Mercurial > hg > nginx-site

comparison xml/en/docs/http/ngx_http_auth_jwt_module.xml @ 2139:f6e578b1b02d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Updated docs for the upcoming NGINX Plus release.
author Ruslan Ermilov <ru@nginx.com>
date Mon, 09 Apr 2018 11:52:48 +0300
parents bdfbdf74fb3d
children ca7568f67dee
comparison
equal deleted inserted replaced
2138:cf86c259c9a0 2139:f6e578b1b02d
7 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> 7 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd">
8 8
9 <module name="Module ngx_http_auth_jwt_module" 9 <module name="Module ngx_http_auth_jwt_module"
10 link="/en/docs/http/ngx_http_auth_jwt_module.html" 10 link="/en/docs/http/ngx_http_auth_jwt_module.html"
11 lang="en" 11 lang="en"
12 rev="5"> 12 rev="6">
13 13
14 <section id="summary"> 14 <section id="summary">
15 15
16 <para> 16 <para>
17 The <literal>ngx_http_auth_jwt_module</literal> module (1.11.3) 17 The <literal>ngx_http_auth_jwt_module</literal> module (1.11.3)
93 <literal>off</literal></syntax> 93 <literal>off</literal></syntax>
94 <default>off</default> 94 <default>off</default>
95 <context>http</context> 95 <context>http</context>
96 <context>server</context> 96 <context>server</context>
97 <context>location</context> 97 <context>location</context>
98 <context>limit_except</context>
98 99
99 <para> 100 <para>
100 Enables validation of JSON Web Token. 101 Enables validation of JSON Web Token.
101 The specified <value>string</value> is used as a <literal>realm</literal>. 102 The specified <value>string</value> is used as a <literal>realm</literal>.
102 Parameter value can contain variables. 103 Parameter value can contain variables.
153 Sets the <value>variable</value> to a JWT claim parameter 154 Sets the <value>variable</value> to a JWT claim parameter
154 identified by key names. 155 identified by key names.
155 Name matching starts from the top level of the JSON tree. 156 Name matching starts from the top level of the JSON tree.
156 For arrays, the variable keeps a list of array elements separated by commas. 157 For arrays, the variable keeps a list of array elements separated by commas.
157 <example> 158 <example>
158 auth_jwt_claim_set $email info e-mail; 159 location / {
159 auth_jwt_claim_set $job info "job title"; 160 auth_jwt "closed site";
161 auth_jwt_key_file conf/keys.json;
162 auth_jwt_claim_set $email info e-mail;
163 auth_jwt_claim_set $job info "job title";
164 }
160 </example> 165 </example>
161 <note> 166 <note>
162 Prior to version 1.13.7, only one key name could be specified, 167 Prior to version 1.13.7, only one key name could be specified,
163 and the result was undefined for arrays. 168 and the result was undefined for arrays.
164 </note> 169 </note>
165 </para> 170 </para>
166 171
167 </directive> 172 </directive>
168 173
169 174
175 <directive name="auth_jwt_leeway">
176 <syntax><value>time</value></syntax>
177 <default>0s</default>
178 <context>http</context>
179 <context>server</context>
180 <context>location</context>
181 <appeared-in>1.13.11</appeared-in>
182
183 <para>
184 Sets the maximum allowable leeway to compensate
185 clock skew when verifying the
186 <link url="https://tools.ietf.org/html/rfc7519#section-4.1.4">exp</link>
187 and
188 <link url="https://tools.ietf.org/html/rfc7519#section-4.1.5">nbf</link>
189 JWT claims.
190 </para>
191
192 </directive>
193
194
170 <directive name="auth_jwt_key_file"> 195 <directive name="auth_jwt_key_file">
171 <syntax><value>file</value></syntax> 196 <syntax><value>file</value></syntax>
172 <default/> 197 <default/>
173 <context>http</context> 198 <context>http</context>
174 <context>server</context> 199 <context>server</context>
175 <context>location</context> 200 <context>location</context>
201 <context>limit_except</context>
176 202
177 <para> 203 <para>
178 Specifies a <value>file</value> in 204 Specifies a <value>file</value> in
179 <link url="https://tools.ietf.org/html/rfc7517#section-5">JSON Web Key Set</link> 205 <link url="https://tools.ietf.org/html/rfc7517#section-5">JSON Web Key Set</link>
180 format for validating JWT signature. 206 format for validating JWT signature.