gitlab-com-seaweedfs/seaweedfs
1
0
Fork 0
mirror of https://github.com/seaweedfs/seaweedfs.git synced 2024-01-19 02:48:24 +00:00
Code Issues Projects Releases Wiki Activity

Refactor: pass in claim type into security.DecodeJwt

Browse source
This commit is contained in:
Sebastian Kurfuerst 2021-12-29 12:40:41 +01:00
parent d156d410ef
commit fcc09cef6f
2 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
weed/security/jwt.go
View file

@ -57,9 +57,9 @@ func GetJwt(r *http.Request) EncodedJwt {
return EncodedJwt(tokenStr) return EncodedJwt(tokenStr)
} }
func DecodeJwt(signingKey SigningKey, tokenString EncodedJwt) (token *jwt.Token, err error) { func DecodeJwt(signingKey SigningKey, tokenString EncodedJwt, claims jwt.Claims) (token *jwt.Token, err error) {
// check exp, nbf // check exp, nbf
return jwt.ParseWithClaims(string(tokenString), &SeaweedFileIdClaims{}, func(token *jwt.Token) (interface{}, error) { return jwt.ParseWithClaims(string(tokenString), claims, func(token *jwt.Token) (interface{}, error) {
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, fmt.Errorf("unknown token method") return nil, fmt.Errorf("unknown token method")
} }

2
weed/server/volume_server_handlers.go
View file

@ -133,7 +133,7 @@ func (vs *VolumeServer) maybeCheckJwtAuthorization(r *http.Request, vid, fid str
return false return false
} }
token, err := security.DecodeJwt(signingKey, tokenStr) token, err := security.DecodeJwt(signingKey, tokenStr, &security.SeaweedFileIdClaims{})
if err != nil { if err != nil {
glog.V(1).Infof("jwt verification error from %s: %v", r.RemoteAddr, err) glog.V(1).Infof("jwt verification error from %s: %v", r.RemoteAddr, err)
return false return false