(bindings ctx paths)Resolves a map of dynamic paths against the given context map.
Takes a context map (ctx) and a map of bindings (paths), where each key
represents the target parameter name and each value is a vector path (suitable
for get-in) pointing to the location of the real value within ctx.
Returns a new map containing only the successfully resolved key-value pairs. If a path does not exist in the context, it is safely ignored.
Example: (bindings {:tenant {:id "123"}} {:client-id [:tenant :id]}) => {:client-id "123"}
Resolves a map of dynamic paths against the given context map.
Takes a context map (`ctx`) and a map of bindings (`paths`), where each key
represents the target parameter name and each value is a vector path (suitable
for `get-in`) pointing to the location of the real value within `ctx`.
Returns a new map containing only the successfully resolved key-value pairs.
If a path does not exist in the context, it is safely ignored.
Example:
(bindings {:tenant {:id "123"}} {:client-id [:tenant :id]})
=> {:client-id "123"}(ensure-token! {:keys [state refresh-fn] :as auth-data} buffer-secs)Thread-safe coordinator that guarantees the authentication state atom contains a valid token. Implements the Leader/Follower concurrency pattern: if the token is expired or within the proactive refresh buffer, one thread claims leadership to perform the refresh while others wait on a promise. On success, updates the atom and wakes waiting threads. On failure, restores the previous state to allow future retries and propagates the exception.
Args:
:state (the auth atom) and :refresh-fn (the compiled refresh function).Returns:
The original auth-data map (for pipeline compatibility).
Note: Mutates :state atom in-place. Throws on refresh failure.
Thread-safe coordinator that guarantees the authentication state atom contains a valid token. Implements the Leader/Follower concurrency pattern: if the token is expired or within the proactive refresh buffer, one thread claims leadership to perform the refresh while others wait on a promise. On success, updates the atom and wakes waiting threads. On failure, restores the previous state to allow future retries and propagates the exception. Args: - auth-data : Map containing `:state` (the auth atom) and `:refresh-fn` (the compiled refresh function). - buffer-secs : Seconds of anticipation to trigger a proactive refresh. Returns: The original `auth-data` map (for pipeline compatibility). Note: Mutates `:state` atom in-place. Throws on refresh failure.
(full-context ctx bind-paths)(normalize ctx layer)(process-layer ctx layer request-handler)Prepares the authentication layer by resolving its dynamic bindings against the context, merging the results, and then dispatches to the corresponding authentication strategy execution.
Prepares the authentication layer by resolving its dynamic bindings against the context, merging the results, and then dispatches to the corresponding authentication strategy execution.
(refresh auth-layers request-handler)Creates a compiled, context-aware function for executing the token refresh flow. This higher-order function closes over the authentication layers and the HTTP request handler, returning a single-argument function that executes the full refresh pipeline when invoked.
Args:
Returns:
A compiled function (fn [ctx] ...) that takes the current auth state context and returns
the newly refreshed auth state map.
Creates a compiled, context-aware function for executing the token refresh flow. This higher-order function closes over the authentication layers and the HTTP request handler, returning a single-argument function that executes the full refresh pipeline when invoked. Args: - auth-layers : Vector of authentication strategy configurations to execute during refresh. - request-handler : The wrapped HTTP client function used to perform the network request. Returns: A compiled function `(fn [ctx] ...)` that takes the current auth state context and returns the newly refreshed auth state map.
(run initial-ctx auth-layers request-handler)Sequentially executes a pipeline of authentication layers.
Applies a reduce over auth-layers, passing the context map through
each layer along with the http-client. The result of processing a layer
becomes the input context for the next one.
Returns the final, fully transformed context map.
Sequentially executes a pipeline of authentication layers. Applies a `reduce` over `auth-layers`, passing the context map through each layer along with the `http-client`. The result of processing a layer becomes the input context for the next one. Returns the final, fully transformed context map.
(token-expired? state)(token-expired? {:keys [expires-at]} buff-secs)Evaluates whether an authentication token has expired or is within a proactive refresh window.
Supports two arities: the first uses a strict check (0-second buffer), while the second allows
specifying a buffer in seconds to trigger a refresh before the exact expiration time.
If :expires-at is missing or nil, returns false to prevent unnecessary refresh attempts.
Args:
:expires-at timestamp.Returns: Boolean indicating if the token should be treated as expired.
Evaluates whether an authentication token has expired or is within a proactive refresh window. Supports two arities: the first uses a strict check (0-second buffer), while the second allows specifying a buffer in seconds to trigger a refresh before the exact expiration time. If `:expires-at` is missing or nil, returns false to prevent unnecessary refresh attempts. Args: - state : Map containing the `:expires-at` timestamp. - buff-secs : (Optional) Number of seconds before expiration to consider the token expired. Returns: Boolean indicating if the token should be treated as expired.
cljdoc builds & hosts documentation for Clojure/Script libraries
| Ctrl+k | Jump to recent docs |
| ← | Move to previous article |
| → | Move to next article |
| Ctrl+/ | Jump to the search field |