Replace keycloak-connect protect method with jsonwebtoken.verify

We can use the verify() method that comes with the jsonwebtoken library to verify the client's auth token is valid. An invalid token will now return a Problem instance Updated API spec
bcgov · Apr 16, 2024 · b1fa2a1 · b1fa2a1
1 parent 9ac36fc
commit b1fa2a1
Show file tree

Hide file tree

Showing 8 changed files with 343 additions and 1,643 deletions.
diff --git a/app/app.js b/app/app.js
@@ -7,7 +7,6 @@ const helmet = require('helmet');
 const moment = require('moment');
 
 const { name: appName, version: appVersion } = require('./package.json');
-const keycloak = require('./src/components/keycloak');
 const log = require('./src/components/log')(module.filename);
 const httpLogger = require('./src/components/log').httpLogger;
 const { getGitRevision } = require('./src/components/utils');
@@ -69,9 +68,6 @@ if (process.env.NODE_ENV !== 'test') {
   app.use(httpLogger);
 }
 
-// Use Keycloak OIDC Middleware
-app.use(keycloak.middleware());
-
 // Block requests until service is ready and mounted
 app.use((_req, res, next) => {
   if (state.shutdown) {