Skip to content

Commit

Permalink
fix oidc partial auth
Browse files Browse the repository at this point in the history
  • Loading branch information
@Daedaluz
Daedaluz committed Mar 21, 2024
1 parent ed2872b commit dc7f137
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 0 deletions.
30 changes: 30 additions & 0 deletions internal/api/application/user.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,36 @@ func UserMiddleware() gin.HandlerFunc {
}
}

func JWTMiddleware() gin.HandlerFunc {
return func(c *gin.Context) {
authorization := c.GetHeader("Authorization")
fields := strings.Fields(authorization)
if len(fields) != 2 {
c.Next()
return
}
if !strings.EqualFold(fields[0], "bearer") {
c.Next()
return
}
set, err := trust.GetJWKSet()
if err != nil {
c.Next()
return
}
token, err := jwt.Parse([]byte(fields[1]),
jwt.WithValidate(true),
jwt.WithKeySet(set),
jwt.WithIssuer(viper.GetString("userApi.trustedIssuer")),
jwt.WithAcceptableSkew(time.Minute))
if err != nil {
c.Next()
return
}
c.Set("jwt", token)
}
}

func GetCurrentJWT(c *gin.Context) jwt.Token {
token, exists := c.Get("jwt")
if !exists {
Expand Down
1 change: 1 addition & 0 deletions internal/api/v1/routes.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,7 @@ func AddRoutes(g *gin.RouterGroup) {
issuerGroup := g.Group("/oidc")
issuerGroup.Use(
cors.New(clientCorsConfig),
application.JWTMiddleware(),
)

public.AddRoutes(publicGroup)
Expand Down

0 comments on commit dc7f137

Please sign in to comment.