Comments (3)
Hi @Hugomm - thanks for raising this
Because permissions is a proprietary Auth0 claim and this SDK is a generic OAuth SDK, we don't provide a requiredPermissions
feature. But you can use the claimIncludes method to achieve the desired result.
app.get('/api/admin/managers',
claimIncludes('permissions', 'admin', 'manager'),
(req, res, next) => {
// ...
}
);
// Or create your own `requiredPermissions` method
const requiredPermissions = claimIncludes.bind(null, 'permissions')
app.get('/api/admin/managers',
requiredPermissions('admin', 'manager'),
(req, res, next) => {
// ...
}
);
from node-oauth2-jwt-bearer.
Thanks @adamjmcgrath for your clear and fast answer.
I have tested the function using the proposed wrapper to make things clearer and it's working as intended. Let me check it with my team and will close the issue if there are no further questions.
from node-oauth2-jwt-bearer.
@adamjmcgrath Already discussed this function with my team and we had no issues using it. Thanks for your reply I'm going to close the issue.
from node-oauth2-jwt-bearer.
Related Issues (20)
- Proxy Configuraton Broken/HTTP(S) Agent not being passed on JWKSet Creation HOT 2
- [docs] 404 error in the GitHub Pages documentation when clicking on a class or an interface HOT 1
- "nbf" claim timestamp check failed HOT 1
- 500 Error thrown when deployed to GCP App Engine HOT 3
- Getting AssertionError You must provide a 'tokenSigningAlg' for validating symmetric algorithms despite not providing a secret key value pair. HOT 6
- Node 21.5 support HOT 3
- InvalidTokenError: Failed to fetch authorization server metadata HOT 1
- publicKey without discovery HOT 1
- Crashed my express server. HOT 1
- Is it possible to use this with JWE encrypted access token?
- Audience Checking shouldn't be forced
- Add support for node 18 HOT 3
- Supported engines does not include the latest node LTS, 18.12.0 HOT 2
- Proposal: add support for `scopesIncludesAny` HOT 3
- [docs] Node.js 18 support HOT 1
- Document upgrade path from "express-jwt" + "jwks-rsa" HOT 1
- [example] How to write unit tests for our Express APIs with canned JWTs? HOT 1
- [express-oauth2-jwt-bearer] What is the best practice to allow request to go through despite token being unauthorized? HOT 4
- Unable to recovery from temporarily unavailable discovery document HOT 4
- [docs] API documentation of auth middleware should mention "req.auth"
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from node-oauth2-jwt-bearer.