go/echo
1
0
Fork 0
mirror of https://github.com/labstack/echo.git synced 2025-07-13 01:30:31 +02:00
Code Issues Releases Activity

Fixed #802, closes #773

Browse Source 
Signed-off-by: Vishal Rana <vr@labstack.com>
This commit is contained in:
Vishal Rana
2017-01-05 12:35:09 -08:00
parent 4cbef06bef
commit 9fe724dedb
3 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
middleware/csrf.go
View File

@ -140,10 +140,10 @@ func CSRFWithConfig(config CSRFConfig) echo.MiddlewareFunc {
// Validate token only for requests which are not defined as 'safe' by RFC7231 // Validate token only for requests which are not defined as 'safe' by RFC7231
clientToken, err := extractor(c) clientToken, err := extractor(c)
if err != nil { if err != nil {
return err return echo.NewHTTPError(http.StatusBadRequest, err.Error())
} }
if !validateCSRFToken(token, clientToken) { if !validateCSRFToken(token, clientToken) {
return echo.NewHTTPError(http.StatusForbidden, "CSRF token is invalid") return echo.NewHTTPError(http.StatusForbidden, "Invalid csrf token")
} }
} }
@ -187,7 +187,7 @@ func csrfTokenFromForm(param string) csrfTokenExtractor {
return func(c echo.Context) (string, error) { return func(c echo.Context) (string, error) {
token := c.FormValue(param) token := c.FormValue(param)
if token == "" { if token == "" {
return "", errors.New("Missing csrf token in form param") return "", errors.New("Missing csrf token in the form parameter")
} }
return token, nil return token, nil
} }
@ -199,7 +199,7 @@ func csrfTokenFromQuery(param string) csrfTokenExtractor {
return func(c echo.Context) (string, error) { return func(c echo.Context) (string, error) {
token := c.QueryParam(param) token := c.QueryParam(param)
if token == "" { if token == "" {
return "", errors.New("Missing csrf token in query param") return "", errors.New("Missing csrf token in the query string")
} }
return token, nil return token, nil
} }

8
middleware/jwt.go
View File

@ -111,7 +111,7 @@ func JWTWithConfig(config JWTConfig) echo.MiddlewareFunc {
config.keyFunc = func(t *jwt.Token) (interface{}, error) { config.keyFunc = func(t *jwt.Token) (interface{}, error) {
// Check the signing method // Check the signing method
if t.Method.Alg() != config.SigningMethod { if t.Method.Alg() != config.SigningMethod {
return nil, fmt.Errorf("unexpected jwt signing method=%v", t.Header["alg"]) return nil, fmt.Errorf("Unexpected jwt signing method=%v", t.Header["alg"])
} }
return config.SigningKey, nil return config.SigningKey, nil
} }
@ -162,7 +162,7 @@ func jwtFromHeader(header string, authScheme string) jwtExtractor {
if len(auth) > l+1 && auth[:l] == authScheme { if len(auth) > l+1 && auth[:l] == authScheme {
return auth[l+1:], nil return auth[l+1:], nil
} }
return "", errors.New("Missing or invalid jwt in request header") return "", errors.New("Missing or invalid jwt in the request header")
} }
} }
@ -171,7 +171,7 @@ func jwtFromQuery(param string) jwtExtractor {
return func(c echo.Context) (string, error) { return func(c echo.Context) (string, error) {
token := c.QueryParam(param) token := c.QueryParam(param)
if token == "" { if token == "" {
return "", errors.New("Missing jwt in query string") return "", errors.New("Missing jwt in the query string")
} }
return token, nil return token, nil
} }
@ -182,7 +182,7 @@ func jwtFromCookie(name string) jwtExtractor {
return func(c echo.Context) (string, error) { return func(c echo.Context) (string, error) {
cookie, err := c.Cookie(name) cookie, err := c.Cookie(name)
if err != nil { if err != nil {
return "", errors.New("Missing jwt in cookie") return "", errors.New("Missing jwt in the cookie")
} }
return cookie.Value, nil return cookie.Value, nil
} }

4
middleware/key_auth.go
View File

@ -115,7 +115,7 @@ func keyFromHeader(header string, authScheme string) keyExtractor {
if len(auth) > l+1 && auth[:l] == authScheme { if len(auth) > l+1 && auth[:l] == authScheme {
return auth[l+1:], nil return auth[l+1:], nil
} }
return "", errors.New("Invalid key in request header") return "", errors.New("Invalid key in the request header")
} }
return auth, nil return auth, nil
} }
@ -126,7 +126,7 @@ func keyFromQuery(param string) keyExtractor {
return func(c echo.Context) (string, error) { return func(c echo.Context) (string, error) {
key := c.QueryParam(param) key := c.QueryParam(param)
if key == "" { if key == "" {
return "", errors.New("Missing key in query string") return "", errors.New("Missing key in the query string")
} }
return key, nil return key, nil
} }