Hi All,
We've got an implementation of Node-RED which sits behind cloudflare and authenticates via the JWT process. In v1.3.5 this function worked well and wasn't a problem. When I've upgraded to v2.1.4, this same function doesn't work anymore and just gives me a 401 - Unauthorized.
The node modules are loaded correctly and no error is being dumped into the logs of the container to say there's a problem, either.
This is the function that we're using:
adminAuth: {
tokens: function(token) {
return new Promise(function(resolve, reject) {
var jwt = require('jsonwebtoken');
var jwksClient = require('jwks-rsa');
var client = jwksClient({
jwksUri: process.env.NODE_RED_JWKS_URI,
});
var options = {
algorithms: [ 'RS256' ],
audience: process.env.NODE_RED_JWT_AUDIENCE,
issuer: process.env.NODE_RED_JWT_ISSUER
};
function getKey(header, callback){
client.getSigningKey(header.kid, function(err, key) {
var signingKey = null;
try {
signingKey = key.publicKey || key.rsaPublicKey;
} catch (e) {
console.log(e);
}
callback(null, signingKey);
});
}
jwt.verify(token, getKey, options, function(err, decoded) {
if (err) {
resolve(null);
} else {
var user = { username: decoded.email, permissions: '*' };
resolve(user);
}
});
});
},
tokenHeader: 'cf-access-jwt-assertion'
}
So to clarify, this same function works fine when I roll back to 1.3.5 but doesn't authenticate me on 2.1.4.
Are there any additions I can make to it to perhaps show me in the console or the logs where it might be going wrong or failing?