liberator-mixin.jws-authorisation.core
Liberator mixin to authorise a request based on the scope claim in a signed jwt
Liberator mixin to authorise a request based on the scope claim in a signed jwt
with-jws-authorisationclj
(with-jws-authorisation scopes
secret
&
{:keys [token opts] :or {token "Bearer" opts {}}})Returns a mixin that validates the jws token ensure it includes the scope claim and that claim has the required scope, finally it stores the authentication and authorisation state on the context under :identity
The secret can be a function which is provided the JOSE header as its single param
Takes token as an optional param that changes the type of token looked for (default is Bearer)
Takes opts as an optional param that is used to validate the claims of the token (aud, iss, sub, exp, nbf, iat)
This mixin should only be used once.
Returns a mixin that validates the jws token ensure it includes the scope claim and that claim has the required scope, finally it stores the authentication and authorisation state on the context under :identity The secret can be a function which is provided the JOSE header as its single param Takes token as an optional param that changes the type of token looked for (default is Bearer) Takes opts as an optional param that is used to validate the claims of the token (aud, iss, sub, exp, nbf, iat) This mixin should only be used once.
with-jws-unauthorisedclj
(with-jws-unauthorised)Returns a mixin populates the WWW-Authenticate error when the JWT is not authorised to access the protected endpoint.
This mixin should only be used once.
Returns a mixin populates the WWW-Authenticate error when the JWT is not authorised to access the protected endpoint. This mixin should only be used once.
cljdoc is a website building & hosting documentation for Clojure/Script libraries
× close