# JWTVerifier
# Overview
JWTVerifier node by Kumologica allows decoding JWT token from the incoming request.
# Setup
# Prerequisites
Ensure to have public key certificate to verify the signature in case RS, PS or ES based algorithms are used.
# Installation
To install the node from designer:
- Go to Add more nodes option on the palette section.
- Check for the JWTVerfier node and click install.
- Once installed, the designer is required to be restarted.
To install the node from CLI:
- Go to your project workspace where you can see your
package.json
file. - Run the below give npm command.
npm i @kumologica/kumologica-contrib-jwtverifier
# Technical Details
Properties
- Token (Required)
Provide the JWT token to be verified. - Issuer (Optional)
Issuer of the JWT token. - Subject (Optional)
Subject provided in the JWT token. - Audience (Optional)
Audience of the JWT token. - ExpiresIn (Optional)
This will probably be the registered claim most often used. This will define the expiration in NumericDate value. The expiration MUST be after the current date/time. - Algorithm (Optional)
Algorithm used for the JWT token. - Public Key (Optional)
Certificate used for validating the signature. This is applicable in case RS, PS or ES based algorithms are used.
Supported Operations
Following algorithms are supported by the node.
- RS256
- HS384
- HS512
- RS384
- RS512
- PS256
- PS384
- ES256
- PS512
- ES512
- HS256
Throws
JWTVerifier node throws the following exception.
- JWT verification failed
Returns
The payload or variable will not be overwritten or enriched by this node. The payload can be extracted from the token after a successful validation of the JWT token using the following expression in the subsequent node msg.header.jwt.payload
.
# Develop a Service
Video tutorial
# Instructions
Drag a drop an EventListener node from the palette to the canvas. Open the settings, configure the following and Save.
Display Name : POST /jwt Event Source : Amazon API gateway Verb : POST URL : /jwt
Add a Set-Property node to the canvas to store the request payload in a temporary variable. Open the settings, configure the following and Save.
Display Name : StorePayloadToTempVariable Set : vars.temp to msg.payload
Add a Template node to the canvas to the read the public key certificate. Open the settings, configure the following and Save.
Display Name : ReadCertificate
Target : msg.payload
Type : Plain text
Template :
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzyis1ZjfNB0bBgKFMSv
vkTtwlvBsaJq7S5wA+kzeVOVpVWwkWdVha4s38XM/pa/yr47av7+z3VTmvDRyAHc
aT92whREFpLv9cj5lTeJSibyr/Mrm/YtjCZVWgaOYIhwrXwKLqPr/11inWsAkfIy
tvHWTxZYEcXLgAXFuUuaS3uF9gEiNQwzGTU1v0FqkqTBr4B8nW3HCN47XUu0t8Y0
e+lf4s4OxQawWD79J9/5d3Ry0vbV3Am1FtGJiJvOwRsIfVChDpYStTcHTCMqtvWb
V6L11BWkpzGXSW4Hv43qa+GSYOD2QU68Mb59oSk2OB+BtOLpJofmbGEGgvmwyCI9
MwIDAQAB
-----END PUBLIC KEY-----
Output : Plain text
- Wire the EventListener node to Set-Property node and Set-Property to Template node.
- Drag and drop the JWTVerifier node from the the palette to the canvas. Open the settings, configure the following and Save.
Display Name : JWT Verifier
Token : eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0.POstGetfAytaZS82wHcjoTyoqhMyxXiWdR7Nn7A29DNSl0EiXLdwJ6xC6AfgZWF1bOsS_TuYI3OG85AmiExREkrS6tDfTQ2B3WXlrr-wp5AokiRbz3_oB4OxG-W9KcEEbDRcZc0nH3L7LzYptiy1PtAylQGxHTWZXtGz4ht0bAecBgmpdgXMguEIcoqPJ1n3pIWk_dUZegpqx0Lka21H6XxUTxiy8OcaarA8zdnPUnV6AmNP3ecFawIFYdvJB_cm-GvpCSbr8G8y_Mllj8f4x9nBH8pQux89_6gUY618iYv7tuPWBFfEbLxtF2pZS6YC1aSfLQxeNe8djT9YjpvRZA
Algorithm : RS256
Public Key : msg.payload
Wire the Template node to JWTVerifier node.
Add EventListener End node from the palette to the canvas. Open the settings, configure the following and Save.
Payload : msg.header.jwt.payload
Wire the JWTVerifier node to EventListener End node.