jwt/request/oauth2.go

28 lines
746 B
Go
Raw Normal View History

package request
import (
"strings"
)
2016-06-07 02:55:41 +03:00
// Extract bearer token from Authorization header
// Uses PostExtractionFilter to strip "Bearer " prefix from header
var AuthorizationHeaderExtractor = &PostExtractionFilter{
HeaderExtractor{"Authorization"},
func(tok string) (string, error) {
// Should be a bearer token
if len(tok) > 6 && strings.ToUpper(tok[0:7]) == "BEARER " {
return tok[7:], nil
}
return tok, nil
},
}
2016-06-07 02:55:41 +03:00
// Extractor for OAuth2 access tokens. Looks in 'Authorization'
// header then 'access_token' argument for a token.
var OAuth2Extractor = &MultiExtractor{
// Look for authorization token first
AuthorizationHeaderExtractor,
// Extract access_token from form or GET argument
&ArgumentExtractor{"access_token"},
}