This module lets you authenticate GRPC calls using JSON Web Tokens (JWTs) created by Auth0 in your Condor GRPC services.
Condor is a GRPC Framework for node.
This module extends condor-jwt and offers additional features for integration with keycloak:
- Handles public key rotation retrieval
- Allows live token validation (using introspection)
- Multi-tenancy support, by allowing multiple realms
The JWT middleware decodes and verifies a JsonWebToken passed in the authorization header. If the token is valid, context.token will be set with the JSON object decoded to be used by later middleware for authorization and access control. (See condor-authorize)
const Condor = require('condor-framework');
const jwt = require('condor-jwt-auth0');
const Greeter = require('./greeter');
const options = {
'jwksUri': 'https://sandrino.auth0.com/.well-known/jwks.json',
};
const app = new Condor()
.addService('./protos/greeter.proto', 'myapp.Greeter', new Greeter())
.use(jwt(options))
// middleware below this line is only reached if JWT token is valid
.use((context, next) => {
console.log('valid token found: ', context.token);
next();
})
.start();Allows all the options of the condor-jwt module. And also:
| Option | Description | Default |
|---|---|---|
| jwksUri | The authorization server jwksUri. E.g. https://sandrino.auth0.com/.well-known/jwks.json. Required. |
Additionaly, you can send any option of the verify method of the jsonwebtoken. Such options will be used to verify the token.