Package list golang-github-go-kit-kit / 8147bc1
Remove ambiguous Claims type. Cameron Stitt 4 years ago
2 changed file(s) with 14 addition(s) and 39 deletion(s). Raw diff Collapse all Expand all
4343 ErrUnexpectedSigningMethod = errors.New("unexpected signing method")
4444 )
4545
46 // Claims is a map of arbitrary claim data.
47 type Claims map[string]interface{}
48
49 // NewSignerWithClaims creates a new JWT token generating middleware, specifying key ID,
46 // NewSigner creates a new JWT token generating middleware, specifying key ID,
5047 // signing string, signing method and the jwt.Claims you would like it to contain.
5148 // Tokens are signed with a Key ID header (kid) which is useful for determining
5249 // the key to use for parsing. Particularly useful for clients.
53 func NewSignerWithClaims(kid string, key []byte, method jwt.SigningMethod, claims jwt.Claims) endpoint.Middleware {
50 func NewSigner(kid string, key []byte, method jwt.SigningMethod, claims jwt.Claims) endpoint.Middleware {
5451 return func(next endpoint.Endpoint) endpoint.Endpoint {
5552 return func(ctx context.Context, request interface{}) (response interface{}, err error) {
5653 token := jwt.NewWithClaims(method, claims)
6865 }
6966 }
7067
71 // NewSigner creates a new JWT token generating middleware, specifying key ID,
72 // signing string, signing method and the claims you would like it to contain.
73 // It passes these values onto NewSignerWithClaims to handle the signing process.
74 func NewSigner(kid string, key []byte, method jwt.SigningMethod, claims Claims) endpoint.Middleware {
75 return NewSignerWithClaims(kid, key, method, jwt.MapClaims(claims))
76 }
77
78 // NewParserWithClaims creates a new JWT token parsing middleware, specifying a
68 // NewParser creates a new JWT token parsing middleware, specifying a
7969 // jwt.Keyfunc interface, the signing method as well as the claims to parse into.
8070 // NewParserWithClaims adds the resulting claims to endpoint context or returns error on invalid token.
8171 // Particularly useful for servers.
82 func NewParserWithClaims(keyFunc jwt.Keyfunc, method jwt.SigningMethod, claims jwt.Claims) endpoint.Middleware {
72 func NewParser(keyFunc jwt.Keyfunc, method jwt.SigningMethod, claims jwt.Claims) endpoint.Middleware {
8373 return func(next endpoint.Endpoint) endpoint.Endpoint {
8474 return func(ctx context.Context, request interface{}) (response interface{}, err error) {
8575 // tokenString is stored in the context from the transport handlers.
125115 return nil, ErrTokenInvalid
126116 }
127117
128 if tokenClaims, ok := token.Claims.(jwt.MapClaims); ok {
129 ctx = context.WithValue(ctx, JWTClaimsContextKey, Claims(tokenClaims))
130 } else {
131 ctx = context.WithValue(ctx, JWTClaimsContextKey, token.Claims)
132 }
118 ctx = context.WithValue(ctx, JWTClaimsContextKey, token.Claims)
133119
134120 return next(ctx, request)
135121 }
136122 }
137123 }
138
139 // NewParser creates a new JWT token parsing middleware, specifying a
140 // jwt.KeyFunc interface and the signing method. It will utilize NewParserWithClaims
141 // and fall back to implementing the jwt.MapClaims type.
142 func NewParser(keyFunc jwt.Keyfunc, method jwt.SigningMethod) endpoint.Middleware {
143 return NewParserWithClaims(keyFunc, method, jwt.MapClaims{})
144 }
1212 key = []byte("test_signing_key")
1313 method = jwt.SigningMethodHS256
1414 invalidMethod = jwt.SigningMethodRS256
15 claims = Claims{"user": "go-kit"}
1615 mapClaims = jwt.MapClaims{"user": "go-kit"}
1716 standardClaims = jwt.StandardClaims{Audience: "go-kit"}
1817 // Signed tokens generated at https://jwt.io/
4039 func TestNewSigner(t *testing.T) {
4140 e := func(ctx context.Context, i interface{}) (interface{}, error) { return ctx, nil }
4241
43 signer := NewSigner(kid, key, method, claims)(e)
42 signer := NewSigner(kid, key, method, mapClaims)(e)
4443 signingValidator(t, signer, signedKey)
4544
46 signer = NewSignerWithClaims(kid, key, method, mapClaims)(e)
47 signingValidator(t, signer, signedKey)
48
49 signer = NewSignerWithClaims(kid, key, method, standardClaims)(e)
45 signer = NewSigner(kid, key, method, standardClaims)(e)
5046 signingValidator(t, signer, standardSignedKey)
5147 }
5248
5753 return key, nil
5854 }
5955
60 parser := NewParser(keys, method)(e)
56 parser := NewParser(keys, method, jwt.MapClaims{})(e)
6157
6258 // No Token is passed into the parser
6359 _, err := parser(context.Background(), struct{}{})
7773 }
7874
7975 // Invalid Method is used in the parser
80 badParser := NewParser(keys, invalidMethod)(e)
76 badParser := NewParser(keys, invalidMethod, jwt.MapClaims{})(e)
8177 ctx = context.WithValue(context.Background(), JWTTokenContextKey, signedKey)
8278 _, err = badParser(ctx, struct{}{})
8379 if err == nil {
9389 return []byte("bad"), nil
9490 }
9591
96 badParser = NewParser(invalidKeys, method)(e)
92 badParser = NewParser(invalidKeys, method, jwt.MapClaims{})(e)
9793 ctx = context.WithValue(context.Background(), JWTTokenContextKey, signedKey)
9894 _, err = badParser(ctx, struct{}{})
9995 if err == nil {
107103 t.Fatalf("Parser returned error: %s", err)
108104 }
109105
110 cl, ok := ctx1.(context.Context).Value(JWTClaimsContextKey).(Claims)
106 cl, ok := ctx1.(context.Context).Value(JWTClaimsContextKey).(jwt.MapClaims)
111107 if !ok {
112108 t.Fatal("Claims were not passed into context correctly")
113109 }
114110
115 if cl["user"] != claims["user"] {
116 t.Fatalf("JWT Claims.user did not match: expecting %s got %s", claims["user"], cl["user"])
111 if cl["user"] != mapClaims["user"] {
112 t.Fatalf("JWT Claims.user did not match: expecting %s got %s", mapClaims["user"], cl["user"])
117113 }
118114
119 parser = NewParserWithClaims(keys, method, &jwt.StandardClaims{})(e)
115 parser = NewParser(keys, method, &jwt.StandardClaims{})(e)
120116 ctx = context.WithValue(context.Background(), JWTTokenContextKey, standardSignedKey)
121117 ctx1, err = parser(ctx, struct{}{})
122118 if err != nil {