refactor: add option to allow jwt to be bypassed if there is no token

This commit is contained in:
Derrick Hammer 2024-03-13 14:00:19 -04:00
parent ca12b99438
commit bf8d909a3c
Signed by: pcfreak30
GPG Key ID: C997C339BE476FF2
1 changed files with 6 additions and 1 deletions

View File

@ -97,6 +97,7 @@ type AuthMiddlewareOptions struct {
Purpose account.JWTPurpose Purpose account.JWTPurpose
AuthContextKey string AuthContextKey string
Config *config.Manager Config *config.Manager
EmptyAllowed bool
} }
func AuthMiddleware(options AuthMiddlewareOptions) func(http.Handler) http.Handler { func AuthMiddleware(options AuthMiddlewareOptions) func(http.Handler) http.Handler {
@ -114,9 +115,13 @@ func AuthMiddleware(options AuthMiddlewareOptions) func(http.Handler) http.Handl
authToken := options.FindToken(r) authToken := options.FindToken(r)
if authToken == "" { if authToken == "" {
if !options.EmptyAllowed {
http.Error(w, "Invalid JWT", http.StatusUnauthorized) http.Error(w, "Invalid JWT", http.StatusUnauthorized)
return return
} }
next.ServeHTTP(w, r)
return
}
claim, err := account.JWTVerifyToken(authToken, domain, options.Identity, func(claim *jwt.RegisteredClaims) error { claim, err := account.JWTVerifyToken(authToken, domain, options.Identity, func(claim *jwt.RegisteredClaims) error {
aud, _ := claim.GetAudience() aud, _ := claim.GetAudience()