Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/innfactory/akka-jwt

Library for jwt authentication with akka
https://github.com/innfactory/akka-jwt

akka akka-directive auth0 authentication cognito jwt nimbus nimbusds

Last synced: 4 months ago
JSON representation

Library for jwt authentication with akka

Host: GitHub
URL: https://github.com/innfactory/akka-jwt
Owner: innFactory
License: apache-2.0
Created: 2017-08-26T20:54:45.000Z (over 7 years ago)
Default Branch: master
Last Pushed: 2019-08-09T09:22:49.000Z (over 5 years ago)
Last Synced: 2024-09-30T14:57:04.738Z (4 months ago)
Topics: akka, akka-directive, auth0, authentication, cognito, jwt, nimbus, nimbusds
Language: Scala
Homepage: https://innfactory.de
Size: 37.1 KB
Stars: 16
Watchers: 4
Forks: 3
Open Issues: 0
Metadata Files:
- Readme: README.md
- Changelog: CHANGES.md
- License: LICENSE

Awesome Lists containing this project

README

        # akka-jwt

[![travis-ci.org](https://travis-ci.org/innFactory/akka-jwt.svg?branch=master)](https://travis-ci.org/innFactory/akka-jwt)

[![codecov.io](https://img.shields.io/codecov/c/github/innFactory/akka-jwt/master.svg?style=flat)](https://codecov.io/github/innFactory/akka-jwt)

[![shields.io](http://img.shields.io/badge/license-Apache2-blue.svg)](http://www.apache.org/licenses/LICENSE-2.0.txt)

[ ![Download](https://api.bintray.com/packages/innfactory/sbt-plugins/akka-jwt/images/download.svg) ](https://bintray.com/innfactory/sbt-plugins/akka-jwt/_latestVersion)

Library for jwt authentication with akka

## Information

This library provides you an akka directive for your route to authenticate your user with jwt. the jwt implementation adapts nimbus JOSE + JWT.

### Changelog

#### 1.2.0

#### 1.0.0

- Initial Release

### Setup

```scala

libraryDependencies += "de.innFactory" %% "akka-jwt" % "1.2.0"

```

After that you must extend your akka-http Route with ```JwtAuthDirectives```. Then just implement a AuthService ```protected val authService: AuthService```

After that you can build your route like this: 

```scala

val route: Route =

    (post & path("graphql")) {

      authenticate { credentials =>

        entity(as[JsValue]) { requestJson ⇒

```

you see, that you got a new authenticate directive for your route. It extracts the Authentication value from your header and checks it against your jwt validator.

## Validator API

The Validator API has just one method ```validate```, so you can implement your own Validators and use it for your akka Directive. AWS and the generic one were made by guizmaii. Thanks for that!

```

final case class JwtToken(content: String) extends AnyVal

trait JwtValidator {

  def validate(jwtToken: JwtToken): Either[BadJWTException, (JwtToken, JWTClaimsSet)]

}

```

### Available `JwtValidator` implementations

#### 1. ConfigurableJwtValidator

The more flexible implementation of the `JwtValidator` interface.

It only requires a `JWKSource` instance.    

For more information on the different `JWKSource` implementations Nimbus provides, look at the classes in the `com.nimbusds.jose.jwk.source` package here: https://www.javadoc.io/doc/com.nimbusds/nimbus-jose-jwt

Example of use:

```scala

val token: JwtToken = JwtToken(content = "...")

val jwkSet: JWKSource[SecurityContext] = new RemoteJWKSet(new URL(s"https://your.jwks.prodvider.example.com/.well-known/jwks.json"))

val validator =  ConfigurableJwtValidator(jwkSet)

```

For more information on JWKs, you could read:   

  - Auth0 doc: https://auth0.com/docs/jwks    

  - Nimbus doc: https://connect2id.com/products/server/docs/api/jwk-set       

  - AWS Cognito doc: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html#amazon-cognito-identity-user-pools-using-id-and-access-tokens-in-web-api

Other constructor parameters are:

  - `maybeCtx: Option[SecurityContext] = None`   

    (Optional) Security context.    

    Default is `null` (no Security Context).

    

  - `additionalChecks: List[(JWTClaimsSet, SecurityContext) => Option[BadJWTException]] = List.empty`   

    (Optional) List of additional checks that will be executed on the JWT token passed.    

    Default is an empty List.

    

    Some "additional checks" are already implemented in the object `ProvidedAdditionalChelcks`.

#### 2. AwsCognitoJwtValidator

Example of use:

```scala

val awsRegion = AWSRegion(AWSRegions.Frankfurt)

val cognitoUserPoolId = CognitoUserPoolId(value = "...")

val awsCognitoJwtValidator = AwsCognitoJwtValidator(awsRegion, cognitoUserPoolId)

```

Need a token generator for aws? Look at

https://innfactory.de/de/blog/34-software-engineering/52-javascript-desktop-app-electron

https://github.com/innFactory/aws-session-token-gui

## Copyright & Contributers

* Tobias Jonas

* Jules Ivanic 

Copyright (C) 2019 [innFactory Cloud- & DataEngineering](https://innFactory.de)

Published under the Apache 2 License.