This lib provides a pedestal interceptor for working with OIDC tokens.
See the demo for a simple example of usage.
Give com.yetanalytics.pedestal-oidc.interceptor/decode-interceptor
a function that returns a map of JWKS key IDs to the keys themselves and place it in your interceptor chain. Decoded claims will be placed on the request at :com.yetanalytics.pedestal-oidc/claims
.
com.yetanalytics.pedestal-oidc.jwt/get-keyset
will attempt to fetch a valid keyset from the given jwks-uri
. How this is stored/cached is up to the lib consumer.
com.yetanalytics.pedestal-oidc.discovery
provides facilities for pulling config metadata (like the jwks_uri
) from the IDP per the spec.
To run a demo instance of keycloak:
make keycloak-demo
This will host a JWKS uri of http://0.0.0.0:8080/auth/realms/test/protocol/openid-connect/certs with the realm's public keyset.
You can then run the demo API:
make run-dev
Run the test suite:
make test
Copyright © 2022 Yet Analytics Inc.
Distributed under the Apache License version 2.0.
Can you improve this documentation?Edit on GitHub
cljdoc is a website building & hosting documentation for Clojure/Script libraries
× close