jti_register v0.1.0 JTIRegister behaviour View Source
Behaviour for modules implementing JTI registration
The purpose of a JTI registration service is to prevent replay attacks by checking if the token was already used before.
JTI stands for JWT ID, and identifies a unique JWT security token, but it could work with
any token having a unique ID. For instance, this is the case for OpenID Connect ID tokens
whose nonce
claim is equivalent to a jti
.
To avoid allowing use of a JWT in case the server's time changes backward, an implementation
should use monotonic time (see System.monotonic_time/1
).
Link to this section Summary
Types
A UNIX timestamp
Callbacks
Registers a "jti"
with its expiration time "exp"
Returns true
if a "jti"
is registered and not expired, false
otherwise
Starts a JTI register (unsupervised)
Starts a supervised JTI register
Link to this section Types
Specs
timestamp() :: non_neg_integer()
A UNIX timestamp
Link to this section Callbacks
Specs
Registers a "jti"
with its expiration time "exp"
Specs
Returns true
if a "jti"
is registered and not expired, false
otherwise
Specs
Starts a JTI register (unsupervised)
Specs
start_link(any()) :: Supervisor.on_start()
Starts a supervised JTI register