slax0rr
commented
6 years ago @VojtechVitek
I'm not sure that this is the correct way to fix this. It honestly feels more like a workaround to the issue as a fix.
When a token is parsed from the request, be it in header, cookies, or get params, it gets parsed through here: https://github.com/dgrijalva/jwt-go/blob/master/parser.go#L20 which parses the Claims as MapClaims, attaches them to the Token, and then you put this into context here: https://github.com/slax0rr/jwtauth/blob/508040879e83a5a67df68d71a061def60c6d6e06/jwtauth.go#L82
Which is fine in that scenario. The problem arises then if you encode a token through your Encode method, and put it to Context, and later read it from Context with the FromContext method. I feel that you could get rid of that switch, if you would cast the Claims in Encode directly to jwt.MapClaims here: https://github.com/slax0rr/jwtauth/blob/508040879e83a5a67df68d71a061def60c6d6e06/jwtauth.go#L135
I have however not tried this, because I believe I do not hold enough knowledge on the matter to know if this even makes sense.
Previous change "fixed" the panic, but would silently remove all Claims, because the tokenClaims are not copied over to the claims variable.