foomo/keel
1
0
Fork 0
mirror of https://github.com/foomo/keel.git synced 2025-10-16 12:35:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: don't parse claims if not required

Browse Source
This commit is contained in:
franklin 2022-12-27 09:21:17 +01:00
parent aed3aa661b
commit ce6e4631b8
2 changed files with 77 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

133
example/middlewares/jwtfromcookie/main.go
View File

@ -76,77 +76,80 @@ func main() {
svr.AddService( svr.AddService(
keel.NewServiceHTTP(l, "demo", "localhost:8080", svs, keel.NewServiceHTTP(l, "demo", "localhost:8080", svs,
middleware.JWT( middleware.Skip(
jwtInst, middleware.JWT(
ContextKey, jwtInst,
// use custom token provider ContextKey,
middleware.JWTWithTokenProvider(tokenProvider), // use custom token provider
// user custom claims middleware.JWTWithTokenProvider(tokenProvider),
middleware.JWTWithClaimsProvider(func() jwt2.Claims { // user custom claims
return &CustomClaims{} middleware.JWTWithClaimsProvider(func() jwt2.Claims {
}), return &CustomClaims{}
// handle existing claim }),
middleware.JWTWithClaimsHandler(func(l *zap.Logger, w http.ResponseWriter, r *http.Request, claims jwt2.Claims) bool { // handle existing claim
if value, ok := claims.(*CustomClaims); ok { middleware.JWTWithClaimsHandler(func(l *zap.Logger, w http.ResponseWriter, r *http.Request, claims jwt2.Claims) bool {
var language string if value, ok := claims.(*CustomClaims); ok {
switch { var language string
case strings.HasPrefix(r.URL.Path, "/fr"): switch {
language = "fr" case strings.HasPrefix(r.URL.Path, "/fr"):
case strings.HasPrefix(r.URL.Path, "/en"): language = "fr"
language = "en" case strings.HasPrefix(r.URL.Path, "/en"):
default: language = "en"
language = "de" default:
} language = "de"
if value.Language != language { }
value.Language = language if value.Language != language {
if token, err := jwtInst.GetSignedToken(claims); err != nil { value.Language = language
httputils.InternalServerError(l, w, r, err) if token, err := jwtInst.GetSignedToken(claims); err != nil {
return false httputils.InternalServerError(l, w, r, err)
} else if c, err := jwtCookie.Set(w, r, token); err != nil { return false
httputils.InternalServerError(l, w, r, err) } else if c, err := jwtCookie.Set(w, r, token); err != nil {
return false httputils.InternalServerError(l, w, r, err)
return false
} else {
r.AddCookie(c)
l.Info("updated cookie", zap.String("path", r.URL.Path))
return true
}
} else { } else {
r.AddCookie(c)
l.Info("updated cookie", zap.String("path", r.URL.Path))
return true return true
} }
} else { } else {
return true httputils.InternalServerError(l, w, r, err)
return false
} }
} else { }),
httputils.InternalServerError(l, w, r, err) // create cookie if missing
middleware.JWTWithMissingTokenHandler(func(l *zap.Logger, w http.ResponseWriter, r *http.Request) (jwt2.Claims, bool) {
claims := &CustomClaims{
StandardClaims: jwt.NewStandardClaims(),
Name: "JWT From Cookie Example",
Language: "de",
}
if token, err := jwtInst.GetSignedToken(claims); err != nil {
httputils.InternalServerError(l, w, r, err)
return nil, false
} else if c, err := jwtCookie.Set(w, r, token); err != nil {
httputils.InternalServerError(l, w, r, err)
return nil, false
} else {
r.AddCookie(c)
l.Info("added cookie", zap.String("path", r.URL.Path))
}
return claims, true
}),
// delete cookie if e.g. sth is wrong with it
middleware.JWTWithErrorHandler(func(l *zap.Logger, w http.ResponseWriter, r *http.Request, err error) bool {
if err := jwtCookie.Delete(w, r); err != nil {
httputils.InternalServerError(l, w, r, err)
return false
}
l.Info("deleted cookie")
http.Redirect(w, r, r.URL.String(), http.StatusTemporaryRedirect)
return false return false
} }),
}), ),
// create cookie if missing middleware.RequestURIBlacklistSkipper("/favicon.ico"),
middleware.JWTWithMissingTokenHandler(func(l *zap.Logger, w http.ResponseWriter, r *http.Request) (jwt2.Claims, bool) {
claims := &CustomClaims{
StandardClaims: jwt.NewStandardClaims(),
Name: "JWT From Cookie Example",
Language: "de",
}
if token, err := jwtInst.GetSignedToken(claims); err != nil {
httputils.InternalServerError(l, w, r, err)
return nil, false
} else if c, err := jwtCookie.Set(w, r, token); err != nil {
httputils.InternalServerError(l, w, r, err)
return nil, false
} else {
r.AddCookie(c)
l.Info("added cookie", zap.String("path", r.URL.Path))
}
return claims, true
}),
// delete cookie if e.g. sth is wrong with it
middleware.JWTWithErrorHandler(func(l *zap.Logger, w http.ResponseWriter, r *http.Request, err error) bool {
if err := jwtCookie.Delete(w, r); err != nil {
httputils.InternalServerError(l, w, r, err)
return false
}
l.Info("deleted cookie")
http.Redirect(w, r, r.URL.String(), http.StatusTemporaryRedirect)
return false
}),
), ),
), ),
) )

18
net/http/middleware/jwt.go
View File

@ -23,8 +23,8 @@ type (
ErrorHandler JWTErrorHandler ErrorHandler JWTErrorHandler
} }
JWTOption func(*JWTOptions) JWTOption func(*JWTOptions)
JWTClaimsHandler func(*zap.Logger, http.ResponseWriter, *http.Request, jwt2.Claims) bool
JWTClaimsProvider func() jwt2.Claims JWTClaimsProvider func() jwt2.Claims
JWTClaimsHandler func(*zap.Logger, http.ResponseWriter, *http.Request, jwt2.Claims) bool
JWTErrorHandler func(*zap.Logger, http.ResponseWriter, *http.Request, error) bool JWTErrorHandler func(*zap.Logger, http.ResponseWriter, *http.Request, error) bool
JWTMissingTokenHandler func(*zap.Logger, http.ResponseWriter, *http.Request) (jwt2.Claims, bool) JWTMissingTokenHandler func(*zap.Logger, http.ResponseWriter, *http.Request) (jwt2.Claims, bool)
JWTInvalidTokenHandler func(*zap.Logger, http.ResponseWriter, *http.Request, *jwt2.Token) bool JWTInvalidTokenHandler func(*zap.Logger, http.ResponseWriter, *http.Request, *jwt2.Token) bool
@ -167,6 +167,12 @@ func JWTWithOptions(jwt *jwt.JWT, contextKey interface{}, opts JWTOptions) Middl
} }
} }
// don't validate if not required
if !opts.SetContext {
next.ServeHTTP(w, r)
return
}
// handle existing token // handle existing token
jwtToken, err := jwt.ParseWithClaims(token, claims) jwtToken, err := jwt.ParseWithClaims(token, claims)
if err != nil { if err != nil {
@ -183,16 +189,10 @@ func JWTWithOptions(jwt *jwt.JWT, contextKey interface{}, opts JWTOptions) Middl
} else { } else {
return return
} }
} } else if resume := opts.ClaimsHandler(l, w, r, claims); !resume {
// handle existing claims and serve
if resume := opts.ClaimsHandler(l, w, r, claims); !resume {
return
} else if opts.SetContext {
next.ServeHTTP(w, r.WithContext(context.WithValue(r.Context(), contextKey, claims)))
return return
} else { } else {
next.ServeHTTP(w, r) next.ServeHTTP(w, r.WithContext(context.WithValue(r.Context(), contextKey, claims)))
return return
} }
}) })