Oidcc.Plug.ValidateJwtToken (Oidcc Plug v0.4.0)

Copy Markdown View Source

Validate extracted authorization token by validating it as a JWT token.

This module should be used together with Oidcc.Plug.ExtractAuthorization.

defmodule SampleAppWeb.Endpoint do
  use Phoenix.Endpoint, otp_app: :sample_app

  # ...

  plug Oidcc.Plug.ExtractAuthorization

  plug Oidcc.Plug.ValidateJwtToken,
    provider: SampleApp.GoogleOpenIdConfigurationProvider,
    client_id: Application.compile_env!(:sample_app, [Oidcc.Plug.ValidateJwtToken, :client_id]),
    client_secret: Application.compile_env!(:sample_app, [Oidcc.Plug.ValidateJwtToken, :client_secret]),
    # optional validation options to pass to Oidcc.Token.validate_id_token/3
    validate_opts: %{validate_azp: :any}

  plug SampleAppWeb.Router
end

Summary

Types

opts()

Plug Configuration Options

Types

opts()

(since 0.1.0) 
@type opts() :: [
  provider: GenServer.name(),
  client_id: String.t() | (-> String.t()),
  client_secret: String.t() | (-> String.t()),
  send_inactive_token_response: (conn :: Plug.Conn.t() -> Plug.Conn.t()),
  validate_opts: Oidcc.Token.retrieve_opts()
]

Plug Configuration Options

Options

  • provider - name of the Oidcc.ProviderConfiguration.Worker
  • client_id - OAuth Client ID to use for the token validation
  • client_secret - OAuth Client Secret to use for the token validation
  • send_inactive_token_response - Customize Error Response for inactive token
  • client_store - A module name that implements the Oidcc.Plug.ClientStore behaviour to fetch the client context from a store instead of using the provider, client_id and client_secret directly. This is useful for storing the client context in a database or other persistent storage.
  • validate_opts - A map of options to pass to Oidcc.Token.validate_id_token/3.