View Source CharonOauth2 (CharonOauth2 v0.0.5)
use CharonOauth2, @charon_config
Link to this section Summary
Functions
Default token verification call used in refresh_token grant.
Can be overridden using config opt :verify_refresh_token
,
in which case there is no need to call Charon.TokenPlugs.verify_no_auth_error/2
.
Link to this section Functions
@spec verify_refresh_token(Plug.Conn.t(), Charon.Config.t()) :: Plug.Conn.t()
Default token verification call used in refresh_token grant.
Can be overridden using config opt :verify_refresh_token
,
in which case there is no need to call Charon.TokenPlugs.verify_no_auth_error/2
.
Checks:
- signature valid
- already valid ("nbf" claim)
- not expired ("exp" claim)
- token type is "refresh" ("type" claim)
- session type is "oauth2" ("styp" claim)
- session exists
- token is fresh (grace period 10 seconds)