From 71677efc53cba8ae873e998fd23307d9d3cfeb70 Mon Sep 17 00:00:00 2001 From: Dave Grijalva Date: Sat, 7 Jul 2012 12:38:18 -0700 Subject: [PATCH] try to get the access_token from the request params as well as the header --- jwt.go | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/jwt.go b/jwt.go index 2d8fce8..91afd10 100644 --- a/jwt.go +++ b/jwt.go @@ -136,7 +136,9 @@ func Parse(tokenString string, keyFunc Keyfunc) (token *Token, err error) { } // Try to find the token in an http.Request. -// Currently, it only looks in the Authorization header +// This method will call ParseMultipartForm if there's no token in the header. +// Currently, it looks in the Authorization header as well as +// looking for an 'access_token' request parameter in req.Form. func ParseFromRequest(req *http.Request, keyFunc Keyfunc) (token *Token, err error) { // Look for an Authorization header @@ -147,6 +149,12 @@ func ParseFromRequest(req *http.Request, keyFunc Keyfunc) (token *Token, err err } } + // Look for "access_token" parameter + req.ParseMultipartForm(10e9) + if tokStr := req.Form.Get("access_token"); tokStr != "" { + return Parse(tokStr, keyFunc) + } + return nil, errors.New("No token present in request.") }