Joken v1.5.0 Joken.Signer

Signer is the JWK (JSON Web Key) and JWS (JSON Web Signature) configuration of Joken.

JWK is used by JWS to generate a token signature that is appended to the end of the token compact representation.

Joken uses https://hex.pm/packages/jose to do signing and verification.

Note: By default, the ‘none’ algorithm is disabled. To enable it, set the ‘allow_none_algorithm’ key on the ‘joken’ app configuration to true

Summary

Functions

Enables the use of none algorithm

Convenience for generating an EdDSA Joken.Signer

Convenience for generating an ES* Joken.Signer

Convenience for generating an HS* Joken.Signer

Convenience for generating a Joken.Signer with the none algorithm. This raises Joken.AlgorithmError if the none algorightm is enabled

Returns the token payload without validating or verifying

Returns the token header without validating or verifying

Convenience for generating an PS* Joken.Signer

Convenience for generating an RS* Joken.Signer

Signs a payload (JOSE header + claims) with the configured signer

Signs a payload (JOSE header + claims) with the given signer

Verifies a token signature and decodes its payload. This assumes a signer was configured. It raises if there was none

Types

jwk :: %{}
jws :: %{}
t :: %Joken.Signer{jwk: jwk, jws: jws}

Functions

configure_unsecured_signing()

Enables the use of none algorithm.

eddsa(alg, key)

Specs

eddsa(binary, map) :: Joken.Signer.t

Convenience for generating an EdDSA Joken.Signer

es(alg, key)

Specs

es(binary, map) :: Joken.Signer.t

Convenience for generating an ES* Joken.Signer

hs(alg, secret)

Specs

hs(binary, binary) :: Joken.Signer.t

Convenience for generating an HS* Joken.Signer

none(secret)

Specs

none(binary) :: Joken.Signer.t

Convenience for generating a Joken.Signer with the none algorithm. This raises Joken.AlgorithmError if the none algorightm is enabled.

peek(token, options \\ [])

Specs

peek(Joken.Token.t, Keyword.t) :: map

Returns the token payload without validating or verifying

peek_header(token)

Specs

peek_header(Joken.Token.t) :: map

Returns the token header without validating or verifying

process_claims(claims, options)
ps(alg, key)

Specs

ps(binary, map) :: Joken.Signer.t

Convenience for generating an PS* Joken.Signer

rs(alg, key)

Specs

rs(binary, map) :: Joken.Signer.t

Convenience for generating an RS* Joken.Signer

sign(token)

Specs

Signs a payload (JOSE header + claims) with the configured signer.

It raises ArgumentError if no signer was configured.

sign(token, signer)

Signs a payload (JOSE header + claims) with the given signer.

This will override the configured signer.

verify(token, signer \\ nil, options \\ [])

Verifies a token signature and decodes its payload. This assumes a signer was configured. It raises if there was none.