In case someone is still looking for the answer for Node.js here is solution i used. Hopefully it saves you some time 
// require('jsonwebtoken');
// require('jwks-rsa');
// require('cookie-parser');
app.use(cookieParser());
const KID = "value";
const CERTS_URL = "value";
const AUDIENCE_TAG = "value";
const COOKIE_NAME = "value";
const client = jwksClient({
jwksUri: CERTS_URL,
});
function jwt_validation_middleware(req, res, next) {
const token = req.cookies[COOKIE_NAME];
if (!token) {
// no token - 403
} else {
client.getSigningKey(KID, (err, key) => {
if (err) {
// error while fetching key
} else {
const signingKey = key.getPublicKey();
try {
jwt.verify(token, signingKey, {
audience: AUDIENCE_TAG,
});
} catch (e) {
// malformed token - 403
}
// allow user - 200
next();
}
});
}
}
app.use(jwt_validation_middleware);