ShipSaaS Laravel JWKS

shipsaas · Oct 15, 2023 · 763fa86 · 763fa86
1 parent 1c181ee
commit 763fa86
Show file tree

Hide file tree

Showing 5 changed files with 56 additions and 5 deletions.
diff --git a/.github/laravel-jwks-diagram.png b/.github/laravel-jwks-diagram.png
diff --git a/README.md b/README.md
@@ -14,17 +14,20 @@ Documentation: [ShipSaaS Laravel JWKS](https://laravel-jwks.shipsaas.tech)
 
 ## Sample use cases
 
-Ever thinking of microservices? One of the biggest challenges is the Authentication & Authorization.
+Ever thinking of microservices? One of the biggest challenges is having the Authentication (& Authorization) service.
 
 However, you don't have to spend enormous time to build a brand new AuthService and migrate the current users.
 
 Your current app = the core, the heart of everything. Let's build satellite services around that.
 
-< diagram here >
+![laravel-jwks-diagram.png](.github/laravel-jwks-diagram.png)
 
-With JWKS, satellite services can simply verify the signed JWT token before handling the actual requests.
+With (Laravel) JWKS, we will have:
 
-JWKS is supported in multiple languages e.g.: Node.js, go,...
+- The main app exposes the JWKs internally for the satellite microservices.
+- The satellite services can simply obtain the JWKs and verify the signed JWT token before handling the actual requests.
+
+JWKS is supported in multiple languages e.g.: Node.js, Go,...
 
 ## Installation
 

diff --git a/src/Configs/jwks.php b/src/Configs/jwks.php
@@ -16,6 +16,16 @@
      */
     'use_default_jwks_route' => true,
 
+    /**
+     * The middleware that you want to apply before accessing the handler
+     *
+     * This would come in handy if you want to have your own custom authentication (basic token or something)
+     */
+    'default_jwks_route_middlewares' => [
+        // 'base_auth',
+        // AuthMiddleware::class,
+    ],
+
     /**
      * The JWT Algorithm of your current application
      *

diff --git a/src/Routes/jwks_routes.php b/src/Routes/jwks_routes.php
@@ -4,5 +4,6 @@
 use ShipSaasLaravelJwks\Http\Controllers\JwksController;
 
 if (config('jwks.use_default_jwks_route')) {
-    Route::get('auth/jwks', [JwksController::class, 'index']);
+    Route::get('auth/jwks', [JwksController::class, 'index'])
+        ->middleware(config('jwks.default_jwks_route_middlewares'));
 }
diff --git a/tests/Features/JwksControllerTest.php b/tests/Features/JwksControllerTest.php
@@ -0,0 +1,37 @@
+<?php
+
+namespace ShipSaasLaravelJwks\Tests\Features;
+
+use ShipSaasLaravelJwks\Tests\TestCase;
+
+class JwksControllerTest extends TestCase
+{
+    public function testIndexReturnsTheDefaultJwks()
+    {
+        config([
+            'jwks.default_keys_path' => [
+                __DIR__ . '/../__fixtures__/public-key.pub'
+            ],
+        ]);
+
+        $this->json('GET', '/auth/jwks')
+            ->assertOk()
+            ->assertJsonIsArray()
+            ->assertJsonFragment([
+                'kty' => 'RSA',
+                'alg' => 'RS256',
+            ]);
+    }
+
+    public function testIndexReturnsEmptyOnNoKey()
+    {
+        config([
+            'jwks.default_keys_path' => [],
+        ]);
+
+        $this->json('GET', '/auth/jwks')
+            ->assertOk()
+            ->assertJsonIsArray()
+            ->assertJsonCount(0);
+    }
+}