feat: Make gin-jwt return Authorization headers (#149)

appleboy · web-flow · commit 18c777042be3 · 2018-08-25T23:11:14.000+08:00
fix #108
diff --git a/auth_jwt.go b/auth_jwt.go
@@ -107,6 +107,9 @@ type GinJWTMiddleware struct {
 
 	// Allow insecure cookies for development over http
 	SecureCookie bool
+
+	// SendAuthorization allow return authorization header for every request
+	SendAuthorization bool
 }
 
 var (
@@ -314,6 +317,12 @@ func (mw *GinJWTMiddleware) middlewareImpl(c *gin.Context) {
 		return
 	}
 
+	if mw.SendAuthorization {
+		if v, ok := c.Get("JWT_TOKEN"); ok {
+			c.Header("Authorization", mw.TokenHeadName+" "+v.(string))
+		}
+	}
+
 	claims := token.Claims.(jwt.MapClaims)
 
 	id := mw.IdentityHandler(claims)
diff --git a/auth_jwt_test.go b/auth_jwt_test.go
@@ -595,12 +595,8 @@ func TestAuthorizator(t *testing.T) {
 		Timeout:       time.Hour,
 		MaxRefresh:    time.Hour * 24,
 		Authenticator: defaultAuthenticator,
-		Authorizator: func(user interface{}, c *gin.Context) bool {
-			if user.(string) != "admin" {
-				return false
-			}
-
-			return true
+		Authorizator: func(data interface{}, c *gin.Context) bool {
+			return data.(string) == "admin"
 		},
 	}
 
@@ -989,3 +985,40 @@ func TestHTTPStatusMessageFunc(t *testing.T) {
 	assert.Equal(t, successMessage, successString)
 	assert.NotEqual(t, successMessage, failedString)
 }
+
+func TestSendAuthorizationBool(t *testing.T) {
+	// the middleware to test
+	authMiddleware := &GinJWTMiddleware{
+		Realm:             "test zone",
+		Key:               key,
+		Timeout:           time.Hour,
+		MaxRefresh:        time.Hour * 24,
+		Authenticator:     defaultAuthenticator,
+		SendAuthorization: true,
+		Authorizator: func(data interface{}, c *gin.Context) bool {
+			return data.(string) == "admin"
+		},
+	}
+
+	handler := ginHandler(authMiddleware)
+
+	r := gofight.New()
+
+	r.GET("/auth/hello").
+		SetHeader(gofight.H{
+			"Authorization": "Bearer " + makeTokenString("HS256", "test"),
+		}).
+		Run(handler, func(r gofight.HTTPResponse, rq gofight.HTTPRequest) {
+			assert.Equal(t, http.StatusForbidden, r.Code)
+		})
+
+	r.GET("/auth/hello").
+		SetHeader(gofight.H{
+			"Authorization": "Bearer " + makeTokenString("HS256", "admin"),
+		}).
+		Run(handler, func(r gofight.HTTPResponse, rq gofight.HTTPRequest) {
+			token := r.HeaderMap.Get("Authorization")
+			assert.Equal(t, "Bearer "+makeTokenString("HS256", "admin"), token)
+			assert.Equal(t, http.StatusOK, r.Code)
+		})
+}
