appleboy / gin-jwt

JWT Middleware for Gin framework
MIT License
2.79k stars 395 forks source link

Is it possible to use this middleware with two different token issuers ? #283

Open gipsh opened 3 years ago

gipsh commented 3 years ago

Hi, i have been using the library for my api succesfully, now i want also support tokens issued by another platform (azure AD). So i need to check if the signature of the token is valid for my own issued tokens AND from the other platform.

Is there an easy way to support this?

i already tried using two middlewares to validate with no luck


    apiv1.Use(authMiddleware.MiddlewareFunc(), externalTokenValidator.MiddlewareFunc()) {

       .....

       }

What the best strategy here? create a new middleware and check azure signature there and then call gin-jwt middleware?

Sorry if the question is off-topic.

gu-hy commented 1 year ago

Hello, are there any updates on this matter?

What could be the best approach to use multiple instances of gin-jwt as middleware (or gin-jwt + additional auth middleware) and chain it properly (if its possible)?

gipsh commented 1 year ago

@gu-hy what i ended up doing was creating a special endpoint where you submit the token from the other provider and after checks and validations it returns a valid token from the current provider. Not the best but worked for my use case albeit it required more work for ui.