Sigra.JWT.Signer (Sigra v0.2.2)

JWT key loading and signer creation.

Derives signing keys from the application's secret_key_base for HS256, or loads PEM keys for RS256/ES256. All functions guard against Joken availability at runtime.

Summary

Functions

create_signer(config)

Creates a Joken.Signer for the configured algorithm.

ensure_joken!()

Ensures Joken is available at runtime.

Functions

create_signer(config)

@spec create_signer(Sigra.Config.t()) :: struct()

Creates a Joken.Signer for the configured algorithm.

For HS256, derives the signing key from secret_key_base using HMAC-SHA256 with the salt "sigra-jwt-signing-key".

For RS256/ES256, loads the PEM private key from configuration.

Parameters

config - A Sigra.Config.t() struct with JWT configuration.

Raises

RuntimeError if Joken is not loaded
RuntimeError if secret_key_base is nil for HS256
KeyError if private_key is missing for RS256/ES256

ensure_joken!()

@spec ensure_joken!() :: :ok

Ensures Joken is available at runtime.

Raises a clear RuntimeError with installation instructions if Joken is not loaded. Called before any JWT operation.