X2 Framework for Node.js Class: JWTAuthenticator

new JWTAuthenticator(actorsRegistry, secretOrKey [, claimsTest] [, actorHandleClaim])

Create new authenticator.

Parameters:

Name	Type	Argument	Description
`actorsRegistry`	module:x2node-ws.ActorsRegistry		Actors registry.
`secretOrKey`	string \| external:Buffer \| function		Secret or public key used to verify the JWT signature. If function, the function receives decoded JWT object as its only argument and returns the key (string or buffer) or a promise of it.
`claimsTest`	Object	<optional>	Optional additional tests for the JWT claims set. Each object element has the name of the tested claim (e.g. "iss", "aud", "hd", etc.) and the value can be a function, which gets the claim value as its first argument and the whole claims set object as the second argument and returns `true` if valid and `false` if invalid, a `RegExp` object for a valid claim value, or a value (string, number, etc.) to perform simple equivalency test. If the claim "aud" and the claim value in the JWT is an array, the claim test will succeed if any value in the array passes the specified claim test. Note, that token "nbf" and "exp" are always automatically tested.
`actorHandleClaim`	string	<optional>	Claim to use as the actor handle in the actor registry lookup. By default, "sub" claim is used.

Implements:

module:x2node-ws.Authenticator

Extends

module:x2node-ws.BearerAuthenticator

Methods

<static> jwksKey(jwksUri)

Create key provider function for the authenticator that reads the keys from a JWK Set (see RFC 7517).

Parameters:

Name	Type	Description
`jwksUri`	string	The JWK Set URI. Usually available as "jkws_uri" property in the OpenID Connect discovery document.

Returns:

Keys provider function that can be used as the secretOrKey argument to the authenticator constructor.

Type: function

addResponseHeaders(call, response)

If present on the authenticator, called before sending HTTP response to give the authenticator a chance to add any authenticator-specific headers to the response.