-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathjwt.validation.conf
More file actions
55 lines (36 loc) · 1.22 KB
/
jwt.validation.conf
File metadata and controls
55 lines (36 loc) · 1.22 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
#### Jwt.Validation.conf START
# Specific Log Format to capture the jwt payload data.
log_format jwt '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" "$http_user_agent" '
'$jwt_header_alg $jwt_claim_uid $jwt_claim_url';
server {
listen 8089;
server_name _;
location / {
root /opt/services/jwt-app/cookie;
index index.html;
}
}
server {
listen 80;
server_name _;
access_log /var/log/nginx/host.access.log jwt;
location / {
root /opt/services/jwt-app;
index index.html;
# JWT validation
auth_jwt "JWT Test Realm" token=$arg_myjwt;
auth_jwt_key_file /etc/nginx/api_secret.jwk;
error_log /var/log/nginx/host.jwt.error.log debug;
if ( $jwt_claim_uid = 222 ) {
add_header X-jwt-claim-uid "$jwt_claim_uid" always;
add_header X-jwt-status "Redirect to $jwt_claim_url" always;
return 301 $jwt_claim_url;
}
if ( $jwt_claim_uid != 222 ) {
add_header X-jwt-claim-uid "$jwt_claim_uid" always;
add_header X-jwt-status "Invalid user, no redirect" always;
}
}
}
#### Jwt.Validation.conf END