{"id":23066963,"url":"https://github.com/dvsa/jwt-stdin-verifier","last_synced_at":"2025-07-29T10:40:42.678Z","repository":{"id":42472261,"uuid":"453114906","full_name":"dvsa/jwt-stdin-verifier","owner":"dvsa","description":"Tool to be used by Apache Rewrite to verify JWT's","archived":false,"fork":false,"pushed_at":"2022-04-20T08:45:26.000Z","size":13,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-02-08T22:28:36.739Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dvsa.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-01-28T15:17:58.000Z","updated_at":"2022-01-28T21:25:11.000Z","dependencies_parsed_at":"2022-09-14T00:42:13.486Z","dependency_job_id":null,"html_url":"https://github.com/dvsa/jwt-stdin-verifier","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dvsa%2Fjwt-stdin-verifier","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dvsa%2Fjwt-stdin-verifier/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dvsa%2Fjwt-stdin-verifier/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dvsa%2Fjwt-stdin-verifier/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dvsa","download_url":"https://codeload.github.com/dvsa/jwt-stdin-verifier/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246970323,"owners_count":20862509,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-16T05:15:41.592Z","updated_at":"2025-04-03T09:13:44.187Z","avatar_url":"https://github.com/dvsa.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"```\n       _          _                      _  __\n      (_)_      _| |_    __   _____ _ __(_)/ _|_   _\n      | \\ \\ /\\ / / __|___\\ \\ / / _ \\ '__| | |_| | | |\n      | |\\ V  V /| ||_____\\ V /  __/ |  | |  _| |_| |\n     _/ | \\_/\\_/  \\__|     \\_/ \\___|_|  |_|_|  \\__, |\n    |__/                                       |___/\n    Verify JWT's as part of an Apache Rewrite rule\n```\n## What does it do\n\nThis program will listen to stdin and treat any input as a JWT. The JWT will be verified and either `OK` printed or \n`INVALID - {error}` for a valid or invalid token. It is designed to be used in conjuction with Apache Rewrite to allow \naccess based on a valid JWT within a query string\n\n\n## Usage\n\nPretty simple: `./jwt-verify -keyfile \u003cpath/to/keyfile\u003e`\n\n| Argumnet | Value                      | Required |\n|----------|----------------------------|----------|\n| keyfile  | Path to a RS256 public key | Yes      | \n\n### Keyfile\n\nWe make the assumption that the JWT to verify has been signed using an RS256 algorithm. Because of this you will need to\nprovide the public key in a PEM file format.\n\n### Generating a key\n\nThe following commands can be used to create the required private and public key with the names `jwtRS256.key` \u0026 `jwtRS256.pub`\n\n```\nssh-keygen -t rsa -P \"\" -b 4096 -m PEM -f jwtRS256.key\nssh-keygen -e -m PEM -f jwtRS256.key \u003e jwtRS256.key.pub\n```\n\n\n## Apache integration\n\nBelow is an example how this can be used with Apache Rewrite rules\n\n```\nRewriteEngine On\n  RewriteMap jwtprg \"prg:/usr/local/bin/jwt-verify -keyfile /path/to/keyfile\" apache:apache\n  \u003cLocation \"/foo\"\u003e\n    Require all granted\n    LogLevel alert rewrite:trace8\n    Options FollowSymLinks\n\n    # Set JWT_AUTH to false first\n    RewriteRule ^ - [ENV=JWT_AUTH:false]\n\n    # Set JWT_AUTH environment variable if jwt-verify has authenticated the request\n    RewriteCond %{QUERY_STRING} ^jwt=([^\u0026]+)\n    RewriteCond ${jwtprg:%1} ^OK$\n    RewriteRule ^ - [ENV=JWT_AUTH:true]\n\n    # Disallow access if JWT_AUTH environment variable is not true\n    RewriteCond %{ENV:JWT_AUTH} !^true$\n    RewriteRule ^ - [F]\n\n    ErrorDocument 403 \"Please \u003ca href='/login'\u003eauthenticate\u003c/a\u003e.\"\n\n  \u003c/Location\u003e\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdvsa%2Fjwt-stdin-verifier","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdvsa%2Fjwt-stdin-verifier","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdvsa%2Fjwt-stdin-verifier/lists"}