thermokarst/bactdb
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update thermokarst/jwt

Browse source
This commit is contained in:
Matthew Ryan Dillon 2016-03-09 09:17:51 -07:00
parent 1e1d577878
commit 4ba6595d2a
4 changed files with 21 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Godeps/Godeps.json generated
View file

@ -51,7 +51,7 @@
}, },
{ {
"ImportPath": "github.com/thermokarst/jwt", "ImportPath": "github.com/thermokarst/jwt",
"Rev": "9d3638db601e499627271fe06273aab0aa67e7b3" "Rev": "0c914e9b3a7ff6a8629e6ccf21012244ff344452"
}, },
{ {
"ImportPath": "golang.org/x/crypto/bcrypt", "ImportPath": "golang.org/x/crypto/bcrypt",

2
Godeps/_workspace/src/github.com/thermokarst/jwt/LICENSE generated vendored
View file

@ -1,6 +1,6 @@
The MIT License (MIT) The MIT License (MIT)
Copyright (c) 2015 Matthew Dillon Copyright (c) 2015, 2016 Matthew Dillon
Permission is hereby granted, free of charge, to any person obtaining a copy Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal of this software and associated documentation files (the "Software"), to deal

4
Godeps/_workspace/src/github.com/thermokarst/jwt/README.md generated vendored
View file

@ -2,8 +2,8 @@
[![GoDoc](https://godoc.org/github.com/thermokarst/jwt?status.svg)](https://godoc.org/github.com/thermokarst/jwt) [![GoDoc](https://godoc.org/github.com/thermokarst/jwt?status.svg)](https://godoc.org/github.com/thermokarst/jwt)
A simple, opinionated Go net/http middleware for integrating JSON Web Tokens into A simple (bring your own logic), opinionated Go net/http middleware for integrating
your application: JSON Web Tokens into your application:
```go ```go
package main package main

30
Godeps/_workspace/src/github.com/thermokarst/jwt/jwt.go generated vendored
View file

@ -107,14 +107,18 @@ func (m *Middleware) Secure(h http.Handler, v VerifyClaimsFunc) http.Handler {
return &jwtError{status: http.StatusUnauthorized, err: ErrMissingToken} return &jwtError{status: http.StatusUnauthorized, err: ErrMissingToken}
} }
} else { } else {
token = strings.Split(authHeader, " ")[1] tokenParts := strings.Split(authHeader, " ")
if len(tokenParts) != 2 {
return &jwtError{status: http.StatusUnauthorized, err: ErrMalformedToken}
}
token = tokenParts[1]
} }
if status, err, message := m.VerifyToken(token, v, r); err != nil { if status, message, err := m.VerifyToken(token, v, r); err != nil {
return &jwtError{ return &jwtError{
status: status, status: status,
err: err,
message: message, message: message,
err: err,
} }
} }
@ -238,16 +242,16 @@ func (m *Middleware) CreateToken(identity string) (string, error) {
} }
// VerifyToken verifies a token // VerifyToken verifies a token
func (m *Middleware) VerifyToken(token string, v VerifyClaimsFunc, r *http.Request) (int, error, string) { func (m *Middleware) VerifyToken(token string, v VerifyClaimsFunc, r *http.Request) (int, string, error) {
tokenParts := strings.Split(token, ".") tokenParts := strings.Split(token, ".")
if len(tokenParts) != 3 { if len(tokenParts) != 3 {
return http.StatusUnauthorized, ErrMalformedToken, "" return http.StatusUnauthorized, "", ErrMalformedToken
} }
// First, verify JOSE header // First, verify JOSE header
header, err := decode(tokenParts[0]) header, err := decode(tokenParts[0])
if err != nil { if err != nil {
return http.StatusInternalServerError, err, fmt.Sprintf("decoding header (%v)", tokenParts[0]) return http.StatusInternalServerError, fmt.Sprintf("decoding header (%v)", tokenParts[0]), err
} }
var t struct { var t struct {
Typ string Typ string
@ -255,7 +259,7 @@ func (m *Middleware) VerifyToken(token string, v VerifyClaimsFunc, r *http.Reque
} }
err = json.Unmarshal(header, &t) err = json.Unmarshal(header, &t)
if err != nil { if err != nil {
return http.StatusInternalServerError, ErrMalformedToken, fmt.Sprintf("unmarshalling header (%s)", header) return http.StatusInternalServerError, fmt.Sprintf("unmarshalling header (%s)", header), ErrMalformedToken
} }
// Then, verify signature // Then, verify signature
@ -264,29 +268,29 @@ func (m *Middleware) VerifyToken(token string, v VerifyClaimsFunc, r *http.Reque
mac.Write(message) mac.Write(message)
expectedMac, err := encode(mac.Sum(nil)) expectedMac, err := encode(mac.Sum(nil))
if err != nil { if err != nil {
return http.StatusInternalServerError, err, "" return http.StatusInternalServerError, "", err
} }
if !hmac.Equal([]byte(tokenParts[2]), []byte(expectedMac)) { if !hmac.Equal([]byte(tokenParts[2]), []byte(expectedMac)) {
return http.StatusUnauthorized, ErrInvalidSignature, fmt.Sprintf("checking signature (%v)", tokenParts[2]) return http.StatusUnauthorized, fmt.Sprintf("checking signature (%v)", tokenParts[2]), ErrInvalidSignature
} }
// Finally, check claims // Finally, check claims
claimSet, err := decode(tokenParts[1]) claimSet, err := decode(tokenParts[1])
if err != nil { if err != nil {
return http.StatusInternalServerError, ErrDecoding, "decoding claims" return http.StatusInternalServerError, "decoding claims", ErrDecoding
} }
err = v(claimSet, r) err = v(claimSet, r)
if err != nil { if err != nil {
return http.StatusUnauthorized, err, "handling claims callback" return http.StatusUnauthorized, "handling claims callback", err
} }
return 200, nil, "" return 200, "", nil
} }
type jwtError struct { type jwtError struct {
status int status int
err error
message string message string
err error
} }
type errorHandler func(http.ResponseWriter, *http.Request) *jwtError type errorHandler func(http.ResponseWriter, *http.Request) *jwtError