import { ExtractJwt, Strategy } from 'passport-jwt';
import { PassportStrategy } from '@nestjs/passport';
import { Injectable, Logger, UnauthorizedException } from '@nestjs/common';
import { passportJwtSecret } from 'jwks-rsa';
@Injectable()
export class JwtStrategy extends PassportStrategy(Strategy) {
constructor() {
super({
secretOrKeyProvider: passportJwtSecret({
cache: true,
rateLimit: true,
jwksRequestsPerMinute: 5,
jwksUri: https://cognito-idp.{region}.amazonaws.com/{userPoolId}/.well-known/jwks.json
}),
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
audience: 'client id',
issuer: https://cognito-idp.<region>.amazonaws.com/<userpoolID>.
algorithms: ['RS256'],
});
}
async validate(payload: any) {
console.debug('JWT VALIDATION')
return !!payload.sub;
}
}