How to use Jsonwebtoken NPM package to verify JWT token issued by Azure AD

0 votes

I am trying to use jsonwebtoken NPM package for verifying a JWT token issued by Azure Active Directory. Following is the node.js code that I have written:

  var jwt = require('jsonwebtoken');
  var token = '<valid JWT token>';
  var x5cString = '<x5cSTring>';
  var publicKey = '-----BEGIN CERTIFICATE-----\n' + x5cString + '\n-----END CERTIFICATE-----';

    var verifiedToken = jwt.verify(token, publicKey) //, verifyOptions);

Please note that in the above code I use the actual x5c String from https://login.microsoftonline.com/common/discovery/keys. This works fine and I get the expected result. But, the X5C string which is the public key keeps changing. I am trying to understand how to get this public key automatically.

EDIT

I found some sample code on Jsonwebtoken NPM package web site. In this code signingKey is what I want. Following is the code.

var jwksClient = require('jwks-rsa');
var client = jwksClient({
  jwksUri: 'https://login.microsoftonline.com/common/discovery/keys'
});
function getKey(header, callback){
  client.getSigningKey(header.kid, function(err, key) {
    var signingKey = key.publicKey || key.rsaPublicKey;
    callback(null, signingKey);
  });
}

jwt.verify(token, getKey, options, function(err, decoded) {
  console.log(decoded.foo) // bar
});

In the above code, jwt.verify calls getKey that takes header and callback as parameter. I do not understand how jwt.verify function passed 'header' parameter to the getKey. Following is the header that I have retrieved. how do I pass this header to getKey in the jwt.verify?

var decoded = jwt.decode(token, {complete: true});
var header = decoded.header
Mar 23, 2022 in Azure by Edureka
 • 13,620 points 4,161 views

1 answer to this question.

0 votes

Okay so I have found out the solution. Following is the final code that I have.

var jwksClient = require('jwks-rsa');
var jwt = require('jsonwebtoken');

    token = 'valid JWT token';
    var decoded = jwt.decode(token, {complete: true});
    var header = decoded.header

    var verifyOptions = {
     algorithms: ['RS256'],
     header: decoded.header

  };


    var client = jwksClient({
      jwksUri: 'https://login.microsoftonline.com/common/discovery/keys'
    });
    function getKey(header, callback){
      client.getSigningKey(header.kid, function(err, key) {
        var signingKey = key.publicKey || key.rsaPublicKey;
        callback(null, signingKey);
      });
    }

    jwt.verify(token, getKey, verifyOptions, function(err, decoded) {
      //This will display the decoded JWT token.
      console.log(decoded)  
    });
answered Mar 29, 2022 by Edureka
 • 12,690 points

Related Questions In Azure

0 votes
1 answer

How to retrieve View definition on Synapse (Azure SQL DW)?

To authenticate with Azure SQL Database or ...READ MORE

answered Mar 4, 2022 in Azure by Edureka
 • 13,620 points 1,724 views
0 votes
1 answer

How to run second azure pipeline on the completion of a stage on first pipeline

Navigate to your project by logging into ...READ MORE

answered Mar 2, 2022 in Azure by Edureka
 • 13,620 points 725 views
0 votes
1 answer

How to add Azure Portal to myapps.microsoft.com

Steps to add Azure Portal: Sign in as an ...READ MORE

answered Mar 8, 2022 in Azure by Edureka
 • 13,620 points
edited Jun 27, 2023 by Khan Sarfaraz 2,405 views
0 votes
1 answer

How to get the percentage of the predicted labels in Azure Custom Vision?

It's calculated in the same way, except ...READ MORE

answered Mar 26, 2022 in Azure by Edureka
 • 12,690 points 498 views
0 votes
0 answers

How to add a new organisation to an existing channel in hyperledger fabric without creating a new node/peer for that organisation. Can we add a organisation which does not contain any nodes?

May 2, 2019 in Blockchain by anonymous
 5,126 views
0 votes
1 answer

Truffle tests not running after truffle init

This was a bug. They've fixed it. ...READ MORE

answered Sep 11, 2018 in Blockchain by Christine
 • 15,790 points 1,922 views
0 votes
1 answer

Hyperledger Sawtooth vs Quorum in concurrency and speed Ask

Summary: Both should provide similar reliability of ...READ MORE

answered Sep 26, 2018 in IoT (Internet of Things) by Upasana
 • 8,620 points 1,451 views
0 votes
1 answer

how to verify jwt token in nodejs / never expire?

You can achieve this by using the ...READ MORE

answered Jun 17, 2022 in Node-js by Neha
 • 9,020 points 7,562 views
0 votes
1 answer

How do I use Powershell to create an Azure Web App that runs on Linux?

Try the command below: New-AzureRmResource -ResourceGroupName <ResourceGroupName> -Location ...READ MORE

answered Mar 25, 2022 in Azure by Edureka
 • 12,690 points 1,060 views
0 votes
1 answer

How to determine, find, install and reference a proper Azure SDK package?

Instead of downloading this-and-that item directly, I ...READ MORE

answered Apr 11, 2022 in Azure by Edureka
 • 12,690 points 518 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.