nova_auth_oidc_security (nova_auth_oidc v0.1.1)
View SourceNova security callbacks for OIDC-protected routes. Extends the base
nova_auth_security with JWT bearer validation.
Usage
%% API routes accepting JWT bearer tokens
#{prefix => ~"/api",
security => nova_auth_oidc_security:require_bearer(my_oidc_config),
routes => [...]}.
%% Routes accepting both session and bearer auth
#{prefix => ~"/api",
security => nova_auth_oidc_security:require_any(my_oidc_config),
routes => [...]}.
Summary
Functions
Return a security fun that tries session auth first, then JWT bearer. Useful for routes that accept both browser and API clients.
Return a security fun that validates JWT bearer tokens.
Validate a JWT bearer token from the request.
Functions
-spec require_any(module()) -> fun((cowboy_req:req()) -> term()).
Return a security fun that tries session auth first, then JWT bearer. Useful for routes that accept both browser and API clients.
-spec require_bearer(module()) -> fun((cowboy_req:req()) -> term()).
Return a security fun that validates JWT bearer tokens.
-spec require_bearer(module(), cowboy_req:req()) -> {true, nova_auth:actor()} | {false, integer(), map(), binary()}.
Validate a JWT bearer token from the request.