Mercurial > hg > nginx-site

comparison xml/en/docs/http/ngx_http_auth_jwt_module.xml @ 1831:b5e416ace4bf

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Corrected style and variables description in auth_jwt.
author Yaroslav Zhuravlev <yar@nginx.com>
date Tue, 25 Oct 2016 15:01:47 +0300
parents a7974b8d2a23
children a58b35cc0823
comparison
equal deleted inserted replaced
1830:6ebdef43330a 1831:b5e416ace4bf
7 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> 7 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd">
8 8
9 <module name="Module ngx_http_auth_jwt_module" 9 <module name="Module ngx_http_auth_jwt_module"
10 link="/en/docs/http/ngx_http_auth_jwt_module.html" 10 link="/en/docs/http/ngx_http_auth_jwt_module.html"
11 lang="en" 11 lang="en"
12 rev="1"> 12 rev="2">
13 13
14 <section id="summary"> 14 <section id="summary">
15 15
16 <para> 16 <para>
17 The <literal>ngx_http_auth_jwt_module</literal> module (1.11.3) 17 The <literal>ngx_http_auth_jwt_module</literal> module (1.11.3)
61 61
62 62
63 <section id="directives" name="Directives"> 63 <section id="directives" name="Directives">
64 64
65 <directive name="auth_jwt"> 65 <directive name="auth_jwt">
66 <syntax><value>string</value> [<value>token=$variable</value>] | 66 <syntax>
67 <literal>off</literal></syntax> 67 <value>string</value>
68 [<literal>token=</literal><value>$variable</value>] |
69 <literal>off</literal></syntax>
68 <default>off</default> 70 <default>off</default>
69 <context>http</context> 71 <context>http</context>
70 <context>server</context> 72 <context>server</context>
71 <context>location</context> 73 <context>location</context>
72 74
75 The specified <value>string</value> is used as a <literal>realm</literal>. 77 The specified <value>string</value> is used as a <literal>realm</literal>.
76 Parameter value can contain variables. 78 Parameter value can contain variables.
77 </para> 79 </para>
78 80
79 <para> 81 <para>
80 The optional <literal>token</literal> argument specifies a variable 82 The optional <literal>token</literal> parameter specifies a variable
81 that contains JSON Web Token. 83 that contains JSON Web Token.
82 By default, JWT is passed in the <header>Authorization</header> header 84 By default, JWT is passed in the <header>Authorization</header> header
83 as a 85 as a
84 <link url="https://tools.ietf.org/html/rfc6750">Bearer Token</link>. 86 <link url="https://tools.ietf.org/html/rfc6750">Bearer Token</link>.
85 JWT may be also passed as a cookie or a part of a query string: 87 JWT may be also passed as a cookie or a part of a query string:
113 115
114 </directive> 116 </directive>
115 117
116 </section> 118 </section>
117 119
120
118 <section id="variables" name="Embedded Variables"> 121 <section id="variables" name="Embedded Variables">
119 122
120 <para> 123 <para>
121 The <literal>ngx_http_auth_jwt_module</literal> module 124 The <literal>ngx_http_auth_jwt_module</literal> module
122 supports embedded variables. 125 supports embedded variables.
124 127
125 <para> 128 <para>
126 Variables that return 129 Variables that return
127 <link url="https://tools.ietf.org/html/rfc7519#section-4">JWT claims</link>: 130 <link url="https://tools.ietf.org/html/rfc7519#section-4">JWT claims</link>:
128 131
129 <list type="tag" compact="no"> 132 <list type="tag" compact="yes">
130 <tag-name id="var_jwt_claim_aud"><var>$jwt_claim_aud</var></tag-name> 133 <tag-name id="var_jwt_claim_aud"><var>$jwt_claim_aud</var></tag-name>
131 <tag-desc> 134 <tag-desc>
132 the <literal>aud</literal> (audience) claim 135 audience
133 </tag-desc> 136 </tag-desc>
134 137
135 <tag-name id="var_jwt_claim_email"><var>$jwt_claim_email</var></tag-name> 138 <tag-name id="var_jwt_claim_email"><var>$jwt_claim_email</var></tag-name>
136 <tag-desc> 139 <tag-desc>
137 the <literal>email</literal> claim 140 email
138 </tag-desc> 141 </tag-desc>
139 142
140 <tag-name id="var_jwt_claim_exp"><var>$jwt_claim_exp</var></tag-name> 143 <tag-name id="var_jwt_claim_exp"><var>$jwt_claim_exp</var></tag-name>
141 <tag-desc> 144 <tag-desc>
142 the <literal>exp</literal> (expiration time) claim 145 expiration time
143 </tag-desc> 146 </tag-desc>
144 147
145 <tag-name id="var_jwt_claim_iat"><var>$jwt_claim_iat</var></tag-name> 148 <tag-name id="var_jwt_claim_iat"><var>$jwt_claim_iat</var></tag-name>
146 <tag-desc> 149 <tag-desc>
147 the <literal>iat</literal> (issued at) claim 150 issued at
148 </tag-desc> 151 </tag-desc>
149 152
150 <tag-name id="var_jwt_claim_iss"><var>$jwt_claim_iss</var></tag-name> 153 <tag-name id="var_jwt_claim_iss"><var>$jwt_claim_iss</var></tag-name>
151 <tag-desc> 154 <tag-desc>
152 the issuer of the claim 155 issuer
153 </tag-desc> 156 </tag-desc>
154 157
155 <tag-name id="var_jwt_claim_jti"><var>$jwt_claim_jti</var></tag-name> 158 <tag-name id="var_jwt_claim_jti"><var>$jwt_claim_jti</var></tag-name>
156 <tag-desc> 159 <tag-desc>
157 the JWT ID 160 JWT ID
158 </tag-desc> 161 </tag-desc>
159 162
160 <tag-name id="var_jwt_claim_nbf"><var>$jwt_claim_nbf</var></tag-name> 163 <tag-name id="var_jwt_claim_nbf"><var>$jwt_claim_nbf</var></tag-name>
161 <tag-desc> 164 <tag-desc>
162 the <literal>nbf</literal> (not-before time) claim 165 not-before
163 </tag-desc> 166 </tag-desc>
164 167
165 <tag-name id="var_jwt_claim_sub"><var>$jwt_claim_sub</var></tag-name> 168 <tag-name id="var_jwt_claim_sub"><var>$jwt_claim_sub</var></tag-name>
166 <tag-desc> 169 <tag-desc>
167 the subject of the JWT 170 subject
168 </tag-desc> 171 </tag-desc>
169 </list> 172 </list>
170 </para> 173 </para>
171 174
172 <para> 175 <para>
173 Variables that return parameters of 176 Variables that return parameters of
174 <link url="https://tools.ietf.org/html/rfc7515#section-4">JOSE header</link>: 177 <link url="https://tools.ietf.org/html/rfc7515#section-4">JOSE header</link>:
175 178
176 <list type="tag" compact="no"> 179 <list type="tag" compact="yes">
177 <tag-name id="var_jwt_header_alg"><var>$jwt_header_alg</var></tag-name> 180 <tag-name id="var_jwt_header_alg"><var>$jwt_header_alg</var></tag-name>
178 <tag-desc> 181 <tag-desc>
179 the <literal>alg</literal> (algorithm) header parameter 182 algorithm
180 </tag-desc> 183 </tag-desc>
181 184
182 <tag-name id="var_jwt_header_cty"><var>$jwt_header_cty</var></tag-name> 185 <tag-name id="var_jwt_header_cty"><var>$jwt_header_cty</var></tag-name>
183 <tag-desc> 186 <tag-desc>
184 the <literal>cty</literal> (content type) header parameter 187 content type
185 </tag-desc> 188 </tag-desc>
186 189
187 <tag-name id="var_jwt_header_enc"><var>$jwt_header_enc</var></tag-name> 190 <tag-name id="var_jwt_header_enc"><var>$jwt_header_enc</var></tag-name>
188 <tag-desc> 191 <tag-desc>
189 the <literal>enc</literal> (encryption algorithm) header parameter 192 encryption algorithm
190 </tag-desc> 193 </tag-desc>
191 194
192 <tag-name id="var_jwt_header_kid"><var>$jwt_header_kid</var></tag-name> 195 <tag-name id="var_jwt_header_kid"><var>$jwt_header_kid</var></tag-name>
193 <tag-desc> 196 <tag-desc>
194 the <literal>kid</literal> (key ID) header parameter 197 key ID
195 </tag-desc> 198 </tag-desc>
196 199
197 <tag-name id="var_jwt_header_typ"><var>$jwt_header_typ</var></tag-name> 200 <tag-name id="var_jwt_header_typ"><var>$jwt_header_typ</var></tag-name>
198 <tag-desc> 201 <tag-desc>
199 the <literal>typ</literal> (type) header parameter 202 type
200 </tag-desc> 203 </tag-desc>
201 204
202 </list> 205 </list>
203 </para> 206 </para>
204 207