NAME

Web::Request::Role::JWT - Accessors for JSON Web Token (JWT) stored in psgix

VERSION

version 1.001

SYNOPSIS

  # Create a request handler
  package My::App::Request;
  use Moose;
  extends 'Web::Request';
  with 'Web::Request::Role::JWT';

  # Finally, in some controller action
  sub action_that_needs_a_user_stored_in_jwt {
      my ($self, $req) = @_;

      my $sub   = $req->requires_jwt_claim_sub;

      my $data  = $self->model->do_something( $sub );
      return $self->json_response( $data );
  }

DESCRIPTION

Web::Request::Role::JWT provides a few accessor and helper methods that make accessing JSON Web Tokens (JWT) stored in your PSGI $env easier.

It works especially well when used with Plack::Middleware::Auth::JWT, which will validate the token and extract the payload into the PSGI $env.

METHODS

requires_* and logging

If a requires_* method fails, it will log an error via Log::Any.

get_jwt

  my $raw_token = $req->get_jwt;

Returns the raw token, so you can inspect it, or maybe pass it along to some other endpoint.

If you want to store your token somewhere else than the default $env->{'psgix.token'}, you have to provide another implementation for this method.

get_jwt_claims

  my $claims = $req->get_jwt_claims;

Returns all the claims as a hashref.

If you want to store your claims somewhere else than the default $env->{'psgix.claims'}, you have to provide another implementation for this method.

get_jwt_claim_sub

  my $sub = $req->get_jwt_claim_sub;

Get the sub claim: https://tools.ietf.org/html/rfc7519#section-4.1.2

get_jwt_claim_aud

  my $aud = $req->get_jwt_claim_aud;

Get the aud claim: https://tools.ietf.org/html/rfc7519#section-4.1.3

requires_jwt

  my $raw_token = $req->requires_jwt;

Returns the raw token. If no token is available, throws a HTTP::Throwable::Role::Status::Unauthorized exception (aka HTTP Status 401)

requires_jwt_claims

  my $claims = $req->requires_jwt_claims;

Returns all the claims as a hashref. If no claims are available, throws a HTTP::Throwable::Role::Status::Unauthorized exception (aka HTTP Status 401)

requires_jwt_claim_sub

  my $sub = $req->requires_jwt_claim_sub;

Returns the sub claim. If the sub claim is missing, throws a HTTP::Throwable::Role::Status::Unauthorized exception (aka HTTP Status 401)

requires_jwt_claim_aud

  my $aud = $req->requires_jwt_claim_aud;

Returns the aud claim. If the aud claim is missing, throws a HTTP::Throwable::Role::Status::Unauthorized exception (aka HTTP Status 401)

THANKS

Thanks to

AUTHOR

Thomas Klausner <domm@cpan.org>

COPYRIGHT AND LICENSE

This software is copyright (c) 2017 by Thomas Klausner.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.