-
Notifications
You must be signed in to change notification settings - Fork 4
/
schemas.clj
83 lines (74 loc) · 2.76 KB
/
schemas.clj
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
(ns ring-jwt-middleware.schemas
"Schemas"
(:require [schema-tools.core :as st]
[schema.core :as s]))
(s/defschema KeywordOrString
(s/conditional keyword? s/Keyword
:else s/Str))
(def JWT
"A JWT is just a string"
s/Str)
(s/defschema JWTClaims
(st/merge
(st/optional-keys
{:exp s/Num
:nbf s/Num
:iat s/Num
:iss s/Str
:sub s/Str
:aud (s/conditional string? s/Str :else [s/Str])
:user_email s/Str})
{KeywordOrString s/Any}))
(s/defschema JWTHeader
(st/optional-keys
{:alg s/Str
:typ s/Str
:kid s/Str}))
(s/defschema JWTDecoded
(st/optional-keys
{:header JWTHeader
:claims JWTClaims}))
(defn describe
"A function adding a description meta to schema.
The main purpose is just schema annotation for the developers."
[s description]
(if (instance? clojure.lang.IObj s)
(with-meta s {:description description})
s))
(s/defschema Config
"Initialized internal Configuration"
(st/merge
{:allow-unauthenticated-access?
(describe s/Bool
"Set this to true to allow unauthenticated requests")
:current-epoch
(describe (s/=> s/Num)
"A function returning the current time in epoch format")
:is-revoked-fn
(describe (s/=> s/Bool JWTClaims)
"A function that take a JWT and return true if it is revoked")
:jwt-max-lifetime-in-sec
(describe s/Num
"Maximal number of second a JWT does not expires")
:post-jwt-format-fn
(describe (s/=> s/Any JWTClaims)
"A function taking the JWT claims and building an Identity object suitable for your needs")
:error-handler
(describe (s/=> s/Any)
"A function that given a JWTError returns a ring response.")}
(st/optional-keys
{:pubkey-fn (describe (s/=> s/Any s/Str)
"A function returning a public key (takes precedence over pubkey-path)")
:pubkey-fn-arg-fn (describe (s/=> s/Any s/Any)
"A function that will be applied to the argument (the raw JWT) of `pubkey-fn`")
:post-jwt-format-fn-arg-fn (describe (s/=> s/Any s/Any)
"A function that will be applied to the argument (the raw JWT) of `post-jwt-format-fn`")
:pubkey-path (describe s/Str
"The path to find the public key that will be used to check the JWT signature")
:jwt-check-fn
(describe (s/=> s/Bool JWT JWTClaims)
(str "A function that take a JWT, claims and return a sequence of string containing errors."
"The check is considered successful if this function returns nil, or a sequence containing only nil values."))})))
(s/defschema UserConfig
"Middleware Configuration"
(st/optional-keys Config))