Giter VIP home page Giter VIP logo

nginx-jwt-auth's Introduction

nginx-jwt-auth

Lua module to authorize clients by validating JWT in Nginx.

Supported algorithms:

  • HS256, HS384, HS512
  • RS256, RS384, RS512

Dependencies

For Debian, install the following packages.

apt-get install libnginx-mod-http-lua
apt-get install lua-cjson lua-basexx lua-luaossl

Installation

wget -O /usr/local/share/nginx-jwt-auth.lua \
    https://raw.githubusercontent.com/nordeck/nginx-jwt-auth/main/nginx-jwt-auth.lua

Configuration

HMAC with a key

Sample Nginx location for HS256 algorithm with jwt_key.

location /hello {
    set $jwt_algo "HS256";
    set $jwt_key "myappsecret";
    access_by_lua_file /usr/local/share/nginx-jwt-auth.lua;
}

HMAC with a key file

Sample Nginx location for HS512 algorithm with jwt_key_file.

location /hello {
    set $jwt_algo "HS512";
    set $jwt_key_file /path/keyfile;
    access_by_lua_file /usr/local/share/nginx-jwt-auth.lua;
}

echo -n "myappsecret" >/path/keyfile

RSA with a key file

Sample Nginx location for RS256 algorithm with jwt_key_file.

location /hello {
    set $jwt_algo "RS256";
    set $jwt_key_file /path/keyfile;
    access_by_lua_file /usr/local/share/nginx-jwt-auth.lua;
}

/path/keyfile contains the public RSA key in PEM format.

mv jwt-rsa.pub /path/keyfile

Testing

TOKEN="\
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.\
eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6Ik5vcmRlY2siLCJuYmYiOjE1MTYyMzkwMjIsImV4cCI6MjAxNjIzOTAyMn0.\
OWw9KK7xPXBJ_AXbaETrhkPMw_2NNyrrrHHhwTwCnKY\
"

curl -L -H "Authorization: Bearer $TOKEN" https://my.host.address/hello

nginx-jwt-auth's People

Contributors

emrahcom avatar

Stargazers

avatar avatar

Watchers

avatar avatar avatar avatar

Forkers

heartshare

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.