Comments (1)
Hi @heidemn-faro - thanks for raising this
There are lots of ways you can test JWTs and it would be out of scope of this SDK to teach you - so I'm going to close this.
I tend to avoid adding test code to the actual deployable code - so I wouldn't recommend checking the NODE_ENV
at runtime personally, but if you want to - you can use the validators config to disable specific claim checks and use things like expired JWTs to test.
There's some good examples of testing JWTs in this repo if you take a look at the code. Namely https://github.com/auth0/node-oauth2-jwt-bearer/blob/main/packages/access-token-jwt/test/helpers.ts#L25 - in this example we generate an asymmetric key pair for each test and make the public key available using nock
and sign the test JWT with the private key - so this is a good option if you want to do integration style tests with the library.
For unit tests, you can of course stub the auth middleware all together.
from node-oauth2-jwt-bearer.
Related Issues (20)
- Proxy Configuraton Broken/HTTP(S) Agent not being passed on JWKSet Creation HOT 2
- [docs] 404 error in the GitHub Pages documentation when clicking on a class or an interface HOT 1
- "nbf" claim timestamp check failed HOT 1
- 500 Error thrown when deployed to GCP App Engine HOT 3
- Getting AssertionError You must provide a 'tokenSigningAlg' for validating symmetric algorithms despite not providing a secret key value pair. HOT 6
- Node 21.5 support HOT 4
- InvalidTokenError: Failed to fetch authorization server metadata HOT 5
- publicKey without discovery HOT 2
- Crashed my express server. HOT 2
- Is it possible to use this with JWE encrypted access token?
- Audience Checking shouldn't be forced
- Allow to specify the location of the token.
- Cloudflare/Workerd support
- Create a separate method to validate a jwt
- Allow better control for discovery endpoints to use HOT 1
- Node 22 support
- [express-oauth2-jwt-bearer] What is the best practice to allow request to go through despite token being unauthorized? HOT 4
- Unable to recovery from temporarily unavailable discovery document HOT 4
- [docs] API documentation of auth middleware should mention "req.auth"
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from node-oauth2-jwt-bearer.