Esempio n. 1
0
func (mgm tokenManager) Locate(ctx context.Context) (uuid.UUID, error) {
	token := goajwt.ContextJWT(ctx)
	if token == nil {
		return uuid.UUID{}, errors.New("Missing token") // TODO, make specific tokenErrors
	}
	id := token.Claims.(jwt.MapClaims)["sub"]
	if id == nil {
		return uuid.UUID{}, errors.New("Missing sub")
	}
	idTyped, err := uuid.FromString(id.(string))
	if err != nil {
		return uuid.UUID{}, errors.New("uuid not of type string")
	}
	return idTyped, nil
}
Esempio n. 2
0
	var requiredScopes []string
	var dispatchResult error
	var fetchedToken *jwtpkg.Token

	BeforeEach(func() {
		securityScheme = &goa.JWTSecurity{
			In:   goa.LocHeader,
			Name: "Authorization",
		}
		respRecord = httptest.NewRecorder()
		requiredScopes = []string{"scope1"}
		request, _ = http.NewRequest("GET", "http://example.com/", nil)
		// HS256 {"scopes":"scope1","admin":true}, signed with "keys"
		request.Header.Set("Authorization", "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZXMiOiJzY29wZTEiLCJhZG1pbiI6dHJ1ZX0.UCvEfbD_yuS5dCZidxZgogVi2yF0ZVecMsQQbY1HJy0")
		handler = func(ctx context.Context, w http.ResponseWriter, r *http.Request) error {
			fetchedToken = jwt.ContextJWT(ctx)
			return nil
		}
		scopesFetcher = func(ctx context.Context) []string {
			return requiredScopes
		}
	})

	JustBeforeEach(func() {
		middleware = configFunc(securityScheme, scopesFetcher)
		dispatchResult = middleware(handler)(context.Background(), respRecord, request)
	})

	Context("HMAC keys signed token", func() {
		BeforeEach(func() {
			// HS256 {"scopes":"scope1","admin":true}, signed with "keys"