node.js - How to verify AWS Cognito Access Token on NodeJS -

September 15, 2011

i found example on how verify cognito access tokens python. how do same nodejs? there no sdk function this?

so far have

authorizecognitojwt(token) {     const cognito_pool_id = 'ap-southeast-1_xxx'     const cognito_jwt_set = {     'keys': [         {         'alg': 'rs256',         'e': 'aqab',         'kid': 'chkv+...=',         'kty': 'rsa',         'n': 'tkjexs...johc5q',         'use': 'sig'         },         {         'alg': 'rs256',         'e': 'aqab',         'kid': 've...eb8dw6y=',         'kty': 'rsa',         'n': 'hw19h...0c9q',         'use': 'sig'         }     ]     }     const decodedjwt = jwt.decode(token, {complete: true})     console.log(decodedjwt)      if (decodedjwt.payload.iss !== `https://cognito-idp.us-east-1.amazonaws.com/${cognito_pool_id}`) {     return 'invalid_issuer'     }      if (decodedjwt.payload.token_use !== 'access') {     return 'invalid_token_use'     }      var jwtkey = cognito_jwt_set.keys.find(k => k.kid === decodedjwt.header.kid)     if (!jwtkey) {     return 'invalid_token_kid'     }      var verifiedkey = jwt.verify(token, /* how key? */)      return 'valid' }

but stuck @ how keys cognito_jwt_set

you can cognito_jwt_set using this url.

refer blog post integrating amazon cognito user pools api gateway in aws mobile blog complete example code.

Search This Blog

Force Net

node.js - How to verify AWS Cognito Access Token on NodeJS -

Comments

Post a Comment

Popular posts from this blog

ubuntu - PHP script to find files of certain extensions in a directory, returns populated array when run in browser, but empty array when run from terminal -

php - How can i create a user dashboard -

javascript - How to detect toggling of the fullscreen-toolbar in jQuery Mobile? -