Browse Source

Refactor: pass in claim type into security.DecodeJwt

pull/2543/head
Sebastian Kurfuerst 3 years ago
parent
commit
fcc09cef6f
  1. 4
      weed/security/jwt.go
  2. 2
      weed/server/volume_server_handlers.go

4
weed/security/jwt.go

@ -57,9 +57,9 @@ func GetJwt(r *http.Request) EncodedJwt {
return EncodedJwt(tokenStr) return EncodedJwt(tokenStr)
} }
func DecodeJwt(signingKey SigningKey, tokenString EncodedJwt) (token *jwt.Token, err error) {
func DecodeJwt(signingKey SigningKey, tokenString EncodedJwt, claims jwt.Claims) (token *jwt.Token, err error) {
// check exp, nbf // check exp, nbf
return jwt.ParseWithClaims(string(tokenString), &SeaweedFileIdClaims{}, func(token *jwt.Token) (interface{}, error) {
return jwt.ParseWithClaims(string(tokenString), claims, func(token *jwt.Token) (interface{}, error) {
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, fmt.Errorf("unknown token method") return nil, fmt.Errorf("unknown token method")
} }

2
weed/server/volume_server_handlers.go

@ -133,7 +133,7 @@ func (vs *VolumeServer) maybeCheckJwtAuthorization(r *http.Request, vid, fid str
return false return false
} }
token, err := security.DecodeJwt(signingKey, tokenStr)
token, err := security.DecodeJwt(signingKey, tokenStr, &security.SeaweedFileIdClaims{})
if err != nil { if err != nil {
glog.V(1).Infof("jwt verification error from %s: %v", r.RemoteAddr, err) glog.V(1).Infof("jwt verification error from %s: %v", r.RemoteAddr, err)
return false return false

Loading…
Cancel
Save