aws-jwt-verify icon indicating copy to clipboard operation
aws-jwt-verify copied to clipboard
verified publisher icon awslabs

v5.0.0 tracking issue

Open ottokruse opened this issue 1 year ago • 1 comments

In release v5.0.0 we aim to support AWS ALB (#109 ) for which we have to do significant groundwork. This issue tracks that groundwork:

  • Bump minimum supported Node.js version to 16 from 14: in #164
  • Support ES256, ES384 and ES512: in #164
  • Support non-standard JWKS: #167
  • Support JWTs with padding: tbd
  • Create an AwsAlbJwtVerifier and AwsAlbJwksCache: tbd

ottokruse avatar Jul 17 '24 14:07 ottokruse

ALB docs on verifying their JWTs: link

Notably: the docs say they put iss, client and exp claims in the JWT header––which is non-standard, according to standard they should be in the JWT payload.

And here's the docs for Amazon Verified Access which works similar to ALB: link

ottokruse avatar Jul 18 '24 08:07 ottokruse

It's out: https://github.com/awslabs/aws-jwt-verify/releases/tag/v5.0.0

Still need to finish #176 but we decided to not make that block release of v5.0.0

ottokruse avatar Jan 08 '25 08:01 ottokruse