v5.0.0 tracking issue - Githubissues

awslabs / aws-jwt-verify

JS library for verifying JWTs signed by Amazon Cognito, and any OIDC-compatible IDP that signs JWTs with RS256, RS384, RS512, ES256, ES384, and ES512

Apache License 2.0

632 stars 45 forks source link

v5.0.0 tracking issue #166

Open ottokruse opened 4 months ago

ottokruse commented 4 months ago

In release v5.0.0 we aim to support AWS ALB (#109 ) for which we have to do significant groundwork. This issue tracks that groundwork:

Bump minimum supported Node.js version to 16 from 14: in #164
Support ES256, ES384 and ES512: in #164
Support non-standard JWKS: #167
Support JWTs with padding: tbd
Create an AwsAlbJwtVerifier and AwsAlbJwksCache: tbd

ottokruse commented 4 months ago

ALB docs on verifying their JWTs: link

Notably: the docs say they put iss, client and exp claims in the JWT header––which is non-standard, according to standard they should be in the JWT payload.

And here's the docs for Amazon Verified Access which works similar to ALB: link