_claimIss :: Maybe StringOrURI: The issuer claim identifies the principal that issued the JWT. The processing of this claim is generally application specific.
_claimSub :: Maybe StringOrURI: The subject claim identifies the principal that is the subject of the JWT. The Claims in a JWT are normally statements about the subject. The subject value MAY be scoped to be locally unique in the context of the issuer or MAY be globally unique. The processing of this claim is generally application specific.
_claimAud :: Maybe Audience: The audience claim identifies the recipients that the JWT is intended for. Each principal intended to process the JWT MUST identify itself with a value in the audience claim. If the principal processing the claim does not identify itself with a value in the aud claim when this claim is present, then the JWT MUST be rejected.
_claimExp :: Maybe NumericDate: The expiration time claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing. The processing of exp claim requires that the current date/time MUST be before expiration date/time listed in the exp claim. Implementers MAY provide for some small leeway, usually no more than a few minutes, to account for clock skew.
_claimNbf :: Maybe NumericDate: The not before claim identifies the time before which the JWT MUST NOT be accepted for processing. The processing of the nbf claim requires that the current date/time MUST be after or equal to the not-before date/time listed in the nbf claim. Implementers MAY provide for some small leeway, usually no more than a few minutes, to account for clock skew.
_claimIat :: Maybe NumericDate: The issued at claim identifies the time at which the JWT was issued. This claim can be used to determine the age of the JWT.
_claimJti :: Maybe Text: The JWT ID claim provides a unique identifier for the JWT. The identifier value MUST be assigned in a manner that ensures that there is a negligible probability that the same value will be accidentally assigned to a different data object. The jti claim can be used to prevent the JWT from being replayed. The jti value is a case-sensitive string.
_unregisteredClaims :: HashMap Text Value: Claim Names can be defined at will by those using JWTs.

Instances

Eq ClaimsSet Source
Show ClaimsSet Source
ToJSON ClaimsSet Source
FromJSON ClaimsSet Source

emptyClaimsSet :: ClaimsSet Source

Return an empty claims set.

data Audience Source

Audience data. In the general case, the aud value is an array of case-sensitive strings, each containing a StringOrURI value. In the special case when the JWT has one audience, the aud value MAY be a single case-sensitive string containing a StringOrURI value.

Constructors

General [StringOrURI]
Special StringOrURI

Instances

Eq Audience Source
Show Audience Source
ToJSON Audience Source
FromJSON Audience Source

data StringOrURI Source

A JSON string value, with the additional requirement that while arbitrary string values MAY be used, any value containing a : character MUST be a URI.

Instances

Eq StringOrURI Source
Show StringOrURI Source
ToJSON StringOrURI Source
FromJSON StringOrURI Source

fromString :: Text -> StringOrURI Source

Construct a StringOrURI from text

fromURI :: URI -> StringOrURI Source

Construct a StringOrURI from a URI

getString :: StringOrURI -> Maybe Text Source

Get the

getURI :: StringOrURI -> Maybe URI Source

Get the uri from a StringOrURI

newtype NumericDate Source

A JSON numeric value representing the number of seconds from 1970-01-01T0:0:0Z UTC until the specified UTC date/time.

Constructors

NumericDate UTCTime

Instances

Eq NumericDate Source
Show NumericDate Source
ToJSON NumericDate Source
FromJSON NumericDate Source