Skip to content

Latest commit

 

History

History
68 lines (49 loc) · 2.23 KB

README.md

File metadata and controls

68 lines (49 loc) · 2.23 KB

okta-jwt-verifier

Test GoDoc Go Report

Alternative implementation to the official okta-jwt-verifier that includes support for telemetry (ie. OpenTelemetry), minimizing verification latency, and testability.

Examples

Token Validation

package main

import (
    "context"
    verifier "github.com/sovietaced/okta-jwt-verifier"
)

func main() {
    ctx := context.Background()
    issuer := "https://test.okta.com"
    v, err := verifier.NewVerifier(issuer)

    idToken := "..."
    token, err := v.VerifyIdToken(ctx, idToken)

    accessToken := "..."
    token, err = v.VerifyAccessToken(ctx, accessToken)
}

Background Fetching Optimization

By default, the okta JWT verifier will lazily fetch OIDC metadata and JSON Web Key sets. When the first call to verify a token is made a couple of HTTP requests will be made inline and block your call to verify the token. You can configure the verifier to fetch OIDC metadata and JSON Web Key sets asynchronously in the background to optimize token verification duration.

package main

import (
    "context"
    kf "github.com/sovietaced/okta-jwt-verifier/keyfunc/okta"
    md "github.com/sovietaced/okta-jwt-verifier/metadata/okta"
    verifier "github.com/sovietaced/okta-jwt-verifier"
)

func main() {
    ctx := context.Background()
    issuer := "https://test.okta.com"

    mpProvider, err := md.NewMetadataProvider(issuer, md.WithFetchStrategy(md.Background))
    kfProvider, err := kf.NewKeyfuncProvider(mpProvider, kf.WithFetchStrategy(kf.Background))
    v, err := verifier.NewVerifier(issuer, verifier.WithKeyfuncProvider(kfProvider))

    idToken := "..."
    token, err := v.VerifyIdToken(ctx, idToken)

    accessToken := "..."
    token, err = v.VerifyAccessToken(ctx, accessToken)
}