liberator-mixin.authorisation.core

Liking cljdoc? Tell your friends :D

Clojure only.

ClaimValidator
validate
missing-token
with-bearer-token
with-jws-access-token-mixin
with-token-authorization
with-www-authenticate-header

Liberator mixin to authorise a request based on an access token

Liberator mixin to authorise a request based on an access token

raw docstring

ClaimValidator^cljprotocol

validate^clj

(validate this ctx claims)

Validate a tokens claims.

Params:

ctx - liberator context
claims - token claims

Returns an array of:

valid?
error map containing message and cause metadata

Validate a tokens claims.

Params:
* ctx - liberator context
* claims - token claims

Returns an array of:
* valid?
* error map containing message and cause metadata

source

missing-token^clj

source

with-bearer-token^clj

(with-bearer-token)

Returns a mixin that extracts the access token from the authorisation header

token-header-name - the name of the header containing the token (defaults to "authorization")
token-type - the scheme or a list of schemes under the authorisation header (default is Bearer). Use nil when no type on header
token-parser - a function that performs parsing of the token before validation (optional)

This mixin should only be used once.

Returns a mixin that extracts the access token from the authorisation header

* token-header-name - the name of the header containing the token (defaults to "authorization")
* token-type - the scheme or a list of schemes under the authorisation header (default is Bearer).
                Use nil when no type on header
* token-parser - a function that performs parsing of the token before
validation (optional)

This mixin should only be used once.

source raw docstring

with-jws-access-token-mixin^clj

(with-jws-access-token-mixin)

source

with-token-authorization^clj

(with-token-authorization)

Returns a mixin that validates the jws access token ensure it includes the claims and that claim passes validation, finally it stores the authentication and authorisation state on the context under :identity

This mixin assumes a token already on the context under :token

token-key - the secret can be a function which is provided the JOSE header as its single param
token-options - that is used to validate the standard claims of the token (aud, iss, sub, exp, nbf, iat) (optional)
token-validators - a array of ClaimValidators (optional)
token-required? - whether a token should be treated as mandatory (defaults to true)

This mixin should only be used once.

Returns a mixin that validates the jws access token ensure it includes the
claims and that claim passes validation, finally it stores the authentication
and authorisation state on the context under :identity

This mixin assumes a token already on the context under :token

* token-key - the secret can be a function which is provided the JOSE header
as its single param
* token-options - that is used to validate the standard claims of the
token (aud, iss, sub, exp, nbf, iat) (optional)
* token-validators - a array of ClaimValidators (optional)
* token-required? - whether a token should be treated as mandatory (defaults to true)


This mixin should only be used once.

source raw docstring

with-www-authenticate-header^clj

(with-www-authenticate-header)

Returns a mixin that populates the WWW-Authenticate header when the request is not allowed to access the protected endpoint.

This mixin should only be used once.

Returns a mixin that populates the WWW-Authenticate header when the
request is not allowed to access the protected endpoint.

This mixin should only be used once.

source raw docstring

cljdoc builds & hosts documentation for Clojure/Script libraries

Keyboard shortcuts

`Ctrl`+`k`	Jump to recent docs
`←`	Move to previous article
`→`	Move to next article
`Ctrl`+`/`	Jump to the search field

Raise an issue Browse cljdoc source Chat on Slack

× close