Authentication and authorization functions
Authentication and authorization functions
Creates token contents for a build, to be used by a build script.
Creates token contents for a build, to be used by a build script.
(config->keypair conf)
Loads private and public keys from the app config, returns a map that can be
used in the context :jwk
.
Loads private and public keys from the app config, returns a map that can be used in the context `:jwk`.
(customer-authorization h)
Middleware that verifies the identity token to check if the user or build has access to the given customer.
Middleware that verifies the identity token to check if the user or build has access to the given customer.
(expired? {:keys [exp]})
Returns true if token has expired
Returns true if token has expired
(generate-jwt req payload)
Signs a JWT using the keypair from the request context.
Signs a JWT using the keypair from the request context.
(generate-jwt-from-rt rt payload)
Generates a JWT from the private key in the runtime
Generates a JWT from the private key in the runtime
(generate-keypair)
Generates a new RSA keypair
Generates a new RSA keypair
(generate-secret-key)
Generates a random secret key object
Generates a random secret key object
(make-jwk pub)
Creates a JWK object from a public key that can be exposed for external verification.
Creates a JWK object from a public key that can be exposed for external verification.
(parse-signature s)
Parses HMAC signature header, returns the algorithm and the signature.
Parses HMAC signature header, returns the algorithm and the signature.
(secure-ring-app app rt)
Wraps the ring handler so it verifies the JWT authorization header
Wraps the ring handler so it verifies the JWT authorization header
Retrieves current user id from request
Retrieves current user id from request
Creates token contents for an authenticated user
Creates token contents for an authenticated user
(valid-security? {:keys [secret payload x-hub-signature]})
Validates security header
Validates security header
(validate-hmac-security h
{:keys [get-secret header]
:or {header "x-hub-signature-256"}})
Middleware that validates the HMAC security header using a fn that retrieves the secret for the request.
Middleware that validates the HMAC security header using a fn that retrieves the secret for the request.
cljdoc is a website building & hosting documentation for Clojure/Script libraries
× close