web:javascript:jwt
Différences
Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentesRévision précédenteProchaine révision | Révision précédente | ||
web:javascript:jwt [2020/07/17 15:47] – sgariepy | web:javascript:jwt [2022/04/10 22:11] (Version actuelle) – [Créer le endpoint JWKS] sgariepy | ||
---|---|---|---|
Ligne 46: | Ligne 46: | ||
| exp | Expiration | | exp | Expiration | ||
+ | |||
+ | ===== Exemple d'ID Token Cognito ===== | ||
+ | |||
+ | Header: | ||
+ | |||
+ | <code json> | ||
+ | { | ||
+ | " | ||
+ | " | ||
+ | } | ||
+ | </ | ||
+ | |||
+ | Payload | ||
+ | |||
+ | < | ||
+ | { | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | } | ||
+ | </ | ||
+ | |||
+ | ====== Packages npm ====== | ||
+ | |||
+ | ===== jsonwebtoken ===== | ||
+ | |||
+ | |||
+ | < | ||
+ | npm install jsonwebtoken -S | ||
+ | npm install @types/ | ||
+ | </ | ||
+ | |||
+ | |||
+ | Import: | ||
+ | |||
+ | <code javascript> | ||
+ | import * as jwt from ' | ||
+ | // ou | ||
+ | import jwt from ' | ||
+ | </ | ||
+ | |||
+ | |||
+ | Signer: | ||
+ | |||
+ | < | ||
+ | const jwtToken = jwt.sign( | ||
+ | { userId }, | ||
+ | this.secretsConfig.jwt, | ||
+ | { | ||
+ | algorithm: ' | ||
+ | expiresIn: ' | ||
+ | } | ||
+ | ); | ||
+ | </ | ||
+ | |||
+ | Avec RS256: | ||
+ | |||
+ | < | ||
+ | const privateKey = fs.readFileSync(' | ||
+ | const token = jwt.sign({ foo: ' | ||
+ | </ | ||
+ | |||
+ | Vérifier: | ||
+ | |||
+ | < | ||
+ | const authHeader = req.header(' | ||
+ | |||
+ | const token = jwt.verify( | ||
+ | authHeader, | ||
+ | secret, | ||
+ | { | ||
+ | algorithms: [' | ||
+ | } | ||
+ | ); | ||
+ | </ | ||
+ | |||
+ | Verify asymetric : | ||
+ | |||
+ | < | ||
+ | import jwks from ' | ||
+ | |||
+ | const client = jwksClient({ | ||
+ | jwksUri: ' | ||
+ | }); | ||
+ | |||
+ | function getKey(header, | ||
+ | client.getSigningKey(header.kid, | ||
+ | var signingKey = key.publicKey || key.rsaPublicKey; | ||
+ | callback(null, | ||
+ | }); | ||
+ | } | ||
+ | |||
+ | jwt.verify(token, | ||
+ | console.log(decoded.foo) // bar | ||
+ | }); | ||
+ | </ | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | ===== jwks-rsa ===== | ||
+ | |||
+ | |||
+ | Importer: | ||
+ | |||
+ | < | ||
+ | import jwks from ' | ||
+ | // ou | ||
+ | import * as jwks from ' | ||
+ | < | ||
+ | |||
+ | < | ||
+ | const jwksClient = jwksClient({ | ||
+ | cache: true, | ||
+ | jwksUri: ' | ||
+ | }); | ||
+ | </ | ||
====== JOSE ====== | ====== JOSE ====== | ||
+ | |||
+ | * [[https:// | ||
+ | * [[https:// | ||
===== Clé privée ===== | ===== Clé privée ===== | ||
Ligne 210: | Ligne 339: | ||
} | } | ||
</ | </ | ||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
Ligne 246: | Ligne 366: | ||
====== Ressources ====== | ====== Ressources ====== | ||
- | * [[https:// | + | * [[https:// |
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
web/javascript/jwt.txt · Dernière modification : 2022/04/10 22:11 de sgariepy