登录 注册
开源 企业版 高校版 私有云 Gitee AI NEW
扫描微信二维码支付
取消
支付完成
Watch
不关注 关注所有动态 仅关注版本发行动态 关注但不提醒动态
1 Star 0 Fork 0

zhouaw / jwt

代码 Issues 0 Pull Requests 0 Wiki 统计 流水线
服务
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
克隆/下载
extractor.go 2.96 KB
一键复制 编辑 原始数据 按行查看 历史
zhouaowen 提交于 2024-03-21 14:03 . 第一次提交
12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697
package request



import (

	"errors"

	"net/http"

	"strings"

)



// Errors

var (

	ErrNoTokenInRequest = errors.New("no token present in request")

)



// Extractor is an interface for extracting a token from an HTTP request.

// The ExtractToken method should return a token string or an error.

// If no token is present, you must return ErrNoTokenInRequest.

type Extractor interface {

	ExtractToken(*http.Request) (string, error)

}



// HeaderExtractor is an extractor for finding a token in a header.

// Looks at each specified header in order until there's a match

type HeaderExtractor []string



func (e HeaderExtractor) ExtractToken(req *http.Request) (string, error) {

	// loop over header names and return the first one that contains data

	for _, header := range e {

		if ah := req.Header.Get(header); ah != "" {

			return ah, nil

		}

	}

	return "", ErrNoTokenInRequest

}



// ArgumentExtractor extracts a token from request arguments.  This includes a POSTed form or

// GET URL arguments.  Argument names are tried in order until there's a match.

// This extractor calls `ParseMultipartForm` on the request

type ArgumentExtractor []string



func (e ArgumentExtractor) ExtractToken(req *http.Request) (string, error) {

	// Make sure form is parsed

	req.ParseMultipartForm(10e6)



	// loop over arg names and return the first one that contains data

	for _, arg := range e {

		if ah := req.Form.Get(arg); ah != "" {

			return ah, nil

		}

	}



	return "", ErrNoTokenInRequest

}



// MultiExtractor tries Extractors in order until one returns a token string or an error occurs

type MultiExtractor []Extractor



func (e MultiExtractor) ExtractToken(req *http.Request) (string, error) {

	// loop over header names and return the first one that contains data

	for _, extractor := range e {

		if tok, err := extractor.ExtractToken(req); tok != "" {

			return tok, nil

		} else if !errors.Is(err, ErrNoTokenInRequest) {

			return "", err

		}

	}

	return "", ErrNoTokenInRequest

}



// PostExtractionFilter wraps an Extractor in this to post-process the value before it's handed off.

// See AuthorizationHeaderExtractor for an example

type PostExtractionFilter struct {

	Extractor

	Filter func(string) (string, error)

}



func (e *PostExtractionFilter) ExtractToken(req *http.Request) (string, error) {

	if tok, err := e.Extractor.ExtractToken(req); tok != "" {

		return e.Filter(tok)

	} else {

		return "", err

	}

}



// BearerExtractor extracts a token from the Authorization header.

// The header is expected to match the format "Bearer XX", where "XX" is the

// JWT token.

type BearerExtractor struct{}



func (e BearerExtractor) ExtractToken(req *http.Request) (string, error) {

	tokenHeader := req.Header.Get("Authorization")

	// The usual convention is for "Bearer" to be title-cased. However, there's no

	// strict rule around this, and it's best to follow the robustness principle here.

	if tokenHeader == "" || !strings.HasPrefix(strings.ToLower(tokenHeader), "bearer ") {

		return "", ErrNoTokenInRequest

	}

	return tokenHeader[7:], nil

}
1
https://gitee.com/zhouaowen/jwt.git
git@gitee.com:zhouaowen/jwt.git
zhouaowen
jwt
jwt
v4.5.1
点此查找更多帮助

搜索帮助

Git 命令在线学习 如何在 Gitee 导入 GitHub 仓库
Git 仓库基础操作
企业版和社区版功能对比
SSH 公钥设置
如何处理代码冲突
仓库体积过大,如何减小?
如何找回被删除的仓库数据
Gitee 产品配额说明
GitHub仓库快速导入Gitee及同步更新
什么是 Release(发行版)
将 PHP 项目自动发布到 packagist.org
评论
仓库举报
回到顶部