diff options
Diffstat (limited to 'cmd/api/main.go')
| -rw-r--r-- | cmd/api/main.go | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/cmd/api/main.go b/cmd/api/main.go index d20731e..b300da3 100644 --- a/cmd/api/main.go +++ b/cmd/api/main.go @@ -18,7 +18,8 @@ import ( ) type CustomClaims struct { - Scope string `json:"scope"` + Scope string `json:"scope"` + Permissions []string `json:"permissions"` } func (c CustomClaims) Validate(ctx context.Context) error { @@ -35,6 +36,15 @@ func (c CustomClaims) HasScope(expectedScope string) bool { return false } +func (c CustomClaims) HasPermission(permission string) bool { + for _, value := range c.Permissions { + if value == permission { + return true + } + } + return false +} + // type TokenExtractor func(r *http.Request) (string, error) func Extractor(r *http.Request) (string, error) { authHeader := r.Header.Get("Authorization") @@ -148,7 +158,7 @@ func main() { token := r.Context().Value(jwtmiddleware.ContextKey{}).(*validator.ValidatedClaims) claims := token.CustomClaims.(*CustomClaims) - if !claims.HasScope("read:messages") { + if !claims.HasPermission("read:incidents") { w.WriteHeader(http.StatusForbidden) w.Write([]byte(`{"message":"insufficient scope."}`)) return |