...

Package request

import "github.com/golang-jwt/jwt/request"
Overview
Index
Examples

Overview ▾

Utility package for extracting JWT tokens from HTTP requests.

The main function is ParseFromRequest and it's WithClaims variant. See examples for how to use the various Extractor implementations or roll your own.

Variables

Extract bearer token from Authorization header Uses PostExtractionFilter to strip "Bearer " prefix from header 

var AuthorizationHeaderExtractor = &PostExtractionFilter{
    HeaderExtractor{"Authorization"},
    stripBearerPrefixFromTokenString,
}

Errors 

var (
    ErrNoTokenInRequest = errors.New("no token present in request")
)

Extractor for OAuth2 access tokens. Looks in 'Authorization' header then 'access_token' argument for a token. 

var OAuth2Extractor = &MultiExtractor{
    AuthorizationHeaderExtractor,
    ArgumentExtractor{"access_token"},
}

func ParseFromRequest 

func ParseFromRequest(req *http.Request, extractor Extractor, keyFunc jwt.Keyfunc, options ...ParseFromRequestOption) (token *jwt.Token, err error)

Extract and parse a JWT token from an HTTP request. This behaves the same as Parse, but accepts a request and an extractor instead of a token string. The Extractor interface allows you to define the logic for extracting a token. Several useful implementations are provided.

You can provide options to modify parsing behavior

func ParseFromRequestWithClaims 

func ParseFromRequestWithClaims(req *http.Request, extractor Extractor, claims jwt.Claims, keyFunc jwt.Keyfunc) (token *jwt.Token, err error)

ParseFromRequest but with custom Claims type DEPRECATED: use ParseFromRequest and the WithClaims option

type ArgumentExtractor

Extract token from request arguments. This includes a POSTed form or GET URL arguments. Argument names are tried in order until there's a match. This extractor calls `ParseMultipartForm` on the request 

type ArgumentExtractor []string

Example

Code:

req := makeExampleRequest("GET", "/", nil, url.Values{"token": {extractorTestTokenA}})
tokenString, err := ArgumentExtractor{"token"}.ExtractToken(req)
if err == nil {
    fmt.Println(tokenString)
} else {
    fmt.Println(err)
}

Output:

A

func (ArgumentExtractor) ExtractToken 

func (e ArgumentExtractor) ExtractToken(req *http.Request) (string, error)

type Extractor

Interface for extracting a token from an HTTP request. The ExtractToken method should return a token string or an error. If no token is present, you must return ErrNoTokenInRequest. 

type Extractor interface {
    ExtractToken(*http.Request) (string, error)
}

type HeaderExtractor

Extractor for finding a token in a header. Looks at each specified header in order until there's a match 

type HeaderExtractor []string

Example

Code:

req := makeExampleRequest("GET", "/", map[string]string{"Token": exampleTokenA}, nil)
tokenString, err := HeaderExtractor{"Token"}.ExtractToken(req)
if err == nil {
    fmt.Println(tokenString)
} else {
    fmt.Println(err)
}

Output:

A

func (HeaderExtractor) ExtractToken 

func (e HeaderExtractor) ExtractToken(req *http.Request) (string, error)

type MultiExtractor

Tries Extractors in order until one returns a token string or an error occurs 

type MultiExtractor []Extractor

func (MultiExtractor) ExtractToken 

func (e MultiExtractor) ExtractToken(req *http.Request) (string, error)

type ParseFromRequestOption 

type ParseFromRequestOption func(*fromRequestParser)

func WithClaims 

func WithClaims(claims jwt.Claims) ParseFromRequestOption

Parse with custom claims

func WithParser 

func WithParser(parser *jwt.Parser) ParseFromRequestOption

Parse using a custom parser

type PostExtractionFilter

Wrap an Extractor in this to post-process the value before it's handed off. See AuthorizationHeaderExtractor for an example 

type PostExtractionFilter struct {
    Extractor
    Filter func(string) (string, error)
}

func (*PostExtractionFilter) ExtractToken 

func (e *PostExtractionFilter) ExtractToken(req *http.Request) (string, error)