Commit 8294bb94 authored by Prajwal Patil's avatar Prajwal Patil
Browse files

Implemented JWT KID

parent 0f15c531
Branches jwtkidfeature
Tags
4 merge requests!302merge devbranch into staging,!299Devbranch,!296merge devbranch to staging.,!294#30 Implemented JWT KID
Showing with 40 additions and 3 deletions
......@@ -2,6 +2,7 @@ package jwtmdl
import (
"strings"
"sync"
"time"
"corelab.mkcl.org/MKCLOS/coredevelopmentplatform/corepkgv2/authmdl/sessionmdl"
......@@ -10,12 +11,48 @@ import (
"github.com/tidwall/gjson"
)
// map to store kid
type Jwtkid struct {
jwtKidMap map[string]string
mu sync.Mutex
}
func (j *Jwtkid) Get(kid string) (string, bool) {
j.mu.Lock()
defer j.mu.Unlock()
key, ok := j.jwtKidMap[kid]
return key, ok
}
func (j *Jwtkid) Set(kid, key string) {
j.mu.Lock()
defer j.mu.Unlock()
j.jwtKidMap[kid] = key
}
// jwtKidStore - store to keep kid and jwtKey
var jwtKidStore = Jwtkid{jwtKidMap: make(map[string]string)}
// GlobalJWTKey - key to decode and encode token
var GlobalJWTKey string
var keyFunc = func(key string) jwt.Keyfunc {
return func(*jwt.Token) (interface{}, error) {
return []byte(key), nil
return func(token *jwt.Token) (interface{}, error) {
if kid, ok := token.Header["kid"].(string); ok {
if jwtKey, ok := jwtKidStore.Get(kid); ok && jwtKey == "DEFAULTKEY" {
return ([]byte(key)), nil
}
if jwtKey, exists := jwtKidStore.Get(kid); exists {
return ([]byte(jwtKey)), nil
}
}
b := ([]byte(key))
return b, nil
}
}
func InitJwtKidStore(kidConfig gjson.Result) {
for _, kid := range kidConfig.Array() {
jwtKidStore.Set(kid.Get("kid").String(), kid.Get("jwtKey").String())
}
}
......@@ -118,7 +155,7 @@ func GenerateTokenWithJWTKey(loginID string, groups []string, clientIP string, m
return generate(claims, JWTKey)
}
//GeneratePricipleObjUsingToken GeneratePricipleObjUsingToken
// GeneratePricipleObjUsingToken GeneratePricipleObjUsingToken
func GeneratePricipleObjUsingToken(tokenReq string, jwtKey string) (jwt.MapClaims, error) {
token, err := extract(tokenReq)
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment