diff --git a/jwt.go b/jwt.go index 14cdd5b..0b7fc5d 100644 --- a/jwt.go +++ b/jwt.go @@ -80,7 +80,15 @@ func Parse(tokenString string, keyFunc func(*Token)([]byte, error)) (token *Toke func ParseFromRequest(req *http.Request, keyFunc func(*Token)([]byte, error))(token *Token, err error) { - return nil, nil + // Look for an Authorization header + if ah := req.Header.Get("Authorization"); ah != "" { + // Should be a bearer token + if len(ah) > 6 && strings.ToUpper(ah[0:6]) == "BEARER" { + return Parse(ah[7:], keyFunc) + } + } + + return nil, errors.New("No token present in request.") } diff --git a/jwt_test.go b/jwt_test.go index eaf45b2..b612a95 100644 --- a/jwt_test.go +++ b/jwt_test.go @@ -6,6 +6,8 @@ import ( "bytes" "testing" "reflect" + "fmt" + "net/http" ) var jwtTestData = []struct{ @@ -15,13 +17,13 @@ var jwtTestData = []struct{ valid bool }{ { - "basic: foo => bar", + "basic", "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJmb28iOiJiYXIifQ.FhkiHkoESI_cG3NPigFrxEk9Z60_oXrOT2vGm9Pn6RDgYNovYORQmmA0zs1AoAOf09ly2Nx2YAg6ABqAYga1AcMFkJljwxTT5fYphTuqpWdy4BELeSYJx5Ty2gmr8e7RonuUztrdD5WfPqLKMm1Ozp_T6zALpRmwTIW0QPnaBXaQD90FplAg46Iy1UlDKr-Eupy0i5SLch5Q-p2ZpaL_5fnTIUDlxC3pWhJTyx_71qDI-mAA_5lE_VdroOeflG56sSmDxopPEG3bFlSu1eowyBfxtu0_CuVd-M42RU75Zc4Gsj6uV77MBtbMrf4_7M_NUTSgoIF3fRqxrj0NzihIBg", map[string]interface{}{"foo": "bar"}, true, }, { - "basic invalid: foo => bar", + "basic invalid", "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJmb28iOiJiYXIifQ.EhkiHkoESI_cG3NPigFrxEk9Z60_oXrOT2vGm9Pn6RDgYNovYORQmmA0zs1AoAOf09ly2Nx2YAg6ABqAYga1AcMFkJljwxTT5fYphTuqpWdy4BELeSYJx5Ty2gmr8e7RonuUztrdD5WfPqLKMm1Ozp_T6zALpRmwTIW0QPnaBXaQD90FplAg46Iy1UlDKr-Eupy0i5SLch5Q-p2ZpaL_5fnTIUDlxC3pWhJTyx_71qDI-mAA_5lE_VdroOeflG56sSmDxopPEG3bFlSu1eowyBfxtu0_CuVd-M42RU75Zc4Gsj6uV77MBtbMrf4_7M_NUTSgoIF3fRqxrj0NzihIBg", map[string]interface{}{"foo": "bar"}, false, @@ -49,3 +51,28 @@ func TestJWT(t *testing.T) { } } } + +func TestParseRequest(t *testing.T) { + file, _ := os.Open("test/sample_key.pub") + buf := new(bytes.Buffer) + io.Copy(buf, file) + key := buf.Bytes() + file.Close() + + // Bearer token request + for _, data := range jwtTestData { + r, _ := http.NewRequest("GET", "/", nil) + r.Header.Set("Authorization", fmt.Sprintf("Bearer %v", data.tokenString)) + token, err := ParseFromRequest(r, func(t *Token)([]byte, error){ return key, nil }) + + if !reflect.DeepEqual(data.claims, token.Claims) { + t.Errorf("[%v] Claims mismatch. Expecting: %v Got: %v", data.name, data.claims, token.Claims) + } + if data.valid && err != nil { + t.Errorf("[%v] Error while verifying token: %v", data.name, err) + } + if !data.valid && err == nil { + t.Errorf("[%v] Invalid token passed validation", data.name) + } + } +} \ No newline at end of file