Skip to content

Instantly share code, notes, and snippets.

@loginov-rocks

loginov-rocks/verifyToken.js

Last active January 22, 2024 04:00
Show Gist options
  • Save loginov-rocks/19e8a13d5d7c3deb1603e1f00714dcfa to your computer and use it in GitHub Desktop.
Save loginov-rocks/19e8a13d5d7c3deb1603e1f00714dcfa to your computer and use it in GitHub Desktop.
Download ZIP
WebSocket API Gateway Cognito Authorizer
Raw
verifyToken.js
import { decode, verify } from 'jsonwebtoken';
export const verifyToken = async (region, userPoolId, token) => {
var decodedJwt = decode(token, { complete: true });
if (!decodedJwt || !decodedJwt.header || !decodedJwt.header.kid) {
return null;
}
const pemEncodedPublicKeys = await getPemEncodedPublicKeys(region, userPoolId);
const pemEncodedPublicKey = pemEncodedPublicKeys.get(decodedJwt.header.kid);
if (!pemEncodedPublicKey) {
throw new Error(
`Public key ID "${decodedJwt.header.kid}" not found for User Pool ID "${userPoolId}" in "${region}" region!`,
);
}
return verify(token, pemEncodedPublicKey);
};
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment