@theoptimalpartner/jwt-auth-validator
Version:
JWT token validation package with offline JWKS validation and Redis-based token revocation support
85 lines • 2.02 kB
TypeScript
export interface DecodedToken {
sub: string;
email?: string;
email_verified?: boolean;
phone_number?: string;
phone_number_verified?: boolean;
aud: string;
iss: string;
exp: number;
iat: number;
token_use: 'access' | 'id';
scope?: string;
auth_time?: number;
jti?: string;
username?: string;
'cognito:username'?: string;
'cognito:groups'?: string[];
[key: string]: unknown;
}
export interface ValidationResult {
valid: boolean;
decoded?: DecodedToken;
error?: string;
}
export interface JWKSConfig {
jwksUri: string;
issuer: string;
audience?: string;
cacheTimeout?: number;
enableJWKSValidation?: boolean;
clientSecret?: string;
}
export interface RedisConfig {
host: string;
port?: number;
password?: string;
tls?: {
ca?: string;
rejectUnauthorized?: boolean;
checkServerIdentity?: () => undefined;
servername?: string;
minVersion?: string;
maxVersion?: string;
};
family?: number;
connectTimeout?: number;
commandTimeout?: number;
lazyConnect?: boolean;
maxRetriesPerRequest?: number;
reconnectOnError?: (err: Error) => boolean;
retryStrategy?: (times: number) => number | null;
}
export interface ValidatorConfig {
jwks: JWKSConfig;
redis?: RedisConfig;
enableRedisBlacklist?: boolean;
forceSecureValidation?: boolean;
}
export interface CognitoTokenHeader {
kid: string;
alg: string;
typ: string;
}
export interface TokenBlacklistStats {
service: string;
connectionStatus: string;
initialized: boolean;
error?: string;
}
export interface JWKSStats {
cache: {
keys: number;
hits: number;
misses: number;
ksize: number;
vsize: number;
};
config: JWKSConfig | null;
}
export interface CognitoSecretHashOptions {
identifier: string;
clientId: string;
clientSecret: string;
}
//# sourceMappingURL=types.d.ts.map