JwtVerifier | @immersa/auth0-jwt-validator

Class to verify the token.

Since it is agnostic to the framework, it needs to be called within a middleware.

Example:

function AuthMiddleware(req, res, next) {
 // Get token previously with getToken function
const verifier = new JwtVerifier({
  jwksUri: 'http://issuer.example.com/well-known/jwks.json',
  issuer: 'http://issuer.example.com',
  audience: 'https://myapi.com'
}));

const decoded = await verifier.verify(token);
// Store the decoded token in your req or context depending of the framework
req.auth = { token, decoded };
}

If IJwtVerifierOptions.tokenSigningAlg is not provieded by default is 'RS256'

Hierarchy

JwtVerifier

Index

Constructors

constructor

Methods

verify

Constructors

constructor

new JwtVerifier(options: IJwtVerifierOptions): JwtVerifier

- Defined in src/JwtVerifier/JwtVerifier.ts:64
Parameters
- options: IJwtVerifierOptions
Returns JwtVerifier

Methods

verify

verify(jwToken: string): Promise<IVerifyJwtResult>

- Defined in src/JwtVerifier/JwtVerifier.ts:82
Verifies the token and will return a 401 if a valid JWT bearer token is not provided in the request.

This uses the IJwtVerifierOptions.jwksUri to get puclic keys from the Authorization Server Metadata and verifies the token using IJwtVerifierOptions.issuer, IJwtVerifierOptions.audience and IJwtVerifierOptions.tokenSigningAlg.

Parameters
- jwToken: string
  
  Token to verify
Returns Promise<IVerifyJwtResult>

Hierarchy

Index

Constructors

Methods

Constructors

constructor

Parameters

options: IJwtVerifierOptions

Returns JwtVerifier

Methods

verify

Parameters

jwToken: string

Returns Promise<IVerifyJwtResult>