Hey -- thanks for making this, it's been very helpful for me!
I added a bit to it to enable end-to-end verification of the CF Zero-Trust access token, which is slightly involved because you have to dynamically load the cert from a CF endpoint.
The code is here -- I won't attempt a PR as my Javascript (and certainly TypeScript) skills are rudimentary:
It expects an environment variable of "TEAM_NAME" and optionally one of JWT, for local dev (copy the CF_Authorization cookie from DevTools on a real authenticated session and stick it in .dev.vars.
Hey -- thanks for making this, it's been very helpful for me!
I added a bit to it to enable end-to-end verification of the CF Zero-Trust access token, which is slightly involved because you have to dynamically load the cert from a CF endpoint.
The code is here -- I won't attempt a PR as my Javascript (and certainly TypeScript) skills are rudimentary:
https://gist.github.com/mseebach/f2c7dc1f6fd741070e52253ad8067275
It expects an environment variable of "TEAM_NAME" and optionally one of JWT, for local dev (copy the CF_Authorization cookie from DevTools on a real authenticated session and stick it in .dev.vars.