Auth0 JWT (RS256) verification library

Auth0 is web service handling users identities which can be easily plugged into your application. It provides SDKs for many languages which enable you to sign up/in users and returns access token (JWT) in exchange. Access token can be used then to access your's Web Service. This gem helps you to verify such access token which has been signed using the RS256 algorithm.

Installation

Install the auth0_rs256_jwt_verifier package from Rubygems:

    gem install auth0_rs256_jwt_verifier 

Install it using Bundler specifying it as dependency in your Gemfile:

    gem "auth0_rs256_jwt_verifier"

Usage

# Verifier caches RS256 certificates fetched from jwks_uri.
# You should initialize it once and reuse for JWTs verification.

require "auth0_rs256_jwt_verifier"

AUTH0_JWT_VERIFIER = Auth0RS256JWTVerifier.new(
  issuer:   "ISSUER",
  audience: "AUDIENCE",
  jwks_url: "https://YOUR_AUTH0_DOMAIN/.well-known/jwks.json"
)

result = AUTH0_JWT_VERIFIER.verify("JWT_ACCESS_TOKEN_SIGNED_USING_RS256_ALGORITHM").valid?
if result.valid?
  p "Token is valid"
  p "User id: #{result.user_id}"
else
  p "Token is invalid"
end