diff --git a/README.md b/README.md index e4e8478..f872798 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,9 @@ -# Example of a guardian configuration using a private and public pem file +# Example of a Guardian configuration using a private and public pem file *This is just an example of how to get up and running and should not be used in production* ### Highlights -Pem files are put in the priv folder and fetched with the secret handler which is configured in the config file. +pem files are put in the priv folder and fetched with the secret handler which is configured in the config file. ```elixir config :pem_guardian, PemGuardian.Guardian, @@ -12,36 +12,47 @@ config :pem_guardian, PemGuardian.Guardian, secret_fetcher: PemGuardian.SecretFetcher ``` -``` elixir -def fetch_signing_secret(_module, _opts) do - secret = - "rsa-2048.pem" - |> fetch() +```elixir +defmodule PemGuardian.SecretFetcher do + @behaviour Guardian.Token.Jwt.SecretFetcher - {:ok, secret} + @impl true + def fetch_signing_secret(_module, _opts) do + "rsa-2048.pem" + |> fetch() end + @impl true def fetch_verifying_secret(_module, _headers, _opts) do + "rsa-2048.pub" + |> fetch() + end + + defp fetch(relative_path) do secret = - "rsa-2048.pub" - |> fetch() + relative_path + |> fetch_key() - {:ok, secret} + case secret do + :error -> {:error, :secret_not_found} + _ -> {:ok, secret} + end end - defp fetch(relative_path) do - :code.priv_dir(:debug_guardian) - |> Path.join(relative_path) - |> JOSE.JWK.from_pem_file() + defp fetch_key(relative_path) do + try do + :code.priv_dir(:pem_guardian) + |> Path.join(relative_path) + |> JOSE.JWK.from_pem_file() + rescue + _ -> :error + end end - ``` +end +``` - Example can be verified with the following commands - ``` elixir - {:ok,token,_} = PemGuardian.Guardian.encode_and_sign(%{id: "1"}) - PemGuardian.Guardian.decode_and_verify(token) - ``` - - - - +Example can be verified with the following commands +```elixir +{:ok,token,_} = PemGuardian.Guardian.encode_and_sign(%{id: "1"}) +PemGuardian.Guardian.decode_and_verify(token) +``` diff --git a/lib/secret_fetcher.ex b/lib/secret_fetcher.ex index a7bc652..b3515f5 100644 --- a/lib/secret_fetcher.ex +++ b/lib/secret_fetcher.ex @@ -1,25 +1,36 @@ defmodule PemGuardian.SecretFetcher do - use Guardian.Token.Jwt.SecretFetcher + @behaviour Guardian.Token.Jwt.SecretFetcher + @impl true def fetch_signing_secret(_module, _opts) do - secret = - "rsa-2048.pem" - |> fetch() - - {:ok, secret} + "rsa-2048.pem" + |> fetch() end + @impl true def fetch_verifying_secret(_module, _headers, _opts) do + "rsa-2048.pub" + |> fetch() + end + + defp fetch(relative_path) do secret = - "rsa-2048.pub" - |> fetch() + relative_path + |> fetch_key() - {:ok, secret} + case secret do + :error -> {:error, :secret_not_found} + _ -> {:ok, secret} + end end - defp fetch(relative_path) do - :code.priv_dir(:pem_guardian) - |> Path.join(relative_path) - |> JOSE.JWK.from_pem_file() + defp fetch_key(relative_path) do + try do + :code.priv_dir(:pem_guardian) + |> Path.join(relative_path) + |> JOSE.JWK.from_pem_file() + rescue + _ -> :error + end end end diff --git a/tesT b/tesT deleted file mode 100644 index 521d76a..0000000 --- a/tesT +++ /dev/null @@ -1 +0,0 @@ -{"e":"AQAB","kty":"RSA","n":"yyQfgg-5ahNW4gEfkJ9H82iSpIVtf2AntJIbdguKKQX-Tag7oU7T__1erzP4twzkUoNtON3jHnJx8CkoPlzoSvH97xSyWd3r0OCJQdk981sqixtzVSr5hgUCVzWGEypBcSaFoV0jT9fspNcCsWgVdYmPsddbeMoeTI8W8J65TRjE0q7yRb3dcgLGwa8WdjlTfZiH6AyVOojX46hBRyWvGf0VP36c0zD6dhr_zXy2LwrNNAMyxo0CZfDq0i40A5sbzpftm8CJGYyv7aEufbAWkoIpWuSR_c4Dfh9yXYG12BAAOjaO1YPToUXJzcGetFsDq0brByHRxAkmfN08Ud848w"} \ No newline at end of file