UNPKG

azure-ad-verify-token-commonjs

Version:

Verify JWT issued by Azure Active Directory B2C.

github.com/justinlettau/azure-ad-verify-token

justinlettau/azure-ad-verify-token

97 lines (70 loc) 3.01 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
[![NPM Version](https://badge.fury.io/js/azure-ad-verify-token.svg)](https://badge.fury.io/js/azure-ad-verify-token) ![CI](https://github.com/justinlettau/azure-ad-verify-token/workflows/CI/badge.svg) [![Codecov](https://codecov.io/gh/justinlettau/azure-ad-verify-token/branch/master/graph/badge.svg)](https://codecov.io/gh/justinlettau/azure-ad-verify-token) # Azure AD Verify Token Verify JWT issued by Azure Active Directory B2C. # Table of Contents - [Features](#features) - [Installation](#installation) - [Usage](#usage) - [References](#references) - [Development](#development) # Features - 🎉 **Verify JWT** issued by Azure Active Directory B2C. - 🚀 Automatically use the **rotated public keys** from Azure. - 💪 Written in **TypeScript**. - ♻️ **Configurable cache** for public keys. # Installation ```bash npm install azure-ad-verify-token --save ``` # Usage ### Verify ```ts import { verify, VerifyOptions } from 'azure-ad-verify-token'; const options: VerifyOptions = { jwksUri: 'https://contoso.b2clogin.com/contoso.onmicrosoft.com/discovery/v2.0/keys?p=b2c_1_signupsignin1', issuer: 'https://contoso.b2clogin.com/3285c484-dce5-4abb-a341-bbe4f2bc8554/v2.0/', audience: '99d1275c-e805-483f-b832-600f8130829c', }; verify(token, options) .then((decoded) => { // verified and decoded token console.log(decoded); }) .catch((error) => { // invalid token console.error(error); }); ``` Verify options: | Property | Type | Description | | ---------- | -------- | ----------------------------------------------------------- | | `jwksUri` | `string` | `jwk_uri` value obtained from B2C policy metadata endpoint. | | `issuer` | `string` | `issuer` value obtained from B2C policy metadata endpoint. | | `audience` | `string` | Application ID of the application accessing the tenant. | Example metadata endpoints: - https://login.microsoftonline.com/common/.well-known/openid-configuration - https://login.microsoftonline.com/common/discovery/keys ### Configuration ```ts import { setConfig } from 'azure-ad-verify-token'; setConfig({ cacheLifetime: 12 * (60 * 60 * 1000), // 12 hours }); ``` Configuration options: | Property | Type | Description | Default | | --------------- | -------- | -------------------------------------------- | ------- | | `cacheLifetime` | `number` | Number of milliseconds to cache public keys. | 1 hour | # References - [Overview of tokens in Azure Active Directory B2C](https://docs.microsoft.com/en-us/azure/active-directory-b2c/tokens-overview) - [Microsoft identity platform access tokens](https://docs.microsoft.com/en-us/azure/active-directory/develop/access-tokens) - [RSA Key Converter](https://superdry.apphb.com/tools/online-rsa-key-converter) # Development ``` npm install npm run build ```