chrly/auth/jwt.go

package auth

import (
	"errors"
	"net/http"
	"strings"
	"time"

	"github.com/SermoDigital/jose/crypto"
	"github.com/SermoDigital/jose/jws"
)

var hashAlg = crypto.SigningMethodHS256

const scopesClaim = "scopes"

type Scope string

var (
	SkinScope = Scope("skin")
)

type JwtAuth struct {
	Key []byte
}

func (t *JwtAuth) NewToken(scopes ...Scope) ([]byte, error) {
	if len(t.Key) == 0 {
		return nil, errors.New("signing key not available")
	}

	claims := jws.Claims{}
	claims.Set(scopesClaim, scopes)
	claims.SetIssuedAt(time.Now())
	encoder := jws.NewJWT(claims, hashAlg)
	token, err := encoder.Serialize(t.Key)
	if err != nil {
		return nil, err
	}

	return token, nil
}

func (t *JwtAuth) Check(req *http.Request) error {
	if len(t.Key) == 0 {
		return &Unauthorized{"Signing key not set"}
	}

	bearerToken := req.Header.Get("Authorization")
	if bearerToken == "" {
		return &Unauthorized{"Authentication header not presented"}
	}

	if !strings.EqualFold(bearerToken[0:7], "BEARER ") {
		return &Unauthorized{"Cannot recognize JWT token in passed value"}
	}

	tokenStr := bearerToken[7:]
	token, err := jws.ParseJWT([]byte(tokenStr))
	if err != nil {
		return &Unauthorized{"Cannot parse passed JWT token"}
	}

	err = token.Validate(t.Key, hashAlg)
	if err != nil {
		return &Unauthorized{"JWT token have invalid signature. It may be corrupted or expired."}
	}

	return nil
}

type Unauthorized struct {
	Reason string
}

func (e *Unauthorized) Error() string {
	if e.Reason != "" {
		return e.Reason
	}

	return "Unauthorized"
}
Implemented jwt generation 2018-01-16 02:22:22 +05:30			`package auth`

			`import (`
The configuration file was deleted in favor of using environment variables. Token generation functionality remove. Secret token now provided via CHRLY_SECRET env variable. 2018-02-15 16:50:17 +05:30			`"errors"`
Implemented API endpoint to update skin information Added tests to jwt package Reworked redis backend implementation Skin repository now have methods to remove skins by user id or username 2018-01-23 21:13:37 +05:30			`"net/http"`
			`"strings"`
Implemented jwt generation 2018-01-16 02:22:22 +05:30			`"time"`

			`"github.com/SermoDigital/jose/crypto"`
			`"github.com/SermoDigital/jose/jws"`
			`)`

			`var hashAlg = crypto.SigningMethodHS256`

			`const scopesClaim = "scopes"`

			`type Scope string`

			`var (`
			`SkinScope = Scope("skin")`
			`)`

			`type JwtAuth struct {`
The configuration file was deleted in favor of using environment variables. Token generation functionality remove. Secret token now provided via CHRLY_SECRET env variable. 2018-02-15 16:50:17 +05:30			`Key []byte`
Implemented jwt generation 2018-01-16 02:22:22 +05:30			`}`

			`func (t *JwtAuth) NewToken(scopes ...Scope) ([]byte, error) {`
The configuration file was deleted in favor of using environment variables. Token generation functionality remove. Secret token now provided via CHRLY_SECRET env variable. 2018-02-15 16:50:17 +05:30			`if len(t.Key) == 0 {`
			`return nil, errors.New("signing key not available")`
Implemented jwt generation 2018-01-16 02:22:22 +05:30			`}`

			`claims := jws.Claims{}`
			`claims.Set(scopesClaim, scopes)`
			`claims.SetIssuedAt(time.Now())`
			`encoder := jws.NewJWT(claims, hashAlg)`
The configuration file was deleted in favor of using environment variables. Token generation functionality remove. Secret token now provided via CHRLY_SECRET env variable. 2018-02-15 16:50:17 +05:30			`token, err := encoder.Serialize(t.Key)`
Implemented jwt generation 2018-01-16 02:22:22 +05:30			`if err != nil {`
			`return nil, err`
			`}`

			`return token, nil`
			`}`

The configuration file was deleted in favor of using environment variables. Token generation functionality remove. Secret token now provided via CHRLY_SECRET env variable. 2018-02-15 16:50:17 +05:30			`func (t JwtAuth) Check(req http.Request) error {`
			`if len(t.Key) == 0 {`
			`return &Unauthorized{"Signing key not set"}`
Implemented jwt generation 2018-01-16 02:22:22 +05:30			`}`

Implemented API endpoint to update skin information Added tests to jwt package Reworked redis backend implementation Skin repository now have methods to remove skins by user id or username 2018-01-23 21:13:37 +05:30			`bearerToken := req.Header.Get("Authorization")`
			`if bearerToken == "" {`
			`return &Unauthorized{"Authentication header not presented"}`
Implemented jwt generation 2018-01-16 02:22:22 +05:30			`}`

Implemented API endpoint to update skin information Added tests to jwt package Reworked redis backend implementation Skin repository now have methods to remove skins by user id or username 2018-01-23 21:13:37 +05:30			`if !strings.EqualFold(bearerToken[0:7], "BEARER ") {`
			`return &Unauthorized{"Cannot recognize JWT token in passed value"}`
			`}`
Implemented jwt generation 2018-01-16 02:22:22 +05:30
Implemented API endpoint to update skin information Added tests to jwt package Reworked redis backend implementation Skin repository now have methods to remove skins by user id or username 2018-01-23 21:13:37 +05:30			`tokenStr := bearerToken[7:]`
			`token, err := jws.ParseJWT([]byte(tokenStr))`
			`if err != nil {`
			`return &Unauthorized{"Cannot parse passed JWT token"}`
Implemented jwt generation 2018-01-16 02:22:22 +05:30			`}`

The configuration file was deleted in favor of using environment variables. Token generation functionality remove. Secret token now provided via CHRLY_SECRET env variable. 2018-02-15 16:50:17 +05:30			`err = token.Validate(t.Key, hashAlg)`
Implemented jwt generation 2018-01-16 02:22:22 +05:30			`if err != nil {`
The configuration file was deleted in favor of using environment variables. Token generation functionality remove. Secret token now provided via CHRLY_SECRET env variable. 2018-02-15 16:50:17 +05:30			`return &Unauthorized{"JWT token have invalid signature. It may be corrupted or expired."}`
Implemented jwt generation 2018-01-16 02:22:22 +05:30			`}`

			`return nil`
			`}`

Implemented API endpoint to update skin information Added tests to jwt package Reworked redis backend implementation Skin repository now have methods to remove skins by user id or username 2018-01-23 21:13:37 +05:30			`type Unauthorized struct {`
			`Reason string`
			`}`

			`func (e *Unauthorized) Error() string {`
			`if e.Reason != "" {`
			`return e.Reason`
			`}`

			`return "Unauthorized"`
Implemented jwt generation 2018-01-16 02:22:22 +05:30			`}`