Liking cljdoc? Tell your friends :D

ring-jwt-middleware.core


authenticated?clj

(authenticated? request)

Inputs: [request :- RingRequest] Returns: s/Bool

Inputs: [request :- RingRequest]
Returns: s/Bool
sourceraw docstring

authorize-no-jwt-header-strategyclj

Authorize all request even with no Auth header.

Authorize all request even with no Auth header.
sourceraw docstring

check-jwt-expiryclj

(check-jwt-expiry {:keys [jwt-max-lifetime-in-sec current-epoch]} jwt)

Inputs: [{:keys [jwt-max-lifetime-in-sec current-epoch]} :- Config jwt :- JWTClaims] Returns: (result-of s/Keyword)

Return a result with some error if the JWT do not respect time-related restrictions.

Inputs: [{:keys [jwt-max-lifetime-in-sec current-epoch]} :- Config jwt :- JWTClaims]
Returns: (result-of s/Keyword)

Return a result with some error if the JWT do not respect time-related restrictions.
sourceraw docstring

decodeclj

(decode token pubkey-fn)

Inputs: [token :- s/Str pubkey-fn :- (s/=> s/Any)] Returns: (result-of {:jwt JWTClaims})

Given a JWT return an Auth hash-map

Inputs: [token :- s/Str pubkey-fn :- (s/=> s/Any)]
Returns: (result-of {:jwt JWTClaims})

Given a JWT return an Auth hash-map
sourceraw docstring

forbid-no-jwt-header-strategyclj

(forbid-no-jwt-header-strategy _handler)

Forbid all request with no Auth header

Forbid all request with no Auth header
sourceraw docstring

get-jwtclj

(get-jwt req)

Inputs: [req] Returns: (result-of s/Str)

get the JWT from a ring request

Inputs: [req]
Returns: (result-of s/Str)

get the JWT from a ring request
sourceraw docstring

hr-durationclj

(hr-duration t)

Inputs: [t :- s/Num] Returns: s/Str

Given a duration in ms, return a human readable string

Inputs: [t :- s/Num]
Returns: s/Str

Given a duration in ms,
 return a human readable string
sourceraw docstring

mk-wrap-authenticationclj

(mk-wrap-authentication user-config)

Inputs: [user-config :- UserConfig]

A function building a middleware that will add some fields to the ring request:

  • :jwt that will contain the jwt claims
  • :identity that will contain an object derived from the JWT claims
  • :jwt-error if something went wrong

To build the middleware the configuration is a map with the following fields:

  • pubkey-path ; should contain a path to the public key to be used to verify JWT signature
  • pubkey-fn ; should contain a function that once called will return the public key
  • is-revoked-fn ; should be a function that takes a decoded jwt and return true if the jwt is revoked
  • jwt-check-fn ; should be a function taking a raw JWT string, and a decoded JWT and returns a list of errors or nil if no error is found.
  • jwt-max-lifetime-in-sec ; maximal lifetime of a JWT in seconds (takes priority over :exp)
  • post-jwt-format-fn ; a function taking a JWT and returning a data structure representing the identity of a user
Inputs: [user-config :- UserConfig]

A function building a middleware that will add some fields to the ring request:

- :jwt that will contain the jwt claims
- :identity that will contain an object derived from the JWT claims
- :jwt-error if something went wrong

To build the middleware the configuration is a map with the following fields:

- pubkey-path ; should contain a path to the public key to be used to verify JWT signature
- pubkey-fn ; should contain a function that once called will return the public key
- is-revoked-fn ; should be a function that takes a decoded jwt and return true if the jwt is revoked
- jwt-check-fn ; should be a function taking a raw JWT string, and a decoded JWT and returns a list of errors or nil if no error is found.
- jwt-max-lifetime-in-sec ; maximal lifetime of a JWT in seconds (takes priority over :exp)
- post-jwt-format-fn ; a function taking a JWT and returning a data structure representing the identity of a user

sourceraw docstring

mk-wrap-authorizationclj

(mk-wrap-authorization user-config)

Inputs: [user-config :- UserConfig]

A function building a middleware taking care of the authorization logic.

It must be used in conjunction with mk-wrap-authentication.

The configuration is map containing two handlers.

  • allow-unauthenticated-access? => set it to true to not block the request when no JWT is provided
  • error-handler => a function taking a JWT error (see Result) and returning a ring response. This function should generally just return a 401 (unauthorized).
Inputs: [user-config :- UserConfig]

A function building a middleware taking care of the authorization logic.

It must be used in conjunction with `mk-wrap-authentication`.

The configuration is map containing two handlers.

- allow-unauthenticated-access? => set it to true to not block the request when no JWT is provided
- error-handler => a function taking a JWT error (see Result) and returning a ring response.
                   This function should generally just return a 401 (unauthorized).
sourceraw docstring

RingRequestclj

we don't need to be more precise that saying this is an hash-map. The RingRequest schema is used as a documentation helper.

we don't need to be more precise that saying this is an hash-map.
The RingRequest schema is used as a documentation helper.
sourceraw docstring

validate-jwtclj

(validate-jwt {:keys [jwt-check-fn] :as cfg} raw-jwt jwt)

Inputs: [{:keys [jwt-check-fn], :as cfg} :- Config raw-jwt :- s/Str jwt :- JWTClaims] Returns: (result-of s/Keyword)

Run both expiration and user checks, return a vec of errors or nothing

Inputs: [{:keys [jwt-check-fn], :as cfg} :- Config raw-jwt :- s/Str jwt :- JWTClaims]
Returns: (result-of s/Keyword)

Run both expiration and user checks,
return a vec of errors or nothing
sourceraw docstring

wrap-jwt-auth-fnclj

(wrap-jwt-auth-fn conf)

wrap a ring handler with JWT check both authentication and authorization mixed

wrap a ring handler with JWT check both authentication and authorization mixed
sourceraw docstring

wrap-jwt-auth-with-in-between-middleware-fnclj

(wrap-jwt-auth-with-in-between-middleware-fn conf wrap-logs)

Wrap the JWT authentication, authorization and a middleware wrapper in the middle

The wrapper will have access to both:

  • the request with JWT details added by the authentication layer
  • the response status returned by the authorization layer.

This is a good place to put a log middlware that will log all requests

Wrap the JWT authentication, authorization and a middleware wrapper in the middle

The wrapper will have access to both:
- the request with JWT details added by the authentication layer
- the response status returned by the authorization layer.

This is a good place to put a log middlware that will log all requests
sourceraw docstring

cljdoc is a website building & hosting documentation for Clojure/Script libraries

× close