Skip to main content
Module

x/oauth4webapi/mod.ts>validateJwtAccessToken

OAuth 2 / OpenID Connect for JavaScript Runtimes
panva/oauth4webapi
Go to Latest
function validateJwtAccessToken
import { validateJwtAccessToken } from "https://deno.land/x/oauth4webapi@v2.10.1/mod.ts";

Validates use of JSON Web Token (JWT) OAuth 2.0 Access Tokens for a given Request as per RFC 9068 and optionally also RFC 9449.

This does validate the presence and type of all required claims as well as the values of the JWTAccessTokenClaims.iss | iss, JWTAccessTokenClaims.exp | exp, JWTAccessTokenClaims.aud | aud claims.

This does NOT validate the JWTAccessTokenClaims.sub | sub, JWTAccessTokenClaims.jti | jti, and JWTAccessTokenClaims.client_id | client_id claims beyond just checking that they're present and that their type is a string. If you need to validate these values further you would do so after this function's execution.

This does NOT validate the DPoP Proof JWT nonce. If your server indicates RS-provided nonces to clients you would check these after this function's execution.

This does NOT validate authorization claims such as scope either, you would do so after this function's execution.

Parameters

as: AuthorizationServer

Authorization Server to accept JWT Access Tokens from.

request: Request
expectedAudience: string

Audience identifier the resource server expects for itself.