nova_auth_oidc_security (nova_auth_oidc v0.1.1)

View Source

Nova security callbacks for OIDC-protected routes. Extends the base nova_auth_security with JWT bearer validation.

Usage

%% API routes accepting JWT bearer tokens
#{prefix => ~"/api",
  security => nova_auth_oidc_security:require_bearer(my_oidc_config),
  routes => [...]}.

%% Routes accepting both session and bearer auth
#{prefix => ~"/api",
  security => nova_auth_oidc_security:require_any(my_oidc_config),
  routes => [...]}.

Summary

Functions

Return a security fun that tries session auth first, then JWT bearer. Useful for routes that accept both browser and API clients.

Return a security fun that validates JWT bearer tokens.

Validate a JWT bearer token from the request.

Functions

require_any(AuthMod)

-spec require_any(module()) -> fun((cowboy_req:req()) -> term()).

Return a security fun that tries session auth first, then JWT bearer. Useful for routes that accept both browser and API clients.

require_bearer(AuthMod)

-spec require_bearer(module()) -> fun((cowboy_req:req()) -> term()).

Return a security fun that validates JWT bearer tokens.

require_bearer(AuthMod, Req)

-spec require_bearer(module(), cowboy_req:req()) ->
                        {true, nova_auth:actor()} | {false, integer(), map(), binary()}.

Validate a JWT bearer token from the request.