This is a simple mock api.
It is secured with jwts to be provided as bearer tokens.
These are validated with jkws fetched from a given endpoint.
Provide the following environment variables:
| Variable | Description |
|---|---|
| JWKSURL | the url from which the jwks may be fetched from |
| HOST | the bind interface for our api server (e.g. 0.0.0.0:8081, :8081, ...) |
/publicis accessible regardless if a valid token is provided or not. If it was, then the response will include thesubSubject ID from the token./authenticatedrequires a valid token. If none was provided, it responds with a401 Unauthorized/authorized/:idrequires a valid token and the:idto match the subject ID (sub) from the token. This is simulating accessing a resource for which we need to be the resource owner