PrimaAuth0Ex.Token (prima_auth0_ex v0.9.3)

View Source

Module to verify the integrity and validate the claims of tokens.

Summary

Functions

generate_and_sign(extra_claims \\ %{}, key \\ __default_signer__())

@spec generate_and_sign(Joken.claims(), Joken.signer_arg()) ::
  {:ok, Joken.bearer_token(), Joken.claims()} | {:error, Joken.error_reason()}

Combines generate_claims/1 and encode_and_sign/2

generate_and_sign!(extra_claims \\ %{}, key \\ __default_signer__())

@spec generate_and_sign!(Joken.claims(), Joken.signer_arg()) :: Joken.bearer_token()

Same as generate_and_sign/2 but raises if error

peek_permissions(token)

@spec peek_permissions(String.t()) :: [String.t()]

Returns the list of permissions held by a token.

In case of missing permissions claim or malformed token it defaults to an empty list. Note that this function does not verify the signature of the token.

verify_and_validate(bearer_token, key \\ __default_signer__(), context \\ %{})

@spec verify_and_validate(Joken.bearer_token(), Joken.signer_arg(), term()) ::
  {:ok, Joken.claims()} | {:error, Joken.error_reason()}

Combines verify/2 and validate/2

verify_and_validate!(bearer_token, key \\ __default_signer__(), context \\ %{})

@spec verify_and_validate!(Joken.bearer_token(), Joken.signer_arg(), term()) ::
  Joken.claims()

Same as verify_and_validate/2 but raises if error

verify_and_validate_token(token, audience, required_permissions, ignore_signature)

@spec verify_and_validate_token(String.t(), String.t(), [String.t()], boolean()) ::
  {:ok, Joken.claims()} | {:error, atom() | Keyword.t()}