Added a field to the user JWT that disables nonce verification when s…

…et. (#62) * Added a field to the user JWT that disables nonce verification when set. * moved BearerToken to be inside of the "nats" configuration
nats-io · Jan 14, 2020 · 0b6d1dc · 0b6d1dc
1 parent 0c3fc7a
commit 0b6d1dc
Show file tree

Hide file tree

Showing 8 changed files with 15 additions and 6 deletions.
diff --git a/account_claims_test.go b/account_claims_test.go
@@ -228,7 +228,7 @@ func TestAccountImports(t *testing.T) {
 func TestNewNilAccountClaim(t *testing.T) {
 	v := NewAccountClaims("")
 	if v != nil {
-		t.Fatal(fmt.Sprintf("expected nil account claim"))
+		t.Fatal("expected nil account claim")
 	}
 }
 

diff --git a/activation_claims_test.go b/activation_claims_test.go
@@ -136,7 +136,7 @@ func TestPublicIsNotValid(t *testing.T) {
 func TestNilActivationClaim(t *testing.T) {
 	v := NewActivationClaims("")
 	if v != nil {
-		t.Fatal(fmt.Sprintf("expected nil user claim"))
+		t.Fatal("expected nil user claim")
 	}
 }
 

diff --git a/cluster_claims_test.go b/cluster_claims_test.go
@@ -113,7 +113,7 @@ func TestClusterSubjects(t *testing.T) {
 func TestNewNilClusterClaims(t *testing.T) {
 	v := NewClusterClaims("")
 	if v != nil {
-		t.Fatal(fmt.Sprintf("expected nil user claim"))
+		t.Fatal("expected nil user claim")
 	}
 }
 

diff --git a/go.mod b/go.mod
@@ -1,3 +1,5 @@
 module github.com/nats-io/jwt
 
 require github.com/nats-io/nkeys v0.1.3
+
+go 1.13
diff --git a/operator_claims_test.go b/operator_claims_test.go
@@ -110,7 +110,7 @@ func TestInvalidOperatorClaimIssuer(t *testing.T) {
 func TestNewNilOperatorClaims(t *testing.T) {
 	v := NewOperatorClaims("")
 	if v != nil {
-		t.Fatal(fmt.Sprintf("expected nil user claim"))
+		t.Fatal("expected nil user claim")
 	}
 }
 

diff --git a/server_claims_test.go b/server_claims_test.go
@@ -113,7 +113,7 @@ func TestServerSubjects(t *testing.T) {
 func TestNewNilServerClaims(t *testing.T) {
 	v := NewServerClaims("")
 	if v != nil {
-		t.Fatal(fmt.Sprintf("expected nil user claim"))
+		t.Fatal("expected nil user claim")
 	}
 }
 

diff --git a/user_claims.go b/user_claims.go
@@ -25,12 +25,14 @@ import (
 type User struct {
 	Permissions
 	Limits
+	BearerToken bool `json:"bearer_token,omitempty"`
 }
 
 // Validate checks the permissions and limits in a User jwt
 func (u *User) Validate(vr *ValidationResults) {
 	u.Permissions.Validate(vr)
 	u.Limits.Validate(vr)
+	// When BearerToken is true server will ignore any nonce-signing verification
 }
 
 // UserClaims defines a user JWT
@@ -97,3 +99,8 @@ func (u *UserClaims) Payload() interface{} {
 func (u *UserClaims) String() string {
 	return u.ClaimsData.String(u)
 }
+
+// IsBearerToken returns true if nonce-signing requirements should be skipped
+func (u *UserClaims) IsBearerToken() bool {
+	return u.BearerToken
+}
diff --git a/user_claims_test.go b/user_claims_test.go
@@ -113,7 +113,7 @@ func TestUserSubjects(t *testing.T) {
 func TestNewNilUserClaim(t *testing.T) {
 	v := NewUserClaims("")
 	if v != nil {
-		t.Fatal(fmt.Sprintf("expected nil user claim"))
+		t.Fatal("expected nil user claim")
 	}
 }