forked from mirror/jwt
added special case behavior for MapClaims so they aren't all weird
This commit is contained in:
Dave Grijalva
parent
4ec621a2d1
commit
fb4ca74c9f
14
parser.go
14
parser.go
|
|
@ -16,7 +16,7 @@ type Parser struct {
|
||||||
// keyFunc will receive the parsed token and should return the key for validating.
|
// keyFunc will receive the parsed token and should return the key for validating.
|
||||||
// If everything is kosher, err will be nil
|
// If everything is kosher, err will be nil
|
||||||
func (p *Parser) Parse(tokenString string, keyFunc Keyfunc) (*Token, error) {
|
func (p *Parser) Parse(tokenString string, keyFunc Keyfunc) (*Token, error) {
|
||||||
return p.ParseWithClaims(tokenString, keyFunc, &MapClaims{})
|
return p.ParseWithClaims(tokenString, keyFunc, MapClaims{})
|
||||||
}
|
}
|
||||||
|
|
||||||
func (p *Parser) ParseWithClaims(tokenString string, keyFunc Keyfunc, claims Claims) (*Token, error) {
|
func (p *Parser) ParseWithClaims(tokenString string, keyFunc Keyfunc, claims Claims) (*Token, error) {
|
||||||
|
|
@ -42,6 +42,7 @@ func (p *Parser) ParseWithClaims(tokenString string, keyFunc Keyfunc, claims Cla
|
||||||
|
|
||||||
// parse Claims
|
// parse Claims
|
||||||
var claimBytes []byte
|
var claimBytes []byte
|
||||||
|
token.Claims = claims
|
||||||
|
|
||||||
if claimBytes, err = DecodeSegment(parts[1]); err != nil {
|
if claimBytes, err = DecodeSegment(parts[1]); err != nil {
|
||||||
return token, &ValidationError{err: err.Error(), Errors: ValidationErrorMalformed}
|
return token, &ValidationError{err: err.Error(), Errors: ValidationErrorMalformed}
|
||||||
|
|
@ -50,12 +51,17 @@ func (p *Parser) ParseWithClaims(tokenString string, keyFunc Keyfunc, claims Cla
|
||||||
if p.UseJSONNumber {
|
if p.UseJSONNumber {
|
||||||
dec.UseNumber()
|
dec.UseNumber()
|
||||||
}
|
}
|
||||||
if err = dec.Decode(&claims); err != nil {
|
// JSON Decode. Special case for map type to avoid weird pointer behavior
|
||||||
|
if c, ok := token.Claims.(MapClaims); ok {
|
||||||
|
err = dec.Decode(&c)
|
||||||
|
} else {
|
||||||
|
err = dec.Decode(&claims)
|
||||||
|
}
|
||||||
|
// Handle decode error
|
||||||
|
if err != nil {
|
||||||
return token, &ValidationError{err: err.Error(), Errors: ValidationErrorMalformed}
|
return token, &ValidationError{err: err.Error(), Errors: ValidationErrorMalformed}
|
||||||
}
|
}
|
||||||
|
|
||||||
token.Claims = claims
|
|
||||||
|
|
||||||
// Lookup signature method
|
// Lookup signature method
|
||||||
if method, ok := token.Header["alg"].(string); ok {
|
if method, ok := token.Header["alg"].(string); ok {
|
||||||
if token.Method = GetSigningMethod(method); token.Method == nil {
|
if token.Method = GetSigningMethod(method); token.Method == nil {
|
||||||
|
|
|
||||||
|
|
@ -25,7 +25,7 @@ var jwtTestData = []struct {
|
||||||
name string
|
name string
|
||||||
tokenString string
|
tokenString string
|
||||||
keyfunc jwt.Keyfunc
|
keyfunc jwt.Keyfunc
|
||||||
claims jwt.MapClaims
|
claims jwt.Claims
|
||||||
valid bool
|
valid bool
|
||||||
errors uint32
|
errors uint32
|
||||||
parser *jwt.Parser
|
parser *jwt.Parser
|
||||||
|
|
@ -106,7 +106,7 @@ var jwtTestData = []struct {
|
||||||
"invalid signing method",
|
"invalid signing method",
|
||||||
"",
|
"",
|
||||||
defaultKeyFunc,
|
defaultKeyFunc,
|
||||||
map[string]interface{}{"foo": "bar"},
|
jwt.MapClaims{"foo": "bar"},
|
||||||
false,
|
false,
|
||||||
jwt.ValidationErrorSignatureInvalid,
|
jwt.ValidationErrorSignatureInvalid,
|
||||||
&jwt.Parser{ValidMethods: []string{"HS256"}},
|
&jwt.Parser{ValidMethods: []string{"HS256"}},
|
||||||
|
|
@ -115,7 +115,7 @@ var jwtTestData = []struct {
|
||||||
"valid signing method",
|
"valid signing method",
|
||||||
"",
|
"",
|
||||||
defaultKeyFunc,
|
defaultKeyFunc,
|
||||||
map[string]interface{}{"foo": "bar"},
|
jwt.MapClaims{"foo": "bar"},
|
||||||
true,
|
true,
|
||||||
0,
|
0,
|
||||||
&jwt.Parser{ValidMethods: []string{"RS256", "HS256"}},
|
&jwt.Parser{ValidMethods: []string{"RS256", "HS256"}},
|
||||||
|
|
@ -124,7 +124,18 @@ var jwtTestData = []struct {
|
||||||
"JSON Number",
|
"JSON Number",
|
||||||
"",
|
"",
|
||||||
defaultKeyFunc,
|
defaultKeyFunc,
|
||||||
map[string]interface{}{"foo": json.Number("123.4")},
|
jwt.MapClaims{"foo": json.Number("123.4")},
|
||||||
|
true,
|
||||||
|
0,
|
||||||
|
&jwt.Parser{UseJSONNumber: true},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Standard Claims",
|
||||||
|
"",
|
||||||
|
defaultKeyFunc,
|
||||||
|
&jwt.StandardClaims{
|
||||||
|
ExpiresAt: time.Now().Add(time.Second * 10).Unix(),
|
||||||
|
},
|
||||||
true,
|
true,
|
||||||
0,
|
0,
|
||||||
&jwt.Parser{UseJSONNumber: true},
|
&jwt.Parser{UseJSONNumber: true},
|
||||||
|
|
@ -141,7 +152,7 @@ func init() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func makeSample(c jwt.MapClaims) string {
|
func makeSample(c jwt.Claims) string {
|
||||||
keyData, e := ioutil.ReadFile("test/sample_key")
|
keyData, e := ioutil.ReadFile("test/sample_key")
|
||||||
if e != nil {
|
if e != nil {
|
||||||
panic(e.Error())
|
panic(e.Error())
|
||||||
|
|
@ -162,20 +173,30 @@ func makeSample(c jwt.MapClaims) string {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestParser_Parse(t *testing.T) {
|
func TestParser_Parse(t *testing.T) {
|
||||||
|
// Iterate over test data set and run tests
|
||||||
for _, data := range jwtTestData {
|
for _, data := range jwtTestData {
|
||||||
|
// If the token string is blank, use helper function to generate string
|
||||||
if data.tokenString == "" {
|
if data.tokenString == "" {
|
||||||
data.tokenString = makeSample(data.claims)
|
data.tokenString = makeSample(data.claims)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Parse the token
|
||||||
var token *jwt.Token
|
var token *jwt.Token
|
||||||
var err error
|
var err error
|
||||||
if data.parser != nil {
|
var parser = data.parser
|
||||||
token, err = data.parser.Parse(data.tokenString, data.keyfunc)
|
if parser == nil {
|
||||||
} else {
|
parser = new(jwt.Parser)
|
||||||
token, err = jwt.Parse(data.tokenString, data.keyfunc)
|
}
|
||||||
|
// Figure out correct claims type
|
||||||
|
switch data.claims.(type) {
|
||||||
|
case jwt.MapClaims:
|
||||||
|
token, err = parser.ParseWithClaims(data.tokenString, data.keyfunc, jwt.MapClaims{})
|
||||||
|
case *jwt.StandardClaims:
|
||||||
|
token, err = parser.ParseWithClaims(data.tokenString, data.keyfunc, &jwt.StandardClaims{})
|
||||||
}
|
}
|
||||||
|
|
||||||
if !reflect.DeepEqual(&data.claims, token.Claims) {
|
// Verify result matches expectation
|
||||||
|
if !reflect.DeepEqual(data.claims, token.Claims) {
|
||||||
t.Errorf("[%v] Claims mismatch. Expecting: %v Got: %v", data.name, data.claims, token.Claims)
|
t.Errorf("[%v] Claims mismatch. Expecting: %v Got: %v", data.name, data.claims, token.Claims)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -218,13 +239,13 @@ func TestParseRequest(t *testing.T) {
|
||||||
|
|
||||||
r, _ := http.NewRequest("GET", "/", nil)
|
r, _ := http.NewRequest("GET", "/", nil)
|
||||||
r.Header.Set("Authorization", fmt.Sprintf("Bearer %v", data.tokenString))
|
r.Header.Set("Authorization", fmt.Sprintf("Bearer %v", data.tokenString))
|
||||||
token, err := jwt.ParseFromRequestWithClaims(r, data.keyfunc, &jwt.MapClaims{})
|
token, err := jwt.ParseFromRequestWithClaims(r, data.keyfunc, jwt.MapClaims{})
|
||||||
|
|
||||||
if token == nil {
|
if token == nil {
|
||||||
t.Errorf("[%v] Token was not found: %v", data.name, err)
|
t.Errorf("[%v] Token was not found: %v", data.name, err)
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
if !reflect.DeepEqual(&data.claims, token.Claims) {
|
if !reflect.DeepEqual(data.claims, token.Claims) {
|
||||||
t.Errorf("[%v] Claims mismatch. Expecting: %v Got: %v", data.name, data.claims, token.Claims)
|
t.Errorf("[%v] Claims mismatch. Expecting: %v Got: %v", data.name, data.claims, token.Claims)
|
||||||
}
|
}
|
||||||
if data.valid && err != nil {
|
if data.valid && err != nil {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue