func (mgm tokenManager) Locate(ctx context.Context) (uuid.UUID, error) { token := goajwt.ContextJWT(ctx) if token == nil { return uuid.UUID{}, errors.New("Missing token") // TODO, make specific tokenErrors } id := token.Claims.(jwt.MapClaims)["sub"] if id == nil { return uuid.UUID{}, errors.New("Missing sub") } idTyped, err := uuid.FromString(id.(string)) if err != nil { return uuid.UUID{}, errors.New("uuid not of type string") } return idTyped, nil }
var requiredScopes []string var dispatchResult error var fetchedToken *jwtpkg.Token BeforeEach(func() { securityScheme = &goa.JWTSecurity{ In: goa.LocHeader, Name: "Authorization", } respRecord = httptest.NewRecorder() requiredScopes = []string{"scope1"} request, _ = http.NewRequest("GET", "http://example.com/", nil) // HS256 {"scopes":"scope1","admin":true}, signed with "keys" request.Header.Set("Authorization", "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZXMiOiJzY29wZTEiLCJhZG1pbiI6dHJ1ZX0.UCvEfbD_yuS5dCZidxZgogVi2yF0ZVecMsQQbY1HJy0") handler = func(ctx context.Context, w http.ResponseWriter, r *http.Request) error { fetchedToken = jwt.ContextJWT(ctx) return nil } scopesFetcher = func(ctx context.Context) []string { return requiredScopes } }) JustBeforeEach(func() { middleware = configFunc(securityScheme, scopesFetcher) dispatchResult = middleware(handler)(context.Background(), respRecord, request) }) Context("HMAC keys signed token", func() { BeforeEach(func() { // HS256 {"scopes":"scope1","admin":true}, signed with "keys"