How to secure socket.io with JWT in atlassian connect express (ace)

Jira Development Jira Cloud
, , , ,
#1

what is the proper way to secure a socket.io connection between a jira backen and a js-client. the ace documentation only provides api to handle node-express requests but no plain function to validate the jwt token.
at the client side i have the valide token ready like this:

new SocketIoClient({query: 'jwt=' + jwt});

at the server side i can receive this token like this:

socketIoServer.on('connection', socket => {
    const jwt = socket.handshake.query.jwt;
    console.log('jwt', jwt);
});

but i am missing a ace function like:

addon.validateJwtToken(jwt)

any experiences with socket.io here?

thanks,
florian