Skip to content

Example of a guardian configuration using a private and public pem file

Notifications You must be signed in to change notification settings

ueberauth/guardian_pemfile_config_example

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Example of a guardian configuration using a private and public pem file

This is just an example of how to get up and running and should not be used in production

Highlights

Pem files are put in the priv folder and fetched with the secret handler which is configured in the config file.

config :pem_guardian, PemGuardian.Guardian,
  issuer: "pem_guardian",
  allowed_algos: ["RS512"],
  secret_fetcher: PemGuardian.SecretFetcher
def fetch_signing_secret(_module, _opts) do
    secret =
      "rsa-2048.pem"
      |> fetch()

    {:ok, secret}
  end

  def fetch_verifying_secret(_module, _headers, _opts) do
    secret =
      "rsa-2048.pub"
      |> fetch()

    {:ok, secret}
  end

  defp fetch(relative_path) do
    :code.priv_dir(:debug_guardian)
    |> Path.join(relative_path)
    |> JOSE.JWK.from_pem_file()
  end

Example can be verified with the following commands

{:ok,token,_} = PemGuardian.Guardian.encode_and_sign(%{id: "1"})
PemGuardian.Guardian.decode_and_verify(token) 

About

Example of a guardian configuration using a private and public pem file

Resources

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages