-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathauth-utils.go
104 lines (87 loc) · 2.17 KB
/
auth-utils.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
package ginmiddleware
import (
"errors"
"net/http"
"strings"
"github.com/golang-jwt/jwt/v5"
)
type IgetAuthToken interface {
GetAuthToken(*http.Request) (string, error)
}
var (
_ IgetAuthToken = (*HeaderAuthToken)(nil)
_ IgetAuthToken = (*QueryAuthToken)(nil)
)
var (
JWTHeaderAuthToken = HeaderAuthToken{Key: "Authorization", ValueHeader: "bearer"}
BasicHeaderAuthToken = HeaderAuthToken{Key: "Authorization", ValueHeader: "basic"}
JWTQueryAuthToken = QueryAuthToken{Key: "access_token"}
)
type HeaderAuthToken struct {
Key string
ValueHeader string
}
var (
ErrorHeaderAuthFormat = errors.New("error header auth format")
)
func (h *HeaderAuthToken) GetAuthToken(r *http.Request) (string, error) {
authHeader := r.Header.Get(h.Key)
if authHeader == "" {
return "", nil // No error, just no token
}
if h.ValueHeader == "" {
return authHeader, nil
}
authHeaderParts := strings.Split(authHeader, " ")
if len(authHeaderParts) != 2 || strings.ToLower(authHeaderParts[0]) != h.ValueHeader {
return "", ErrorHeaderAuthFormat
}
return authHeaderParts[1], nil
}
type QueryAuthToken struct {
Key string
}
func (q *QueryAuthToken) GetAuthToken(r *http.Request) (string, error) {
token := r.URL.Query().Get(q.Key)
return token, nil
}
type IAuthenticator interface {
Authenticate(token string) (interface{}, *Error)
}
var (
_ IAuthenticator = (*JWTAuthenticator)(nil)
)
type JWTAuthenticator struct {
Audience string
Issuer string
GetPublicSecret func(*jwt.Token) (interface{}, error)
}
func (a *JWTAuthenticator) Authenticate(token string) (interface{}, *Error) {
if token == "" {
return nil, &Error{
Code: -1,
Message: "missing authorization token",
}
}
jwtToken, err := jwt.Parse(token, a.GetPublicSecret, jwt.WithIssuer(a.Issuer), jwt.WithAudience(a.Audience))
if err != nil {
return nil, &Error{
Code: -2,
Message: err.Error(),
}
}
if !jwtToken.Valid {
return nil, &Error{
Code: -3,
Message: "invalid jwt token",
}
}
claims, ok := jwtToken.Claims.(jwt.MapClaims)
if !ok {
return nil, &Error{
Code: -4,
Message: "invalid jwt token",
}
}
return map[string]interface{}(claims), nil
}