Exemplo n.º 1
0
func (k *Kontrol) updateKeyWithKeyPair(t *jwt.Token, keyPair *KeyPair) string {
	claims := t.Claims.(*kitekey.KiteClaims)

	if claims.KontrolKey != "" {
		claims.KontrolKey = keyPair.Public
	}

	rsaPrivate, err := jwt.ParseRSAPrivateKeyFromPEM([]byte(keyPair.Private))
	if err != nil {
		k.log.Error("key update error for %q: %s", claims.Subject, err)

		return ""
	}

	kiteKey, err := t.SignedString(rsaPrivate)
	if err != nil {
		k.log.Error("key update error for %q: %s", claims.Subject, err)

		return ""
	}

	return kiteKey
}
Exemplo n.º 2
0
	}

	BeforeEach(func() {
		req, err = http.NewRequest("POST", "/goo", strings.NewReader(`{"payload":42}`))
		Ω(err).ShouldNot(HaveOccurred())
		rw := new(TestResponseWriter)
		ctx = goa.NewContext(nil, goa.New("test"), req, rw, params)
		ctx.SetPayload(payload)
		spec = &jwt.Specification{
			AllowParam:     true,
			ValidationFunc: validFunc,
		}
		token = jwtg.New(jwtg.SigningMethodHS256)
		token.Claims["exp"] = time.Now().Add(time.Hour * 24).Unix()
		token.Claims["random"] = "42"
		tokenString, err = token.SignedString(signingKey)
		Ω(err).ShouldNot(HaveOccurred())
	})

	It("requires a jwt token be present", func() {

		h := func(ctx *goa.Context) error {
			ctx.Respond(200, "ok")
			return nil
		}
		jw := jwt.Middleware(spec)(h)
		Ω(jw(ctx)).ShouldNot(HaveOccurred())
		Ω(ctx.ResponseStatus()).Should(Equal(http.StatusUnauthorized))

	})