PhoenixApiToolkit.Security.Plugs.verify_oauth2_aud
You're seeing just the function
verify_oauth2_aud
, go back to PhoenixApiToolkit.Security.Plugs module for more information.
Specs
verify_oauth2_aud(Plug.Conn.t(), binary()) :: Plug.Conn.t()
Check if the JWT in conn.assigns.jwt
has an "aud"
claim that matches the exp_aud
parameter.
This assign is set by PhoenixApiToolkit.Security.Oauth2Plug
and should contain a JOSE.JWT
struct.
If not, a PhoenixApiToolkit.Security.Oauth2TokenVerificationError
is raised,
resulting in a 401 Unauthorized response.
Examples
use Plug.Test
def conn_with_aud(aud), do: conn(:get, "/") |> assign(:jwt, %{fields: %{"aud", aud}})
# if aud matches, the conn is passed through
iex> conn = conn_with_aud("my resource server")
iex> conn == conn |> verify_oauth2_aud("my resource server")
true
# an error is raised if aud does not match
iex> conn_with_aud("my resource server") |> verify_oauth2_aud("another server")
** (PhoenixApiToolkit.Security.Oauth2TokenVerificationError) Oauth2 token invalid: aud mismatch