Merge pull request #2 from tgunsch/jwt-handler

Jwt handler
tgunsch · Apr 24, 2021 · 604ca4b · 604ca4b
2 parents 985ae19 + cdb88bc
commit 604ca4b
Show file tree

Hide file tree

Showing 11 changed files with 239 additions and 49 deletions.
diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
@@ -16,7 +16,7 @@ jobs:
     - name: Set up Go 1.x
       uses: actions/setup-go@v2
       with:
-        go-version: ^1.13
+        go-version: ^1.16
 
     - name: Check out code into the Go module directory
       uses: actions/checkout@v2

diff --git a/cmd/main.go b/cmd/main.go
@@ -7,6 +7,7 @@ import (
 	"github.com/tgunsch/httpod/internal/cookies"
 	"github.com/tgunsch/httpod/internal/docs"
 	"github.com/tgunsch/httpod/internal/http"
+	"github.com/tgunsch/httpod/internal/jwt"
 	"github.com/tgunsch/httpod/internal/status"
 	"github.com/tgunsch/httpod/internal/util"
 	"html"
@@ -69,6 +70,8 @@ func main() {
 	api.POST("/cookies/:cookieName", cookies.PostHandler)
 	api.DELETE("/cookies/:cookieName", cookies.DeleteHandler)
 
+	api.GET("/jwt", jwt.GetHandler)
+
 	println(banner("http://localhost:" + port + SWAGGER_PATH + "/index.html"))
 	server.Logger.Fatal(server.Start(":" + port))
 }

diff --git a/go.mod b/go.mod
@@ -1,18 +1,24 @@
 module github.com/tgunsch/httpod
 
-go 1.15
+go 1.16
 
 require (
 	github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751
-	github.com/cpuguy83/go-md2man/v2 v2.0.0 // indirect
-	github.com/go-openapi/spec v0.20.2 // indirect
-	github.com/labstack/echo/v4 v4.1.17
+	github.com/go-openapi/spec v0.20.3 // indirect
+	github.com/go-openapi/swag v0.19.15 // indirect
+	github.com/goccy/go-json v0.4.13 // indirect
+	github.com/labstack/echo/v4 v4.2.2
+	github.com/lestrrat-go/backoff/v2 v2.0.8 // indirect
+	github.com/lestrrat-go/jwx v1.1.7
+	github.com/mailru/easyjson v0.7.7 // indirect
+	github.com/mattn/go-colorable v0.1.8 // indirect
 	github.com/nxadm/tail v1.4.6 // indirect
 	github.com/onsi/ginkgo v1.14.2
 	github.com/onsi/gomega v1.10.1
-	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/swaggo/echo-swagger v1.1.0
 	github.com/swaggo/swag v1.7.0
-	golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c // indirect
+	golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b // indirect
+	golang.org/x/net v0.0.0-20210423184538-5f58ad60dda6 // indirect
+	golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7 // indirect
 	golang.org/x/tools v0.1.0 // indirect
 )
diff --git a/go.sum b/go.sum
diff --git a/internal/cookies/post_test.go b/internal/cookies/post_test.go
@@ -26,7 +26,7 @@ var _ = Describe("PostHandler", func() {
 
 			// response has set-cookie
 			setCookieHeader := responseRecorder.Result().Header["Set-Cookie"][0]
-			Expect(setCookieHeader).Should(Equal("testCookie=testValue; Domain=myapp.com; SameSite"))
+			Expect(setCookieHeader).Should(Equal("testCookie=testValue; Domain=myapp.com"))
 
 			// response body contains json cookie
 			Expect(responseRecorder.Body.String()).To(MatchJSON(`{ "name": "testCookie", "value": "testValue", "domain": "myapp.com" }`))
@@ -83,7 +83,7 @@ var _ = Describe("PostHandler", func() {
 
 			// response has set-cookie
 			setCookieHeader := responseRecorder.Result().Header["Set-Cookie"][0]
-			Expect(setCookieHeader).Should(Equal("testCookie=testValue; Domain=myapp.com; Max-Age=1; SameSite"))
+			Expect(setCookieHeader).Should(Equal("testCookie=testValue; Domain=myapp.com; Max-Age=1"))
 			// response body contains json cookie
 			Expect(responseRecorder.Body.String()).To(MatchJSON(`{
 				"name": "testCookie", 

diff --git a/internal/docs/docs.go b/internal/docs/docs.go
@@ -164,6 +164,32 @@ var doc = `{
                 }
             }
         },
+        "/jwt": {
+            "get": {
+                "description": "Requests using GET should only retrieve data.",
+                "consumes": [
+                    "application/json"
+                ],
+                "produces": [
+                    "application/json"
+                ],
+                "tags": [
+                    "JWT"
+                ],
+                "summary": "Get jwt of the request.",
+                "responses": {
+                    "200": {
+                        "description": "OK",
+                        "schema": {
+                            "type": "array",
+                            "items": {
+                                "$ref": "#/definitions/cookies.GetCookies"
+                            }
+                        }
+                    }
+                }
+            }
+        },
         "/patch": {
             "patch": {
                 "description": "The PATCH method is used to apply partial modifications to a resource.",

diff --git a/internal/docs/swagger.json b/internal/docs/swagger.json
@@ -147,6 +147,32 @@
                 }
             }
         },
+        "/jwt": {
+            "get": {
+                "description": "Requests using GET should only retrieve data.",
+                "consumes": [
+                    "application/json"
+                ],
+                "produces": [
+                    "application/json"
+                ],
+                "tags": [
+                    "JWT"
+                ],
+                "summary": "Get jwt of the request.",
+                "responses": {
+                    "200": {
+                        "description": "OK",
+                        "schema": {
+                            "type": "array",
+                            "items": {
+                                "$ref": "#/definitions/cookies.GetCookies"
+                            }
+                        }
+                    }
+                }
+            }
+        },
         "/patch": {
             "patch": {
                 "description": "The PATCH method is used to apply partial modifications to a resource.",

diff --git a/internal/docs/swagger.yaml b/internal/docs/swagger.yaml
@@ -166,6 +166,23 @@ paths:
       summary: Do a GET request.
       tags:
       - HTTP Methods
+  /jwt:
+    get:
+      consumes:
+      - application/json
+      description: Requests using GET should only retrieve data.
+      produces:
+      - application/json
+      responses:
+        "200":
+          description: OK
+          schema:
+            items:
+              $ref: '#/definitions/cookies.GetCookies'
+            type: array
+      summary: Get jwt of the request.
+      tags:
+      - JWT
   /patch:
     patch:
       consumes:

diff --git a/internal/jwt/get_test.go b/internal/jwt/get_test.go
@@ -0,0 +1,42 @@
+package jwt_test
+
+import (
+	"fmt"
+	"github.com/labstack/echo/v4"
+	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/gomega"
+	"github.com/tgunsch/httpod/internal/jwt"
+	"net/http"
+	"net/http/httptest"
+)
+
+var _ = Describe("GetHandler", func() {
+	It("return a jwt", func() {
+
+		ctx, _, responseRecorder := mockGetContext("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c")
+
+		err := jwt.GetHandler(ctx)
+		Expect(err).Should(BeNil())
+
+		// return 200
+		Expect(responseRecorder.Code).Should(Equal(200))
+
+		// response body contains json cookie
+		Expect(responseRecorder.Body.String()).To(MatchJSON(`{
+        "iat": 1516239022,
+        "name": "John Doe",
+        "sub": "1234567890"
+      }`))
+	})
+
+})
+
+func mockGetContext(token string) (echo.Context, *http.Request, *httptest.ResponseRecorder) {
+	e := echo.New()
+	req := httptest.NewRequest(http.MethodGet, "http://myapp.com/api/jwt", nil)
+	req.Header.Set(echo.HeaderContentType, echo.MIMEApplicationJSON)
+	req.Header.Set(echo.HeaderAuthorization, fmt.Sprintf("Bearer %s", token))
+	res := httptest.NewRecorder()
+	c := e.NewContext(req, res)
+	return c, req, res
+}
diff --git a/internal/jwt/handler.go b/internal/jwt/handler.go
@@ -0,0 +1,38 @@
+package jwt
+
+import (
+	"encoding/json"
+	"fmt"
+	"github.com/labstack/echo/v4"
+	"github.com/lestrrat-go/jwx/jwt"
+	"net/http"
+	"strings"
+)
+
+// @Summary Get jwt passed as authorization bearer token of the request.
+// @Tags JWT
+// @Description Requests using GET should only retrieve data.
+// @Accept  json
+// @Produce  json
+// @Success 200 {array} jwt.Token
+// @Router /jwt [get]
+func GetHandler(context echo.Context) error {
+
+	auth := context.Request().Header.Get(echo.HeaderAuthorization)
+	l := len("Bearer")
+	if auth[:l] == "Bearer" {
+		rawToken := auth[l+1:]
+		token, err := jwt.ParseReader(strings.NewReader(rawToken))
+		if err != nil {
+			return context.String(http.StatusBadRequest, fmt.Sprintf("failed to parse payload: %s\n", err))
+		}
+
+		prettyJSON, err := json.MarshalIndent(token, "", "   ")
+		if err != nil {
+			return context.String(http.StatusBadRequest, fmt.Sprintf("Error parsing cookies: %v", err.Error()))
+		}
+		return context.String(http.StatusOK, string(prettyJSON))
+	}
+	return context.String(http.StatusBadRequest, "No JWT in request header")
+
+}
diff --git a/internal/jwt/jwt_suite_test.go b/internal/jwt/jwt_suite_test.go
@@ -0,0 +1,13 @@
+package jwt_test
+
+import (
+	"testing"
+
+	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/gomega"
+)
+
+func TestJWT(t *testing.T) {
+	RegisterFailHandler(Fail)
+	RunSpecs(t, "JWT Suite")
+}