0.0.8 • Published 5 years ago

jwks-terminal v0.0.8

Weekly downloads
-
License
MIT
Repository
-
Last release
5 years ago

JWKS Terminal

JWKS (JSON Web Key Store) terminal is a collection of utilities for when working with JWKS backend store.

Usage

JWKS Terminal can be used in the following manner:

function Db = function (options) {
  ... // use npm package secrets-manager-pg-cache for connection pooling
};

Db.prototype.query = function (text, params) {
  ...
};

Db.prototype.execute = function (text, params) {
  ...
};

Db.prototype.client = function () {
  ...
};

const jwt = require('jsonwebtoken');
const crypto = require('crypto');
const uuid = require('uuid/v4');
const ber = require('asn1').Ber;
const minimatch = require('minimatch');
const passport = require('passport');
const express = require('express');

const SecretOrKeyProviderFactory = require('jwks-terminal').SecretOrKeyProviderFactor;
const JwtStrategyFactory = require('jwks-terminal').JwtStrategyFactory;
const JwtAuthorization = require('jwks-terminal').JwtAuthorization;
const Jwk = require('jwks-terminal').Jwk;
const JwtStrategy = require('passport-jwt').Strategy;
const ExtractJwt = require('passport-jwt').ExtractJwt;

const db = new Db({ ... });

const jwk = new Jwk({
  db: db,
  jwt: jwt,
  crypto: crypto,
  uuid: uuid,
  ber: ber,
  ...
});

const secretOrKeyProviderFactory = new SecretOrKeyProviderFactory({
  jwt: jwt,
  jwk: jwk
});

const jwtStrategyFactory = new JwtStrategyFactory({
  ExtractJwt: ExtractJwt,
  JwtStrategy: JwtStrategy,
  issuer: ...,
  ...
});

const secretOfKeyProvider = secretOrKeyProviderFactory.get();
const jwtStrategy = jwtStrategyFactory.get();
const jwtAuthorization = new JwtAuthorization({
  minimatch: minimatch
});

passport.use(jwtAuthorization);

const app = express();

app.use(passport.initialize());

app.get('/',
    passport.authenticate('jwt', { session: false }),
    jwtAuthorization.apply(['jwks:ListJwk']),
    (req, res, next) => {
        jwk.list(req.user.sub)
            .then(data => {
                return res.status(200).send(data);
            })
            .catch(err => {
                return next(err);
            });
    });

app.listen(...);

Testing

Both integration and unit tests can be run via separate commands, namely:

  1. npm test
  2. npm run integration

In order for integration tests to be run, a postgres instance should be running locally. This can be done via docker using the following command:

docker run --name postgres -e POSTGRES_USER=test -e POSTGRES_DB=jwks -e POSTGRES_PASSWORD=test -p 5432:5432 -d postgres
jwksjsonkeysecretsauthenticationauthorization
@everything-registry/sub-chunk-1997@zalastax/nolb-jw@infinitebrahmanuniverse/nolb-jw
0.0.8

5 years ago

0.0.7

5 years ago

0.0.6

5 years ago

0.0.5

5 years ago

0.0.4

5 years ago