Simple JWT auth using JWKS key sets for Express. Wraps express-jwt and jwks-rsa. AWS Cognito compatible.
Calls to JWKS are cached, and JWKS entries are associated to a JWT through the "kid" parameter in the JWT header. Calls through the cache to the remote JWKS are rate limited to 5 req/min.
$ npm install express-jwt-jwks
The JWT authentication middleware authenticates callers using a JWT.
If the token is valid, req.user
will be set with the JSON object decoded
to be used by later middleware for authorization and access control.
// Obtain JWT auth middleware, using a remote JWKS key set
var SECURE = require('express-jwt-jwks')({
jwks : "https://....../.well-known/jwks.json"
});
// Express routes, the first is JWT secured, the second is open.
router.get('/restricted', SECURE, (_, res) => {
res.send("Super secret data")
})
router.get('/open', (_, res) => {
res.send("Anyone is allowed to see this")
})