RIG.JWT behaviour (Reactive Interaction Gateway v3.0.0-alpha.2) View Source

JSON Web Token handling.

Link to this section Summary

Callbacks

Find JWT claims in one or more HTTP headers.

Extract claims from a given encoded JWT.

Checks an encoded JWT for validity.

Link to this section Types

Specs

claims() :: %{optional(String.t()) => String.t()}

Specs

claims_and_errors() :: [validation_result()]
Link to this type

ensure_not_blacklisted()

View Source

Specs

ensure_not_blacklisted() :: (claims() -> validation_result())

Turns claims into errors for blacklisted JWTs.

Specs

http_header() :: {http_header_name :: String.t(), http_header_value()}

Specs

http_header_value() :: String.t()

Specs

http_headers() :: [http_header()]

Specs

jwt_conf() :: %{alg: String.t(), key: String.t()}

Specs

token() :: String.t()

Specs

validation_result() ::
  {:ok, claims()}
  | {:error, %RIG.JWT.DecodeError{__exception__: term(), cause: term()}}

Link to this section Functions

Specs

config() :: any()

Returns module configuration.

If application environment contains values in Keyword or Map struct, defaults from macro usage will be recursively merged with application configuration.

If one of the configuration parameters does not exist or can not be resolved, raises ArgumentError.

Link to this function

encode(claims, jwt_conf \\ config().jwt_conf)

View Source

Specs

encode(claims(), jwt_conf()) :: token()

See RIG.JWT.Claims.encode/2.

Link to this function

parse_http_header(http_headers, jwt_conf \\ config().jwt_conf, ensure_not_blacklisted \\ &ensure_not_blacklisted/1)

View Source
Link to this function

parse_token(token, jwt_conf \\ config().jwt_conf, ensure_not_blacklisted \\ &ensure_not_blacklisted/1)

View Source
Link to this function

valid?(token, jwt_conf \\ config().jwt_conf, ensure_not_blacklisted \\ &ensure_not_blacklisted/1)

View Source

Link to this section Callbacks

Link to this callback

parse_http_header(arg1, jwt_conf, ensure_not_blacklisted)

View Source

Specs

Find JWT claims in one or more HTTP headers.

All "Authorization" headers are considered. A single header may contain one or more credentials. Only "Bearer"-type (scheme) credentials are interpreted as JSON Web Tokens. Each of those JWTs is validated using their signature. The result contains JWT claims for successfully validated tokens and errors where the validation failed.

Link to this callback

parse_token(token, jwt_conf, ensure_not_blacklisted)

View Source

Specs

Extract claims from a given encoded JWT.

Link to this callback

valid?(token, jwt_conf, ensure_not_blacklisted)

View Source

Specs

Checks an encoded JWT for validity.