go/echo
go/echo
1
0
Fork 0
mirror of https://github.com/labstack/echo.git synced 2024-11-30 08:46:41 +02:00
Code Issues Releases Activity
1,614 Commits 6 Branches 121 Tags 12 MiB
d5f883707b
Commit Graph

51 Commits

Author SHA1 Message Date
Martti T
4a1ccdfdc5
JWT, KeyAuth, CSRF multivalue extractors (#2060) 
* CSRF, JWT, KeyAuth middleware support for multivalue value extractors
* Add flag to JWT and KeyAuth middleware to allow continuing execution `next(c)` when error handler decides to swallow the error (returns nil).
 2022-01-24 22:03:45 +02:00
Rashad Ansari
4fffee2ec8 Add custom jwt extractor to jwt config 2021-12-20 21:41:59 +02:00
Philipp Thun
499097e061 Ignore case of auth scheme in request header 
Some clients send an authorization header containing the "bearer"
keyword in lower case. This led to echo responding with "missing or
malformed jwt".

Request.BasicAuth (net/http) ignores the basic auth scheme's case since
a while: https://go-review.googlesource.com/c/go/+/111516/
 2021-08-10 20:32:01 +03:00
toimtoimtoim
647af2acec JWT middleware has been changed from github.com/dgrijalva/jwt-go to github.com/golang-jwt/jwt` due former library being unmaintained and having security 
issues.
NOTE: `golang-jwt/jwt` now only supports last 2 Go releases. So 1.15+
For detailed information please read https://github.com/labstack/echo/discussions/1940
 2021-08-01 23:20:08 +03:00
toimtoimtoim
1ac4a8f3d0 Adds JWTConfig.ParseTokenFunc to JWT middleware to allow different libraries implementing JWT parsing. 2021-06-13 20:33:08 +03:00
Kaan Karakaya
379bdeaa1e docs: Added comment about TokenLookup 
Signed-off-by: Kaan Karakaya <yusufkaan142@gmail.com>
 2021-06-01 07:53:32 +03:00
Kaan Karakaya
de3f87eb23
Jwt lookup from multiple sources (#1845) 
* Jwt lookup from multiple sources
 2021-05-08 22:30:06 +03:00
antonindrawan
76f186ad3b
feat(jwt): make KeyFunc public in JWT middleware (#1756) 
* feat(jwt): make KeyFunc public in JWT middleware

It allows a user-defined function to supply the key for a token
verification.
 2021-05-08 22:19:24 +03:00
rkfg
2152e4e872 Support form fields in jwt middleware 2020-12-01 09:51:20 +03:00
Juan Belieni
09f36b585d Create ErrJWTInvalid variable 2020-08-27 19:35:45 -03:00
Dmitry Kutakov
712b5e46c5 format code (gofmt + trim trailing space) (#1452) 2020-01-25 09:48:53 -08:00
Tom Scholz
31361576e8 feat: Add a new ErrorHandlerWithContext (#1328) 
* feat: Add a new ErrorHandlerWithContext

This commit adds a new error handler, which is passed the 
current context, so that you can add custom redirects or even
other kinds of responses. For example:

```go
	e.Use(middleware.JWTWithConfig(middleware.JWTConfig{
		SigningKey: []byte("secret"),
		TokenLookup: "query:token",
		ErrorHandlerWithContext: func(err error, c echo.Context) error {
			// do stuff with context and err
			switch err.(type) {
			case jwt.ValidationError:
				return c.Redirect(http.StatusSeeOther, "/login")
			}
			return err
		},
	}))
```

* chore: address golint issues
 2019-06-13 13:21:03 -07:00
ozburo
6b9408d1d1 Added param:<name> lookup option to JWT Middleware (#1296) 
* Added  lookup option to JWT Middleware

* Added param:<name> lookup option to JWT Middleware
 2019-06-09 09:49:52 -07:00
Das Jott
e2671fe963 Provide possibility to use key ids (#1289) 
* provide possibility to use key ids
* kid tests
 2019-05-17 07:45:49 -07:00
Alex Ungur
6d9e043284 Introduced Go module support as v4, removed obsolete CloseNotifier() mechanism 
This reintroduces support for Go modules, as v4.

CloseNotifier() is removed as it has been obsoleted, see https://golang.org/doc/go1.11#net/http

It was already NOT working (not sending signals) as of 1.11 the functionality was gone, we merely
deleted the functions that exposed it. If anyone still relies on it they should migrate to using
`c.Request().Context().Done()` instead.

Closes #1268, #1255
 2019-01-30 16:11:42 +02:00
Vishal Rana
db8f5706fd Closed #1121 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2018-07-17 23:21:54 -07:00
Vishal Rana
d8a6dad02d [JWT] use local error handler for missing token 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2018-07-09 11:36:25 -07:00
Vishal Rana
61084e242e JWT BeforeFunc, SuccessHandler & ErrorHandler 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2018-06-28 20:42:18 -07:00
Vishal Rana
5b769f91b2 HTTPError#Inner to HTTPError#Internal 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2018-04-10 12:06:31 -07:00
Vishal Rana
4f3080c197 Bit of more cleanup 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2018-02-21 11:38:22 -08:00
Evgeniy Kulikov
f49d166e6f [FIX] Cleanup code (#1061) 
Code cleanup
 2018-02-21 10:44:17 -08:00
Vishal Rana
f2bc6802be Exposed JWT error 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2017-08-31 10:17:27 -07:00
Vishal Rana
7dfec7e641 Custom jwt errors (#999) 
* Custom error for jwt
* New field `inner` in HTTPError to store error from external dependency

Signed-off-by: Vishal Rana <vr@labstack.com>
 2017-08-31 09:18:42 -07:00
Paul Tyng
a5c75b002d Fix issue with JWT race (#968) 2017-07-14 11:55:19 -07:00
Nick Hudkins
7676f85ef9 Allow interface{} as key for JWT middleware argument (#957) 2017-06-19 15:42:27 -07:00
Vishal Rana
a8cd0ad133 Closes #942 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2017-06-02 18:13:26 -07:00
Vishal Rana
52fa135fd5 Updated docs, exposed middleware.DefaultSkipper 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2017-01-28 11:46:43 -08:00
Vishal Rana
9fe724dedb Fixed #802, closes #773 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2017-01-05 12:38:39 -08:00
Vishal Rana
412823eabb Added key auth middleware 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2017-01-02 20:12:06 -08:00
Vishal Rana
f5f75122ba fixed #750 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2016-12-19 11:43:24 -08:00
Vikram Sreekumar
23176c639e jwt-authscheme: support for custom jwt auth scheme 
- added "AuthScheme" in the JWTConfig and set default value to
	  "Bearer".
	- added test case for validating JWT Auth with a custom auth
	  scheme.
 2016-12-19 11:39:31 -08:00
Michael Köppl
f0b235c108 Fix typo (#767) 2016-12-09 09:05:40 -08:00
Vishal Rana
2aec0353f5 First commit to v3, #665 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2016-09-22 22:56:00 -07:00
Vishal Rana
862bee4ebd Fixed #647, fixed #656 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2016-09-14 15:37:21 -07:00
Vishal Rana
e980bd9055 Closes #647 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2016-09-07 12:18:57 -07:00
Vishal Rana
3d9d408365 Options for redirect middleware 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2016-08-31 20:10:14 -07:00
Vishal Rana
6dab126f64 Fixed godoc 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2016-08-27 10:58:33 -07:00
Vishal Rana
bc7b992d23 Dropped custom error handler for jwt, closes #589, closes ##591 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2016-08-27 10:54:51 -07:00
Vishal Rana
98061d3ce3 Closes #633 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2016-08-21 09:52:20 -07:00
Vishal Rana
87dbea59f7 Minor refactor and format 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2016-08-20 09:35:19 -07:00
matcornic
2557d33c4b Closes #631 2016-08-20 17:59:36 +02:00
Vishal Rana
27f9b326b8 Ability to skip a middleware via callback 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2016-07-27 09:34:44 -07:00
Przemek Komosa
a8b48af608 Read JWT from cookie 
Note: writing token to cookie is out of scope of this middleware
(exactly as in other reading methods).
 2016-07-02 11:26:05 +02:00
Przemek Komosa
ae09482493 Add HandleEmptyToken to JWT middleware 
Now it is possible to add custom handler for missing JWT.
 2016-07-02 00:55:11 +02:00
Vishal Rana
dc244c173d Minor fix in jwt and csrf middleware 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2016-05-26 19:23:46 -07:00
Vishal Rana
7e52ad4dd5 Changes to jwt and csrf middleware 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2016-05-26 14:08:02 -07:00
Vishal Rana
c6b32d5541 Added json tags to middleware config 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2016-05-18 18:53:54 -07:00
Vishal Rana
7d1819e5b1 Extractor for csrf token 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2016-05-13 08:18:00 -07:00
Vishal Rana
98dd8bf9e9 Added CSRF middleware, #341. 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2016-05-12 17:45:00 -07:00
Vishal Rana
1afaa6ec0b Updated docs, changes to static middleware config 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2016-05-10 11:52:04 -07:00