Liking cljdoc? Tell your friends :D

liberator-mixin.authorisation.core

Liberator mixin to authorise a request based on an access token

Liberator mixin to authorise a request based on an access token
raw docstring

ClaimValidatorcljprotocol

validateclj

(validate this ctx claims)

Validate a tokens claims.

Params:

  • ctx - liberator context
  • claims - token claims

Returns an array of:

  • valid?
  • error map containing message and cause metadata
Validate a tokens claims.

Params:
* ctx - liberator context
* claims - token claims

Returns an array of:
* valid?
* error map containing message and cause metadata
source

missing-tokenclj

source

with-bearer-tokenclj

(with-bearer-token)

Returns a mixin that extracts the access token from the authorisation header

  • token-header-name - the name of the header containing the token (defaults to "authorization")
  • token-type - the scheme under the authorisation header (default is Bearer)
  • token-parser - a function that performs parsing of the token before validation (optional)

This mixin should only be used once.

Returns a mixin that extracts the access token from the authorisation header

* token-header-name - the name of the header containing the token (defaults to "authorization")
* token-type - the scheme under the authorisation header (default is Bearer)
* token-parser - a function that performs parsing of the token before
validation (optional)

This mixin should only be used once.
sourceraw docstring

with-jws-access-token-mixinclj

(with-jws-access-token-mixin)
source

with-token-authorizationclj

(with-token-authorization)

Returns a mixin that validates the jws access token ensure it includes the claims and that claim passes validation, finally it stores the authentication and authorisation state on the context under :identity

This mixin assumes a token already on the context under :token

  • token-key - the secret can be a function which is provided the JOSE header as its single param
  • token-options - that is used to validate the standard claims of the token (aud, iss, sub, exp, nbf, iat) (optional)
  • token-validators - a array of ClaimValidators (optional)
  • token-required? - whether a token should be treated as mandatory (defaults to true)

This mixin should only be used once.

Returns a mixin that validates the jws access token ensure it includes the
claims and that claim passes validation, finally it stores the authentication
and authorisation state on the context under :identity

This mixin assumes a token already on the context under :token

* token-key - the secret can be a function which is provided the JOSE header
as its single param
* token-options - that is used to validate the standard claims of the
token (aud, iss, sub, exp, nbf, iat) (optional)
* token-validators - a array of ClaimValidators (optional)
* token-required? - whether a token should be treated as mandatory (defaults to true)


This mixin should only be used once.
sourceraw docstring

with-www-authenticate-headerclj

(with-www-authenticate-header)

Returns a mixin that populates the WWW-Authenticate header when the request is not allowed to access the protected endpoint.

This mixin should only be used once.

Returns a mixin that populates the WWW-Authenticate header when the
request is not allowed to access the protected endpoint.

This mixin should only be used once.
sourceraw docstring

cljdoc is a website building & hosting documentation for Clojure/Script libraries

× close