# JWTVerifier

Category: Security
|
Runtime: 0.9+
|
Available: Free

# Overview

JWTVerifier node by Kumologica allows decoding JWT token from the incoming request.

# Setup

# Prerequisites

Ensure to have public key certificate to verify the signature in case RS, PS or ES based algorithms are used.

# Installation

To install the node from designer:

  1. Go to Add more nodes option on the palette section.
  2. Check for the JWTVerfier node and click install.
  3. Once installed, the designer is required to be restarted.

To install the node from CLI:

  1. Go to your project workspace where you can see your package.json file.
  2. Run the below give npm command.
    npm i @kumologica/kumologica-contrib-jwtverifier

# Technical Details

Properties

  • Token (Required)
    Provide the JWT token to be verified.
  • Issuer (Optional)
    Issuer of the JWT token.
  • Subject (Optional)
    Subject provided in the JWT token.
  • Audience (Optional)
    Audience of the JWT token.
  • ExpiresIn (Optional)
    This will probably be the registered claim most often used. This will define the expiration in NumericDate value. The expiration MUST be after the current date/time.
  • Algorithm (Optional)
    Algorithm used for the JWT token.
  • Public Key (Optional)
    Certificate used for validating the signature. This is applicable in case RS, PS or ES based algorithms are used.

Supported Operations

Following algorithms are supported by the node.

  • RS256
  • HS384
  • HS512
  • RS384
  • RS512
  • PS256
  • PS384
  • ES256
  • PS512
  • ES512
  • HS256

Throws

JWTVerifier node throws the following exception.

  • JWT verification failed

Returns

The payload or variable will not be overwritten or enriched by this node. The payload can be extracted from the token after a successful validation of the JWT token using the following expression in the subsequent node msg.header.jwt.payload.

# Develop a Service

Video tutorial

# Instructions

  1. Drag a drop an EventListener node from the palette to the canvas. Open the settings, configure the following and Save.

    Display Name : POST /jwt
    Event Source : Amazon API gateway
    Verb : POST
    URL : /jwt
    
  2. Add a Set-Property node to the canvas to store the request payload in a temporary variable. Open the settings, configure the following and Save.

    Display Name : StorePayloadToTempVariable
    Set : vars.temp to msg.payload
    
    
  3. Add a Template node to the canvas to the read the public key certificate. Open the settings, configure the following and Save.

   Display Name : ReadCertificate
   Target : msg.payload
   Type : Plain text
   Template : 
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzyis1ZjfNB0bBgKFMSv
vkTtwlvBsaJq7S5wA+kzeVOVpVWwkWdVha4s38XM/pa/yr47av7+z3VTmvDRyAHc
aT92whREFpLv9cj5lTeJSibyr/Mrm/YtjCZVWgaOYIhwrXwKLqPr/11inWsAkfIy
tvHWTxZYEcXLgAXFuUuaS3uF9gEiNQwzGTU1v0FqkqTBr4B8nW3HCN47XUu0t8Y0
e+lf4s4OxQawWD79J9/5d3Ry0vbV3Am1FtGJiJvOwRsIfVChDpYStTcHTCMqtvWb
V6L11BWkpzGXSW4Hv43qa+GSYOD2QU68Mb59oSk2OB+BtOLpJofmbGEGgvmwyCI9
MwIDAQAB
-----END PUBLIC KEY-----
   Output : Plain text
  1. Wire the EventListener node to Set-Property node and Set-Property to Template node.
  2. Drag and drop the JWTVerifier node from the the palette to the canvas. Open the settings, configure the following and Save.
Display Name :  JWT Verifier
Token : eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0.POstGetfAytaZS82wHcjoTyoqhMyxXiWdR7Nn7A29DNSl0EiXLdwJ6xC6AfgZWF1bOsS_TuYI3OG85AmiExREkrS6tDfTQ2B3WXlrr-wp5AokiRbz3_oB4OxG-W9KcEEbDRcZc0nH3L7LzYptiy1PtAylQGxHTWZXtGz4ht0bAecBgmpdgXMguEIcoqPJ1n3pIWk_dUZegpqx0Lka21H6XxUTxiy8OcaarA8zdnPUnV6AmNP3ecFawIFYdvJB_cm-GvpCSbr8G8y_Mllj8f4x9nBH8pQux89_6gUY618iYv7tuPWBFfEbLxtF2pZS6YC1aSfLQxeNe8djT9YjpvRZA
Algorithm :  RS256
Public Key :  msg.payload
  1. Wire the Template node to JWTVerifier node.

  2. Add EventListener End node from the palette to the canvas. Open the settings, configure the following and Save.

    Payload : msg.header.jwt.payload
    
  3. Wire the JWTVerifier node to EventListener End node.

# Try it

Sample Flow with JWTVerifier node