Add support for numbers inside context variables

Initially made to fix JWT exp claim #1568
TykTechnologies · Mar 25, 2018 · ddde7de · ddde7de
1 parent 329c7fb
commit ddde7de
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 29 deletions.
diff --git a/mw_jwt.go b/mw_jwt.go
@@ -263,7 +263,7 @@ func (k *JWTMiddleware) processCentralisedJWT(r *http.Request, token *jwt.Token)
 			ctxSetSession(r, &session)
 			ctxSetAuthToken(r, sessionID)
 		}
-		k.setContextVars(r, token)
+		ctxSetJWTContextVars(k.Spec, r, token)
 		return nil, 200
 	} else if k.Spec.JWTPolicyFieldName != "" {
 		// extract policy ID from JWT token
@@ -310,7 +310,7 @@ func (k *JWTMiddleware) processCentralisedJWT(r *http.Request, token *jwt.Token)
 		ctxSetSession(r, &session)
 		ctxSetAuthToken(r, sessionID)
 	}
-	k.setContextVars(r, token)
+	ctxSetJWTContextVars(k.Spec, r, token)
 	return nil, 200
 }
 
@@ -340,7 +340,7 @@ func (k *JWTMiddleware) processOneToOneTokenMap(r *http.Request, token *jwt.Toke
 	log.Debug("Raw key ID found.")
 	ctxSetSession(r, &session)
 	ctxSetAuthToken(r, tykId)
-	k.setContextVars(r, token)
+	ctxSetJWTContextVars(k.Spec, r, token)
 	return nil, 200
 }
 
@@ -443,9 +443,9 @@ func (k *JWTMiddleware) ProcessRequest(w http.ResponseWriter, r *http.Request, _
 	return errors.New("Key not authorized"), 403
 }
 
-func (k *JWTMiddleware) setContextVars(r *http.Request, token *jwt.Token) {
+func ctxSetJWTContextVars(s *APISpec, r *http.Request, token *jwt.Token) {
 	// Flatten claims and add to context
-	if !k.Spec.EnableContextVars {
+	if !s.EnableContextVars {
 		return
 	}
 	if cnt := ctxGetData(r); cnt != nil {

diff --git a/mw_openid.go b/mw_openid.go
@@ -205,7 +205,7 @@ func (k *OpenIDMW) ProcessRequest(w http.ResponseWriter, r *http.Request, _ inte
 		ctxSetSession(r, &session)
 		ctxSetAuthToken(r, sessionID)
 	}
-	k.setContextVars(r, token)
+	ctxSetJWTContextVars(k.Spec, r, token)
 
 	return nil, 200
 }
@@ -221,26 +221,4 @@ func (k *OpenIDMW) reportLoginFailure(tykId string, r *http.Request) {
 
 	// Report in health check
 	reportHealthValue(k.Spec, KeyFailure, "1")
-}
-
-func (k *OpenIDMW) setContextVars(r *http.Request, token *jwt.Token) {
-	if !k.Spec.EnableContextVars {
-		return
-	}
-	// Flatten claims and add to context
-	cnt := ctxGetData(r)
-	if cnt == nil {
-		return
-	}
-	claimPrefix := "jwt_claims_"
-
-	for claimName, claimValue := range token.Claims.(jwt.MapClaims) {
-		claim := claimPrefix + claimName
-		cnt[claim] = claimValue
-	}
-
-	// Key data
-	cnt["token"] = ctxGetAuthToken(r)
-
-	ctxSetData(r, cnt)
-}
+}
diff --git a/mw_url_rewrite.go b/mw_url_rewrite.go
@@ -224,6 +224,10 @@ func valToStr(v interface{}) string {
 	switch x := v.(type) {
 	case string:
 		s = x
+	case float64:
+		s = strconv.FormatFloat(x, 'f', -1, 32)
+	case int64:
+		s = strconv.FormatInt(x, 10)
 	case []string:
 		s = strings.Join(x, ",")
 		// Remove empty start