Skip to content

Commit

Permalink
getClaimsFromJWT and build step fix
Browse files Browse the repository at this point in the history
  • Loading branch information
kayra1 committed Jul 11, 2024
1 parent c7d1184 commit f78aff3
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 9 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/build-rock.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ jobs:
id: test_notify
run : |
curl -XPOST -k -d '{"username":"admin", "password": "Admin1234"}' https://localhost:3000/api/v1/accounts
export ADMIN_TOKEN=(curl -XPOST -k -d '{"username":"admin", "password": "Admin1234"}' https://localhost:3000/login)
export ADMIN_TOKEN=$(curl -XPOST -k -d '{"username":"admin", "password": "Admin1234"}' https://localhost:3000/login)
curl -XPOST -k -d '-----BEGIN CERTIFICATE REQUEST-----
MIIC5zCCAc8CAQAwRzEWMBQGA1UEAwwNMTAuMTUyLjE4My41MzEtMCsGA1UELQwk
MzlhY2UxOTUtZGM1YS00MzJiLTgwOTAtYWZlNmFiNGI0OWNmMIIBIjANBgkqhkiG
Expand Down
24 changes: 16 additions & 8 deletions internal/api/middleware.go
Original file line number Diff line number Diff line change
Expand Up @@ -122,14 +122,8 @@ func authMiddleware(ctx *middlewareContext) middleware {
logErrorAndWriteResponse("authorization header couldn't be processed. The expected format is 'Bearer <token>'", http.StatusUnauthorized, w)
return
}
claims := jwtGocertClaims{}
token, err := jwt.ParseWithClaims(bearerToken[1], &claims, func(token *jwt.Token) (interface{}, error) {
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
}
return ctx.jwtSecret, nil
})
if err != nil || !token.Valid {
claims, err := getClaimsFromJWT(bearerToken[1], ctx.jwtSecret)
if err != nil {
logErrorAndWriteResponse(fmt.Sprintf("token is not valid: %s", err.Error()), http.StatusUnauthorized, w)
return
}
Expand All @@ -154,3 +148,17 @@ func authMiddleware(ctx *middlewareContext) middleware {
})
}
}

func getClaimsFromJWT(bearerToken string, jwtSecret []byte) (*jwtGocertClaims, error) {
claims := jwtGocertClaims{}
token, err := jwt.ParseWithClaims(bearerToken, &claims, func(token *jwt.Token) (interface{}, error) {
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
}
return jwtSecret, nil
})
if err != nil || !token.Valid {
return nil, err
}
return &claims, nil
}

0 comments on commit f78aff3

Please sign in to comment.