@rivascva/dt-idl 1.1.108 → 1.1.110
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/go/auth/jwt.go +2 -2
- package/go/auth/models.go +12 -1
- package/go/middlewares/middlewares.go +5 -0
- package/package.json +1 -1
package/go/auth/jwt.go
CHANGED
|
@@ -10,7 +10,7 @@ import (
|
|
|
10
10
|
|
|
11
11
|
// ValidateToken validates the given JWT token using the provided secret.
|
|
12
12
|
// It includes a check for the token expiration time.
|
|
13
|
-
func ValidateToken(token string, secret string) (*jwt.Token,
|
|
13
|
+
func ValidateToken(token string, secret string) (*jwt.Token, ValidationError) {
|
|
14
14
|
// create a parser with the HS256 signing method
|
|
15
15
|
parser := jwt.NewParser(jwt.WithValidMethods([]string{jwt.SigningMethodHS256.Alg()}))
|
|
16
16
|
|
|
@@ -26,7 +26,7 @@ func ValidateToken(token string, secret string) (*jwt.Token, error) {
|
|
|
26
26
|
return nil, fmt.Errorf("failed to get the expiration time from the token: %w", err)
|
|
27
27
|
}
|
|
28
28
|
if expirationTime.Before(time.Now()) {
|
|
29
|
-
return nil,
|
|
29
|
+
return nil, ErrorExpiredToken
|
|
30
30
|
}
|
|
31
31
|
|
|
32
32
|
return parsedToken, nil
|
package/go/auth/models.go
CHANGED
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
package auth
|
|
2
2
|
|
|
3
|
-
import
|
|
3
|
+
import (
|
|
4
|
+
"errors"
|
|
5
|
+
"time"
|
|
6
|
+
)
|
|
4
7
|
|
|
5
8
|
// DefaultServiceAccessTokenDuration is the default duration for service access tokens.
|
|
6
9
|
const DefaultServiceAccessTokenDuration = 60 * time.Minute
|
|
@@ -16,3 +19,11 @@ const DefaultUserRefreshTokenDuration = 30 * 24 * time.Hour
|
|
|
16
19
|
|
|
17
20
|
// approvedServices is a list of services that are allowed to access sensitive data.
|
|
18
21
|
var approvedServices = []string{"dt-trade-service", "dt-portfolio-service", "dt-asset-service", "dt-user-service"}
|
|
22
|
+
|
|
23
|
+
// ValidationError represents an error from validating a token.
|
|
24
|
+
type ValidationError = error
|
|
25
|
+
|
|
26
|
+
var (
|
|
27
|
+
// ErrorExpiredToken is returned when a token is expired.
|
|
28
|
+
ErrorExpiredToken ValidationError = errors.New("expired token")
|
|
29
|
+
)
|
|
@@ -2,6 +2,7 @@ package middlewares
|
|
|
2
2
|
|
|
3
3
|
import (
|
|
4
4
|
"context"
|
|
5
|
+
"errors"
|
|
5
6
|
"net/http"
|
|
6
7
|
"slices"
|
|
7
8
|
"strings"
|
|
@@ -37,6 +38,10 @@ func GetAuthMiddleware(accessTokenSecret string) func(http.Handler) http.Handler
|
|
|
37
38
|
|
|
38
39
|
// validate the access token
|
|
39
40
|
accessToken, err := auth.ValidateToken(arr[1], accessTokenSecret)
|
|
41
|
+
if errors.Is(err, auth.ErrorExpiredToken) {
|
|
42
|
+
write.ResponseWithError(r.Context(), w, http.StatusUnauthorized, "expired access token")
|
|
43
|
+
return
|
|
44
|
+
}
|
|
40
45
|
if err != nil {
|
|
41
46
|
write.ResponseWithError(r.Context(), w, http.StatusUnauthorized, "invalid access token")
|
|
42
47
|
return
|