-
Notifications
You must be signed in to change notification settings - Fork 3
/
jwt.go
78 lines (69 loc) · 1.67 KB
/
jwt.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
// Package jwtm provides goji middleware for JSON Web Tokens.
package jwtm
import (
"net/http"
"strings"
"github.com/dgrijalva/jwt-go"
"github.com/zenazn/goji/web"
)
/*
CValue is what gets added to the goji web context env.
*/
type CValue struct {
Token *jwt.Token
Error error
}
/*
TokenFunc returns an encoded JTW token
*/
type TokenFunc func(*web.C, *http.Request) string
/*
NewMiddleware creates some goji middleware that loads a JWT token into the
context environment.
keyFunc is responsible for loading loading the correct key.
tokenFunc is responsible for loading the raw JWT token string.
A CValue gets injected into c.Env[envKey]
*/
func NewMiddleware(
envKey string,
keyFunc jwt.Keyfunc,
tokenFunc TokenFunc,
) func(*web.C, http.Handler) http.Handler {
return func(c *web.C, h http.Handler) http.Handler {
return http.HandlerFunc(
func(w http.ResponseWriter, r *http.Request) {
if c.Env == nil {
c.Env = make(map[string]interface{})
}
v := CValue{}
t := tokenFunc(c, r)
if t == "" {
v.Error = jwt.ErrNoTokenInRequest
} else {
v.Token, v.Error = jwt.Parse(tokenFunc(c, r), keyFunc)
}
c.Env[envKey] = v
h.ServeHTTP(w, r)
},
)
}
}
/*
NewAuthorizationHeaderMiddleware creates some goji middleware that loads a JWT
token from the HTTP Authorization headers BEARER value.
*/
func NewAuthorizationHeaderMiddleware(
envKey string,
keyFunc jwt.Keyfunc,
) func(*web.C, http.Handler) http.Handler {
return NewMiddleware(
envKey,
keyFunc,
func(_ *web.C, r *http.Request) string {
if ah := r.Header.Get("Authorization"); len(ah) > 6 && strings.ToUpper(ah[0:6]) == "BEARER" {
return ah[7:]
}
return ""
},
)
}