1
0
mirror of https://github.com/labstack/echo.git synced 2025-06-15 00:14:57 +02:00
Commit Graph

31 Commits

Author SHA1 Message Date
1d5f335f40 refactor assertions (#2301) 2022-10-12 21:47:21 +03:00
4a1ccdfdc5 JWT, KeyAuth, CSRF multivalue extractors (#2060)
* CSRF, JWT, KeyAuth middleware support for multivalue value extractors
* Add flag to JWT and KeyAuth middleware to allow continuing execution `next(c)` when error handler decides to swallow the error (returns nil).
2022-01-24 22:03:45 +02:00
4fffee2ec8 Add custom jwt extractor to jwt config 2021-12-20 21:41:59 +02:00
499097e061 Ignore case of auth scheme in request header
Some clients send an authorization header containing the "bearer"
keyword in lower case. This led to echo responding with "missing or
malformed jwt".

Request.BasicAuth (net/http) ignores the basic auth scheme's case since
a while: https://go-review.googlesource.com/c/go/+/111516/
2021-08-10 20:32:01 +03:00
647af2acec JWT middleware has been changed from github.com/dgrijalva/jwt-go to github.com/golang-jwt/jwt` due former library being unmaintained and having security
issues.
NOTE: `golang-jwt/jwt` now only supports last 2 Go releases. So 1.15+
For detailed information please read https://github.com/labstack/echo/discussions/1940
2021-08-01 23:20:08 +03:00
1ac4a8f3d0 Adds JWTConfig.ParseTokenFunc to JWT middleware to allow different libraries implementing JWT parsing. 2021-06-13 20:33:08 +03:00
de3f87eb23 Jwt lookup from multiple sources (#1845)
* Jwt lookup from multiple sources
2021-05-08 22:30:06 +03:00
76f186ad3b feat(jwt): make KeyFunc public in JWT middleware (#1756)
* feat(jwt): make KeyFunc public in JWT middleware

It allows a user-defined function to supply the key for a token
verification.
2021-05-08 22:19:24 +03:00
2152e4e872 Support form fields in jwt middleware 2020-12-01 09:51:20 +03:00
269dfcc9dd Set maxParam with SetParamNames (#1535)
* Set maxParam with SetParamNames

Fixes #1492

* Revert go.mod
2020-03-30 12:28:07 -07:00
712b5e46c5 format code (gofmt + trim trailing space) (#1452) 2020-01-25 09:48:53 -08:00
8d7f05e533 round-trip paramValues without exploding (#1463) 2020-01-23 18:32:17 -08:00
6b9408d1d1 Added param:<name> lookup option to JWT Middleware (#1296)
* Added  lookup option to JWT Middleware

* Added param:<name> lookup option to JWT Middleware
2019-06-09 09:49:52 -07:00
e2671fe963 Provide possibility to use key ids (#1289)
* provide possibility to use key ids
* kid tests
2019-05-17 07:45:49 -07:00
6d9e043284 Introduced Go module support as v4, removed obsolete CloseNotifier() mechanism
This reintroduces support for Go modules, as v4.

CloseNotifier() is removed as it has been obsoleted, see https://golang.org/doc/go1.11#net/http

It was already NOT working (not sending signals) as of 1.11 the functionality was gone, we merely
deleted the functions that exposed it. If anyone still relies on it they should migrate to using
`c.Request().Context().Done()` instead.

Closes #1268, #1255
2019-01-30 16:11:42 +02:00
c8fd197fa8 Replace http constants with stdlib ones, i.e.: http.MethodGet instead of echo.GET (#1205) 2018-10-14 20:46:58 +05:30
a5c75b002d Fix issue with JWT race (#968) 2017-07-14 11:55:19 -07:00
29fd5831ff Fixed test
Signed-off-by: Vishal Rana <vr@labstack.com>
2017-02-22 15:57:12 -08:00
f5f75122ba fixed #750
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-12-19 11:43:24 -08:00
23176c639e jwt-authscheme: support for custom jwt auth scheme
- added "AuthScheme" in the JWTConfig and set default value to
	  "Bearer".
	- added test case for validating JWT Auth with a custom auth
	  scheme.
2016-12-19 11:39:31 -08:00
2aec0353f5 First commit to v3, #665
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-09-22 22:56:00 -07:00
86ae297e23 New redirect middleware
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-08-27 13:03:40 -07:00
bc7b992d23 Dropped custom error handler for jwt, closes #589, closes ##591
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-08-27 10:54:51 -07:00
87dbea59f7 Minor refactor and format
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-08-20 09:35:19 -07:00
2557d33c4b Closes #631 2016-08-20 17:59:36 +02:00
a8b48af608 Read JWT from cookie
Note: writing token to cookie is out of scope of this middleware
(exactly as in other reading methods).
2016-07-02 11:26:05 +02:00
ae09482493 Add HandleEmptyToken to JWT middleware
Now it is possible to add custom handler for missing JWT.
2016-07-02 00:55:11 +02:00
bb6baa2088 Add JWT tests for _query_ method 2016-07-02 00:28:56 +02:00
4b6811e0cf Refactor JWT tests to table based
Now state isn't shared.
2016-07-02 00:28:56 +02:00
fbcdf70c52 Update JWT lib to v3
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-06-16 14:40:43 -07:00
e943ed24be JWTAuth to JWT
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-05-07 07:45:03 -07:00