Liberator mixin to authorise a request based on an access token





(validate this ctx claims)

Validate a tokens claims.

Params: * ctx - liberator context * claims - token claims

Returns an array of: * valid? * error map containing message and cause metadata




Returns a mixin that extracts the access token from the authorisation header

  • token-header-name - the name of the header containing the token (defaults to “authorization”)
  • token-type - the scheme or a list of schemes under the authorisation header (default is Bearer). Use nil when no type on header
  • token-parser - a function that performs parsing of the token before validation (optional)

This mixin should only be used once.





Returns a mixin that validates the jws access token ensure it includes the claims and that claim passes validation, finally it stores the authentication and authorisation state on the context under :identity

This mixin assumes a token already on the context under :token

  • token-key - the secret can be a function which is provided the JOSE header as its single param
  • token-options - that is used to validate the standard claims of the token (aud, iss, sub, exp, nbf, iat) (optional)
  • token-validators - a array of ClaimValidators (optional)
  • token-required? - whether a token should be treated as mandatory (defaults to true)

This mixin should only be used once.



Returns a mixin that populates the WWW-Authenticate header when the request is not allowed to access the protected endpoint.

This mixin should only be used once.