Esempio n. 1
0
func (k *Kontrol) updateKeyWithKeyPair(t *jwt.Token, keyPair *KeyPair) string {
	claims := t.Claims.(*kitekey.KiteClaims)

	if claims.KontrolKey != "" {
		claims.KontrolKey = keyPair.Public
	}

	rsaPrivate, err := jwt.ParseRSAPrivateKeyFromPEM([]byte(keyPair.Private))
	if err != nil {
		k.log.Error("key update error for %q: %s", claims.Subject, err)

		return ""
	}

	kiteKey, err := t.SignedString(rsaPrivate)
	if err != nil {
		k.log.Error("key update error for %q: %s", claims.Subject, err)

		return ""
	}

	return kiteKey
}
Esempio n. 2
0
	"github.com/raphael/goa-middleware/jwt"
)

var signingKey = []byte("jwtsecretsauce")

// Sample data from http://tools.ietf.org/html/draft-jones-json-web-signature-04#appendix-A.1
var hmacTestKey, _ = ioutil.ReadFile("test/hmacTestKey")
var rsaSampleKey, _ = ioutil.ReadFile("test/sample_key")
var rsaSampleKeyPub, _ = ioutil.ReadFile("test/sample_key.pub")

var _ = Describe("JWT Middleware", func() {
	var ctx *goa.Context
	var spec *jwt.Specification
	var req *http.Request
	var err error
	var token *jwtg.Token
	var tokenString string
	params := url.Values{"param": []string{"value"}, "query": []string{"qvalue"}}
	payload := map[string]interface{}{"payload": 42}
	validFunc := func(token *jwtg.Token) (interface{}, error) {
		return signingKey, nil
	}

	BeforeEach(func() {
		req, err = http.NewRequest("POST", "/goo", strings.NewReader(`{"payload":42}`))
		Ω(err).ShouldNot(HaveOccurred())
		rw := new(TestResponseWriter)
		ctx = goa.NewContext(nil, goa.New("test"), req, rw, params)
		ctx.SetPayload(payload)
		spec = &jwt.Specification{
			AllowParam:     true,