test api

docker/kratos/oathkeeper/access-rules.yml

@@ -72,7 +72,7 @@
     preserve_host: true
     url: "http://dashboard:3000"
   match:
-    url: "http://oathkeeper:4455/<{,uploads,downloads,payments}>"
+    url: "http://oathkeeper:4455/<{,uploads,downloads,payments,api,api/hello}>"
     methods:
       - GET
   authenticators:

packages/dashboard/package.json

@@ -10,6 +10,8 @@
   "dependencies": {
     "@ory/kratos-client": "^0.5.4-alpha.1",
     "autoprefixer": "^10.2.4",
+    "express-jwt": "^6.0.0",
+    "jwks-rsa": "^1.12.2",
     "next": "^10.0.6",
     "postcss": "^8.2.4",
     "prettier": "^2.2.1",

packages/dashboard/pages/api/hello.js

@@ -1,6 +1,26 @@
 // Next.js API route support: https://nextjs.org/docs/api-routes/introduction
 
-export default (req, res) => {
+import jwt from "express-jwt";
+import jwks from "jwks-rsa";
+import config from "../../src/config";
+
+// This middleware assumes that the app is secured using ORY Oathkeeper, in which case we
+// verify the JSON Web Token issued by ORY Oathkeeper using the jwt-express middleware.
+
+const middleware = jwt({
+  // Dynamically provide a signing key based on the kid in the header and the signing keys provided by the JWKS endpoint.
+  secret: jwks.expressJwtSecret({
+    cache: true,
+    jwksRequestsPerMinute: 5,
+    jwksUri: config.jwksUrl,
+  }),
+  algorithms: ["RS256"],
+});
+
+export default middleware((req, res) => {
+  console.log(Object.keys(req));
+  console.log(req);
+  console.log(JSON.stringify(req));
   res.statusCode = 200;
   res.json({ name: "John Doe" });
-};
+});