diff --git a/core/authentication/jwt_backend.go b/core/authentication/jwt_backend.go index 3e1aa25..861cfee 100644 --- a/core/authentication/jwt_backend.go +++ b/core/authentication/jwt_backend.go @@ -5,7 +5,7 @@ import ( "api.jwt.auth/services/models" "api.jwt.auth/settings" "bufio" - "code.google.com/p/go-uuid/uuid" + "github.com/pborman/uuid" "crypto/rsa" "crypto/x509" "encoding/pem" @@ -40,9 +40,11 @@ func InitJWTAuthenticationBackend() *JWTAuthenticationBackend { func (backend *JWTAuthenticationBackend) GenerateToken(userUUID string) (string, error) { token := jwt.New(jwt.SigningMethodRS512) - token.Claims["exp"] = time.Now().Add(time.Hour * time.Duration(settings.Get().JWTExpirationDelta)).Unix() - token.Claims["iat"] = time.Now().Unix() - token.Claims["sub"] = userUUID + token.Claims = jwt.MapClaims{ + "exp": time.Now().Add(time.Hour * time.Duration(settings.Get().JWTExpirationDelta)).Unix(), + "iat": time.Now().Unix(), + "sub": userUUID, + } tokenString, err := token.SignedString(backend.privateKey) if err != nil { panic(err) @@ -76,7 +78,7 @@ func (backend *JWTAuthenticationBackend) getTokenRemainingValidity(timestamp int func (backend *JWTAuthenticationBackend) Logout(tokenString string, token *jwt.Token) error { redisConn := redis.Connect() - return redisConn.SetValue(tokenString, tokenString, backend.getTokenRemainingValidity(token.Claims["exp"])) + return redisConn.SetValue(tokenString, tokenString, backend.getTokenRemainingValidity(token.Claims.(jwt.MapClaims)["exp"])) } func (backend *JWTAuthenticationBackend) IsInBlacklist(token string) bool { diff --git a/core/authentication/middlewares.go b/core/authentication/middlewares.go index 0cd4a7d..63c675f 100644 --- a/core/authentication/middlewares.go +++ b/core/authentication/middlewares.go @@ -3,13 +3,14 @@ package authentication import ( "fmt" jwt "github.com/dgrijalva/jwt-go" + request "github.com/dgrijalva/jwt-go/request" "net/http" ) func RequireTokenAuthentication(rw http.ResponseWriter, req *http.Request, next http.HandlerFunc) { authBackend := InitJWTAuthenticationBackend() - token, err := jwt.ParseFromRequest(req, func(token *jwt.Token) (interface{}, error) { + token, err := request.ParseFromRequest(req, request.OAuth2Extractor, func(token *jwt.Token) (interface{}, error) { if _, ok := token.Method.(*jwt.SigningMethodRSA); !ok { return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"]) } else { diff --git a/services/auth_service.go b/services/auth_service.go index 4409fc2..3d26e4a 100644 --- a/services/auth_service.go +++ b/services/auth_service.go @@ -6,6 +6,7 @@ import ( "api.jwt.auth/services/models" "encoding/json" jwt "github.com/dgrijalva/jwt-go" + request "github.com/dgrijalva/jwt-go/request" "net/http" ) @@ -40,7 +41,7 @@ func RefreshToken(requestUser *models.User) []byte { func Logout(req *http.Request) error { authBackend := authentication.InitJWTAuthenticationBackend() - tokenRequest, err := jwt.ParseFromRequest(req, func(token *jwt.Token) (interface{}, error) { + tokenRequest, err := request.ParseFromRequest(req, request.OAuth2Extractor, func(token *jwt.Token) (interface{}, error) { return authBackend.PublicKey, nil }) if err != nil {