PhoenixApiToolkit.Security.Plugs.verify_oauth2_aud

You're seeing just the function verify_oauth2_aud, go back to PhoenixApiToolkit.Security.Plugs module for more information.
Link to this function

verify_oauth2_aud(conn, exp_aud)

View Source

Specs

verify_oauth2_aud(Plug.Conn.t(), binary()) :: Plug.Conn.t()

Check if the JWT in conn.assigns.jwt has an "aud" claim that matches the exp_aud parameter. This assign is set by PhoenixApiToolkit.Security.Oauth2Plug and should contain a JOSE.JWT struct.

If not, a PhoenixApiToolkit.Security.Oauth2TokenVerificationError is raised, resulting in a 401 Unauthorized response.

Examples

use Plug.Test

def conn_with_aud(aud), do: conn(:get, "/") |> assign(:jwt, %{fields: %{"aud", aud}})

# if aud matches, the conn is passed through
iex> conn = conn_with_aud("my resource server")
iex> conn == conn |> verify_oauth2_aud("my resource server")
true

# an error is raised if aud does not match
iex> conn_with_aud("my resource server") |> verify_oauth2_aud("another server")
** (PhoenixApiToolkit.Security.Oauth2TokenVerificationError) Oauth2 token invalid: aud mismatch