diff options
| author | mo khan <mo@mokhan.ca> | 2022-05-17 11:42:26 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2022-05-17 11:42:26 -0600 |
| commit | ad59b1ad26ad08b5cbfe1083b70c56ed5ece3e68 (patch) | |
| tree | f6e8d1f9bac120dc7caf7661966783cabfc1a48c | |
| parent | 5e6a75e5eed330b93f7c8a53e2243ec383445be7 (diff) | |
use default token extract to ensure a token is provided
| -rw-r--r-- | cmd/api/main.go | 14 |
1 files changed, 5 insertions, 9 deletions
diff --git a/cmd/api/main.go b/cmd/api/main.go index f6eed9a..0301e4f 100644 --- a/cmd/api/main.go +++ b/cmd/api/main.go @@ -17,7 +17,6 @@ import ( "github.com/go-chi/chi/v5" "github.com/go-chi/chi/v5/middleware" "github.com/go-chi/cors" - "github.com/go-chi/jwtauth/v5" "github.com/joho/godotenv" "github.com/xlgmokha/api-auth0/pkg/x" ) @@ -28,9 +27,6 @@ func BuildJwtMiddleware(issuerURL *url.URL) *jwtmiddleware.JWTMiddleware { validator.WithCustomClaims(func() validator.CustomClaims { return &x.CustomClaims{} }), validator.WithAllowedClockSkew(time.Minute), )) - extractor := jwtmiddleware.TokenExtractor(func(r *http.Request) (string, error) { - return jwtauth.TokenFromHeader(r), nil - }) errHandler := func(w http.ResponseWriter, r *http.Request, err error) { w.Header().Set("Content-Type", "application/json") @@ -41,7 +37,6 @@ func BuildJwtMiddleware(issuerURL *url.URL) *jwtmiddleware.JWTMiddleware { jwtValidator.ValidateToken, jwtmiddleware.WithCredentialsOptional(true), jwtmiddleware.WithErrorHandler(errHandler), - jwtmiddleware.WithTokenExtractor(extractor), jwtmiddleware.WithValidateOnOptions(false), ) } @@ -79,8 +74,7 @@ func main() { })) issuer := x.Must(url.Parse("https://" + os.Getenv("AUTH0_DOMAIN") + "/")) - - jwtMiddleware := BuildJwtMiddleware(issuer) + token := BuildJwtMiddleware(issuer) r.Route("/api", func(r chi.Router) { r.Get("/public", func(w http.ResponseWriter, r *http.Request) { @@ -89,7 +83,8 @@ func main() { w.Write([]byte(`{"message":"public"}`)) }) r.Route("/users", func(r chi.Router) { - r.Use(Authorize(jwtMiddleware, []x.Permission{"read:users"})) + r.Use(Authorize(token, []x.Permission{"read:users"})) + r.Get("/", func(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") w.WriteHeader(http.StatusOK) @@ -97,7 +92,8 @@ func main() { }) }) r.Route("/incidents", func(r chi.Router) { - r.Use(Authorize(jwtMiddleware, []x.Permission{"read:incidents"})) + r.Use(Authorize(token, []x.Permission{"read:incidents"})) + r.Get("/", func(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") w.WriteHeader(http.StatusOK) |