Allow token as query param
This commit is contained in:
Matthew Dillon
parent
e04139dd78
commit
7752009bbb
1 changed files with 14 additions and 2 deletions
14
jwt.go
14
jwt.go
|
|
@ -11,6 +11,7 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"log"
|
"log"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"net/url"
|
||||||
"strings"
|
"strings"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -98,11 +99,22 @@ func New(c *Config) (*Middleware, error) {
|
||||||
// to have it's own verification/validation protocol.
|
// to have it's own verification/validation protocol.
|
||||||
func (m *Middleware) Secure(h http.Handler, v VerifyClaimsFunc) http.Handler {
|
func (m *Middleware) Secure(h http.Handler, v VerifyClaimsFunc) http.Handler {
|
||||||
secureHandler := func(w http.ResponseWriter, r *http.Request) *jwtError {
|
secureHandler := func(w http.ResponseWriter, r *http.Request) *jwtError {
|
||||||
|
var token string
|
||||||
|
|
||||||
authHeader := r.Header.Get("Authorization")
|
authHeader := r.Header.Get("Authorization")
|
||||||
if authHeader == "" {
|
if authHeader == "" {
|
||||||
|
queryParam := r.FormValue("token")
|
||||||
|
if queryParam == "" {
|
||||||
return &jwtError{status: http.StatusUnauthorized, err: ErrMissingToken}
|
return &jwtError{status: http.StatusUnauthorized, err: ErrMissingToken}
|
||||||
}
|
}
|
||||||
token := strings.Split(authHeader, " ")[1]
|
var err error
|
||||||
|
token, err = url.QueryUnescape(queryParam)
|
||||||
|
if err != nil {
|
||||||
|
return &jwtError{status: http.StatusUnauthorized, err: ErrMalformedToken}
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
token = strings.Split(authHeader, " ")[1]
|
||||||
|
}
|
||||||
tokenParts := strings.Split(token, ".")
|
tokenParts := strings.Split(token, ".")
|
||||||
if len(tokenParts) != 3 {
|
if len(tokenParts) != 3 {
|
||||||
return &jwtError{status: http.StatusUnauthorized, err: ErrMalformedToken}
|
return &jwtError{status: http.StatusUnauthorized, err: ErrMalformedToken}
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue