refactor: authorize unsigned JWT in requests

author: mo khan <mo@mokhan.ca> 2025-03-15 15:20:53 -0600
committer: mo khan <mo@mokhan.ca> 2025-03-15 15:20:53 -0600
commit: b27894fcfee8a8422ca191ccd87f641eb8befcf0 (patch)
tree: 503b19478f05ca2433082a3c9838e0c6ae401772 /pkg/authz
parent: 80f1b83544b3482cbcdab8cdf521a92f2afdfa16 (diff)
1 files changed, 30 insertions, 0 deletions
diff --git a/pkg/authz/token.go b/pkg/authz/token.go
new file mode 100644
index 0000000..1822a21
--- /dev/null
+++ b/pkg/authz/token.go
@@ -0,0 +1,30 @@
+package authz
+
+import (
+	"fmt"
+	"net/http"
+	"strings"
+
+	"github.com/lestrrat-go/jwx/v3/jwt"
+)
+
+func TokenFrom(r *http.Request) jwt.Token {
+	authorization := r.Header.Get("Authorization")
+	if authorization == "" || !strings.Contains(authorization, "Bearer") {
+		return jwt.New()
+	}
+
+	token, err := jwt.ParseRequest(r,
+		jwt.WithContext(r.Context()),
+		jwt.WithHeaderKey("Authorization"),
+		jwt.WithValidate(false), // TODO:: Connect this to a JSON Web Key Set
+		jwt.WithVerify(false),   // TODO:: Connect this to a JSON Web Key Set
+	)
+
+	if err != nil {
+		fmt.Printf("error: %v\n", err)
+		return jwt.New()
+	}
+
+	return token
+}
author	mo khan <mo@mokhan.ca>	2025-03-15 15:20:53 -0600
committer	mo khan <mo@mokhan.ca>	2025-03-15 15:20:53 -0600
commit	b27894fcfee8a8422ca191ccd87f641eb8befcf0 (patch)
tree	503b19478f05ca2433082a3c9838e0c6ae401772 /pkg/authz
parent	80f1b83544b3482cbcdab8cdf521a92f2afdfa16 (diff)