Create inline authorisation logic using SAML assertions. The if-permit
and
only-permit
macros can be used from both Clojure and ClojureScript.
For route-level authorisation + ahead-of-time checks from within interceptors,
use the permit-request?
function from dk.cst.pedestal.sp.interceptors
.
Create inline authorisation logic using SAML assertions. The `if-permit` and `only-permit` macros can be used from both Clojure and ClojureScript. For route-level authorisation + ahead-of-time checks from within interceptors, use the `permit-request?` function from `dk.cst.pedestal.sp.interceptors`.
(auth-override assertions)
Create an auth test override from the assertions
map.
During development, the assertions map may contain a :condition key defining an alternative test used to override the conditions of a production system.
Create an auth test override from the `assertions` map. During development, the assertions map may contain a :condition key defining an alternative test used to override the conditions of a production system.
(condition->auth-test condition)
Return a function to test an assertions map based on a given condition
:
:authenticated - requires authentication to access. :all - can be accessed by anyone, no restrictions apply. :none - no access by anyone under any circumstances. map - allow access when the assertions contain this submap. fn - takes assertions as input and returns true if accessible.
Return a function to test an assertions map based on a given `condition`: :authenticated - requires authentication to access. :all - can be accessed by anyone, no restrictions apply. :none - no access by anyone under any circumstances. map - allow access when the assertions contain this submap. fn - takes assertions as input and returns true if accessible.
(enforce-condition request condition)
Fail fast if the request
assertions do not meet a condition
.
Fail fast if the `request` assertions do not meet a `condition`.
(if-permit [assertions condition] & body)
Checks that assertions
satisfies condition
. When true, returns the
first clause of body
; else returns the second clause.
Checks that `assertions` satisfies `condition`. When true, returns the first clause of `body`; else returns the second clause.
(only-permit [assertions condition] & body)
Checks that assertions
satisfies condition
. If true, returns body
;
else throws an exception.
Checks that `assertions` satisfies `condition`. If true, returns `body`; else throws an exception.
(request->assertions request)
(safe-decode base64)
Decode a URL encoded as base64
via 'safe-encode'.
Decode a URL encoded as `base64` via 'safe-encode'.
(safe-encode url)
Encode a url
as base64 with certain problematic characters replaced.
This encoding should survive any URL encoding/decoding scheme it may be passed
through, ensuring that the input url
survives until decoded.
Encode a `url` as base64 with certain problematic characters replaced. This encoding should survive any URL encoding/decoding scheme it may be passed through, ensuring that the input `url` survives until decoded.
(saml-path paths saml-type & [RelayState])
Get the specified saml-type
in paths
with an encoded RelayState
.
Get the specified `saml-type` in `paths` with an encoded `RelayState`.
cljdoc is a website building & hosting documentation for Clojure/Script libraries
× close