Interface BaseOptions

interface BaseOptions {
    alg?: Algoritm;
    invalidUserMessage?:
        | string
        | object
        | unstable_createBearerAuthMiddleware.MessageFunction;
    jwksUri: string
    | URL;
    realm?: string;
    verifyOptions?: JWTVerifyOptions;
}

Hierarchy (View Summary)

Properties

alg? invalidUserMessage? jwksUri realm? verifyOptions?

Properties

Optionalalg

alg?: Algoritm

The algorithm to use for verifying the JWT signature.

Default

"ES256"

OptionalinvalidUserMessage

invalidUserMessage?:
    | string
    | object
    | unstable_createBearerAuthMiddleware.MessageFunction

The message to return when the user is invalid.

If a function is provided, it will be called with the request and context as arguments.

If the function returns a string, it will be used as the message.

If the function returns an object, it will be serialized as JSON and used as the response body.

Default

"Unauthorized"

Example

"Invalid user"
(args) => `Invalid user: ${args.request.headers.get("X-User")}`
async (args) => {
 let user = await getUser(args.context);
 return `Invalid user: ${user}`;
}
{ error: "Invalid user" }
(args) => ({
  error: `Invalid user: ${args.request.headers.get("X-User")}`
})
async (args) => {
 let user = await getUser(args.context);
 return { error: `Invalid user: ${user}` };
}

jwksUri

jwksUri: string | URL

The URL of the JWKS endpoint.

Example

"https://auth.example.com/.well-known/jwks.json"

Optionalrealm

realm?: string

The domain name of the realm, as part of the returned WWW-Authenticate challenge header.

Default

"Secure Area"

OptionalverifyOptions

verifyOptions?: JWTVerifyOptions

Settings

Member Visibility

On This Page

Properties