How to use Jsonwebtoken NPM package to verify JWT token issued by Azure AD

0 votes

I am trying to use jsonwebtoken NPM package for verifying a JWT token issued by Azure Active Directory. Following is the node.js code that I have written:

  var jwt = require('jsonwebtoken');
  var token = '<valid JWT token>';
  var x5cString = '<x5cSTring>';
  var publicKey = '-----BEGIN CERTIFICATE-----\n' + x5cString + '\n-----END CERTIFICATE-----';

    var verifiedToken = jwt.verify(token, publicKey) //, verifyOptions);

Please note that in the above code I use the actual x5c String from https://login.microsoftonline.com/common/discovery/keys. This works fine and I get the expected result. But, the X5C string which is the public key keeps changing. I am trying to understand how to get this public key automatically.

EDIT

I found some sample code on Jsonwebtoken NPM package web site. In this code signingKey is what I want. Following is the code.

var jwksClient = require('jwks-rsa');
var client = jwksClient({
  jwksUri: 'https://login.microsoftonline.com/common/discovery/keys'
});
function getKey(header, callback){
  client.getSigningKey(header.kid, function(err, key) {
    var signingKey = key.publicKey || key.rsaPublicKey;
    callback(null, signingKey);
  });
}

jwt.verify(token, getKey, options, function(err, decoded) {
  console.log(decoded.foo) // bar
});

In the above code, jwt.verify calls getKey that takes header and callback as parameter. I do not understand how jwt.verify function passed 'header' parameter to the getKey. Following is the header that I have retrieved. how do I pass this header to getKey in the jwt.verify?

var decoded = jwt.decode(token, {complete: true});
var header = decoded.header
Mar 23, 2022 in Azure by Edureka
• 13,620 points
4,193 views

1 answer to this question.

0 votes

Okay so I have found out the solution. Following is the final code that I have.

var jwksClient = require('jwks-rsa');
var jwt = require('jsonwebtoken');

    token = 'valid JWT token';
    var decoded = jwt.decode(token, {complete: true});
    var header = decoded.header

    var verifyOptions = {
     algorithms: ['RS256'],
     header: decoded.header

  };


    var client = jwksClient({
      jwksUri: 'https://login.microsoftonline.com/common/discovery/keys'
    });
    function getKey(header, callback){
      client.getSigningKey(header.kid, function(err, key) {
        var signingKey = key.publicKey || key.rsaPublicKey;
        callback(null, signingKey);
      });
    }

    jwt.verify(token, getKey, verifyOptions, function(err, decoded) {
      //This will display the decoded JWT token.
      console.log(decoded)  
    });
answered Mar 29, 2022 by Edureka
• 12,690 points

Related Questions In Azure

0 votes
1 answer

How to retrieve View definition on Synapse (Azure SQL DW)?

To authenticate with Azure SQL Database or ...READ MORE

answered Mar 4, 2022 in Azure by Edureka
• 13,620 points
1,738 views
0 votes
1 answer
0 votes
1 answer

How to add Azure Portal to myapps.microsoft.com

Steps to add Azure Portal: Sign in as an ...READ MORE

answered Mar 8, 2022 in Azure by Edureka
• 13,620 points

edited Jun 27, 2023 by Khan Sarfaraz 2,439 views
0 votes
1 answer

How to get the percentage of the predicted labels in Azure Custom Vision?

It's calculated in the same way, except ...READ MORE

answered Mar 26, 2022 in Azure by Edureka
• 12,690 points
509 views
0 votes
1 answer

Truffle tests not running after truffle init

This was a bug. They've fixed it. ...READ MORE

answered Sep 11, 2018 in Blockchain by Christine
• 15,790 points
1,936 views
0 votes
1 answer

Hyperledger Sawtooth vs Quorum in concurrency and speed Ask

Summary: Both should provide similar reliability of ...READ MORE

answered Sep 26, 2018 in IoT (Internet of Things) by Upasana
• 8,620 points
1,461 views
0 votes
1 answer

how to verify jwt token in nodejs / never expire?

You can achieve this by using the ...READ MORE

answered Jun 17, 2022 in Node-js by Neha
• 9,020 points
7,590 views
0 votes
1 answer

How do I use Powershell to create an Azure Web App that runs on Linux?

Try the command below: New-AzureRmResource -ResourceGroupName <ResourceGroupName> -Location ...READ MORE

answered Mar 25, 2022 in Azure by Edureka
• 12,690 points
1,084 views
0 votes
1 answer

How to determine, find, install and reference a proper Azure SDK package?

Instead of downloading this-and-that item directly, I ...READ MORE

answered Apr 11, 2022 in Azure by Edureka
• 12,690 points
529 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP