auth0 / Idtoken Verifier
Licence: mit
Lightweight RSA JWT verification
Stars: ✭ 52
Programming Languages
javascript
184084 projects - #8 most used programming language
Projects that are alternatives of or similar to Idtoken Verifier
Angular Token
🔑 Token based authentication service for Angular with interceptor and multi-user support. Works best with devise token auth for Rails. Example:
Stars: ✭ 376 (+623.08%)
Mutual labels: oauth, auth
Buji Pac4j
pac4j security library for Shiro: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Stars: ✭ 444 (+753.85%)
Mutual labels: jwt, oauth
Play Pac4j
Security library for Play framework 2 in Java and Scala: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Stars: ✭ 375 (+621.15%)
Mutual labels: jwt, oauth
Jwt Auth Guard
JWT Auth Guard for Laravel and Lumen Frameworks.
Stars: ✭ 319 (+513.46%)
Mutual labels: jwt, auth
Fastify Esso
The easiest authentication plugin for Fastify, with built-in support for Single sign-on
Stars: ✭ 20 (-61.54%)
Mutual labels: jwt, auth
Aspnetcore Webapi Course
Professional REST API design with ASP.NET Core 3.1 WebAPI
Stars: ✭ 323 (+521.15%)
Mutual labels: jwt, oauth
Slim3 Jwt Auth Example
Server side implementation example of JWT (JSON Web Token) authentication using Slim3
Stars: ✭ 45 (-13.46%)
Mutual labels: jwt, auth
firebase auth oauth
A Flutter plugin that makes it easy to perform OAuth sign in flows using FirebaseAuth.
Stars: ✭ 28 (-46.15%)
Mutual labels: oauth, auth
Go jwt
golang for websocket wechat or weixin and jwt,http ratelimit
Stars: ✭ 19 (-63.46%)
Mutual labels: jwt, oauth
Maxkey
MaxKey is Single Sign On(SSO) System,Leading-Edge Enterprise-Class open source IAM(Identity and Access management) product.
Stars: ✭ 274 (+426.92%)
Mutual labels: jwt, oauth
Hapi Auth Keycloak
JSON Web Token based Authentication powered by Keycloak
Stars: ✭ 29 (-44.23%)
Mutual labels: jwt, auth
supabase-ui-svelte
Supabase authentication UI for Svelte
Stars: ✭ 83 (+59.62%)
Mutual labels: oauth, auth
Core Nestjs
A simple application demonstrating the basic usage of permissions with NestJS (JWT, Passport, Facebook, Google+, User, Group, Permission)
Stars: ✭ 347 (+567.31%)
Mutual labels: jwt, oauth
yii-auth-client
Yii Framework external authentication via OAuth and OpenID Extension
Stars: ✭ 20 (-61.54%)
Mutual labels: oauth, auth
sign-in-with-ethereum
Minimal example of sign in with Ethereum. Compatible with web3 browsers.
Stars: ✭ 25 (-51.92%)
Mutual labels: oauth, auth
react-google-oauth2.0
React frontend login with OAuth 2.0 & integrates a Rest API backend.
Stars: ✭ 14 (-73.08%)
Mutual labels: oauth, auth
Paseto
Platform-Agnostic Security Tokens implementation in GO (Golang)
Stars: ✭ 461 (+786.54%)
Mutual labels: jwt, auth
Hzdtf.foundation.framework
基础框架系统,支持.NET和.NET Core平台,语言:C#,DB支持MySql和SqlServer,主要功能有抽象持久化、服务层,将业务基本的增删改查抽离复用;提供代码生成器从DB生成实体、持久化、服务以及MVC控制器,每层依赖接口,并需要在客户端将对应实现层用Autofac程序集依赖注入,用AOP提供日志跟踪、事务、模型验证等。对Autofac、Redis、RabbitMQ封装扩展;DB访问提供自动主从访问,Redis客户端分区。特别适合管理系统。
Stars: ✭ 22 (-57.69%)
Mutual labels: jwt, auth
idtoken-verifier
A lightweight library to decode and verify RS JWT meant for the browser.
Usage
import IdTokenVerifier from 'idtoken-verifier';
const verifier = new IdTokenVerifier({
issuer: 'https://my.auth0.com/',
audience: 'gYSNlU4YC4V1YPdqq8zPQcup6rJw1Mbt'
});
verifier.verify(id_token, nonce, (error, payload) => {
if (error) {
// handle the error
return;
}
// do something with `payload`
});
IdTokenVerifier
Initializes the verifier.
Parameters:
- configuration
- issuer: the issuer you trust to sign the tokens.
- audience: the audience the token is issued for.
- leeway: when there is a clock skew times between the signing and verifying servers. The leeway should not be bigger than five minutes.
- jwksCache: the verifier will try to fetch the JWKS from the
/.well-known/jwks.jsonendpoint (orjwksURIif provided) each time it verifies a token. You can provide a cache to store the keys and avoid repeated requests. For the contract, check this example. Hint: for in-memory cache, an easy way is to just providenew Map(), which is a valid object for jwksCache. - jwksURI: A valid, direct URI to fetch the JSON Web Key Set (JWKS). Defaults to
${id_token.iss}/.well-known/jwks.json
- callback
- error: the validation error if any, null otherwise
- payload: the decoded jwt payload
verifier.verify
This method will decode the ID token, then verify the token for OIDC compliance using a series of checks on the claims found inside the token.
Parameters
- id_token: the id_token to verify.
- nonce: the nonce previously sent to tha authorization server.
- callback
verifier.decode
This method will decode the token header and payload WITHOUT doing any verification.
Parameters
- id_token: the id_token to decode.
Return
- header: the decoded header.
- payload: the decoded payload.
- encoded: the parts without decode
- header: the header string.
- payload: the payload string.
- signature: the signature string.
Support
To make it as lightweight as posible, it only provides support for RS256 tokens. It can be easily extensible to other RS* algorithms.
Issue Reporting
If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.
Author
License
This project is licensed under the MIT license. See the LICENSE file for more info.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].