mirror of
https://forgejo.merr.is/annika/jwtauth.git
synced 2025-12-11 13:47:41 -05:00
Update Verifier for locating jwt token; removing TokenFromQuery from defaults
This commit is contained in:
Peter Kieltyka
parent
b8af768272
commit
38df5c8c2e
2 changed files with 22 additions and 17 deletions
26
jwtauth.go
26
jwtauth.go
|
|
@ -12,13 +12,18 @@ import (
|
|||
"github.com/lestrrat-go/jwx/jwt"
|
||||
)
|
||||
|
||||
// Context keys
|
||||
type JWTAuth struct {
|
||||
alg jwa.SignatureAlgorithm
|
||||
signKey interface{} // private-key
|
||||
verifyKey interface{} // public-key, only used by RSA and ECDSA algorithms
|
||||
verifier jwt.ParseOption
|
||||
}
|
||||
|
||||
var (
|
||||
TokenCtxKey = &contextKey{"Token"}
|
||||
ErrorCtxKey = &contextKey{"Error"}
|
||||
)
|
||||
|
||||
// Library errors
|
||||
var (
|
||||
ErrUnauthorized = errors.New("token is unauthorized")
|
||||
ErrExpired = errors.New("token is expired")
|
||||
|
|
@ -28,13 +33,6 @@ var (
|
|||
ErrAlgoInvalid = errors.New("algorithm mismatch")
|
||||
)
|
||||
|
||||
type JWTAuth struct {
|
||||
alg jwa.SignatureAlgorithm
|
||||
signKey interface{} // private-key
|
||||
verifyKey interface{} // public-key, only used by RSA and ECDSA algorithms
|
||||
verifier jwt.ParseOption
|
||||
}
|
||||
|
||||
func New(alg string, signKey interface{}, verifyKey interface{}) *JWTAuth {
|
||||
ja := &JWTAuth{alg: jwa.SignatureAlgorithm(alg), signKey: signKey, verifyKey: verifyKey}
|
||||
|
||||
|
|
@ -65,7 +63,7 @@ func New(alg string, signKey interface{}, verifyKey interface{}) *JWTAuth {
|
|||
// http response.
|
||||
func Verifier(ja *JWTAuth) func(http.Handler) http.Handler {
|
||||
return func(next http.Handler) http.Handler {
|
||||
return Verify(ja, TokenFromQuery, TokenFromHeader, TokenFromCookie)(next)
|
||||
return Verify(ja, TokenFromHeader, TokenFromCookie)(next)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -266,6 +264,14 @@ func TokenFromHeader(r *http.Request) string {
|
|||
|
||||
// TokenFromQuery tries to retreive the token string from the "jwt" URI
|
||||
// query parameter.
|
||||
//
|
||||
// To use it, build our own middleware handler, such as:
|
||||
//
|
||||
// func Verifier(ja *JWTAuth) func(http.Handler) http.Handler {
|
||||
// return func(next http.Handler) http.Handler {
|
||||
// return Verify(ja, TokenFromQuery, TokenFromHeader, TokenFromCookie)(next)
|
||||
// }
|
||||
// }
|
||||
func TokenFromQuery(r *http.Request) string {
|
||||
// Get token from query param named "jwt".
|
||||
return r.URL.Query().Get("jwt")
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue