Skip to content

Commit 47e640c

Browse files
coodoscoodos
committed
feat: signature validator library
1 parent b1ebf31 commit 47e640c

File tree

1 file changed

+31
-11
lines changed
  • infrastructure/evault-core/src/core/http

1 file changed

+31
-11
lines changed

infrastructure/evault-core/src/core/http/server.ts

Lines changed: 31 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -286,30 +286,50 @@ export async function registerHttpRoutes(
286286
// Helper function to validate JWT token
287287
async function validateToken(authHeader: string | null): Promise<any | null> {
288288
if (!authHeader || !authHeader.startsWith("Bearer ")) {
289+
console.error("Token validation: Missing or invalid Authorization header format");
289290
return null;
290291
}
291292

292293
const token = authHeader.substring(7); // Remove 'Bearer ' prefix
293294

294295
try {
295-
if (!process.env.REGISTRY_URL) {
296-
console.error("REGISTRY_URL is not set");
296+
// Try REGISTRY_URL first, fallback to PUBLIC_REGISTRY_URL
297+
const registryUrl = process.env.REGISTRY_URL || process.env.PUBLIC_REGISTRY_URL;
298+
if (!registryUrl) {
299+
console.error("Token validation: REGISTRY_URL or PUBLIC_REGISTRY_URL is not set");
297300
return null;
298301
}
299302

300-
const jwksResponse = await axios.get(
301-
new URL(
302-
`/.well-known/jwks.json`,
303-
process.env.REGISTRY_URL
304-
).toString()
305-
);
303+
const jwksUrl = new URL(`/.well-known/jwks.json`, registryUrl).toString();
304+
console.log(`Token validation: Fetching JWKS from ${jwksUrl}`);
305+
306+
const jwksResponse = await axios.get(jwksUrl, {
307+
timeout: 5000,
308+
});
306309

310+
console.log(`Token validation: JWKS response keys count: ${jwksResponse.data?.keys?.length || 0}`);
311+
307312
const JWKS = jose.createLocalJWKSet(jwksResponse.data);
313+
314+
// Decode token header to see what kid it's using
315+
const decodedHeader = jose.decodeProtectedHeader(token);
316+
console.log(`Token validation: Token header - alg: ${decodedHeader.alg}, kid: ${decodedHeader.kid}`);
317+
308318
const { payload } = await jose.jwtVerify(token, JWKS);
309-
319+
320+
console.log(`Token validation: Token verified successfully, payload:`, payload);
310321
return payload;
311-
} catch (error) {
312-
console.error("Token validation failed:", error);
322+
} catch (error: any) {
323+
console.error("Token validation failed:", error.message || error);
324+
if (error.code) {
325+
console.error(`Token validation error code: ${error.code}`);
326+
}
327+
if (error.response) {
328+
console.error(`Token validation HTTP error: ${error.response.status} - ${error.response.statusText}`);
329+
}
330+
if (error.cause) {
331+
console.error(`Token validation error cause:`, error.cause);
332+
}
313333
return null;
314334
}
315335
}

0 commit comments

Comments
 (0)