This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2018-02-13
Channels
- # beginners (50)
- # boot (27)
- # bristol-clojurians (7)
- # cider (30)
- # clara (1)
- # cljs-dev (130)
- # cljsrn (14)
- # clojure (179)
- # clojure-austin (6)
- # clojure-greece (2)
- # clojure-italy (4)
- # clojure-spec (19)
- # clojure-uk (54)
- # clojurescript (64)
- # core-async (3)
- # data-science (1)
- # datomic (66)
- # duct (11)
- # emacs (5)
- # figwheel (1)
- # fulcro (26)
- # funcool (7)
- # jobs (1)
- # jvm (6)
- # keechma (5)
- # lein-figwheel (5)
- # luminus (5)
- # lumo (1)
- # off-topic (93)
- # parinfer (37)
- # pedestal (15)
- # protorepl (10)
- # re-frame (42)
- # reagent (12)
- # shadow-cljs (71)
- # spacemacs (3)
- # specter (7)
- # vim (8)
- # yada (9)
Hi, is there a good example for verifying a JWT token from another service, not signing one with/for a buddy backend? Thanks in advance.
@juliobarros it's quite simple - https://gist.github.com/mccraigmccraig/e166277b8964f5562dd45937a60bebd3 (along with requires
[buddy.auth.middleware :refer [wrap-authentication]]
[buddy.auth.backends.token :as auth-token]
)well … I’m not sure I fully understand this but … I’m exploring using cognito. They give you a set of keys and you have to match the right one (if understand it correctly) so/and I’m not sure I want to use the standard auth middleware but rather verify it myself.
@juliobarros the wrap-authentication
handler will verify the JWT signature and make the token assertions available in your request context as a map... you are then free to do any further validation you want
Thanks for trying to help me out. I think I need to explore this further. I don’t believe I have the secret (or it is not a constant) at the time I create the middleware … so I need to do something more flexible. Perhaps I should look at the middleware code to see how it is doing the verification.
if you don't have the secret at middleware creation then i'd create a new auth backend using the existing one as a starting point, and adding in a secret-source or something https://github.com/funcool/buddy-auth/blob/master/src/buddy/auth/backends/token.clj#L35
I think what I need is more in line with JWK/JWKS which Is not supported yet but there is a PR https://github.com/funcool/buddy-sign/pull/56