1
0
mirror of https://github.com/labstack/echo.git synced 2024-11-28 08:38:39 +02:00

Fixed #802, closes #773

Signed-off-by: Vishal Rana <vr@labstack.com>
This commit is contained in:
Vishal Rana 2017-01-05 12:35:09 -08:00
parent 4cbef06bef
commit 9fe724dedb
3 changed files with 10 additions and 10 deletions

View File

@ -140,10 +140,10 @@ func CSRFWithConfig(config CSRFConfig) echo.MiddlewareFunc {
// Validate token only for requests which are not defined as 'safe' by RFC7231
clientToken, err := extractor(c)
if err != nil {
return err
return echo.NewHTTPError(http.StatusBadRequest, err.Error())
}
if !validateCSRFToken(token, clientToken) {
return echo.NewHTTPError(http.StatusForbidden, "CSRF token is invalid")
return echo.NewHTTPError(http.StatusForbidden, "Invalid csrf token")
}
}
@ -187,7 +187,7 @@ func csrfTokenFromForm(param string) csrfTokenExtractor {
return func(c echo.Context) (string, error) {
token := c.FormValue(param)
if token == "" {
return "", errors.New("Missing csrf token in form param")
return "", errors.New("Missing csrf token in the form parameter")
}
return token, nil
}
@ -199,7 +199,7 @@ func csrfTokenFromQuery(param string) csrfTokenExtractor {
return func(c echo.Context) (string, error) {
token := c.QueryParam(param)
if token == "" {
return "", errors.New("Missing csrf token in query param")
return "", errors.New("Missing csrf token in the query string")
}
return token, nil
}

View File

@ -111,7 +111,7 @@ func JWTWithConfig(config JWTConfig) echo.MiddlewareFunc {
config.keyFunc = func(t *jwt.Token) (interface{}, error) {
// Check the signing method
if t.Method.Alg() != config.SigningMethod {
return nil, fmt.Errorf("unexpected jwt signing method=%v", t.Header["alg"])
return nil, fmt.Errorf("Unexpected jwt signing method=%v", t.Header["alg"])
}
return config.SigningKey, nil
}
@ -162,7 +162,7 @@ func jwtFromHeader(header string, authScheme string) jwtExtractor {
if len(auth) > l+1 && auth[:l] == authScheme {
return auth[l+1:], nil
}
return "", errors.New("Missing or invalid jwt in request header")
return "", errors.New("Missing or invalid jwt in the request header")
}
}
@ -171,7 +171,7 @@ func jwtFromQuery(param string) jwtExtractor {
return func(c echo.Context) (string, error) {
token := c.QueryParam(param)
if token == "" {
return "", errors.New("Missing jwt in query string")
return "", errors.New("Missing jwt in the query string")
}
return token, nil
}
@ -182,7 +182,7 @@ func jwtFromCookie(name string) jwtExtractor {
return func(c echo.Context) (string, error) {
cookie, err := c.Cookie(name)
if err != nil {
return "", errors.New("Missing jwt in cookie")
return "", errors.New("Missing jwt in the cookie")
}
return cookie.Value, nil
}

View File

@ -115,7 +115,7 @@ func keyFromHeader(header string, authScheme string) keyExtractor {
if len(auth) > l+1 && auth[:l] == authScheme {
return auth[l+1:], nil
}
return "", errors.New("Invalid key in request header")
return "", errors.New("Invalid key in the request header")
}
return auth, nil
}
@ -126,7 +126,7 @@ func keyFromQuery(param string) keyExtractor {
return func(c echo.Context) (string, error) {
key := c.QueryParam(param)
if key == "" {
return "", errors.New("Missing key in query string")
return "", errors.New("Missing key in the query string")
}
return key, nil
}