AuthorizationHeaderExtractor extracts a bearer token from Authorization header Uses PostExtractionFilter to strip "Bearer " prefix from header
var AuthorizationHeaderExtractor = &PostExtractionFilter{ HeaderExtractor{"Authorization"}, stripBearerPrefixFromTokenString, }
Errors
var (
ErrNoTokenInRequest = errors.New("no token present in request")
)
OAuth2Extractor is an Extractor for OAuth2 access tokens. Looks in 'Authorization' header then 'access_token' argument for a token.
var OAuth2Extractor = &MultiExtractor{ AuthorizationHeaderExtractor, ArgumentExtractor{"access_token"}, }
func ParseFromRequest(req *http.Request, extractor Extractor, keyFunc jwt.Keyfunc, options ...ParseFromRequestOption) (token *jwt.Token, err error)
ParseFromRequest extracts and parses a JWT token from an HTTP request. This behaves the same as Parse, but accepts a request and an extractor instead of a token string. The Extractor interface allows you to define the logic for extracting a token. Several useful implementations are provided.
You can provide options to modify parsing behavior
func ParseFromRequestWithClaims(req *http.Request, extractor Extractor, claims jwt.Claims, keyFunc jwt.Keyfunc) (token *jwt.Token, err error)
ParseFromRequestWithClaims is an alias for ParseFromRequest but with custom Claims type.
Deprecated: use ParseFromRequest and the WithClaims option
ArgumentExtractor extracts a token from request arguments. This includes a POSTed form or GET URL arguments. Argument names are tried in order until there's a match. This extractor calls `ParseMultipartForm` on the request
type ArgumentExtractor []string
▹ Example
func (e ArgumentExtractor) ExtractToken(req *http.Request) (string, error)
BearerExtractor extracts a token from the Authorization header. The header is expected to match the format "Bearer XX", where "XX" is the JWT token.
type BearerExtractor struct{}
func (e BearerExtractor) ExtractToken(req *http.Request) (string, error)
Extractor is an interface for extracting a token from an HTTP request. The ExtractToken method should return a token string or an error. If no token is present, you must return ErrNoTokenInRequest.
type Extractor interface {
ExtractToken(*http.Request) (string, error)
}
HeaderExtractor is an extractor for finding a token in a header. Looks at each specified header in order until there's a match
type HeaderExtractor []string
▹ Example
func (e HeaderExtractor) ExtractToken(req *http.Request) (string, error)
MultiExtractor tries Extractors in order until one returns a token string or an error occurs
type MultiExtractor []Extractor
func (e MultiExtractor) ExtractToken(req *http.Request) (string, error)
type ParseFromRequestOption func(*fromRequestParser)
func WithClaims(claims jwt.Claims) ParseFromRequestOption
WithClaims parses with custom claims
func WithParser(parser *jwt.Parser) ParseFromRequestOption
WithParser parses using a custom parser
PostExtractionFilter wraps an Extractor in this to post-process the value before it's handed off. See AuthorizationHeaderExtractor for an example
type PostExtractionFilter struct {
Extractor
Filter func(string) (string, error)
}
func (e *PostExtractionFilter) ExtractToken(req *http.Request) (string, error)