Web::Request::Role::JWT - Accessors for JSON Web Token (JWT) stored in psgix
version 1.003
# Create a request handler package My::App::Request; use Moose; extends 'Web::Request'; with 'Web::Request::Role::JWT'; # Finally, in some controller action sub action_that_needs_a_user_stored_in_jwt { my ($self, $req) = @_; my $sub = $req->requires_jwt_claim_sub; my $data = $self->model->do_something( $sub ); return $self->json_response( $data ); }
Web::Request::Role::JWT provides a few accessor and helper methods that make accessing JSON Web Tokens (JWT) stored in your PSGI $env easier.
Web::Request::Role::JWT
$env
It works especially well when used with Plack::Middleware::Auth::JWT, which will validate the token and extract the payload into the PSGI $env.
If a requires_* method fails, it will log an error via Log::Any.
requires_*
my $raw_token = $req->get_jwt;
Returns the raw token, so you can inspect it, or maybe pass it along to some other endpoint.
If you want to store your token somewhere else than the default $env->{'psgix.token'}, you have to provide another implementation for this method.
$env->{'psgix.token'}
my $claims = $req->get_jwt_claims;
Returns all the claims as a hashref.
If you want to store your claims somewhere else than the default $env->{'psgix.claims'}, you have to provide another implementation for this method.
$env->{'psgix.claims'}
my $sub = $req->get_jwt_claim_sub;
Get the sub claim: https://tools.ietf.org/html/rfc7519#section-4.1.2
sub
my $aud = $req->get_jwt_claim_aud;
Get the aud claim: https://tools.ietf.org/html/rfc7519#section-4.1.3
aud
my $raw_token = $req->requires_jwt;
Returns the raw token. If no token is available, throws a HTTP::Throwable::Role::Status::Unauthorized exception (aka HTTP Status 401)
my $claims = $req->requires_jwt_claims;
Returns all the claims as a hashref. If no claims are available, throws a HTTP::Throwable::Role::Status::Unauthorized exception (aka HTTP Status 401)
my $sub = $req->requires_jwt_claim_sub;
Returns the sub claim. If the sub claim is missing, throws a HTTP::Throwable::Role::Status::Unauthorized exception (aka HTTP Status 401)
my $aud = $req->requires_jwt_claim_aud;
Returns the aud claim. If the aud claim is missing, throws a HTTP::Throwable::Role::Status::Unauthorized exception (aka HTTP Status 401)
Thanks to
validad.com for supporting Open Source.
Thomas Klausner <domm@plix.at>
This software is copyright (c) 2017 - 2021 by Thomas Klausner.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.
To install Web::Request::Role::JWT, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Web::Request::Role::JWT
CPAN shell
perl -MCPAN -e shell install Web::Request::Role::JWT
For more information on module installation, please visit the detailed CPAN module installation guide.