Custom jwt errors (#999)

* Custom error for jwt * New field `inner` in HTTPError to store error from external dependency Signed-off-by: Vishal Rana <vr@labstack.com>
2025-01-24 03:16:14 +02:00 · 2017-08-31 09:18:42 -07:00 · 2017-08-31 09:18:42 -07:00 · 7dfec7e641
commit 7dfec7e641
parent cec7629194
3 changed files with 23 additions and 14 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -1,7 +1,7 @@
 language: go
 go:
-  - 1.7.x
  - 1.8.x
+  - 1.9.x
  - tip
 install:
  - make dependency
--- a/echo.go
+++ b/echo.go
@ -95,6 +95,7 @@ type (
 	HTTPError struct {
 		Code    int
 		Message interface{}
+		Inner   error // Stores the error returned by an external dependency
 	}

 	// MiddlewareFunc defines a function to process middleware.
@ -321,6 +322,9 @@ func (e *Echo) DefaultHTTPErrorHandler(err error, c Context) {
 		msg = he.Message
 	} else if e.Debug {
 		msg = err.Error()
+		if he.Inner != nil {
+			msg = fmt.Sprintf("%v, %v", err, he.Inner)
+		}
 	} else {
 		msg = http.StatusText(code)
 	}
@ -330,16 +334,15 @@ func (e *Echo) DefaultHTTPErrorHandler(err error, c Context) {

 	if !c.Response().Committed {
 		if c.Request().Method == HEAD { // Issue #608
-			if err := c.NoContent(code); err != nil {
-				goto ERROR
-			}
+			err = c.NoContent(code)
 		} else {
-			if err := c.JSON(code, msg); err != nil {
-				goto ERROR
-			}
+			err = c.JSON(code, msg)
+		}
+		if err != nil {
+			e.Logger.Error(err)
 		}
 	}
-ERROR:
+
 	e.Logger.Error(err)
 }

--- a/middleware/jwt.go
+++ b/middleware/jwt.go
@ -1,7 +1,6 @@
 package middleware

 import (
-	"errors"
 	"fmt"
 	"net/http"
 	"reflect"
@ -57,6 +56,11 @@ const (
 	AlgorithmHS256 = "HS256"
 )

+// Errors
+var (
+	ErrJWTInvalid = echo.NewHTTPError(http.StatusBadRequest, "Missing or invalid jwt")
+)
+
 var (
 	// DefaultJWTConfig is the default JWT auth middleware config.
 	DefaultJWTConfig = JWTConfig{
@ -134,7 +138,7 @@ func JWTWithConfig(config JWTConfig) echo.MiddlewareFunc {

 			auth, err := extractor(c)
 			if err != nil {
-				return echo.NewHTTPError(http.StatusBadRequest, err.Error())
+				return err
 			}
 			token := new(jwt.Token)
 			// Issue #647, #656
@ -150,7 +154,9 @@ func JWTWithConfig(config JWTConfig) echo.MiddlewareFunc {
 				c.Set(config.ContextKey, token)
 				return next(c)
 			}
-			return echo.ErrUnauthorized
+			he := echo.NewHTTPError(http.StatusUnauthorized, "Invalid or expired jwt")
+			he.Inner = err
+			return he
 		}
 	}
 }
@ -163,7 +169,7 @@ func jwtFromHeader(header string, authScheme string) jwtExtractor {
 		if len(auth) > l+1 && auth[:l] == authScheme {
 			return auth[l+1:], nil
 		}
-		return "", errors.New("Missing or invalid jwt in the request header")
+		return "", ErrJWTInvalid
 	}
 }

@ -172,7 +178,7 @@ func jwtFromQuery(param string) jwtExtractor {
 	return func(c echo.Context) (string, error) {
 		token := c.QueryParam(param)
 		if token == "" {
-			return "", errors.New("Missing jwt in the query string")
+			return "", ErrJWTInvalid
 		}
 		return token, nil
 	}
@ -183,7 +189,7 @@ func jwtFromCookie(name string) jwtExtractor {
 	return func(c echo.Context) (string, error) {
 		cookie, err := c.Cookie(name)
 		if err != nil {
-			return "", errors.New("Missing jwt in the cookie")
+			return "", ErrJWTInvalid
 		}
 		return cookie.Value, nil
 	}