keycloak v0.1.1 Keycloak.Plug.VerifyToken View Source
Plug for verifying authorization on a per request basis, verifies that a token is set in the
Authorization header.
Example Usage
config :keycloak, Keycloak.Plug.VerifyToken, hmac: "foo"
# In your plug pipeline
plug Keycloak.Plug.VerifyTokenLink to this section Summary
Functions
Fetches the Authorization header, and verifies the token if present. If a
valid token is passed, the decoded %Joken.Token{} is added as :token
to the conn assigns
Fetches the token from the Authorization headers array, attempting
to match the token in the format Bearer <token>
Returns the configured signer authorized party to validate
against the azp token claim
Returns the configured public_key or hmac key used to sign the token
Attemps to verify that the passed token can be trusted
Link to this section Functions
Fetches the Authorization header, and verifies the token if present. If a
valid token is passed, the decoded %Joken.Token{} is added as :token
to the conn assigns.
Fetches the token from the Authorization headers array, attempting
to match the token in the format Bearer <token>.
Example
iex> fetch_token([])
nil
iex> fetch_token(["abc123"])
nil
iex> fetch_token(["Bearer abc123"])
"abc123"Returns the configured signer authorized party to validate
against the azp token claim.
Returns the configured public_key or hmac key used to sign the token.
Example
iex> %Joken.Signer{} = signer_key()
%Joken.Signer{jwk: %{"k" => "YWtiYXI", "kty" => "oct"}, jws: %{"alg" => "HS512"}}verify_token(String.t | nil) :: {atom, Joken.Token.t | atom}
Attemps to verify that the passed token can be trusted.
Example
iex> verify_token(nil)
{:error, :not_authenticated}
iex> verify_token("abc123")
{:error, "Invalid signature"}