icepeak-0.7.2.0: A fast JSON document store with push notification support.

Safe Haskell	None
Language	Haskell2010

JwtAuth

Contents

Token verification
Claim parsing
Token generation

Description

This module contains all the web framework independent code for parsing and verifying JSON Web Tokens.

Synopsis

data VerificationError
- = TokenUsedTooEarly
- | TokenExpired
- | TokenInvalid
- | TokenNotFound
- | TokenSignatureInvalid
verifyToken :: POSIXTime -> Signer -> ByteString -> Either VerificationError (JWT VerifiedJWT)
verifyNotBefore :: POSIXTime -> JWT VerifiedJWT -> Either VerificationError (JWT VerifiedJWT)
verifyExpiry :: POSIXTime -> JWT VerifiedJWT -> Either VerificationError (JWT VerifiedJWT)
verifySignature :: Signer -> JWT UnverifiedJWT -> Either VerificationError (JWT VerifiedJWT)
decodeToken :: ByteString -> Either VerificationError (JWT UnverifiedJWT)
data TokenError
- = VerificationError VerificationError
- | ClaimError String
extractClaim :: POSIXTime -> Signer -> ByteString -> Either TokenError IcepeakClaim
extractClaimUnverified :: ByteString -> Either TokenError IcepeakClaim
getIcepeakClaim :: JWT r -> Either String IcepeakClaim
addIcepeakClaim :: IcepeakClaim -> JWTClaimsSet -> JWTClaimsSet

Token verification

data VerificationError Source #

Constructors

TokenUsedTooEarly
TokenExpired
TokenInvalid
TokenNotFound
TokenSignatureInvalid

Instances

Eq VerificationError Source #
Instance details Defined in JwtAuth Methods (==) :: VerificationError -> VerificationError -> Bool # (/=) :: VerificationError -> VerificationError -> Bool #
Show VerificationError Source #
Instance details Defined in JwtAuth Methods showsPrec :: Int -> VerificationError -> ShowS # show :: VerificationError -> String # showList :: [VerificationError] -> ShowS #

verifyToken :: POSIXTime -> Signer -> ByteString -> Either VerificationError (JWT VerifiedJWT) Source #

Check that a token is valid at the given time for the given secret.

verifyNotBefore :: POSIXTime -> JWT VerifiedJWT -> Either VerificationError (JWT VerifiedJWT) Source #

Verify that the token is not used before it was issued.

verifyExpiry :: POSIXTime -> JWT VerifiedJWT -> Either VerificationError (JWT VerifiedJWT) Source #

Verify that the token is not used after is has expired.

verifySignature :: Signer -> JWT UnverifiedJWT -> Either VerificationError (JWT VerifiedJWT) Source #

Verify that the token contains a valid signature.

decodeToken :: ByteString -> Either VerificationError (JWT UnverifiedJWT) Source #

Claim parsing

data TokenError Source #

Constructors

VerificationError VerificationError	JWT could not be verified.
ClaimError String	The claims do not fit the schema.

Instances

Eq TokenError Source #
Instance details Defined in JwtAuth Methods (==) :: TokenError -> TokenError -> Bool # (/=) :: TokenError -> TokenError -> Bool #
Show TokenError Source #
Instance details Defined in JwtAuth Methods showsPrec :: Int -> TokenError -> ShowS # show :: TokenError -> String # showList :: [TokenError] -> ShowS #

extractClaim :: POSIXTime -> Signer -> ByteString -> Either TokenError IcepeakClaim Source #

Verify the token and extract the icepeak claim from it.

extractClaimUnverified :: ByteString -> Either TokenError IcepeakClaim Source #

Extract the icepeak claim from the token without verifying it.

getIcepeakClaim :: JWT r -> Either String IcepeakClaim Source #

Token generation

addIcepeakClaim :: IcepeakClaim -> JWTClaimsSet -> JWTClaimsSet Source #

Add the icepeak claim to a set of JWT claims.