View Source Guardian.Token.Verify behaviour (Guardian v2.3.1)

Interface for verifying tokens.

This is intended to be used primarily by token modules but allows for a custom verification module to be created if the one that ships with your TokenModule is not quite what you want.

Link to this section Summary

Functions

Checks that a time value is within the allowed_drift as configured for the provided module.

For claims, check the values against the values found in claims_to_check. If there is a claim to check that does not pass verification, it fails.

Link to this section Callbacks

Link to this callback

verify_claim(mod, claim_key, claims, options)

View Source
@callback verify_claim(
  mod :: module(),
  claim_key :: String.t(),
  claims :: Guardian.Token.claims(),
  options :: Guardian.options()
) :: {:ok, Guardian.Token.claims()} | {:error, atom()}

Verify a single claim.

You should also include a fallback for claims that you are not validating.

def verify_claim(_mod, _key, claims, _opts), do: {:ok, claims}

Link to this section Functions

Link to this function

time_within_drift?(mod, time)

View Source
@spec time_within_drift?(mod :: module(), time :: pos_integer() | float()) ::
  true | false

Checks that a time value is within the allowed_drift as configured for the provided module.

Allowed drift is measured in seconds and represents the maximum amount of time a token may be expired for an still be considered valid.

This is to deal with clock skew.

Link to this function

verify_literal_claims(claims, claims_to_check, opts)

View Source
@spec verify_literal_claims(
  claims :: Guardian.Token.claims(),
  claims_to_check :: Guardian.Token.claims() | nil,
  opts :: Guardian.options()
) :: {:ok, Guardian.Token.claims()} | {:error, any()}

For claims, check the values against the values found in claims_to_check. If there is a claim to check that does not pass verification, it fails.

When the value of a claim is a list, it checks that all values of the same claim in claims_to_check are members of the list.