Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/droidsonroids/auth0_rs256_jwt_verifier

Ruby gem for verifying Auth0 API JWT access tokens signed using RS256 algorithm.
https://github.com/droidsonroids/auth0_rs256_jwt_verifier

auth auth0 authentication jwkset jwt openssl rs232 ruby

Last synced: 5 days ago
JSON representation

Ruby gem for verifying Auth0 API JWT access tokens signed using RS256 algorithm.

Host: GitHub
URL: https://github.com/droidsonroids/auth0_rs256_jwt_verifier
Owner: DroidsOnRoids
Created: 2017-08-19T12:31:17.000Z (about 7 years ago)
Default Branch: master
Last Pushed: 2019-08-21T09:13:09.000Z (about 5 years ago)
Last Synced: 2024-04-27T02:01:13.389Z (7 months ago)
Topics: auth, auth0, authentication, jwkset, jwt, openssl, rs232, ruby
Language: Ruby
Homepage: https://rubygems.org/gems/auth0_rs256_jwt_verifier
Size: 24.4 KB
Stars: 4
Watchers: 6
Forks: 1
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

        [![Build Status](https://travis-ci.org/DroidsOnRoids/auth0_rs256_jwt_verifier.svg?branch=master)](https://travis-ci.org/DroidsOnRoids/auth0_rs256_jwt_verifier)

# Auth0 JWT (RS256) verification library 

[Auth0](https://auth0.com) is web service handling users identities which can be easily plugged

into your application. It provides [SDKs](https://auth0.com/docs) for many languages which enable you to sign up/in users

and returns access token ([JWT](https://jwt.io)) in exchange. Access token can be used then to access your's Web Service.

This gem helps you to [verify](https://auth0.com/docs/api-auth/tutorials/verify-access-token#verify-the-signature)

such access token which has been signed using the RS256 algorithm.

## Installation

Install the `auth0_rs256_jwt_verifier` package from [Rubygems](https://rubygems.org/gems/auth0_rs256_jwt_verifier):

```bash

    gem install auth0_rs256_jwt_verifier 

```

Install it using [Bundler](https://bundler.io/) specifying it as dependency in your Gemfile:

```ruby

    gem "auth0_rs256_jwt_verifier"

```

## Usage

```ruby

# Verifier caches RS256 certificates fetched from jwks_uri.

# You should initialize it once and reuse for JWTs verification.

require "auth0_rs256_jwt_verifier"

AUTH0_JWT_VERIFIER = Auth0RS256JWTVerifier.new(

  issuer:   "ISSUER",

  audience: "AUDIENCE",

  jwks_url: "https://YOUR_AUTH0_DOMAIN/.well-known/jwks.json"

)

result = AUTH0_JWT_VERIFIER.verify("JWT_ACCESS_TOKEN_SIGNED_USING_RS256_ALGORITHM")

if result.valid?

  p "Token is valid"

  p "User id: #{result.user_id}"

else

  p "Token is invalid"

end

```