From 65bcbdfb3fd9bd401100a250185942f39eb247aa Mon Sep 17 00:00:00 2001 From: Kaan Karakaya Date: Sun, 11 Apr 2021 02:26:11 +0300 Subject: [PATCH 1/2] Jwt lookup from multiple sources Signed-off-by: Kaan Karakaya --- middleware/jwt.go | 28 +++++++++++++++++----------- middleware/jwt_test.go | 8 ++++++++ 2 files changed, 25 insertions(+), 11 deletions(-) diff --git a/middleware/jwt.go b/middleware/jwt.go index da00ea56b..c243fe0c9 100644 --- a/middleware/jwt.go +++ b/middleware/jwt.go @@ -159,17 +159,23 @@ func JWTWithConfig(config JWTConfig) echo.MiddlewareFunc { } // Initialize - parts := strings.Split(config.TokenLookup, ":") - extractor := jwtFromHeader(parts[1], config.AuthScheme) - switch parts[0] { - case "query": - extractor = jwtFromQuery(parts[1]) - case "param": - extractor = jwtFromParam(parts[1]) - case "cookie": - extractor = jwtFromCookie(parts[1]) - case "form": - extractor = jwtFromForm(parts[1]) + // Split sources + sources := strings.Split(config.TokenLookup, ",") + var extractor jwtExtractor + for _, source := range sources { + parts := strings.Split(source, ":") + + extractor = jwtFromHeader(parts[1], config.AuthScheme) + switch parts[0] { + case "query": + extractor = jwtFromQuery(parts[1]) + case "param": + extractor = jwtFromParam(parts[1]) + case "cookie": + extractor = jwtFromCookie(parts[1]) + case "form": + extractor = jwtFromForm(parts[1]) + } } return func(next echo.HandlerFunc) echo.HandlerFunc { diff --git a/middleware/jwt_test.go b/middleware/jwt_test.go index 205721aec..0a3bd354f 100644 --- a/middleware/jwt_test.go +++ b/middleware/jwt_test.go @@ -178,6 +178,14 @@ func TestJWT(t *testing.T) { hdrCookie: "jwt=" + token, info: "Valid cookie method", }, + { + config: JWTConfig{ + SigningKey: validKey, + TokenLookup: "query:jwt,cookie:jwt", + }, + hdrCookie: "jwt=" + token, + info: "Multiple jwt lookuop", + }, { config: JWTConfig{ SigningKey: validKey, From 13ecc3278d52a5788b65e3617fc17b87e4d94fbd Mon Sep 17 00:00:00 2001 From: Kaan Karakaya Date: Tue, 20 Apr 2021 14:25:29 +0300 Subject: [PATCH 2/2] Check multiple token source Signed-off-by: Kaan Karakaya --- middleware/jwt.go | 27 +++++++++++++++++++-------- 1 file changed, 19 insertions(+), 8 deletions(-) diff --git a/middleware/jwt.go b/middleware/jwt.go index c243fe0c9..57a4dec33 100644 --- a/middleware/jwt.go +++ b/middleware/jwt.go @@ -161,20 +161,21 @@ func JWTWithConfig(config JWTConfig) echo.MiddlewareFunc { // Initialize // Split sources sources := strings.Split(config.TokenLookup, ",") - var extractor jwtExtractor + var extractors []jwtExtractor for _, source := range sources { parts := strings.Split(source, ":") - extractor = jwtFromHeader(parts[1], config.AuthScheme) switch parts[0] { case "query": - extractor = jwtFromQuery(parts[1]) + extractors = append(extractors, jwtFromQuery(parts[1])) case "param": - extractor = jwtFromParam(parts[1]) + extractors = append(extractors, jwtFromParam(parts[1])) case "cookie": - extractor = jwtFromCookie(parts[1]) + extractors = append(extractors, jwtFromCookie(parts[1])) case "form": - extractor = jwtFromForm(parts[1]) + extractors = append(extractors, jwtFromForm(parts[1])) + case "header": + extractors = append(extractors, jwtFromHeader(parts[1], config.AuthScheme)) } } @@ -187,8 +188,17 @@ func JWTWithConfig(config JWTConfig) echo.MiddlewareFunc { if config.BeforeFunc != nil { config.BeforeFunc(c) } - - auth, err := extractor(c) + var auth string + var err error + for _, extractor := range extractors { + // Extract token from extractor, if it's not fail break the loop and + // set auth + auth, err = extractor(c) + if err == nil { + break + } + } + // If none of extractor has a token, handle error if err != nil { if config.ErrorHandler != nil { return config.ErrorHandler(err) @@ -199,6 +209,7 @@ func JWTWithConfig(config JWTConfig) echo.MiddlewareFunc { } return err } + token := new(jwt.Token) // Issue #647, #656 if _, ok := config.Claims.(jwt.MapClaims); ok {