From 9fe724dedb1d2aa4d91cef9b232868d746b29870 Mon Sep 17 00:00:00 2001
From: Vishal Rana <vr@labstack.com>
Date: Thu, 5 Jan 2017 12:35:09 -0800
Subject: [PATCH] Fixed #802, closes #773

Signed-off-by: Vishal Rana <vr@labstack.com>
---
 middleware/csrf.go     | 8 ++++----
 middleware/jwt.go      | 8 ++++----
 middleware/key_auth.go | 4 ++--
 3 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/middleware/csrf.go b/middleware/csrf.go
index 40989610..607ccd7b 100644
--- a/middleware/csrf.go
+++ b/middleware/csrf.go
@@ -140,10 +140,10 @@ func CSRFWithConfig(config CSRFConfig) echo.MiddlewareFunc {
 				// Validate token only for requests which are not defined as 'safe' by RFC7231
 				clientToken, err := extractor(c)
 				if err != nil {
-					return err
+					return echo.NewHTTPError(http.StatusBadRequest, err.Error())
 				}
 				if !validateCSRFToken(token, clientToken) {
-					return echo.NewHTTPError(http.StatusForbidden, "CSRF token is invalid")
+					return echo.NewHTTPError(http.StatusForbidden, "Invalid csrf token")
 				}
 			}
 
@@ -187,7 +187,7 @@ func csrfTokenFromForm(param string) csrfTokenExtractor {
 	return func(c echo.Context) (string, error) {
 		token := c.FormValue(param)
 		if token == "" {
-			return "", errors.New("Missing csrf token in form param")
+			return "", errors.New("Missing csrf token in the form parameter")
 		}
 		return token, nil
 	}
@@ -199,7 +199,7 @@ func csrfTokenFromQuery(param string) csrfTokenExtractor {
 	return func(c echo.Context) (string, error) {
 		token := c.QueryParam(param)
 		if token == "" {
-			return "", errors.New("Missing csrf token in query param")
+			return "", errors.New("Missing csrf token in the query string")
 		}
 		return token, nil
 	}
diff --git a/middleware/jwt.go b/middleware/jwt.go
index 7867dfef..fd12fd94 100644
--- a/middleware/jwt.go
+++ b/middleware/jwt.go
@@ -111,7 +111,7 @@ func JWTWithConfig(config JWTConfig) echo.MiddlewareFunc {
 	config.keyFunc = func(t *jwt.Token) (interface{}, error) {
 		// Check the signing method
 		if t.Method.Alg() != config.SigningMethod {
-			return nil, fmt.Errorf("unexpected jwt signing method=%v", t.Header["alg"])
+			return nil, fmt.Errorf("Unexpected jwt signing method=%v", t.Header["alg"])
 		}
 		return config.SigningKey, nil
 	}
@@ -162,7 +162,7 @@ func jwtFromHeader(header string, authScheme string) jwtExtractor {
 		if len(auth) > l+1 && auth[:l] == authScheme {
 			return auth[l+1:], nil
 		}
-		return "", errors.New("Missing or invalid jwt in request header")
+		return "", errors.New("Missing or invalid jwt in the request header")
 	}
 }
 
@@ -171,7 +171,7 @@ func jwtFromQuery(param string) jwtExtractor {
 	return func(c echo.Context) (string, error) {
 		token := c.QueryParam(param)
 		if token == "" {
-			return "", errors.New("Missing jwt in query string")
+			return "", errors.New("Missing jwt in the query string")
 		}
 		return token, nil
 	}
@@ -182,7 +182,7 @@ func jwtFromCookie(name string) jwtExtractor {
 	return func(c echo.Context) (string, error) {
 		cookie, err := c.Cookie(name)
 		if err != nil {
-			return "", errors.New("Missing jwt in cookie")
+			return "", errors.New("Missing jwt in the cookie")
 		}
 		return cookie.Value, nil
 	}
diff --git a/middleware/key_auth.go b/middleware/key_auth.go
index f2994110..472fa70f 100644
--- a/middleware/key_auth.go
+++ b/middleware/key_auth.go
@@ -115,7 +115,7 @@ func keyFromHeader(header string, authScheme string) keyExtractor {
 			if len(auth) > l+1 && auth[:l] == authScheme {
 				return auth[l+1:], nil
 			}
-			return "", errors.New("Invalid key in request header")
+			return "", errors.New("Invalid key in the request header")
 		}
 		return auth, nil
 	}
@@ -126,7 +126,7 @@ func keyFromQuery(param string) keyExtractor {
 	return func(c echo.Context) (string, error) {
 		key := c.QueryParam(param)
 		if key == "" {
-			return "", errors.New("Missing key in query string")
+			return "", errors.New("Missing key in the query string")
 		}
 		return key, nil
 	}