Mercurial > hg > nginx-site
comparison xml/en/docs/http/ngx_http_auth_jwt_module.xml @ 1831:b5e416ace4bf
Corrected style and variables description in auth_jwt.
author | Yaroslav Zhuravlev <yar@nginx.com> |
---|---|
date | Tue, 25 Oct 2016 15:01:47 +0300 |
parents | a7974b8d2a23 |
children | a58b35cc0823 |
comparison
equal
deleted
inserted
replaced
1830:6ebdef43330a | 1831:b5e416ace4bf |
---|---|
7 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> | 7 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> |
8 | 8 |
9 <module name="Module ngx_http_auth_jwt_module" | 9 <module name="Module ngx_http_auth_jwt_module" |
10 link="/en/docs/http/ngx_http_auth_jwt_module.html" | 10 link="/en/docs/http/ngx_http_auth_jwt_module.html" |
11 lang="en" | 11 lang="en" |
12 rev="1"> | 12 rev="2"> |
13 | 13 |
14 <section id="summary"> | 14 <section id="summary"> |
15 | 15 |
16 <para> | 16 <para> |
17 The <literal>ngx_http_auth_jwt_module</literal> module (1.11.3) | 17 The <literal>ngx_http_auth_jwt_module</literal> module (1.11.3) |
61 | 61 |
62 | 62 |
63 <section id="directives" name="Directives"> | 63 <section id="directives" name="Directives"> |
64 | 64 |
65 <directive name="auth_jwt"> | 65 <directive name="auth_jwt"> |
66 <syntax><value>string</value> [<value>token=$variable</value>] | | 66 <syntax> |
67 <literal>off</literal></syntax> | 67 <value>string</value> |
68 [<literal>token=</literal><value>$variable</value>] | | |
69 <literal>off</literal></syntax> | |
68 <default>off</default> | 70 <default>off</default> |
69 <context>http</context> | 71 <context>http</context> |
70 <context>server</context> | 72 <context>server</context> |
71 <context>location</context> | 73 <context>location</context> |
72 | 74 |
75 The specified <value>string</value> is used as a <literal>realm</literal>. | 77 The specified <value>string</value> is used as a <literal>realm</literal>. |
76 Parameter value can contain variables. | 78 Parameter value can contain variables. |
77 </para> | 79 </para> |
78 | 80 |
79 <para> | 81 <para> |
80 The optional <literal>token</literal> argument specifies a variable | 82 The optional <literal>token</literal> parameter specifies a variable |
81 that contains JSON Web Token. | 83 that contains JSON Web Token. |
82 By default, JWT is passed in the <header>Authorization</header> header | 84 By default, JWT is passed in the <header>Authorization</header> header |
83 as a | 85 as a |
84 <link url="https://tools.ietf.org/html/rfc6750">Bearer Token</link>. | 86 <link url="https://tools.ietf.org/html/rfc6750">Bearer Token</link>. |
85 JWT may be also passed as a cookie or a part of a query string: | 87 JWT may be also passed as a cookie or a part of a query string: |
113 | 115 |
114 </directive> | 116 </directive> |
115 | 117 |
116 </section> | 118 </section> |
117 | 119 |
120 | |
118 <section id="variables" name="Embedded Variables"> | 121 <section id="variables" name="Embedded Variables"> |
119 | 122 |
120 <para> | 123 <para> |
121 The <literal>ngx_http_auth_jwt_module</literal> module | 124 The <literal>ngx_http_auth_jwt_module</literal> module |
122 supports embedded variables. | 125 supports embedded variables. |
124 | 127 |
125 <para> | 128 <para> |
126 Variables that return | 129 Variables that return |
127 <link url="https://tools.ietf.org/html/rfc7519#section-4">JWT claims</link>: | 130 <link url="https://tools.ietf.org/html/rfc7519#section-4">JWT claims</link>: |
128 | 131 |
129 <list type="tag" compact="no"> | 132 <list type="tag" compact="yes"> |
130 <tag-name id="var_jwt_claim_aud"><var>$jwt_claim_aud</var></tag-name> | 133 <tag-name id="var_jwt_claim_aud"><var>$jwt_claim_aud</var></tag-name> |
131 <tag-desc> | 134 <tag-desc> |
132 the <literal>aud</literal> (audience) claim | 135 audience |
133 </tag-desc> | 136 </tag-desc> |
134 | 137 |
135 <tag-name id="var_jwt_claim_email"><var>$jwt_claim_email</var></tag-name> | 138 <tag-name id="var_jwt_claim_email"><var>$jwt_claim_email</var></tag-name> |
136 <tag-desc> | 139 <tag-desc> |
137 the <literal>email</literal> claim | 140 email |
138 </tag-desc> | 141 </tag-desc> |
139 | 142 |
140 <tag-name id="var_jwt_claim_exp"><var>$jwt_claim_exp</var></tag-name> | 143 <tag-name id="var_jwt_claim_exp"><var>$jwt_claim_exp</var></tag-name> |
141 <tag-desc> | 144 <tag-desc> |
142 the <literal>exp</literal> (expiration time) claim | 145 expiration time |
143 </tag-desc> | 146 </tag-desc> |
144 | 147 |
145 <tag-name id="var_jwt_claim_iat"><var>$jwt_claim_iat</var></tag-name> | 148 <tag-name id="var_jwt_claim_iat"><var>$jwt_claim_iat</var></tag-name> |
146 <tag-desc> | 149 <tag-desc> |
147 the <literal>iat</literal> (issued at) claim | 150 issued at |
148 </tag-desc> | 151 </tag-desc> |
149 | 152 |
150 <tag-name id="var_jwt_claim_iss"><var>$jwt_claim_iss</var></tag-name> | 153 <tag-name id="var_jwt_claim_iss"><var>$jwt_claim_iss</var></tag-name> |
151 <tag-desc> | 154 <tag-desc> |
152 the issuer of the claim | 155 issuer |
153 </tag-desc> | 156 </tag-desc> |
154 | 157 |
155 <tag-name id="var_jwt_claim_jti"><var>$jwt_claim_jti</var></tag-name> | 158 <tag-name id="var_jwt_claim_jti"><var>$jwt_claim_jti</var></tag-name> |
156 <tag-desc> | 159 <tag-desc> |
157 the JWT ID | 160 JWT ID |
158 </tag-desc> | 161 </tag-desc> |
159 | 162 |
160 <tag-name id="var_jwt_claim_nbf"><var>$jwt_claim_nbf</var></tag-name> | 163 <tag-name id="var_jwt_claim_nbf"><var>$jwt_claim_nbf</var></tag-name> |
161 <tag-desc> | 164 <tag-desc> |
162 the <literal>nbf</literal> (not-before time) claim | 165 not-before |
163 </tag-desc> | 166 </tag-desc> |
164 | 167 |
165 <tag-name id="var_jwt_claim_sub"><var>$jwt_claim_sub</var></tag-name> | 168 <tag-name id="var_jwt_claim_sub"><var>$jwt_claim_sub</var></tag-name> |
166 <tag-desc> | 169 <tag-desc> |
167 the subject of the JWT | 170 subject |
168 </tag-desc> | 171 </tag-desc> |
169 </list> | 172 </list> |
170 </para> | 173 </para> |
171 | 174 |
172 <para> | 175 <para> |
173 Variables that return parameters of | 176 Variables that return parameters of |
174 <link url="https://tools.ietf.org/html/rfc7515#section-4">JOSE header</link>: | 177 <link url="https://tools.ietf.org/html/rfc7515#section-4">JOSE header</link>: |
175 | 178 |
176 <list type="tag" compact="no"> | 179 <list type="tag" compact="yes"> |
177 <tag-name id="var_jwt_header_alg"><var>$jwt_header_alg</var></tag-name> | 180 <tag-name id="var_jwt_header_alg"><var>$jwt_header_alg</var></tag-name> |
178 <tag-desc> | 181 <tag-desc> |
179 the <literal>alg</literal> (algorithm) header parameter | 182 algorithm |
180 </tag-desc> | 183 </tag-desc> |
181 | 184 |
182 <tag-name id="var_jwt_header_cty"><var>$jwt_header_cty</var></tag-name> | 185 <tag-name id="var_jwt_header_cty"><var>$jwt_header_cty</var></tag-name> |
183 <tag-desc> | 186 <tag-desc> |
184 the <literal>cty</literal> (content type) header parameter | 187 content type |
185 </tag-desc> | 188 </tag-desc> |
186 | 189 |
187 <tag-name id="var_jwt_header_enc"><var>$jwt_header_enc</var></tag-name> | 190 <tag-name id="var_jwt_header_enc"><var>$jwt_header_enc</var></tag-name> |
188 <tag-desc> | 191 <tag-desc> |
189 the <literal>enc</literal> (encryption algorithm) header parameter | 192 encryption algorithm |
190 </tag-desc> | 193 </tag-desc> |
191 | 194 |
192 <tag-name id="var_jwt_header_kid"><var>$jwt_header_kid</var></tag-name> | 195 <tag-name id="var_jwt_header_kid"><var>$jwt_header_kid</var></tag-name> |
193 <tag-desc> | 196 <tag-desc> |
194 the <literal>kid</literal> (key ID) header parameter | 197 key ID |
195 </tag-desc> | 198 </tag-desc> |
196 | 199 |
197 <tag-name id="var_jwt_header_typ"><var>$jwt_header_typ</var></tag-name> | 200 <tag-name id="var_jwt_header_typ"><var>$jwt_header_typ</var></tag-name> |
198 <tag-desc> | 201 <tag-desc> |
199 the <literal>typ</literal> (type) header parameter | 202 type |
200 </tag-desc> | 203 </tag-desc> |
201 | 204 |
202 </list> | 205 </list> |
203 </para> | 206 </para> |
204 | 207 |