Nostalgic Pickled Mango

    koa-devstack-security

    1.0.2 • Public • Published

    DevStack token JWT validation

    Koa middleware that propagates and validates JSON web tokens (JWT).

    Usage

    Our architecture, is validate with the use of a JWT token, so is mandatory propagate and validate the JWT token.

    Configuration

    Before use the koa-devstack-security is necessary configurate the file configuration.json, this file needs to:

    • Url to get the public key.

    • The key of identifier in our case sts_SHA1withRSA.

    • The delay between calls to public server key.

    • The attempts number when fail the public server key.

    When do the library return an 401, Bad Authorization?

    • If the token has bad format.
    • If the date has expired.
    • If the token is not authorization.
    • If the header is bad formatted.

    Retrieving the token

    The token is normally provided in a HTTP header in our case ( Authorization ), so we can get the token with 'ctx.request.header.authorization'.

    Example

    var koaDevSec = require('koa-devstack-security');
    var Koa = require('koa');
     
    var app = new Koa();
    app.use(koaDevSec());

    Additional Information

    If you want to use this library, you need at least node v.6.9.2 and Harmony or Babel.

    How do I pass source quality?

    If you have passed istanbul, the 'coverage' folder has been created.

    We use 'sonar-project.properties' and 'sonar-scanner' for analyze this project with SonarQube.

    This SonarQube must have installed http://docs.sonarqube.org/display/PLUG/JavaScript+Plugin[javascript plugin].

    Install http://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner[sonar-scanner]:

    Config 'sonar.host.url' with the SonarQube server url.

    'sonar-runner -Dsonar.host.url=sonarUrl'

    Install

    npm i koa-devstack-security

    DownloadsWeekly Downloads

    7

    Version

    1.0.2

    License

    ISC

    Last publish

    Collaborators

    • serenitydevstack