express-accesstoken-validation
Advanced tools
ExpressJS middleware for remote access token validation
ExpressJS middleware for remote access token validation
Although JWT have become common use in OAuth 2.0 / OpenId Connect scenarios, there a scenarios where you as an resource server (=API) have to validate an access token received by the client.
This validation normally is delegated to the OAuth 2.0 server which created that access token.
express-accesstoken-validation is an ExpressJS middleware that lets you delegate the access token validation to an OAuth 2.0 server like oauth2-server.
npm install express-accesstoken-validation --save
const bearerTokenValidation = require('express-accesstoken-validation');
let options = {
validationUri: 'https://localhost:3000/oauth/tokenvalidation',
tokenParam: 'token',
unprotected: ['/public']
}
app.use(bearerTokenValidation(options));
options provides this options:
validationUri: The access token validation uri of the OAuth 2.0 servertokenParam: The name of the token query parameter expected by the OAuth 2.0 serverunprotected: optional, a list of routes that should not be protectedMake sure to register express-accesstoken-validation as the first middleware to ensure all requests get authorized.
npm test
FAQs
ExpressJS middleware for remote access token validation
We found that express-accesstoken-validation demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Newly introduced telemetry in devenv 1.4 sparked a backlash over privacy concerns, leading to the removal of its AI-powered feature after strong community pushback.
Security News
TC39 met in Seattle and advanced 9 JavaScript proposals, including three to Stage 4, introducing new features and enhancements for a future ECMAScript release.
Security News
Deno 2.2 enhances Node.js compatibility, improves dependency management, adds OpenTelemetry support, and expands linting and task automation for developers.