feat(jwt): make KeyFunc public in JWT middleware (#1756)

* feat(jwt): make KeyFunc public in JWT middleware It allows a user-defined function to supply the key for a token verification.
2025-12-05 23:08:17 +02:00 · 2021-05-08 21:19:24 +02:00
parent 643066594d
commit 76f186ad3b
2 changed files with 72 additions and 23 deletions
--- a/middleware/jwt_test.go
+++ b/middleware/jwt_test.go
@@ -1,6 +1,7 @@
 package middleware

 import (
+	"errors"
 	"net/http"
 	"net/http/httptest"
 	"net/url"
@@ -220,6 +221,35 @@ func TestJWT(t *testing.T) {
 			expErrCode: http.StatusBadRequest,
 			info:       "Empty form field",
 		},
+		{
+			hdrAuth: validAuth,
+			config: JWTConfig{
+				KeyFunc: func(*jwt.Token) (interface{}, error) {
+					return validKey, nil
+				},
+			},
+			info: "Valid JWT with a valid key using a user-defined KeyFunc",
+		},
+		{
+			hdrAuth: validAuth,
+			config: JWTConfig{
+				KeyFunc: func(*jwt.Token) (interface{}, error) {
+					return invalidKey, nil
+				},
+			},
+			expErrCode: http.StatusUnauthorized,
+			info:       "Valid JWT with an invalid key using a user-defined KeyFunc",
+		},
+		{
+			hdrAuth: validAuth,
+			config: JWTConfig{
+				KeyFunc: func(*jwt.Token) (interface{}, error) {
+					return nil, errors.New("faulty KeyFunc")
+				},
+			},
+			expErrCode: http.StatusUnauthorized,
+			info:       "Token verification does not pass using a user-defined KeyFunc",
+		},
 	} {
 		if tc.reqURL == "" {
 			tc.reqURL = "/"