v5.0.0/request/request.go: with WithLeeway support?

golang-jwt / jwt

Go implementation of JSON Web Tokens (JWT).

https://golang-jwt.github.io/jwt/

MIT License

6.98k stars 335 forks source link

v5.0.0/request/request.go: with WithLeeway support? #357

Closed Grabber closed 11 months ago

Grabber commented 11 months ago

Is it possible to use WithLeeway with request.ParseFromRequest as with jwt.ParseWithClaims? -> https://github.com/golang-jwt/jwt/blob/v5.0.0/request/request.go

func WithLeeway(leeway time.Duration) ParserOption {
    return func(p *Parser) {
        p.validator.leeway = leeway
    }
}

func WithClaims(claims jwt.Claims) ParseFromRequestOption {
    return func(p *fromRequestParser) {
        p.claims = claims
    }
}

oxisto commented 11 months ago

You should be able to first create a new parser with jwt.New and jwt.WithLeeway and then use that with request.WithParser

Grabber commented 11 months ago

@oxisto, that you! Is the following snippet correct?

func VerifyJWToken(r *http.Request, secretKey []byte) (*jwt.RegisteredClaims, error) {
  token, err := request.ParseFromRequest(r, request.AuthorizationHeaderExtractor, func(token *jwt.Token) (interface{}, error) {
    return secretKey, nil
  }, request.WithClaims(jwt.RegisteredClaims{}), request.WithParser(jwt.NewParser(jwt.WithLeeway(5 * time.Second))))

  if err == nil {
    if claims, ok := token.Claims.(*jwt.RegisteredClaims); ok && token.Valid {
      return claims, nil
    }
  }

  return nil, err
}