Comments (6)
Seems like this issue can be closed since #3 was merged?
from go-jwt-middleware.
Hey,
I thought of that but didn't have time yet to implement it!
I'm up to making it configurable. Maybe 3 configurations like in angular-jwt
:
type: Header || Param. Defaults to Header
fieldName: Authorization
tokenType: Bearer
What do you think about it?
Thanks for offering to do a PR. We'll gladly accept it if you can do it.
Thanks again!
from go-jwt-middleware.
I think a func req -> token , like in express-jwt will be better.
from go-jwt-middleware.
@jfromaniello Could you elaborate? It seems like what you want is essentially just a middleware interface. But we already have that (at least if you are coming from negroni or martini). The question is really what to do "in the middle". The current implementation simply validates the identify of the person making the request. That is actually all I want. What I want to make configurable is where that identity is extracted from (Authorization
header, query string, ...)
express-jwt
actually seems to be enforcing policies as well. I don't really want to go that far (since I have my own policy enforcement layer already).
I'll put together a PR and you guys can comment on it. I'll post here when the PR is submitted (should be this morning).
from go-jwt-middleware.
@jfromaniello Ah! OK. Now I see your point. What you are saying is that the user could provide a function that extracts the token from the request. Got it! That's a good idea. I'll try and build on that.
from go-jwt-middleware.
@jfromaniello good idea.
Thanks @mtiller for the PR ;)
from go-jwt-middleware.
Related Issues (20)
- provide a gin gonic example HOT 2
- Missing cookie causes CookieTokenExtractor to return error HOT 7
- Custom `ValidateWithLeeway` in #176 Introduced Breaking Changes to Token Validation HOT 3
- Allow middleware to be used in a gRPC environment HOT 7
- Cannot import internal oidc package HOT 1
- An error occured while validating JWT: jwt invalid: error getting the keys from the key func: could not get well known endpoints from url https:///.well-known/openid-configuration: Get "https:///.well-known/openid-configuration": http: no Host in request URL HOT 3
- Improve performance of JWKS Caching Provider HOT 4
- Support validate multiple issuers HOT 1
- Example for IRIS Framework
- Allow custom http Client to be used by the JWKS Provider HOT 2
- issue with token validator HOT 4
- Audience Check Should Not Be Mandatory HOT 4
- v2.1.0 Diversions from JOSE By validating audiences when none expected HOT 4
- validationKeyGetter - can not use dgrijalva as form3tech-oss Keyfunc value in struct literal HOT 1
- issue with token validator
- go-jose v2 is deprecated, should be upgraded to v3 HOT 2
- Examples do not work. jwtmiddleware missing in v2.2.0 HOT 2
- Support for Gin HOT 2
- newVerifier() function - verificationKey type
- Upgrade `go-jose` from v2 to v4 HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from go-jwt-middleware.