JWT verification module for Apache2 compatible with CloudFlare

133 views Asked by At

I am planning to set up a CloudFlare proxy in front of my web service and use mTLS for authentication (see https://community.cloudflare.com/t/mtls-user-propagation/371991). Ths mTLS terminations is done by CloudFlare. What will arrive at my web server is an HTTP header called Cf-Access-Jwt-Assertion, containing a JSON Web Token (example can be found in above link as well) with claims.

Is there a way to configure Apache2 to verify this JSON Web Token for me so that my application does not have to?

This module would need to download through a given URL the public key of the JWT for verification, and would need to be configurable to verify certain claims in the JWT, e.g. the aud field or others.

Note: I am aware that a solution for HA Proxy exists, but I am explicitly looking for one for Apache2.

0

There are 0 answers