WIP on migrating request parsing stuff

2016-01-14 14:09:27 -08:00 · 2016-01-14 14:09:27 -08:00 · e0e3b433f5
parent f164e17f59
commit e0e3b433f5
4 changed files with 64 additions and 58 deletions
--- a/parser_test.go
+++ b/parser_test.go
@ -5,7 +5,6 @@ import (
 	"fmt"
 	"github.com/dgrijalva/jwt-go"
 	"io/ioutil"
-	"net/http"
 	"reflect"
 	"testing"
 	"time"
@ -192,38 +191,6 @@ func TestParser_Parse(t *testing.T) {
 	}
 }

-func TestParseRequest(t *testing.T) {
-	// Bearer token request
-	for _, data := range jwtTestData {
-		// FIXME: custom parsers are not supported by this helper.  skip tests that require them
-		if data.parser != nil {
-			t.Logf("Skipping [%v].  Custom parsers are not supported by ParseRequest", data.name)
-			continue
-		}
-
-		if data.tokenString == "" {
-			data.tokenString = makeSample(data.claims)
-		}
-
-		r, _ := http.NewRequest("GET", "/", nil)
-		r.Header.Set("Authorization", fmt.Sprintf("Bearer %v", data.tokenString))
-		token, err := jwt.ParseFromRequest(r, data.keyfunc)
-
-		if token == nil {
-			t.Errorf("[%v] Token was not found: %v", data.name, err)
-			continue
-		}
-		if !reflect.DeepEqual(data.claims, token.Claims) {
-			t.Errorf("[%v] Claims mismatch. Expecting: %v  Got: %v", data.name, data.claims, token.Claims)
-		}
-		if data.valid && err != nil {
-			t.Errorf("[%v] Error while verifying token: %v", data.name, err)
-		}
-		if !data.valid && err == nil {
-			t.Errorf("[%v] Invalid token passed validation", data.name)
-		}
-	}
-}

 // Helper method for benchmarking various methods
 func benchmarkSigning(b *testing.B, method jwt.SigningMethod, key interface{}) {
--- a/request/request.go
+++ b/request/request.go
@ -0,0 +1,30 @@
+package request
+
+import (
+	"github.com/dgrijalva/jwt-go"
+	"strings"
+	"net/http"
+)
+
+// Try to find the token in an http.Request.
+// This method will call ParseMultipartForm if there's no token in the header.
+// Currently, it looks in the Authorization header as well as
+// looking for an 'access_token' request parameter in req.Form.
+func ParseFromRequest(req *http.Request, keyFunc jwt.Keyfunc) (token *jwt.Token, err error) {
+
+	// Look for an Authorization header
+	if ah := req.Header.Get("Authorization"); ah != "" {
+		// Should be a bearer token
+		if len(ah) > 6 && strings.ToUpper(ah[0:6]) == "BEARER" {
+			return jwt.Parse(ah[7:], keyFunc)
+		}
+	}
+
+	// Look for "access_token" parameter
+	req.ParseMultipartForm(10e6)
+	if tokStr := req.Form.Get("access_token"); tokStr != "" {
+		return jwt.Parse(tokStr, keyFunc)
+	}
+
+	return nil, jwt.ErrNoTokenInRequest
+}
--- a/request/request_test.go
+++ b/request/request_test.go
@ -0,0 +1,34 @@
+package request
+
+// func TestParseRequest(t *testing.T) {
+// 	// Bearer token request
+// 	for _, data := range jwtTestData {
+// 		// FIXME: custom parsers are not supported by this helper.  skip tests that require them
+// 		if data.parser != nil {
+// 			t.Logf("Skipping [%v].  Custom parsers are not supported by ParseRequest", data.name)
+// 			continue
+// 		}
+//
+// 		if data.tokenString == "" {
+// 			data.tokenString = makeSample(data.claims)
+// 		}
+//
+// 		r, _ := http.NewRequest("GET", "/", nil)
+// 		r.Header.Set("Authorization", fmt.Sprintf("Bearer %v", data.tokenString))
+// 		token, err := jwt.ParseFromRequest(r, data.keyfunc)
+//
+// 		if token == nil {
+// 			t.Errorf("[%v] Token was not found: %v", data.name, err)
+// 			continue
+// 		}
+// 		if !reflect.DeepEqual(data.claims, token.Claims) {
+// 			t.Errorf("[%v] Claims mismatch. Expecting: %v  Got: %v", data.name, data.claims, token.Claims)
+// 		}
+// 		if data.valid && err != nil {
+// 			t.Errorf("[%v] Error while verifying token: %v", data.name, err)
+// 		}
+// 		if !data.valid && err == nil {
+// 			t.Errorf("[%v] Invalid token passed validation", data.name)
+// 		}
+// 	}
+// }
--- a/token.go
+++ b/token.go
@ -3,7 +3,6 @@ package jwt
 import (
 	"encoding/base64"
 	"encoding/json"
-	"net/http"
 	"strings"
 	"time"
 )
@ -87,30 +86,6 @@ func Parse(tokenString string, keyFunc Keyfunc) (*Token, error) {
 	return new(Parser).Parse(tokenString, keyFunc)
 }

-// Try to find the token in an http.Request.
-// This method will call ParseMultipartForm if there's no token in the header.
-// Currently, it looks in the Authorization header as well as
-// looking for an 'access_token' request parameter in req.Form.
-func ParseFromRequest(req *http.Request, keyFunc Keyfunc) (token *Token, err error) {
-
-	// Look for an Authorization header
-	if ah := req.Header.Get("Authorization"); ah != "" {
-		// Should be a bearer token
-		if len(ah) > 6 && strings.ToUpper(ah[0:6]) == "BEARER" {
-			return Parse(ah[7:], keyFunc)
-		}
-	}
-
-	// Look for "access_token" parameter
-	req.ParseMultipartForm(10e6)
-	if tokStr := req.Form.Get("access_token"); tokStr != "" {
-		return Parse(tokStr, keyFunc)
-	}
-
-	return nil, ErrNoTokenInRequest
-
-}
-
 // Encode JWT specific base64url encoding with padding stripped
 func EncodeSegment(seg []byte) string {
 	return strings.TrimRight(base64.URLEncoding.EncodeToString(seg), "=")