From 6cdf0c4b24517a6ab4b4a09242e73e4c50846ca4 Mon Sep 17 00:00:00 2001 From: Matthew Dillon Date: Tue, 20 Oct 2015 16:40:32 -0700 Subject: [PATCH] godep update github.com/thermokarst/jwt --- Godeps/Godeps.json | 2 +- .../src/github.com/thermokarst/jwt/jwt.go | 32 ++- .../github.com/thermokarst/jwt/jwt_test.go | 234 ------------------ 3 files changed, 25 insertions(+), 243 deletions(-) delete mode 100644 Godeps/_workspace/src/github.com/thermokarst/jwt/jwt_test.go diff --git a/Godeps/Godeps.json b/Godeps/Godeps.json index 7644a80..af532c1 100644 --- a/Godeps/Godeps.json +++ b/Godeps/Godeps.json @@ -51,7 +51,7 @@ }, { "ImportPath": "github.com/thermokarst/jwt", - "Rev": "88ac9569ee8c8fc9083704a7219334fcc210c6a5" + "Rev": "6b69668616b8d8598fddf36b4bb4e4e3acb56008" }, { "ImportPath": "golang.org/x/crypto/bcrypt", diff --git a/Godeps/_workspace/src/github.com/thermokarst/jwt/jwt.go b/Godeps/_workspace/src/github.com/thermokarst/jwt/jwt.go index cbb2515..8370c08 100644 --- a/Godeps/_workspace/src/github.com/thermokarst/jwt/jwt.go +++ b/Godeps/_workspace/src/github.com/thermokarst/jwt/jwt.go @@ -143,15 +143,31 @@ func (m *Middleware) Authenticate() http.Handler { message: "receiving request", } } - var b map[string]string - err := json.NewDecoder(r.Body).Decode(&b) - if err != nil { - return &jwtError{ - status: http.StatusInternalServerError, - err: ErrParsingCredentials, - message: "parsing authorization", + + b := make(map[string]string, 0) + contentType := r.Header.Get("content-type") + switch contentType { + case "application/x-www-form-urlencoded": + identity, verify := r.FormValue(m.identityField), r.FormValue(m.verifyField) + if identity == "" || verify == "" { + return &jwtError{ + status: http.StatusInternalServerError, + err: ErrParsingCredentials, + message: "parsing authorization", + } + } + b[m.identityField], b[m.verifyField] = identity, verify + default: + err := json.NewDecoder(r.Body).Decode(&b) + if err != nil { + return &jwtError{ + status: http.StatusInternalServerError, + err: ErrParsingCredentials, + message: "parsing authorization", + } } } + // Check if required fields are in the body if _, ok := b[m.identityField]; !ok { return &jwtError{ @@ -167,7 +183,7 @@ func (m *Middleware) Authenticate() http.Handler { message: "parsing credentials, missing verify field", } } - err = m.auth(b[m.identityField], b[m.verifyField]) + err := m.auth(b[m.identityField], b[m.verifyField]) if err != nil { return &jwtError{ status: http.StatusInternalServerError, diff --git a/Godeps/_workspace/src/github.com/thermokarst/jwt/jwt_test.go b/Godeps/_workspace/src/github.com/thermokarst/jwt/jwt_test.go deleted file mode 100644 index 44ec5d3..0000000 --- a/Godeps/_workspace/src/github.com/thermokarst/jwt/jwt_test.go +++ /dev/null @@ -1,234 +0,0 @@ -package jwt - -import ( - "bytes" - "crypto/hmac" - "crypto/sha256" - "encoding/base64" - "encoding/json" - "errors" - "fmt" - "io/ioutil" - "net/http" - "net/http/httptest" - "strings" - "testing" - "time" -) - -var testHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.Write([]byte("test")) -}) - -var authFunc = func(email, password string) error { - return nil -} - -var claimsFunc = func(id string) (map[string]interface{}, error) { - currentTime := time.Now() - return map[string]interface{}{ - "iat": currentTime.Unix(), - "exp": currentTime.Add(time.Minute * 60 * 24).Unix(), - }, nil -} - -var verifyClaimsFunc = func(claims []byte, r *http.Request) error { - currentTime := time.Now() - var c struct { - Exp int64 - Iat int64 - } - err := json.Unmarshal(claims, &c) - if err != nil { - return err - } - if currentTime.After(time.Unix(c.Exp, 0)) { - return errors.New("expired") - } - return nil -} - -func newMiddlewareOrFatal(t *testing.T) *Middleware { - config := &Config{ - Secret: "password", - Auth: authFunc, - Claims: claimsFunc, - } - middleware, err := New(config) - if err != nil { - t.Fatalf("new middleware: %v", err) - } - return middleware -} - -func newToken(t *testing.T) (string, *Middleware) { - middleware := newMiddlewareOrFatal(t) - authBody := map[string]interface{}{ - "email": "user@example.com", - "password": "password", - } - body, err := json.Marshal(authBody) - if err != nil { - t.Error(err) - } - - ts := httptest.NewServer(middleware.Authenticate()) - defer ts.Close() - - resp, err := http.Post(ts.URL, "application/json", bytes.NewReader(body)) - respBody, err := ioutil.ReadAll(resp.Body) - resp.Body.Close() - if err != nil { - t.Error(err) - } - return string(respBody), middleware -} - -func TestNewJWTMiddleware(t *testing.T) { - middleware := newMiddlewareOrFatal(t) - if middleware.secret != "password" { - t.Errorf("wanted password, got %v", middleware.secret) - } - err := middleware.auth("", "") - if err != nil { - t.Fatal(err) - } - claimsVal, err := middleware.claims("1") - if err != nil { - t.Fatal(err) - } - if _, ok := claimsVal["iat"]; !ok { - t.Errorf("wanted a claims set, got %v", claimsVal) - } - if middleware.identityField != "email" { - t.Errorf("wanted email, got %v", middleware.identityField) - } - if middleware.verifyField != "password" { - t.Errorf("wanted password, got %v", middleware.verifyField) - } -} - -func TestNewJWTMiddlewareNoConfig(t *testing.T) { - cases := map[*Config]error{ - nil: ErrMissingConfig, - &Config{}: ErrMissingSecret, - &Config{ - Auth: authFunc, - Claims: claimsFunc, - }: ErrMissingSecret, - &Config{ - Secret: "secret", - Claims: claimsFunc, - }: ErrMissingAuthFunc, - &Config{ - Auth: authFunc, - Secret: "secret", - }: ErrMissingClaimsFunc, - } - for config, jwtErr := range cases { - _, err := New(config) - if err != jwtErr { - t.Errorf("wanted error: %v, got error: %v using config: %v", jwtErr, err, config) - } - } -} -func TestGenerateTokenHandler(t *testing.T) { - token, m := newToken(t) - j := strings.Split(token, ".") - - header := base64.StdEncoding.EncodeToString([]byte(`{"typ":"JWT","alg":"HS256"}`)) - if j[0] != header { - t.Errorf("wanted %v, got %v", header, j[0]) - } - - claims, err := base64.StdEncoding.DecodeString(j[1]) - var c struct { - Exp int - Iat int - } - err = json.Unmarshal(claims, &c) - if err != nil { - t.Error(err) - } - duration := time.Duration(c.Exp-c.Iat) * time.Second - d := time.Minute * 60 * 24 - if duration != d { - t.Errorf("wanted %v, got %v", d, duration) - } - mac := hmac.New(sha256.New, []byte(m.secret)) - message := []byte(strings.Join([]string{j[0], j[1]}, ".")) - mac.Write(message) - expectedMac := base64.StdEncoding.EncodeToString(mac.Sum(nil)) - if !hmac.Equal([]byte(j[2]), []byte(expectedMac)) { - t.Errorf("wanted %v, got %v", expectedMac, j[2]) - } -} - -func TestSecureHandlerNoToken(t *testing.T) { - middleware := newMiddlewareOrFatal(t) - resp := httptest.NewRecorder() - req, _ := http.NewRequest("GET", "http://example.com", nil) - middleware.Secure(testHandler, verifyClaimsFunc).ServeHTTP(resp, req) - body := strings.TrimSpace(resp.Body.String()) - if body != ErrMissingToken.Error() { - t.Errorf("wanted %q, got %q", ErrMissingToken.Error(), body) - } -} - -func TestSecureHandlerBadToken(t *testing.T) { - middleware := newMiddlewareOrFatal(t) - resp := httptest.NewRecorder() - req, _ := http.NewRequest("GET", "http://example.com", nil) - req.Header.Set("Authorization", "Bearer abcdefg") - middleware.Secure(testHandler, verifyClaimsFunc).ServeHTTP(resp, req) - body := strings.TrimSpace(resp.Body.String()) - if body != ErrMalformedToken.Error() { - t.Errorf("wanted %q, got %q", ErrMalformedToken.Error(), body) - } - - resp = httptest.NewRecorder() - req, _ = http.NewRequest("GET", "http://example.com", nil) - req.Header.Set("Authorization", "Bearer abcd.abcd.abcd") - middleware.Secure(testHandler, verifyClaimsFunc).ServeHTTP(resp, req) - body = strings.TrimSpace(resp.Body.String()) - if body != ErrMalformedToken.Error() { - t.Errorf("wanted %q, got %q", ErrMalformedToken.Error(), body) - } -} - -func TestSecureHandlerBadSignature(t *testing.T) { - token, middleware := newToken(t) - parts := strings.Split(token, ".") - token = strings.Join([]string{parts[0], parts[1], "abcd"}, ".") - resp := httptest.NewRecorder() - req, _ := http.NewRequest("GET", "http://example.com", nil) - req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", token)) - middleware.Secure(testHandler, verifyClaimsFunc).ServeHTTP(resp, req) - body := strings.TrimSpace(resp.Body.String()) - if body != ErrInvalidSignature.Error() { - t.Errorf("wanted %s, got %s", ErrInvalidSignature.Error(), body) - } -} - -func TestSecureHandlerGoodToken(t *testing.T) { - token, middleware := newToken(t) - resp := httptest.NewRecorder() - req, _ := http.NewRequest("GET", "http://example.com", nil) - req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", token)) - middleware.Secure(testHandler, verifyClaimsFunc).ServeHTTP(resp, req) - body := strings.TrimSpace(resp.Body.String()) - if body != "test" { - t.Errorf("wanted %s, got %s", "test", body) - } -} - -func TestGenerateTokenHandlerNotPOST(t *testing.T) { - middleware := newMiddlewareOrFatal(t) - resp := httptest.NewRecorder() - req, _ := http.NewRequest("PUT", "http://example.com", nil) - middleware.Authenticate().ServeHTTP(resp, req) - body := strings.TrimSpace(resp.Body.String()) - if body != ErrInvalidMethod.Error() { - t.Errorf("wanted %q, got %q", ErrInvalidMethod.Error(), body) - } -}