monkey.ci.web.auth — com.monkeyci/app 0.19.8

Liking cljdoc? Tell your friends :D

Clojure only.

monkey.ci.web.auth

Authentication and authorization functions

Authentication and authorization functions

allowed?^clj

(allowed? r)

augment-payload^clj

(augment-payload payload)

auth-chain^clj

(auth-chain chain req)

Applies the authorization chain to the request. The chain consists of functions that are applied to the request. Each part can return a non-nil value, which is interpreted as a security advise. This can be to deny, or allow the request. If the request is denied, an authorization exception is thrown. This system allows a large degree of autonomy to each checker. They can inspect the previous advises, and modify their response accordingly.

Applies the authorization chain to the request.  The chain consists of
functions that are applied to the request.  Each part can return a
non-nil value, which is interpreted as a security advise.  This can
be to deny, or allow the request.  If the request is denied, an 
authorization exception is thrown.  This system allows a large degree
of autonomy to each checker.  They can inspect the previous advises,
and modify their response accordingly.

source raw docstring

auth-chain-middleware^clj

(auth-chain-middleware h)

Middleware that extracts any authorization checkers from the route data and applies them. If the chain results in a request denied, a 403 response is returned.

Middleware that extracts any authorization checkers from the route data
and applies them.  If the chain results in a request denied, a 403 response
is returned.

source raw docstring

build-token^clj

Creates token contents for a build, to be used by a build script.

Creates token contents for a build, to be used by a build script.

source raw docstring

chain-result->exception^clj

(chain-result->exception r)

default-token-expiration^clj

Default token expiration period, one day

Default token expiration period, one day

source raw docstring

denied?^clj

(denied? r)

expired?^clj

(expired? {:keys [exp]})

Returns true if token has expired

Returns true if token has expired

source raw docstring

generate-and-sign-jwt^clj

(generate-and-sign-jwt payload pk)

generate-jwt^clj

(generate-jwt req payload)

Signs a JWT using the keypair from the request context.

Signs a JWT using the keypair from the request context.

source raw docstring

generate-jwt-from-rt^clj

(generate-jwt-from-rt rt payload)

Generates a JWT from the private key in the runtime

Generates a JWT from the private key in the runtime

source raw docstring

generate-keypair^clj

(generate-keypair)

Generates a new RSA keypair

Generates a new RSA keypair

source raw docstring

generate-secret-key^clj

(generate-secret-key)

Generates a random secret key object

Generates a random secret key object

source raw docstring

granted^clj

hash-pw^clj

(hash-pw pw)

Creates SHA256 hash of password, returns hex encoded string

Creates SHA256 hash of password, returns hex encoded string

source raw docstring

jwks^clj

(jwks req)

JWKS endpoint handler

JWKS endpoint handler

source raw docstring

keypair->rt^clj

(keypair->rt kp)

kid^clj

make-jwk^clj

(make-jwk pub)

Creates a JWK object from a public key that can be exposed for external verification.

Creates a JWK object from a public key that can be exposed for external 
verification.

source raw docstring

org-auth-checker^clj

Checks if the user has access to the organization

Checks if the user has access to the organization

source raw docstring

org-body-checker^clj

Checks if the user has access to the organization specified in the body

Checks if the user has access to the organization specified in the body

source raw docstring

parse-signature^clj

(parse-signature s)

Parses HMAC signature header, returns the algorithm and the signature.

Parses HMAC signature header, returns the algorithm and the signature.

source raw docstring

public-repo-checker^clj

(public-repo-checker chain req)

Checks if the repository that's being accessed is public, and the request method is GET.

Checks if the repository that's being accessed is public, and the
request method is `GET`.

source raw docstring

req->webhook-id^clj

resolve-token^cljmultimethod

role-build^clj

role-sysadmin^clj

role-user^clj

rt->pub-key^clj

secure-ring-app^clj

(secure-ring-app app rt)

Wraps the ring handler so it verifies the JWT authorization header

Wraps the ring handler so it verifies the JWT authorization header

source raw docstring

sign-jwt^clj

(sign-jwt payload pk)

sysadmin-authorization^clj

(sysadmin-authorization h)

sysadmin-token^clj

Creates token contents for a system admin, a user that has special privileges.

Creates token contents for a system admin, a user that has special privileges.

source raw docstring

sysadmin?^clj

(sysadmin? user)

user-id^clj

Retrieves current user id from request

Retrieves current user id from request

source raw docstring

user-token^clj

Creates token contents for an authenticated user

Creates token contents for an authenticated user

source raw docstring

valid-security?^clj

(valid-security? {:keys [secret payload x-hub-signature]})

Validates security header

Validates security header

source raw docstring

validate-hmac-security^clj

(validate-hmac-security h
                        {:keys [get-secret header]
                         :or {header "x-hub-signature-256"}})

Middleware that validates the HMAC security header using a fn that retrieves the secret for the request.

Middleware that validates the HMAC security header using a fn that retrieves
the secret for the request.

source raw docstring

webhook-org-checker^clj

(webhook-org-checker _ req)

Verifies if the user has permissions on the webhook org

Verifies if the user has permissions on the webhook org

source raw docstring

cljdoc builds & hosts documentation for Clojure/Script libraries

Keyboard shortcuts

`Ctrl`+`k`	Jump to recent docs
`←`	Move to previous article
`→`	Move to next article
`Ctrl`+`/`	Jump to the search field

Raise an issue Browse cljdoc source Chat on Slack