Appearance
JWK Auth 中间件
¥JWK Auth Middleware
JWK Auth 中间件通过使用 JWK(JSON Web Key)验证令牌来验证请求。如果指定,它会检查 Authorization 标头和其他配置的源,例如 cookie。具体来说,它使用提供的 keys 验证令牌,如果指定,则从 jwks_uri 检索密钥,如果设置了 cookie 选项,则支持从 cookie 中提取令牌。
¥The JWK Auth Middleware authenticates requests by verifying tokens using JWK (JSON Web Key). It checks for an Authorization header and other configured sources, such as cookies, if specified. Specifically, it validates tokens using the provided keys, retrieves keys from jwks_uri if specified, and supports token extraction from cookies if the cookie option is set.
信息
从客户端发送的 Authorization 标头必须具有指定的方案。
¥The Authorization header sent from the client must have a specified scheme.
示例:Bearer my.token.value 或 Basic my.token.value
¥Example: Bearer my.token.value or Basic my.token.value
导入
¥Import
ts
import { Hono } from 'hono'
import { jwk } from 'hono/jwk'用法
¥Usage
ts
const app = new Hono()
app.use(
'/auth/*',
jwk({
jwks_uri: `https://${backendServer}/.well-known/jwks.json`,
})
)
app.get('/auth/page', (c) => {
return c.text('You are authorized')
})获取有效负载:
¥Get payload:
ts
const app = new Hono()
app.use(
'/auth/*',
jwk({
jwks_uri: `https://${backendServer}/.well-known/jwks.json`,
})
)
app.get('/auth/page', (c) => {
const payload = c.get('jwtPayload')
return c.json(payload) // eg: { "sub": "1234567890", "name": "John Doe", "iat": 1516239022 }
})选项
¥Options
optional 键:HonoJsonWebKey[] | (() => Promise<HonoJsonWebKey[]>)
¥optional keys: HonoJsonWebKey[] | (() => Promise<HonoJsonWebKey[]>)
你的公钥的值,或返回它们的函数。
¥The values of your public keys, or a function that returns them.
optional jwks_uri:string
如果设置了此值,则尝试从此 URI 获取 JWK,期望 JSON 响应带有 keys,这些响应将添加到提供的 keys 选项中。
¥If this value is set, attempt to fetch JWKs from this URI, expecting a JSON response with keys, which are added to the provided keys option.
optional cookie:string
如果设置了此值,则使用该值作为密钥从 cookie 标头中检索该值,然后将其验证为令牌。
¥If this value is set, then the value is retrieved from the cookie header using that value as a key, which is then validated as a token.