ヘッドレスウォレット認証

// Using Sequence.js
const { idToken } = await sequence.getIdToken();

const response = await fetch(BACKEND_ENDPOINT, {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
  },
  body: JSON.stringify({ sequenceToken: idToken }),
});

import * as jwt from "jsonwebtoken";
import * as jwksClient from "jwks-rsa";

...serverConfig

// Initialize the JWKS client
const client = jwksClient({
  jwksUri: "https://waas.sequence.app/.well-known/jwks.json",
  cache: true,
  cacheMaxAge: 86400000, // 1 day
});

// Should be equal to the audience claim in the JWT that you want to verify which will be of the form https://sequence.build/project/*projectID*
const EXPECTED_AUDIENCE = "https://sequence.build/project/*PROJECT_ID*"

const decodedToken = jwt.decode(token, { complete: true });
if (!decodedToken || typeof decodedToken === "string") {
  throw new Error("Invalid token");
}

const kid = decodedToken.header.kid;
const signingKey = await getSigningKey(kid);
const publicKey = (
  signingKey as jwksClient.CertSigningKey | jwksClient.RsaSigningKey
).getPublicKey();

console.log(EXPECTED_AUDIENCE);

const verified = jwt.verify(token, publicKey, {
  algorithms: ["RS256"], // Specify the expected algorithm
  audience: EXPECTED_AUDIENCE, // Verify the audience claim
});

  // Verifying Email claim
if (!verified.email || typeof verified.email !== "string") {
  throw new Error("Invalid email claim");
}