func TestJWTAuthenticationWrongToken(t *testing.T) {
m := minion.Classic(minion.Options{JWTToken: "123"})
usersHandler := func(ctx *minion.Context) {
j := struct {
Message string `json:"message"`
}{
"ok",
}
ctx.JSON(200, j)
}
m.Get("/users", usersHandler)
ts := httptest.NewServer(m)
defer ts.Close()
var j, body string
var status int
tokenAuth := jwtauth.New("HS256", []byte("wrong"), nil)
_, tokenString, _ := tokenAuth.Encode(nil)
h := http.Header{}
h.Set("Authorization", "BEARER "+tokenString)
status, body = tst.Request(t, ts, "GET", "/users", h, nil)
tst.AssertEqual(t, 401, status)
j = `{"status":401,"message":"Unauthorized"}`
tst.AssertEqual(t, j, body)
}
func init() {
TokenAuth = jwtauth.New("HS256", []byte("secret"), nil)
// For debugging/example purposes, we generate and print
// a sample jwt token with claims `user_id:123` here:
_, tokenString, _ := TokenAuth.Encode(jwtauth.Claims{"user_id": 123})
fmt.Printf("DEBUG: a sample jwt is %s\n\n", tokenString)
}
// Classic returns a new Engine instance with basic middlewares
// Recovery, Logger, CORS and JWT
func Classic(opts Options) *Engine {
engine := New(opts)
crs := cors.New(cors.Options{
AllowedOrigins: engine.options.Cors,
})
tokenAuth = jwtauth.New("HS256", []byte(opts.JWTToken), nil)
ctx := engine.pool.Get().(*Context)
engine.Use(Recovery)
engine.Use(Logger)
engine.Use(crs.Handler)
engine.Use(tokenAuth.Verifier)
engine.Use(ctx.Authenticator)
return engine
}
func init() {
TokenAuth = jwtauth.New("HS256", TokenSecret, nil)
}
