func (mgm tokenManager) Locate(ctx context.Context) (uuid.UUID, error) {
token := goajwt.ContextJWT(ctx)
if token == nil {
return uuid.UUID{}, errors.New("Missing token") // TODO, make specific tokenErrors
}
id := token.Claims.(jwt.MapClaims)["sub"]
if id == nil {
return uuid.UUID{}, errors.New("Missing sub")
}
idTyped, err := uuid.FromString(id.(string))
if err != nil {
return uuid.UUID{}, errors.New("uuid not of type string")
}
return idTyped, nil
}
var requiredScopes []string
var dispatchResult error
var fetchedToken *jwtpkg.Token
BeforeEach(func() {
securityScheme = &goa.JWTSecurity{
In: goa.LocHeader,
Name: "Authorization",
}
respRecord = httptest.NewRecorder()
requiredScopes = []string{"scope1"}
request, _ = http.NewRequest("GET", "http://example.com/", nil)
// HS256 {"scopes":"scope1","admin":true}, signed with "keys"
request.Header.Set("Authorization", "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZXMiOiJzY29wZTEiLCJhZG1pbiI6dHJ1ZX0.UCvEfbD_yuS5dCZidxZgogVi2yF0ZVecMsQQbY1HJy0")
handler = func(ctx context.Context, w http.ResponseWriter, r *http.Request) error {
fetchedToken = jwt.ContextJWT(ctx)
return nil
}
scopesFetcher = func(ctx context.Context) []string {
return requiredScopes
}
})
JustBeforeEach(func() {
middleware = configFunc(securityScheme, scopesFetcher)
dispatchResult = middleware(handler)(context.Background(), respRecord, request)
})
Context("HMAC keys signed token", func() {
BeforeEach(func() {
// HS256 {"scopes":"scope1","admin":true}, signed with "keys"