admin/hspguard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: make verify work with custom claims type

Browse Source
This commit is contained in:
Amir Adal
2025-05-19 16:37:27 +02:00
parent ef7e1a80d9
commit eba6253ff6
1 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
internal/auth/jwt.go
View File

@ -7,6 +7,7 @@ import (
"fmt" "fmt"
"os" "os"
"gitea.local/admin/hspguard/internal/types"
"github.com/golang-jwt/jwt/v5" "github.com/golang-jwt/jwt/v5"
) )
@ -63,12 +64,13 @@ func SignJwtToken(claims jwt.Claims) (string, error) {
return s, nil return s, nil
} }
func VerifyToken(token string, claims jwt.Claims) (*jwt.Token, error) { func VerifyToken(token string) (*jwt.Token, *types.UserClaims, error) {
publicKey, err := parseBase64PublicKey("JWT_PUBLIC_KEY") publicKey, err := parseBase64PublicKey("JWT_PUBLIC_KEY")
if err != nil { if err != nil {
return nil, err return nil, nil, err
} }
claims := &types.UserClaims{}
parsed, err := jwt.ParseWithClaims(token, claims, func(t *jwt.Token) (any, error) { parsed, err := jwt.ParseWithClaims(token, claims, func(t *jwt.Token) (any, error) {
if _, ok := t.Method.(*jwt.SigningMethodECDSA); !ok { if _, ok := t.Method.(*jwt.SigningMethodECDSA); !ok {
return nil, fmt.Errorf("unexpected signing method: %v", t.Header["alg"]) return nil, fmt.Errorf("unexpected signing method: %v", t.Header["alg"])
@ -77,13 +79,13 @@ func VerifyToken(token string, claims jwt.Claims) (*jwt.Token, error) {
}) })
if err != nil { if err != nil {
return nil, fmt.Errorf("invalid token: %w", err) return nil, nil, fmt.Errorf("invalid token: %w", err)
} }
if !parsed.Valid { if !parsed.Valid {
return nil, fmt.Errorf("token is not valid") return nil, nil, fmt.Errorf("token is not valid")
} }
return parsed, nil return parsed, claims, nil
} }