-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathauth.js
More file actions
24 lines (20 loc) · 746 Bytes
/
auth.js
File metadata and controls
24 lines (20 loc) · 746 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
const OktaJwtVerifier = require('@okta/jwt-verifier')
const oktaJwtVerifier = new OktaJwtVerifier({
issuer: process.env.ISSUER,
clientId: process.env.CLIENT_ID
})
module.exports = async (req, res, next) => {
try {
const { authorization } = req.headers
if (!authorization) throw new Error('You must send an Authorization header')
const [authType, token] = authorization.trim().split(' ')
if (authType !== 'Bearer') throw new Error('Expected a Bearer token')
const { claims } = await oktaJwtVerifier.verifyAccessToken(token, 'api://default')
if (!claims.scp.includes(process.env.SCOPE)) {
throw new Error('Could not verify the proper scope')
}
next()
} catch (error) {
next(error.message)
}
}