keycloak v0.2.0 Keycloak.Plug.VerifyToken View Source
Plug for verifying authorization on a per request basis, verifies that a token is set in the
Authorization
header.
Example Usage
config :keycloak, Keycloak.Plug.VerifyToken, hmac: "foo"
# In your plug pipeline
plug Keycloak.Plug.VerifyToken
Link to this section Summary
Functions
Fetches the Authorization
header, and verifies the token if present. If a
valid token is passed, the decoded %Joken.Token{}
is added as :token
to the conn
assigns
Fetches the token from the Authorization
headers array, attempting
to match the token in the format Bearer <token>
Returns the configured public_key
or hmac
key used to sign the token
Attemps to verify that the passed token
can be trusted
Link to this section Functions
Fetches the Authorization
header, and verifies the token if present. If a
valid token is passed, the decoded %Joken.Token{}
is added as :token
to the conn
assigns.
Fetches the token from the Authorization
headers array, attempting
to match the token in the format Bearer <token>
.
Example
iex> fetch_token([])
nil
iex> fetch_token(["abc123"])
nil
iex> fetch_token(["Bearer abc123"])
"abc123"
Returns the configured public_key
or hmac
key used to sign the token.
Example
iex> %Joken.Signer{} = signer_key()
%Joken.Signer{jwk: %{"k" => "YWtiYXI", "kty" => "oct"}, jws: %{"alg" => "HS512"}}
verify_token(String.t | nil) :: {atom, Joken.Token.t | atom}
Attemps to verify that the passed token
can be trusted.
Example
iex> verify_token(nil)
{:error, :not_authenticated}
iex> verify_token("abc123")
{:error, "Invalid signature"}