CloudKit.ServerKey (cloud_kit v0.3.0)

CloudKit Server Key token generation.

CloudKit uses a server key (ECDSA P-256 private key) to authenticate API requests. The JWT is signed ES256 and contains the container ID and server key ID.

Summary

Types

jwt()

signed_headers()

Functions

access_token(opts \\ [])

Generate the CloudKit Server Key token for API access.

access_token_with_expiry(opts \\ [])

Like access_token/1 but also returns the unix-epoch expiry time, for cache use.

generate_jwt(opts \\ [])

Build and sign the CloudKit Server Key JWT (ES256).

signed_headers(subpath, body \\ "", opts \\ [])

Build CloudKit's signed request headers for a request subpath and body.

Types

jwt()

@type jwt() :: String.t()

signed_headers()

@type signed_headers() :: [{String.t(), String.t()}]

Functions

access_token(opts \\ [])

@spec access_token(keyword()) :: {:ok, String.t()} | {:error, term()}

Generate the CloudKit Server Key token for API access.

access_token_with_expiry(opts \\ [])

@spec access_token_with_expiry(keyword()) ::
  {:ok, String.t(), integer()} | {:error, term()}

Like access_token/1 but also returns the unix-epoch expiry time, for cache use.

generate_jwt(opts \\ [])

@spec generate_jwt(keyword()) :: {:ok, jwt()} | {:error, term()}

Build and sign the CloudKit Server Key JWT (ES256).

signed_headers(subpath, body \\ "", opts \\ [])

@spec signed_headers(String.t(), binary(), keyword()) ::
  {:ok, signed_headers()} | {:error, term()}

Build CloudKit's signed request headers for a request subpath and body.