8000 GitHub - elmurci/jwt_authorizer
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

elmurci/jwt_authorizer

BranchesTags

Repository files navigation

Authorization Service

Rust service that validates JWT tokens from Auth0.

The service:

  1. Retrieves the JWKS and filter for potential signature verification keys.
  2. Extracts the JWT from the request's authorization header.
  3. Decodes the JWT and grab the kid property from the header.
  4. Finds the signature verification key in the filtered JWKS with a matching kid property.
  5. Using the x5c property build a certificate which will be used to verify the JWT signature.
  6. Ensures the JWT contains the expected audience, issuer, expiration, etc.
  7. Returns the verification result and pass Audience, Issuer and Sub to the lambda.

Env Variables

Name Description
JWTAUTH_KEYS_REPO Repo where the keys to validate the token reside (Example: https://xxx.eu.auth0.com/.well-known/jwks.json)
JWTAUTH_TOKEN_AUDIENCE Token audience
JWTAUTH_TOKEN_ISSUER Token issuer

Custom Claim

This service extracts the value of the custom claim (ID) to the downstream services.

Run

cargo run

Build

cargo build

Test

DynamoDB Local

cd tests && docker-compose up

Run Unit tests

cargo test -- --nocapture

Run Integration tests only

cargo test --test '*' -- --nocapture

TODO

  • Retrieve from the Redis cache the JWKS.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages
0