Releases: XenitAB/go-oidc-middleware
v0.0.14
v0.0.13
v0.0.12
Changes
Bump Go from 1.16 to 1.17
v0.0.11
Changes
This PR adds the ability to manipulate a token string after it has been extracted from a header using options.WithTokenStringPostExtractionFn.
Example:
oidcHandler := oidcgin.New(
options.WithIssuer(cfg.Issuer),
options.WithFallbackSignatureAlgorithm(cfg.FallbackSignatureAlgorithm),
options.WithRequiredClaims(map[string]interface{}{
"cid": cfg.ClientID,
}),
options.WithTokenString(
options.WithTokenStringHeaderName("Authorization"),
options.WithTokenStringTokenPrefix("Bearer "),
),
options.WithTokenString(
options.WithTokenStringHeaderName("Sec-WebSocket-Protocol"),
options.WithTokenStringTokenPrefix("base64url.bearer.authorization.k8s.io."),
options.WithTokenStringListSeparator(","),
options.WithTokenStringPostExtractionFn(func(s string) (string, error) {
bytes, err := base64.RawStdEncoding.DecodeString(s)
if err != nil {
return "", err
}
return string(bytes), nil
}),
),
)v0.0.10
Breaking change
Token string options have been changed to make it easier to configure extraction of multiple headers.
Example:
oidcHandler := oidcgin.New(
options.WithIssuer(cfg.Issuer),
options.WithFallbackSignatureAlgorithm(cfg.FallbackSignatureAlgorithm),
options.WithRequiredClaims(map[string]interface{}{
"cid": cfg.ClientID,
}),
options.WithTokenString(
options.WithTokenStringHeaderName("Authorization"),
options.WithTokenStringTokenPrefix("Bearer "),
),
options.WithTokenString(
options.WithTokenStringHeaderName("Sec-WebSocket-Protocol"),
options.WithTokenStringTokenPrefix("base64url.bearer.authorization.k8s.io."),
options.WithTokenStringListSeparator(","),
),
)v0.0.9
Added middleware for fiber.
Import
"github.com/xenitab/go-oidc-middleware/oidcfiber"
Middleware
oidcHandler := oidcfiber.New(
options.WithIssuer(cfg.Issuer),
options.WithRequiredTokenType("JWT"),
options.WithRequiredAudience(cfg.Audience),
options.WithFallbackSignatureAlgorithm(cfg.FallbackSignatureAlgorithm),
options.WithRequiredClaims(map[string]interface{}{
"tid": cfg.TenantID,
}),
)Handler
func newClaimsHandler() fiber.Handler {
return func(c *fiber.Ctx) error {
claims, ok := c.Locals("claims").(map[string]interface{})
if !ok {
return c.SendStatus(fiber.StatusUnauthorized)
}
return c.JSON(claims)
}
}v0.0.8
Changes:
- Move defaults to options package (#32)
- Change echojwt from using jwt.Token to map[string]interface{} (#33)
Breaking change:
oidcechojwt now returns a map[string]interface{} instead of jwt.Token.
Previously, you had to use the following:
func newClaimsHandler(c echo.Context) error {
token, ok := c.Get("user").(jwt.Token)
if !ok {
return echo.NewHTTPError(http.StatusUnauthorized, "invalid token")
}
claims, err := token.AsMap(c.Request().Context())
if err != nil {
return echo.NewHTTPError(http.StatusUnauthorized, "invalid token")
}
return c.JSON(http.StatusOK, claims)
}Now you you instead get the claims directly:
func newClaimsHandler(c echo.Context) error {
claims, ok := c.Get("user").(map[string]interface{})
if !ok {
return echo.NewHTTPError(http.StatusUnauthorized, "invalid token")
}
return c.JSON(http.StatusOK, claims)
}v0.0.7
v0.0.6
BREAKING CHANGE:
The library has moved from using a struct as options to using functional options.
Now the "github.com/xenitab/go-oidc-middleware/options" package needs to be imported and used like this:
oidcHandler := oidchttp.New(h,
options.WithIssuer(cfg.Issuer),
options.WithRequiredTokenType("JWT"),
options.WithRequiredAudience(cfg.Audience),
options.WithFallbackSignatureAlgorithm(cfg.FallbackSignatureAlgorithm),
options.WithRequiredClaims(map[string]interface{}{
"tid": cfg.TenantID,
}),
)v0.0.5
add gin support (#19) * add gin support * update readme * make all