Joken

v1.5.0

Joken v1.5.0 Joken.Signer

Signer is the JWK (JSON Web Key) and JWS (JSON Web Signature) configuration of Joken.

JWK is used by JWS to generate a token signature that is appended to the end of the token compact representation.

Joken uses https://hex.pm/packages/jose to do signing and verification.

Note: By default, the ‘none’ algorithm is disabled. To enable it, set the ‘allow_none_algorithm’ key on the ‘joken’ app configuration to true

Summary

Types

jwk()
jws()
t()

Functions

configure_unsecured_signing()

Enables the use of none algorithm

eddsa(alg, key)

Convenience for generating an EdDSA Joken.Signer

es(alg, key)

Convenience for generating an ES* Joken.Signer

hs(alg, secret)

Convenience for generating an HS* Joken.Signer

none(secret)

Convenience for generating a Joken.Signer with the none algorithm. This raises Joken.AlgorithmError if the none algorightm is enabled

peek(token, options \\ [])

Returns the token payload without validating or verifying

peek_header(token)

Returns the token header without validating or verifying

process_claims(claims, options)
ps(alg, key)

Convenience for generating an PS* Joken.Signer

rs(alg, key)

Convenience for generating an RS* Joken.Signer

sign(token)

Signs a payload (JOSE header + claims) with the configured signer

sign(token, signer)

Signs a payload (JOSE header + claims) with the given signer

verify(token, signer \\ nil, options \\ [])

Verifies a token signature and decodes its payload. This assumes a signer was configured. It raises if there was none

Types 

jwk :: %{}
jws :: %{}
t :: %Joken.Signer{jwk: jwk, jws: jws}

Functions

configure_unsecured_signing()

Enables the use of none algorithm.

eddsa(alg, key)

Specs

eddsa(binary, map) :: Joken.Signer.t

Convenience for generating an EdDSA Joken.Signer

es(alg, key)

Specs

es(binary, map) :: Joken.Signer.t

Convenience for generating an ES* Joken.Signer

hs(alg, secret)

Specs

hs(binary, binary) :: Joken.Signer.t

Convenience for generating an HS* Joken.Signer

none(secret)

Specs

none(binary) :: Joken.Signer.t

Convenience for generating a Joken.Signer with the none algorithm. This raises Joken.AlgorithmError if the none algorightm is enabled.

peek(token, options \\ [])

Specs

peek(Joken.Token.t, Keyword.t) :: map

Returns the token payload without validating or verifying

peek_header(token)

Specs

peek_header(Joken.Token.t) :: map

Returns the token header without validating or verifying

process_claims(claims, options)
ps(alg, key)

Specs

ps(binary, map) :: Joken.Signer.t

Convenience for generating an PS* Joken.Signer

rs(alg, key)

Specs

rs(binary, map) :: Joken.Signer.t

Convenience for generating an RS* Joken.Signer

sign(token)

Specs

sign(Joken.Token.t) :: Joken.Token.t

Signs a payload (JOSE header + claims) with the configured signer.

It raises ArgumentError if no signer was configured.

sign(token, signer)

Specs

sign(Joken.Token.t, Joken.Signer.t) :: Joken.Token.t

Signs a payload (JOSE header + claims) with the given signer.

This will override the configured signer.

verify(token, signer \\ nil, options \\ [])

Specs

verify(Joken.Token.t, Joken.Signer.t | nil, Keyword.t) :: Joken.Token.t

Verifies a token signature and decodes its payload. This assumes a signer was configured. It raises if there was none.