mirror of
https://github.com/labstack/echo.git
synced 2025-01-07 23:01:56 +02:00
6ef5f77bf2
WIP: make default logger implemented custom writer for jsonlike logs WIP: improve examples WIP: defaultErrorHandler use errors.As to unwrap errors. Update readme WIP: default logger logs json, restore e.Start method WIP: clean router.Match a bit WIP: func types/fields have echo.Context has first element WIP: remove yaml tags as functions etc can not be serialized anyway WIP: change BindPathParams,BindQueryParams,BindHeaders from methods to functions and reverse arguments to be like DefaultBinder.Bind is WIP: improved comments, logger now extracts status from error WIP: go mod tidy WIP: rebase with 4.5.0 WIP: * removed todos. * removed StartAutoTLS and StartH2CServer methods from `StartConfig` * KeyAuth middleware errorhandler can swallow the error and resume next middleware WIP: add RouterConfig.UseEscapedPathForMatching to use escaped path for matching request against routes WIP: FIXMEs WIP: upgrade golang-jwt/jwt to `v4` WIP: refactor http methods to return RouteInfo WIP: refactor static not creating multiple routes WIP: refactor route and middleware adding functions not to return error directly WIP: Use 401 for problematic/missing headers for key auth and JWT middleware (#1552, #1402). > In summary, a 401 Unauthorized response should be used for missing or bad authentication WIP: replace `HTTPError.SetInternal` with `HTTPError.WithInternal` so we could not mutate global error variables WIP: add RouteInfo and RouteMatchType into Context what we could know from in middleware what route was matched and/or type of that match (200/404/405) WIP: make notFoundHandler and methodNotAllowedHandler private. encourage that all errors be handled in Echo.HTTPErrorHandler WIP: server cleanup ideas WIP: routable.ForGroup WIP: note about logger middleware WIP: bind should not default values on second try. use crypto rand for better randomness WIP: router add route as interface and returns info as interface WIP: improve flaky test (remains still flaky) WIP: add notes about bind default values WIP: every route can have their own path params names WIP: routerCreator and different tests WIP: different things WIP: remove route implementation WIP: support custom method types WIP: extractor tests WIP: v5.0.x proposal over v4.4.0
77 lines
2.7 KiB
Go
77 lines
2.7 KiB
Go
package middleware_test
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
"github.com/golang-jwt/jwt/v4"
|
|
"github.com/labstack/echo/v4"
|
|
"github.com/labstack/echo/v4/middleware"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
)
|
|
|
|
// CreateJWTGoParseTokenFunc creates JWTGo implementation for ParseTokenFunc
|
|
//
|
|
// signingKey is signing key to validate token.
|
|
// This is one of the options to provide a token validation key.
|
|
// The order of precedence is a user-defined SigningKeys and SigningKey.
|
|
// Required if signingKeys is not provided.
|
|
//
|
|
// signingKeys is Map of signing keys to validate token with kid field usage.
|
|
// This is one of the options to provide a token validation key.
|
|
// The order of precedence is a user-defined SigningKeys and SigningKey.
|
|
// Required if signingKey is not provided
|
|
func CreateJWTGoParseTokenFunc(signingKey interface{}, signingKeys map[string]interface{}) func(c echo.Context, auth string) (interface{}, error) {
|
|
// keyFunc defines a user-defined function that supplies the public key for a token validation.
|
|
// The function shall take care of verifying the signing algorithm and selecting the proper key.
|
|
// A user-defined KeyFunc can be useful if tokens are issued by an external party.
|
|
keyFunc := func(t *jwt.Token) (interface{}, error) {
|
|
if t.Method.Alg() != middleware.AlgorithmHS256 {
|
|
return nil, fmt.Errorf("unexpected jwt signing method=%v", t.Header["alg"])
|
|
}
|
|
if len(signingKeys) == 0 {
|
|
return signingKey, nil
|
|
}
|
|
|
|
if kid, ok := t.Header["kid"].(string); ok {
|
|
if key, ok := signingKeys[kid]; ok {
|
|
return key, nil
|
|
}
|
|
}
|
|
return nil, fmt.Errorf("unexpected jwt key id=%v", t.Header["kid"])
|
|
}
|
|
|
|
return func(c echo.Context, auth string) (interface{}, error) {
|
|
token, err := jwt.ParseWithClaims(auth, jwt.MapClaims{}, keyFunc) // you could add your default claims here
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if !token.Valid {
|
|
return nil, errors.New("invalid token")
|
|
}
|
|
return token, nil
|
|
}
|
|
}
|
|
|
|
func ExampleJWTConfig_withJWTGoAsTokenParser() {
|
|
mw := middleware.JWTWithConfig(middleware.JWTConfig{
|
|
ParseTokenFunc: CreateJWTGoParseTokenFunc([]byte("secret"), nil),
|
|
})
|
|
|
|
e := echo.New()
|
|
e.Use(mw)
|
|
|
|
e.GET("/", func(c echo.Context) error {
|
|
user := c.Get("user").(*jwt.Token)
|
|
return c.JSON(http.StatusTeapot, user.Claims)
|
|
})
|
|
|
|
req := httptest.NewRequest(http.MethodGet, "/", nil)
|
|
req.Header.Set(echo.HeaderAuthorization, "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ")
|
|
res := httptest.NewRecorder()
|
|
e.ServeHTTP(res, req)
|
|
|
|
fmt.Printf("status: %v, body: %v", res.Code, res.Body.String())
|
|
// Output: status: 418, body: {"admin":true,"name":"John Doe","sub":"1234567890"}
|
|
}
|