Safe Haskell | None |
---|---|
Language | Haskell2010 |
This module provides functions to deal with the JWT authorization (http://jwt.io). It also can be used to define other authorization functions, in the future Oauth, LDAP and similar integrations can be coded here.
Authentication should always be implemented in an external service. In the test suite there is an example of simple login function that can be used for a very simple authentication system inside the PostgreSQL database.
- containsRole :: JWTAttempt -> Bool
- jwtClaims :: Maybe JWKSet -> Maybe StringOrURI -> LByteString -> UTCTime -> Maybe JSPath -> IO JWTAttempt
- data JWTAttempt
- parseSecret :: ByteString -> JWKSet
Documentation
containsRole :: JWTAttempt -> Bool Source #
Whether a response from jwtClaims contains a role claim
jwtClaims :: Maybe JWKSet -> Maybe StringOrURI -> LByteString -> UTCTime -> Maybe JSPath -> IO JWTAttempt Source #
Receives the JWT secret and audience (from config) and a JWT and returns a map of JWT claims.
data JWTAttempt Source #
Possible situations encountered with client JWTs
parseSecret :: ByteString -> JWKSet Source #
Parse `jwt-secret` configuration option and turn into a JWKSet.
There are three ways to specify `jwt-secret`: text secret, JSON Web Key (JWK), or JSON Web Key Set (JWKS). The first two are converted into a JWKSet with one key and the last is converted as is.