thermokarst/jwt
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Allow token as query param

Browse source
This commit is contained in:
Matthew Dillon 2015-07-17 15:45:20 -08:00
parent e04139dd78
commit 7752009bbb
1 changed files with 14 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
jwt.go
View file

@ -11,6 +11,7 @@ import (
"fmt" "fmt"
"log" "log"
"net/http" "net/http"
"net/url"
"strings" "strings"
) )
@ -98,11 +99,22 @@ func New(c *Config) (*Middleware, error) {
// to have it's own verification/validation protocol. // to have it's own verification/validation protocol.
func (m *Middleware) Secure(h http.Handler, v VerifyClaimsFunc) http.Handler { func (m *Middleware) Secure(h http.Handler, v VerifyClaimsFunc) http.Handler {
secureHandler := func(w http.ResponseWriter, r *http.Request) *jwtError { secureHandler := func(w http.ResponseWriter, r *http.Request) *jwtError {
var token string
authHeader := r.Header.Get("Authorization") authHeader := r.Header.Get("Authorization")
if authHeader == "" { if authHeader == "" {
return &jwtError{status: http.StatusUnauthorized, err: ErrMissingToken} queryParam := r.FormValue("token")
if queryParam == "" {
return &jwtError{status: http.StatusUnauthorized, err: ErrMissingToken}
}
var err error
token, err = url.QueryUnescape(queryParam)
if err != nil {
return &jwtError{status: http.StatusUnauthorized, err: ErrMalformedToken}
}
} else {
token = strings.Split(authHeader, " ")[1]
} }
token := strings.Split(authHeader, " ")[1]
tokenParts := strings.Split(token, ".") tokenParts := strings.Split(token, ".")
if len(tokenParts) != 3 { if len(tokenParts) != 3 {
return &jwtError{status: http.StatusUnauthorized, err: ErrMalformedToken} return &jwtError{status: http.StatusUnauthorized, err: ErrMalformedToken}