Skip to content

BFE mod_auth_jwt

mod_auth_jwt

Introduction

mod_auth_jwt implements JWT(JSON Web Token).

Module Configuration

Description

conf/mod_auth_jwt/mod_auth_jwt.conf

Config Item	Description
Basic.DataPath	String Path of rule configuration
Log.OpenDebug	Boolean Debug flag of module

Example

[Basic]
DataPath = mod_auth_jwt/auth_jwt_rule.data

Rule Configuration

Description

conf/mod_auth_jwt/auth_jwt_rule.data

Config Item	Description
Version	String Version of config file
Config	Struct JWT rules for each product
Config{k}	String Product name
Config{v}	Object A ordered list of rules
Config{v}[]	Object A rule
Config{v}[].Cond	String Condition expression, See Condition
Config{v}[].KeyFile	String Path of JWK configuration
Config{v}[].Realm	String Realm, ie. protection space Default "Restricted"

Description about JWK configuration

Key file must follow the format described by the JSON Web Key Specification
Generate key:

echo -n jwt_example | base64 | tr '+/' '-_' | tr -d '='

key file configuration example

[
    {
        "k": "and0X2V4YW1wbGU",
        "kty": "oct",
        "kid": "0001"
    }
]

Example

{
    "Version": "20190101000000",
    "Config": {
        "example_product": [
            {
                "Cond": "req_host_in(\"www.example.org\")",
                "KeyFile": "mod_auth_jwt/key_file",
                "Realm": "Restricted"
            }
        ]
    }
}