is_authed_jwt: JWT Strategy

In jandix/sealr: Authenction strategies for plumber

Description

is_authed_jwt checks whether a JWT passed as part of the HTTP request is valid. The function can be passed to authenticate's is_authed_fun argument or it can be used standalone in any plumber endpoint. is_authed_jwt extracts the token from the HTTP Authorization header with the scheme 'bearer'.

Usage

is_authed_jwt(req, res, token_location, secret = NULL, pubkey = NULL,
  claims = NULL)

Arguments

req	Request object.
res	Response object.
token_location	character. Location of JWT. Either "header" or "cookie". See get_token_from_req for details.
secret	character. The secret that was used to sign your JWT. The secret is converted to raw bytes in the function. Default NULL.
pubkey	character. Public RSA or ECDSA key that was used to generate the JWT. Default NULL.
claims	named list. Claims that should be checked in the JWT. Default NULL.

Value

list with the following elements:

• is_authed: TRUE or FALSE. Result of the check whether the JWT is valid.

• status: character. Optional. Short description of HTTP status code.

• code: integer. Optional. HTTP status code.

• message: character. Optional. Longer description.

Examples

## Not run: 
 pr$filter("sealr-jwt-filter", function(req, res){ # usage in a filter
   sealr::authenticate(req = req, res = res, sealr::is_authed_jwt, secret = "averylongsupersecretsecret")
 })

## End(Not run)

## Not run: 
 pr$handle("GET", "/somedata", function(req, res){ # usage in an endpoint
   is_authed_list <- sealr::is_authed_jwt(req, res, secret = "averylongsupersecretsecret",
                                     claims = list(iss = "myplumberapi"))
   if (is_authed_list$is_authed){
     return("somedata")
   } else {
     # return error or do something else
     is_authed_list$is_authed <- NULL
     return(is_authed_list)
   }
 })

## End(Not run)

jandix/sealr documentation built on Oct. 3, 2021, 1:16 p.m.