Verify JWT with operator token

biilmann · biilmann · commit 95323685f00f · 2017-09-01T21:30:09.000-07:00
diff --git a/api/auth.go b/api/auth.go
@@ -35,16 +35,13 @@ func (a *API) extractBearerToken(w http.ResponseWriter, r *http.Request) (string
 }
 
 func (a *API) parseJWTClaims(bearer string, r *http.Request) (context.Context, error) {
-	ctx := r.Context()
-	config := getConfig(ctx)
-
 	p := jwt.Parser{ValidMethods: []string{jwt.SigningMethodHS256.Name}}
 	token, err := p.ParseWithClaims(bearer, &GatewayClaims{}, func(token *jwt.Token) (interface{}, error) {
-		return []byte(config.JWT.Secret), nil
+		return []byte(a.config.OperatorToken), nil
 	})
 	if err != nil {
 		return nil, unauthorizedError("Invalid token: %v", err)
 	}
 
-	return withToken(ctx, token), nil
+	return withToken(r.Context(), token), nil
 }

Original file line number	Diff line number	Diff line change
`@@ -35,16 +35,13 @@ func (a API) extractBearerToken(w http.ResponseWriter, r http.Request) (string`
`35`	`35`	`}`
`36`	`36`
`37`	`37`	`func (a API) parseJWTClaims(bearer string, r http.Request) (context.Context, error) {`
`38`		`- ctx := r.Context()`
`39`		`- config := getConfig(ctx)`
`40`		`-`
`41`	`38`	`p := jwt.Parser{ValidMethods: []string{jwt.SigningMethodHS256.Name}}`
`42`	`39`	`token, err := p.ParseWithClaims(bearer, &GatewayClaims{}, func(token *jwt.Token) (interface{}, error) {`
`43`		`- return []byte(config.JWT.Secret), nil`
	`40`	`+ return []byte(a.config.OperatorToken), nil`
`44`	`41`	`})`
`45`	`42`	`if err != nil {`
`46`	`43`	`return nil, unauthorizedError("Invalid token: %v", err)`
`47`	`44`	`}`
`48`	`45`
`49`		`- return withToken(ctx, token), nil`
	`46`	`+ return withToken(r.Context(), token), nil`
`50`	`47`	`}`