-
Notifications
You must be signed in to change notification settings - Fork 154
/
jwt.js
36 lines (31 loc) · 1.17 KB
/
jwt.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
/**
*
* This rule generates a signed JSON Web Token based on the `user` object. Useful when using other protocols like SAML or WS-Federation and you need to call a downstream API that accepts JSON Web Tokens. The `id_token` will be part of the user profile, which will be translated to a SAML Attribute.
*
* @title Generate a JSON Web Token
* @overview Generate a signed JSON Web Token based on the `user` object.
* @category token
*/
function generateJwt(user, context, callback) {
const jwt = require('jsonwebtoken');
const CLIENT_SECRET = configuration.TARGET_API_CLIENT_SECRET;
const CLIENT_ID = configuration.TARGET_API_CLIENT_ID;
//Copies user profile attributes needed in the API (equivalent to `scope`)
const api_user = {
user_id: user.user_id,
email: user.email,
name: user.name
};
const options = {
subject: user.user_id,
expiresIn: '10h', //Should be greater than the SAML token expiration
audience: CLIENT_ID,
issuer: 'https://{your auth0 account}.auth0.com'
};
context.idToken['https://example.com/id_token'] = jwt.sign(
api_user,
Buffer.from(CLIENT_SECRET, 'base64'),
options
);
callback(null, user, context);
}