From 1103d1c26fa3336cf427b5b2a4d22ed5bfc14989 Mon Sep 17 00:00:00 2001 From: kjdev Date: Thu, 28 Dec 2023 07:33:13 +0900 Subject: [PATCH] docs: add auth_jwt_require syntax --- README.md | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/README.md b/README.md index 9524bae..dc21522 100644 --- a/README.md +++ b/README.md @@ -297,6 +297,30 @@ if it needed. but if you are using auth_jwt_revocation_list_kid directive - it means, that kid will grow to **REQUIRED** +``` +Syntax: auth_jwt_require $value ... [error=401 | 403] ; +Default: - +Context: http, server, location +``` + +Specifies additional checks for JWT validation. +The value can contain text, variables, and their combination, +and must start with a variable. +The authentication will succeed only if all the values are not empty +and are not equal to "0". + +> ``` +> map $jwt_claim_iss $valid_jwt_iss { +> "good" 1; +> } +> ... +> +> auth_jwt_require $valid_jwt_iss; +> ``` + +If any of the checks fails, the 401 error code is returned. +The optional error parameter allows redefining the error code to 403. + ``` Syntax: auth_jwt_require_claim claim_name operator $variable | json=string | string; Default: -