4
92%
master: 89%

Ran 24 Jun 2015 03:14PM UTC

Files 1

Run time 0s

Badge

Embed ▾

Committed 24 Jun 2015 03:08PM UTC coverage: 95.758%. First build

Job # 52.4

Build Type

push

travis-ci

Committed by

leejo

Commit Message

resolve #2 - sign tokens

use Mojo::JWT to generate the auth codes and tokens returned by the
plugin. this means they are signed with the jwt_secret, a new and
required config setting for the plugin, so can be decoded for the
users to inspect the scopes and client

in theory this means we can validate auth codes and tokens without
a database lookup[1], however it isn't that straightforward as the
JWT is currently lacking the information about the user and using
JWTs without a db lookup makes revoking of tokens slightly more
difficult[2]

[1] which would make using the plugin in its most basic form both
persistent and multi process compatible

[2] https://auth0.com/blog/2015/03/10/blacklist-json-web-token-api-keys/

Run Details

158 of 165 relevant lines covered (95.76%)

9.93 hits per line

leejo / mojolicious-plugin-oauth2-server / 52 / 4
92%
master: 89%

README BADGES
x

Markdown

Textile

RDoc

HTML

Rst

Source Files on job 52.4

leejo / mojolicious-plugin-oauth2-server / 52 / 4 92% master: 89%

README BADGES x

Markdown

Textile

RDoc

HTML

Rst

Source Files on job 52.4

leejo / mojolicious-plugin-oauth2-server / 52 / 4
92%
master: 89%

README BADGES
x