chrly/http/jwt.go

package http

import (
	"errors"
	"net/http"
	"strings"
	"time"

	"github.com/SermoDigital/jose/crypto"
	"github.com/SermoDigital/jose/jws"
)

var hashAlg = crypto.SigningMethodHS256

const scopesClaim = "scopes"

type Scope string

var (
	SkinScope = Scope("skin")
)

type JwtAuth struct {
	Emitter
	Key []byte
}

func (t *JwtAuth) NewToken(scopes ...Scope) ([]byte, error) {
	if len(t.Key) == 0 {
		return nil, errors.New("signing key not available")
	}

	claims := jws.Claims{}
	claims.Set(scopesClaim, scopes)
	claims.SetIssuedAt(time.Now())
	encoder := jws.NewJWT(claims, hashAlg)
	token, err := encoder.Serialize(t.Key)
	if err != nil {
		return nil, err
	}

	return token, nil
}

func (t *JwtAuth) Authenticate(req *http.Request) error {
	if len(t.Key) == 0 {
		return t.emitErr(errors.New("Signing key not set"))
	}

	bearerToken := req.Header.Get("Authorization")
	if bearerToken == "" {
		return t.emitErr(errors.New("Authentication header not presented"))
	}

	if !strings.EqualFold(bearerToken[0:7], "BEARER ") {
		return t.emitErr(errors.New("Cannot recognize JWT token in passed value"))
	}

	tokenStr := bearerToken[7:]
	token, err := jws.ParseJWT([]byte(tokenStr))
	if err != nil {
		return t.emitErr(errors.New("Cannot parse passed JWT token"))
	}

	err = token.Validate(t.Key, hashAlg)
	if err != nil {
		return t.emitErr(errors.New("JWT token have invalid signature. It may be corrupted or expired"))
	}

	t.Emit("authentication:success")

	return nil
}

func (t *JwtAuth) emitErr(err error) error {
	t.Emit("authentication:error", err)
	return err
}
Add stats reporter events listener, restore all events for http layer, rework authentication middleware and authenticator interface 2020-02-16 15:53:47 +05:30			`package http`
Implemented jwt generation 2018-01-16 02:22:22 +05:30
			`import (`
The configuration file was deleted in favor of using environment variables. Token generation functionality remove. Secret token now provided via CHRLY_SECRET env variable. 2018-02-15 16:50:17 +05:30			`"errors"`
Implemented API endpoint to update skin information Added tests to jwt package Reworked redis backend implementation Skin repository now have methods to remove skins by user id or username 2018-01-23 21:13:37 +05:30			`"net/http"`
			`"strings"`
Implemented jwt generation 2018-01-16 02:22:22 +05:30			`"time"`

			`"github.com/SermoDigital/jose/crypto"`
			`"github.com/SermoDigital/jose/jws"`
			`)`

			`var hashAlg = crypto.SigningMethodHS256`

			`const scopesClaim = "scopes"`

			`type Scope string`

			`var (`
			`SkinScope = Scope("skin")`
			`)`

			`type JwtAuth struct {`
Add stats reporter events listener, restore all events for http layer, rework authentication middleware and authenticator interface 2020-02-16 15:53:47 +05:30			`Emitter`
The configuration file was deleted in favor of using environment variables. Token generation functionality remove. Secret token now provided via CHRLY_SECRET env variable. 2018-02-15 16:50:17 +05:30			`Key []byte`
Implemented jwt generation 2018-01-16 02:22:22 +05:30			`}`

			`func (t *JwtAuth) NewToken(scopes ...Scope) ([]byte, error) {`
The configuration file was deleted in favor of using environment variables. Token generation functionality remove. Secret token now provided via CHRLY_SECRET env variable. 2018-02-15 16:50:17 +05:30			`if len(t.Key) == 0 {`
			`return nil, errors.New("signing key not available")`
Implemented jwt generation 2018-01-16 02:22:22 +05:30			`}`

			`claims := jws.Claims{}`
			`claims.Set(scopesClaim, scopes)`
			`claims.SetIssuedAt(time.Now())`
			`encoder := jws.NewJWT(claims, hashAlg)`
The configuration file was deleted in favor of using environment variables. Token generation functionality remove. Secret token now provided via CHRLY_SECRET env variable. 2018-02-15 16:50:17 +05:30			`token, err := encoder.Serialize(t.Key)`
Implemented jwt generation 2018-01-16 02:22:22 +05:30			`if err != nil {`
			`return nil, err`
			`}`

			`return token, nil`
			`}`

Add stats reporter events listener, restore all events for http layer, rework authentication middleware and authenticator interface 2020-02-16 15:53:47 +05:30			`func (t JwtAuth) Authenticate(req http.Request) error {`
The configuration file was deleted in favor of using environment variables. Token generation functionality remove. Secret token now provided via CHRLY_SECRET env variable. 2018-02-15 16:50:17 +05:30			`if len(t.Key) == 0 {`
Add stats reporter events listener, restore all events for http layer, rework authentication middleware and authenticator interface 2020-02-16 15:53:47 +05:30			`return t.emitErr(errors.New("Signing key not set"))`
Implemented jwt generation 2018-01-16 02:22:22 +05:30			`}`

Implemented API endpoint to update skin information Added tests to jwt package Reworked redis backend implementation Skin repository now have methods to remove skins by user id or username 2018-01-23 21:13:37 +05:30			`bearerToken := req.Header.Get("Authorization")`
			`if bearerToken == "" {`
Add stats reporter events listener, restore all events for http layer, rework authentication middleware and authenticator interface 2020-02-16 15:53:47 +05:30			`return t.emitErr(errors.New("Authentication header not presented"))`
Implemented jwt generation 2018-01-16 02:22:22 +05:30			`}`

Implemented API endpoint to update skin information Added tests to jwt package Reworked redis backend implementation Skin repository now have methods to remove skins by user id or username 2018-01-23 21:13:37 +05:30			`if !strings.EqualFold(bearerToken[0:7], "BEARER ") {`
Add stats reporter events listener, restore all events for http layer, rework authentication middleware and authenticator interface 2020-02-16 15:53:47 +05:30			`return t.emitErr(errors.New("Cannot recognize JWT token in passed value"))`
Implemented API endpoint to update skin information Added tests to jwt package Reworked redis backend implementation Skin repository now have methods to remove skins by user id or username 2018-01-23 21:13:37 +05:30			`}`
Implemented jwt generation 2018-01-16 02:22:22 +05:30
Implemented API endpoint to update skin information Added tests to jwt package Reworked redis backend implementation Skin repository now have methods to remove skins by user id or username 2018-01-23 21:13:37 +05:30			`tokenStr := bearerToken[7:]`
			`token, err := jws.ParseJWT([]byte(tokenStr))`
			`if err != nil {`
Add stats reporter events listener, restore all events for http layer, rework authentication middleware and authenticator interface 2020-02-16 15:53:47 +05:30			`return t.emitErr(errors.New("Cannot parse passed JWT token"))`
Implemented jwt generation 2018-01-16 02:22:22 +05:30			`}`

The configuration file was deleted in favor of using environment variables. Token generation functionality remove. Secret token now provided via CHRLY_SECRET env variable. 2018-02-15 16:50:17 +05:30			`err = token.Validate(t.Key, hashAlg)`
Implemented jwt generation 2018-01-16 02:22:22 +05:30			`if err != nil {`
Add stats reporter events listener, restore all events for http layer, rework authentication middleware and authenticator interface 2020-02-16 15:53:47 +05:30			`return t.emitErr(errors.New("JWT token have invalid signature. It may be corrupted or expired"))`
Implemented jwt generation 2018-01-16 02:22:22 +05:30			`}`

Add stats reporter events listener, restore all events for http layer, rework authentication middleware and authenticator interface 2020-02-16 15:53:47 +05:30			`t.Emit("authentication:success")`
Implemented jwt generation 2018-01-16 02:22:22 +05:30
Add stats reporter events listener, restore all events for http layer, rework authentication middleware and authenticator interface 2020-02-16 15:53:47 +05:30			`return nil`
Implemented API endpoint to update skin information Added tests to jwt package Reworked redis backend implementation Skin repository now have methods to remove skins by user id or username 2018-01-23 21:13:37 +05:30			`}`

Add stats reporter events listener, restore all events for http layer, rework authentication middleware and authenticator interface 2020-02-16 15:53:47 +05:30			`func (t *JwtAuth) emitErr(err error) error {`
			`t.Emit("authentication:error", err)`
			`return err`
Implemented jwt generation 2018-01-16 02:22:22 +05:30			`}`