mirror of
https://github.com/labstack/echo.git
synced 2024-11-24 08:22:21 +02:00
Vishal Rana
parent
4cbef06bef
commit
9fe724dedb
@ -140,10 +140,10 @@ func CSRFWithConfig(config CSRFConfig) echo.MiddlewareFunc {
|
||||
// Validate token only for requests which are not defined as 'safe' by RFC7231
|
||||
clientToken, err := extractor(c)
|
||||
if err != nil {
|
||||
return err
|
||||
return echo.NewHTTPError(http.StatusBadRequest, err.Error())
|
||||
}
|
||||
if !validateCSRFToken(token, clientToken) {
|
||||
return echo.NewHTTPError(http.StatusForbidden, "CSRF token is invalid")
|
||||
return echo.NewHTTPError(http.StatusForbidden, "Invalid csrf token")
|
||||
}
|
||||
}
|
||||
|
||||
@ -187,7 +187,7 @@ func csrfTokenFromForm(param string) csrfTokenExtractor {
|
||||
return func(c echo.Context) (string, error) {
|
||||
token := c.FormValue(param)
|
||||
if token == "" {
|
||||
return "", errors.New("Missing csrf token in form param")
|
||||
return "", errors.New("Missing csrf token in the form parameter")
|
||||
}
|
||||
return token, nil
|
||||
}
|
||||
@ -199,7 +199,7 @@ func csrfTokenFromQuery(param string) csrfTokenExtractor {
|
||||
return func(c echo.Context) (string, error) {
|
||||
token := c.QueryParam(param)
|
||||
if token == "" {
|
||||
return "", errors.New("Missing csrf token in query param")
|
||||
return "", errors.New("Missing csrf token in the query string")
|
||||
}
|
||||
return token, nil
|
||||
}
|
||||
|
||||
@ -111,7 +111,7 @@ func JWTWithConfig(config JWTConfig) echo.MiddlewareFunc {
|
||||
config.keyFunc = func(t *jwt.Token) (interface{}, error) {
|
||||
// Check the signing method
|
||||
if t.Method.Alg() != config.SigningMethod {
|
||||
return nil, fmt.Errorf("unexpected jwt signing method=%v", t.Header["alg"])
|
||||
return nil, fmt.Errorf("Unexpected jwt signing method=%v", t.Header["alg"])
|
||||
}
|
||||
return config.SigningKey, nil
|
||||
}
|
||||
@ -162,7 +162,7 @@ func jwtFromHeader(header string, authScheme string) jwtExtractor {
|
||||
if len(auth) > l+1 && auth[:l] == authScheme {
|
||||
return auth[l+1:], nil
|
||||
}
|
||||
return "", errors.New("Missing or invalid jwt in request header")
|
||||
return "", errors.New("Missing or invalid jwt in the request header")
|
||||
}
|
||||
}
|
||||
|
||||
@ -171,7 +171,7 @@ func jwtFromQuery(param string) jwtExtractor {
|
||||
return func(c echo.Context) (string, error) {
|
||||
token := c.QueryParam(param)
|
||||
if token == "" {
|
||||
return "", errors.New("Missing jwt in query string")
|
||||
return "", errors.New("Missing jwt in the query string")
|
||||
}
|
||||
return token, nil
|
||||
}
|
||||
@ -182,7 +182,7 @@ func jwtFromCookie(name string) jwtExtractor {
|
||||
return func(c echo.Context) (string, error) {
|
||||
cookie, err := c.Cookie(name)
|
||||
if err != nil {
|
||||
return "", errors.New("Missing jwt in cookie")
|
||||
return "", errors.New("Missing jwt in the cookie")
|
||||
}
|
||||
return cookie.Value, nil
|
||||
}
|
||||
|
||||
@ -115,7 +115,7 @@ func keyFromHeader(header string, authScheme string) keyExtractor {
|
||||
if len(auth) > l+1 && auth[:l] == authScheme {
|
||||
return auth[l+1:], nil
|
||||
}
|
||||
return "", errors.New("Invalid key in request header")
|
||||
return "", errors.New("Invalid key in the request header")
|
||||
}
|
||||
return auth, nil
|
||||
}
|
||||
@ -126,7 +126,7 @@ func keyFromQuery(param string) keyExtractor {
|
||||
return func(c echo.Context) (string, error) {
|
||||
key := c.QueryParam(param)
|
||||
if key == "" {
|
||||
return "", errors.New("Missing key in query string")
|
||||
return "", errors.New("Missing key in the query string")
|
||||
}
|
||||
return key, nil
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user