-
Notifications
You must be signed in to change notification settings - Fork 0
/
middleware.go
49 lines (42 loc) · 1.35 KB
/
middleware.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
package service
import (
"context"
"fmt"
"net/http"
"strings"
"github.com/adrianosela/padl/api/auth"
)
// we need a type for context key
type ctxKey string
var (
// AccessTokenClaimsKey is the key in the request
// context object for access token claims
AccessTokenClaimsKey = ctxKey("access-claims")
)
// Auth wraps an HTTP handler function
// and populates the access token claims object in the req ctx
func (s *Service) Auth(h http.HandlerFunc, allowedAuds ...string) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// get token from request header
authorization := r.Header.Get("Authorization")
tkStr := strings.TrimPrefix(authorization, "Bearer ")
if authorization == tkStr {
w.WriteHeader(http.StatusUnauthorized)
fmt.Fprint(w, "no access token in header")
return
}
// validate token
verifiedClaims, err := s.authenticator.ValidateJWT(tkStr, allowedAuds...)
if err != nil {
w.WriteHeader(http.StatusUnauthorized)
fmt.Fprint(w, "invalid access token")
return
}
// run handler with token in context
h.ServeHTTP(w, r.WithContext(context.WithValue(r.Context(), AccessTokenClaimsKey, verifiedClaims)))
})
}
// GetClaims returns the claims in a context object
func GetClaims(r *http.Request) *auth.CustomClaims {
return r.Context().Value(AccessTokenClaimsKey).(*auth.CustomClaims)
}