Guardian v1.0.0-beta.1 Guardian.Token.Verify behaviour View Source

Interface for verifying tokens.

This is intended to be used primarily by token modules but allows for a custom verification module to be created if the one that ships with your TokenModule is not quite what you want.

Link to this section Summary

Functions

Checks that a time value is within the allowed_drift as configured for the provided module

For claims, check the values against the values found in claims_to_check. If there is a claim to check that does not match verification fails

Link to this section Functions

Link to this function time_within_drift?(mod, time) View Source
time_within_drift?(mod :: module, time :: pos_integer) ::
  true |
  false

Checks that a time value is within the allowed_drift as configured for the provided module

Allowed drift is measured in seconds and represents the maximum amount of time a token may be expired for an still be considered valid. This is to deal with clock skew.

Link to this function verify_literal_claims(claims, claims_to_check, opts) View Source
verify_literal_claims(claims :: Guardian.Token.claims, claims_to_check :: Guardian.Token.claims | nil, opts :: Guardian.options) ::
  {:ok, Guardian.Token.claims} |
  {:error, any}

For claims, check the values against the values found in claims_to_check. If there is a claim to check that does not match verification fails.

Link to this section Callbacks

Link to this callback verify_claim(mod, claim_key, claims, options) View Source
verify_claim(mod :: module, claim_key :: String.t, claims :: Guardian.Token.claims, options :: Guardian.options) ::
  {:ok, Guardian.Token.claims} |
  {:error, atom}

Verify a single claim

You should also include a fallback for claims that you are not validating

def verify_claim(_mod, _key, claims, _opts), do: {:ok, claims}