Package list golang-github-go-kit-kit / fe8e143
auth/jwt: MapClaims: passing add claimsFactory type make NewParser take a claimsFactory instead of an instance of jwt.Claims use claimsFactory to create a jwt.Claims to pass in to jwt.ParseWithClaims update NewParser calls in tests to take a claimsFactory instead of a jwt.Claims instance Jaco Esterhuizen 4 years ago
2 changed file(s) with 13 addition(s) and 11 deletion(s). Raw diff Collapse all Expand all
6565 }
6666 }
6767
68 type claimsFactory func() jwt.Claims
69
6870 // NewParser creates a new JWT token parsing middleware, specifying a
6971 // jwt.Keyfunc interface, the signing method and the claims type to be used. NewParser
7072 // adds the resulting claims to endpoint context or returns error on invalid token.
7173 // Particularly useful for servers.
72 func NewParser(keyFunc jwt.Keyfunc, method jwt.SigningMethod, claims jwt.Claims) endpoint.Middleware {
74 func NewParser(keyFunc jwt.Keyfunc, method jwt.SigningMethod, newClaims claimsFactory) endpoint.Middleware {
7375 return func(next endpoint.Endpoint) endpoint.Endpoint {
7476 return func(ctx context.Context, request interface{}) (response interface{}, err error) {
7577 // tokenString is stored in the context from the transport handlers.
8486 // of the token to identify which key to use, but the parsed token
8587 // (head and claims) is provided to the callback, providing
8688 // flexibility.
87 token, err := jwt.ParseWithClaims(tokenString, claims, func(token *jwt.Token) (interface{}, error) {
89 token, err := jwt.ParseWithClaims(tokenString, newClaims(), func(token *jwt.Token) (interface{}, error) {
8890 // Don't forget to validate the alg is what you expect:
8991 if token.Method != method {
9092 return nil, ErrUnexpectedSigningMethod
7373 return key, nil
7474 }
7575
76 parser := NewParser(keys, method, jwt.MapClaims{})(e)
76 parser := NewParser(keys, method, func() jwt.Claims { return jwt.MapClaims{} })(e)
7777
7878 // No Token is passed into the parser
7979 _, err := parser(context.Background(), struct{}{})
9393 }
9494
9595 // Invalid Method is used in the parser
96 badParser := NewParser(keys, invalidMethod, jwt.MapClaims{})(e)
96 badParser := NewParser(keys, invalidMethod, func() jwt.Claims { return jwt.MapClaims{} })(e)
9797 ctx = context.WithValue(context.Background(), JWTTokenContextKey, signedKey)
9898 _, err = badParser(ctx, struct{}{})
9999 if err == nil {
109109 return []byte("bad"), nil
110110 }
111111
112 badParser = NewParser(invalidKeys, method, jwt.MapClaims{})(e)
112 badParser = NewParser(invalidKeys, method, func() jwt.Claims { return jwt.MapClaims{} })(e)
113113 ctx = context.WithValue(context.Background(), JWTTokenContextKey, signedKey)
114114 _, err = badParser(ctx, struct{}{})
115115 if err == nil {
133133 }
134134
135135 // Test for malformed token error response
136 parser = NewParser(keys, method, &jwt.StandardClaims{})(e)
136 parser = NewParser(keys, method, func() jwt.Claims { return &jwt.StandardClaims{} })(e)
137137 ctx = context.WithValue(context.Background(), JWTTokenContextKey, malformedKey)
138138 ctx1, err = parser(ctx, struct{}{})
139139 if want, have := ErrTokenMalformed, err; want != have {
141141 }
142142
143143 // Test for expired token error response
144 parser = NewParser(keys, method, &jwt.StandardClaims{})(e)
144 parser = NewParser(keys, method, func() jwt.Claims { return &jwt.StandardClaims{} })(e)
145145 expired := jwt.NewWithClaims(method, jwt.StandardClaims{ExpiresAt: time.Now().Unix() - 100})
146146 token, err := expired.SignedString(key)
147147 if err != nil {
154154 }
155155
156156 // Test for not activated token error response
157 parser = NewParser(keys, method, &jwt.StandardClaims{})(e)
157 parser = NewParser(keys, method, func() jwt.Claims { return &jwt.StandardClaims{} })(e)
158158 notactive := jwt.NewWithClaims(method, jwt.StandardClaims{NotBefore: time.Now().Unix() + 100})
159159 token, err = notactive.SignedString(key)
160160 if err != nil {
167167 }
168168
169169 // test valid standard claims token
170 parser = NewParser(keys, method, &jwt.StandardClaims{})(e)
170 parser = NewParser(keys, method, func() jwt.Claims { return &jwt.StandardClaims{} })(e)
171171 ctx = context.WithValue(context.Background(), JWTTokenContextKey, standardSignedKey)
172172 ctx1, err = parser(ctx, struct{}{})
173173 if err != nil {
182182 }
183183
184184 // test valid customized claims token
185 parser = NewParser(keys, method, &customClaims{})(e)
185 parser = NewParser(keys, method, func() jwt.Claims { return &customClaims{} })(e)
186186 ctx = context.WithValue(context.Background(), JWTTokenContextKey, customSignedKey)
187187 ctx1, err = parser(ctx, struct{}{})
188188 if err != nil {
203203 func TestIssue562(t *testing.T) {
204204 var (
205205 kf = func(token *jwt.Token) (interface{}, error) { return []byte("secret"), nil }
206 e = NewParser(kf, jwt.SigningMethodHS256, jwt.MapClaims{})(endpoint.Nop)
206 e = NewParser(kf, jwt.SigningMethodHS256, func() jwt.Claims { return jwt.MapClaims{} })(endpoint.Nop)
207207 key = JWTTokenContextKey
208208 val = "eyJhbGciOiJIUzI1NiIsImtpZCI6ImtpZCIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiZ28ta2l0In0.14M2VmYyApdSlV_LZ88ajjwuaLeIFplB8JpyNy0A19E"
209209 ctx = context.WithValue(context.Background(), key, val)