search

rebrandly / rebrandly-express

Seamlessly connect your web server to Rebrandly so that you can re-use your domain name for both your app and your short links
https://rebrandly.com
GNU General Public License v3.0
3 stars 0 forks source link

Magic JWT verification #3

Open giannifiore opened 2 years ago

giannifiore commented 2 years ago

User Stories

As a Rebrandly developer,
I want Rebrandly customer to copy and paste a token into their middleware configurations,
So that I can pack multiple options and technical settings in a way that is transparent to customers

Acceptance Tests

[should verify that the token incorporates the alias hostname] Given a valid Rebrandly token for aliasing (a JWT), Given the middleware is set up with the token passed as option, When the server is launched, Then the token is decoded and the alias hostname is derived out of the JWT

[should verify that the token is signed by Rebrandly] Given a valid Rebrandly token for aliasing (a JWT), Given the middleware is set up with the token passed as option, When the server is launched, Then the JWT signature is verified against the Rebrandly public key

[should disable itself in case the token was not signed by Rebrandly] Given an invalid Rebrandly token for aliasing (a JWT), Given the middleware is set up with the token passed as option, When the server is launched Then the MW prints a warning and disables itself (no-op) in a way that the global flow continues as usual