2025, 10:21 a.m.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
| oauth_client_req_auth | R Documentation |
OAuth client authentication
Description
oauth_client_req_auth() authenticates a request using the authentication
strategy defined by the auth and auth_param arguments to oauth_client().
This is used to authenticate the client as part of the OAuth flow, not
to authenticate a request on behalf of a user.
There are three built-in strategies:
-
oauth_client_req_body()adds the client id and (optionally) the secret to the request body, as described in Section 2.3.1 of RFC 6749. -
oauth_client_req_header()adds the client id and secret using HTTP basic authentication with theAuthorizationheader, as described in Section 2.3.1 of RFC 6749. -
oauth_client_jwt_rs256()adds a client assertion to the body using a JWT signed withjwt_sign_rs256()using a private key, as described in Section 2.2 of RFC 7523.
You will generally not call these functions directly but will instead
specify them through the auth argument to oauth_client(). The req and
client parameters are automatically filled in; other parameters come from
the auth_params argument.
Usage
oauth_client_req_auth(req, client)
oauth_client_req_auth_header(req, client)
oauth_client_req_auth_body(req, client)
oauth_client_req_auth_jwt_sig(req, client, claim, size = 256, header = list())
Arguments
req |
A httr2 request object. |
client |
An oauth_client. |
claim |
Claim set produced by |
size |
Size, in bits, of sha2 signature, i.e. 256, 384 or 512. Only for HMAC/RSA, not applicable for ECDSA keys. |
header |
A named list giving additional fields to include in the JWT header. |
Value
A modified HTTP request.
Examples
# Show what the various forms of client authentication look like
req <- request("https://example.com/whoami")
client1 <- oauth_client(
id = "12345",
secret = "56789",
token_url = "https://example.com/oauth/access_token",
name = "oauth-example",
auth = "body" # the default
)
# calls oauth_client_req_auth_body()
req_dry_run(oauth_client_req_auth(req, client1))
client2 <- oauth_client(
id = "12345",
secret = "56789",
token_url = "https://example.com/oauth/access_token",
name = "oauth-example",
auth = "header"
)
# calls oauth_client_req_auth_header()
req_dry_run(oauth_client_req_auth(req, client2))
client3 <- oauth_client(
id = "12345",
key = openssl::rsa_keygen(),
token_url = "https://example.com/oauth/access_token",
name = "oauth-example",
auth = "jwt_sig",
auth_params = list(claim = jwt_claim())
)
# calls oauth_client_req_auth_header_jwt_sig()
req_dry_run(oauth_client_req_auth(req, client3))
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Embedding an R snippet on your website
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.