Skip to content

Instantly share code, notes, and snippets.

@saltukalakus

saltukalakus/verify_rs256.js

Created November 4, 2022 16:44
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save saltukalakus/13fa1429d76405d983a233d96572c5b0 to your computer and use it in GitHub Desktop.
Save saltukalakus/13fa1429d76405d983a233d96572c5b0 to your computer and use it in GitHub Desktop.
Download ZIP
Verify JWT with rs256 signature
Raw
verify_rs256.js
async function VerifyJWT (JwtToken) {
const util = require('util')
const jwksClientFactory = require('jwks-rsa@1.6.0')
const jwt = require('jsonwebtoken@8.5.0')
const verify = util.promisify(jwt.verify)
const jwksUri = `https://${configuration.tenant}/.well-known/jwks.json`
const jwksClient = jwksClientFactory({ jwksUri })
const getSigningKeys = util.promisify(jwksClient.getSigningKeys).bind(jwksClient)
const signingKeys = await getSigningKeys()
const { publicKey } = signingKeys[0]
let validJwtToken = false
try {
await verify(JwtToken, publicKey, {
algorithms: ['RS256'],
issuer: `https://${configuration.tenant}/`,
audience: configuration.API_AUDIENCE
})
validJwtToken = true
} catch (err) {
console.log('JWT verify error:', err.message)
}
return validJwtToken
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment