Liking cljdoc? Tell your friends :D

jose.jwt


claimsclj

(claims compact)

Returns unverified compact JWT claims.

Registered claims are keyword keys. Custom claims keep their string keys. :exp, :nbf, and :iat return java.time.Instant values. :aud returns a vector.

Returns unverified compact JWT claims.

Registered claims are keyword keys. Custom claims keep their string keys.
:exp, :nbf, and :iat return java.time.Instant values. :aud returns a vector.
sourceraw docstring

claims-verifierclj

(claims-verifier opts)

Returns a Nimbus JWTClaimsSetVerifier for a Clojure claims policy.

:exact requires exact claim values. :aud accepts one audience or a collection where any match is accepted. :prohibited rejects named claims. :verifier is called with the normalized claims map and processor security context and must return truthy. Existing :iss, :required, :clock-skew, and :max-age options are also supported.

Returns a Nimbus JWTClaimsSetVerifier for a Clojure claims policy.

:exact requires exact claim values. :aud accepts one audience or a collection
where any match is accepted. :prohibited rejects named claims. :verifier is
called with the normalized claims map and processor security context and must
return truthy. Existing :iss, :required, :clock-skew, and :max-age options are
also supported.
sourceraw docstring

decryptclj

(decrypt key compact)
(decrypt key compact opts)

Decrypts a compact encrypted JWT and returns validated claims.

Decrypts a compact encrypted JWT and returns validated claims.
sourceraw docstring

decrypt-then-verifyclj

(decrypt-then-verify decrypt-key verify-key compact)
(decrypt-then-verify decrypt-key verify-key compact opts)

Decrypts a nested JWE, then verifies the inner signed JWT.

Decrypts a nested JWE, then verifies the inner signed JWT.
sourceraw docstring

encryptclj

(encrypt key claims)
(encrypt key claims opts)

Encrypts a JWT claims map and returns a compact JWE string.

Encrypts a JWT claims map and returns a compact JWE string.
sourceraw docstring

parseclj

(parse compact)

Inspects a compact JWT and returns its type and unverified header.

This only parses attacker-controlled data. It does not verify a signature, decrypt content, validate claims, or establish trust.

Inspects a compact JWT and returns its type and unverified header.

This only parses attacker-controlled data. It does not verify a signature,
decrypt content, validate claims, or establish trust.
sourceraw docstring

parse-typeclj

(parse-type compact)

Returns the unverified compact JWT type: :plain, :signed, or :encrypted.

This is inspection-only and does not establish trust.

Returns the unverified compact JWT type: :plain, :signed, or :encrypted.

This is inspection-only and does not establish trust.
sourceraw docstring

processclj

(process source compact opts)
(process source compact context opts)

Processes a signed, encrypted, or nested compact JWT and returns claims.

The policy requires explicit JWS, JWE, and content-encryption allow-lists. Plain JWTs and alg:none are always rejected. The optional context is passed to the claims verifier.

Processes a signed, encrypted, or nested compact JWT and returns claims.

The policy requires explicit JWS, JWE, and content-encryption allow-lists.
Plain JWTs and alg:none are always rejected. The optional context is passed
to the claims verifier.
sourceraw docstring

processorclj

(processor source opts)

Builds a Nimbus ConfigurableJWTProcessor from a JWKS source and policy.

:jws-algs, :jwe-algs, and :jwe-encs are required allow-lists. Singular :jws-alg, :jwe-alg, and :jwe-enc forms are also accepted. :typ optionally requires an exact JOSE type on signed and encrypted layers. Plain JWTs are always rejected. Claims policy options are passed to claims-verifier.

Builds a Nimbus ConfigurableJWTProcessor from a JWKS source and policy.

:jws-algs, :jwe-algs, and :jwe-encs are required allow-lists. Singular
:jws-alg, :jwe-alg, and :jwe-enc forms are also accepted. :typ optionally
requires an exact JOSE type on signed and encrypted layers. Plain JWTs are
always rejected. Claims policy options are passed to claims-verifier.
sourceraw docstring

signclj

(sign key claims)
(sign key claims opts)

Signs a JWT claims map and returns a compact JWS string.

Signs a JWT claims map and returns a compact JWS string.
sourceraw docstring

sign-then-encryptclj

(sign-then-encrypt sign-key encrypt-key claims opts)

Signs claims as a compact JWT, then encrypts the signed JWT as a nested JWE.

Signs claims as a compact JWT, then encrypts the signed JWT as a nested JWE.
sourceraw docstring

verifyclj

(verify key compact)
(verify key compact opts)

Verifies a compact signed JWT and returns claims.

Registered claims are keyword keys. Custom claims keep their string keys. :exp, :nbf, and :iat return java.time.Instant values. :aud returns a vector. :alg or :algs is required and constrains accepted algorithms. :typ and :cty require matching headers. :crit names understood critical headers. :max-age limits token age by :iat. Pass {:algs :any} to unsafely accept any signed algorithm supported by the key. alg:none is always rejected.

Verifies a compact signed JWT and returns claims.

Registered claims are keyword keys. Custom claims keep their string keys.
:exp, :nbf, and :iat return java.time.Instant values. :aud returns a vector.
:alg or :algs is required and constrains accepted algorithms. :typ and :cty
require matching headers. :crit names understood critical headers. :max-age
limits token age by :iat. Pass {:algs :any} to unsafely accept any signed
algorithm supported by the key. alg:none is always rejected.
sourceraw docstring

verify-claimsclj

(verify-claims claims opts)
(verify-claims claims context opts)

Verifies a claims map or Nimbus JWTClaimsSet and returns normalized claims.

The optional context is passed to :verifier.

Verifies a claims map or Nimbus JWTClaimsSet and returns normalized claims.

The optional context is passed to :verifier.
sourceraw docstring

verify-with-jwksclj

(verify-with-jwks source compact)
(verify-with-jwks source compact opts)

Selects a verification key from a JWKS source, then verifies a compact JWT.

Selects a verification key from a JWKS source, then verifies a compact JWT.
sourceraw docstring

cljdoc builds & hosts documentation for Clojure/Script libraries

Keyboard shortcuts
Ctrl+kJump to recent docs
Move to previous article
Move to next article
Ctrl+/Jump to the search field
× close