How to use Jsonwebtoken NPM package to verify JWT token issued by Azure AD

0 votes

I am trying to use jsonwebtoken NPM package for verifying a JWT token issued by Azure Active Directory. Following is the node.js code that I have written:

  var jwt = require('jsonwebtoken');
  var token = '<valid JWT token>';
  var x5cString = '<x5cSTring>';
  var publicKey = '-----BEGIN CERTIFICATE-----\n' + x5cString + '\n-----END CERTIFICATE-----';

    var verifiedToken = jwt.verify(token, publicKey) //, verifyOptions);

Please note that in the above code I use the actual x5c String from https://login.microsoftonline.com/common/discovery/keys. This works fine and I get the expected result. But, the X5C string which is the public key keeps changing. I am trying to understand how to get this public key automatically.

EDIT

I found some sample code on Jsonwebtoken NPM package web site. In this code signingKey is what I want. Following is the code.

var jwksClient = require('jwks-rsa');
var client = jwksClient({
  jwksUri: 'https://login.microsoftonline.com/common/discovery/keys'
});
function getKey(header, callback){
  client.getSigningKey(header.kid, function(err, key) {
    var signingKey = key.publicKey || key.rsaPublicKey;
    callback(null, signingKey);
  });
}

jwt.verify(token, getKey, options, function(err, decoded) {
  console.log(decoded.foo) // bar
});

In the above code, jwt.verify calls getKey that takes header and callback as parameter. I do not understand how jwt.verify function passed 'header' parameter to the getKey. Following is the header that I have retrieved. how do I pass this header to getKey in the jwt.verify?

var decoded = jwt.decode(token, {complete: true});
var header = decoded.header
Mar 23 in Azure by Edureka
• 8,060 points
266 views

1 answer to this question.

0 votes

Okay so I have found out the solution. Following is the final code that I have.

var jwksClient = require('jwks-rsa');
var jwt = require('jsonwebtoken');

    token = 'valid JWT token';
    var decoded = jwt.decode(token, {complete: true});
    var header = decoded.header

    var verifyOptions = {
     algorithms: ['RS256'],
     header: decoded.header

  };


    var client = jwksClient({
      jwksUri: 'https://login.microsoftonline.com/common/discovery/keys'
    });
    function getKey(header, callback){
      client.getSigningKey(header.kid, function(err, key) {
        var signingKey = key.publicKey || key.rsaPublicKey;
        callback(null, signingKey);
      });
    }

    jwt.verify(token, getKey, verifyOptions, function(err, decoded) {
      //This will display the decoded JWT token.
      console.log(decoded)  
    });
answered Mar 29 by Edureka
• 9,540 points

Related Questions In Azure

0 votes
1 answer

How to retrieve View definition on Synapse (Azure SQL DW)?

To authenticate with Azure SQL Database or ...READ MORE

answered Mar 4 in Azure by Edureka
• 8,060 points
78 views
0 votes
1 answer
0 votes
1 answer

How to add Azure Portal to myapps.microsoft.com

Steps to add Azure Portal: Sign in as an ...READ MORE

answered Mar 8 in Azure by Edureka
• 8,060 points
167 views
0 votes
1 answer

How to get the percentage of the predicted labels in Azure Custom Vision?

It's calculated in the same way, except ...READ MORE

answered Mar 26 in Azure by Edureka
• 9,540 points
35 views
0 votes
1 answer

Truffle tests not running after truffle init

This was a bug. They've fixed it. ...READ MORE

answered Sep 11, 2018 in Blockchain by Christine
• 15,790 points
970 views
0 votes
1 answer
0 votes
1 answer

how to verify jwt token in nodejs / never expire?

You can achieve this by using the ...READ MORE

answered Jun 17 in Node-js by Neha
• 8,560 points
18 views
0 votes
1 answer

How do I use Powershell to create an Azure Web App that runs on Linux?

Try the command below: New-AzureRmResource -ResourceGroupName <ResourceGroupName> -Location ...READ MORE

answered Mar 25 in Azure by Edureka
• 9,540 points
54 views
0 votes
1 answer
webinar REGISTER FOR FREE WEBINAR X
Send OTP
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP