Go Jwt Middleware
A Middleware for Go Programming Language to check for JWTs on HTTP requests
| Project Name | Stars | Downloads | Repos Using This | Packages Using This | Most Recent Commit | Total Releases | Latest Release | Open Issues | License | Language |
|---|---|---|---|---|---|---|---|---|---|---|
| Go Jwt Middleware | 919 | 188 | 215 | 4 days ago | 31 | March 21, 2022 | 2 | mit | Go | |
| A Middleware for Go Programming Language to check for JWTs on HTTP requests | ||||||||||
| Request Baskets | 179 | 6 months ago | 7 | September 19, 2022 | 7 | mit | Go | |||
| HTTP requests collector to test webhooks, notifications, REST clients and more ... | ||||||||||
| Ng Rails Csrf | 142 | 8 years ago | 2 | mit | Ruby | |||||
| ng-rails-csrf | ||||||||||
| Gargle | 104 | a day ago | 22 | other | R | |||||
| Infrastructure for calling Google APIs from R, including auth | ||||||||||
| Spring Security Csrf Token Interceptor | 49 | 1 | 5 years ago | 4 | July 05, 2014 | 4 | other | JavaScript | ||
| An AngularJS interceptor that sets the Spring Security CSRF token information in all HTTP requests if it's able to find it in a response header on application startup. | ||||||||||
| Aurl | 49 | 5 months ago | 1 | February 24, 2015 | 1 | apache-2.0 | Go | |||
| Command line utility to make HTTP request with OAuth2 | ||||||||||
| Auth | 28 | 10 months ago | 1 | apache-2.0 | Go | |||||
| Go library for generating JWT Tokens, authorizing HTTP requests, etc. | ||||||||||
| Travis Ruby Client | 21 | 2 | 3 years ago | 2 | April 04, 2017 | 1 | Ruby | |||
| Ruby client library for Travis CI API | ||||||||||
| Httputility | 21 | a year ago | 6 | February 17, 2022 | 3 | mit | Swift | |||
| HttpUtility is an open source MIT license project which is helpful in making HTTP requests and returns a decoded object from server. Right now this utility only parses JSON. | ||||||||||
| Gitfeed | 12 | 5 years ago | Ruby | |||||||
| Create your own unique and custom RSS Feed with the content from people you follow in Github. [Work in Progress] | ||||||||||
Alternatives To Go Jwt MiddlewareSelect To Compare
Alternative Project Comparisons
Readme
GO JWT Middleware
Golang middleware to check and validate JWTs in the request and add the valid token contents to the request context.
Table of Contents
Installation
go get github.com/auth0/go-jwt-middleware/v2
Usage
package main
import (
"context"
"encoding/json"
"log"
"net/http"
"github.com/auth0/go-jwt-middleware/v2"
"github.com/auth0/go-jwt-middleware/v2/validator"
)
var handler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
claims, ok := r.Context().Value(jwtmiddleware.ContextKey{}).(*validator.ValidatedClaims)
if !ok {
http.Error(w, "failed to get validated claims", http.StatusInternalServerError)
return
}
payload, err := json.Marshal(claims)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
w.Header().Set("Content-Type", "application/json")
w.Write(payload)
})
func main() {
keyFunc := func(ctx context.Context) (interface{}, error) {
// Our token must be signed using this data.
return []byte("secret"), nil
}
// Set up the validator.
jwtValidator, err := validator.New(
keyFunc,
validator.HS256,
"https://<issuer-url>/",
[]string{"<audience>"},
)
if err != nil {
log.Fatalf("failed to set up the validator: %v", err)
}
// Set up the middleware.
middleware := jwtmiddleware.New(jwtValidator.ValidateToken)
http.ListenAndServe("0.0.0.0:3000", middleware.CheckJWT(handler))
}
After running that code (go run main.go) you can then curl the http server from another terminal:
$ curl -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyLCJpc3MiOiJnby1qd3QtbWlkZGxld2FyZS1leGFtcGxlIiwiYXVkIjoiZ28tand0LW1pZGRsZXdhcmUtZXhhbXBsZSJ9.xcnkyPYu_b3qm2yeYuEgr5R5M5t4pN9s04U1ya53-KM" localhost:3000
That should give you the following response:
{
"CustomClaims": null,
"RegisteredClaims": {
"iss": "go-jwt-middleware-example",
"aud": "go-jwt-middleware-example",
"sub": "1234567890",
"iat": 1516239022
}
}
The JWT included in the Authorization header above is signed with secret.
To test how the response would look like with an invalid token:
$ curl -v -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.yiDw9IDNCa1WXCoDfPR_g356vSsHBEerqh9IvnD49QE" localhost:3000
That should give you the following response:
...
< HTTP/1.1 401 Unauthorized
< Content-Type: application/json
{"message":"JWT is invalid."}
...
For more examples please check the examples folder.
Migration Guide
If you are moving from v1 to v2 please check our migration guide.
Issue Reporting
If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.
Author
License
This project is licensed under the MIT license. See the LICENSE file for more info.
Popular Http Requests Projects
Popular Token Projects
Popular Networking Categories
Related Searches
Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Go
Token
Auth
Jwt
Programming Language
Identity
Http Requests