libauth/examples/server.go

85 lines
1.7 KiB
Go
Raw Normal View History

2022-05-09 19:35:47 +00:00
package main
import (
"encoding/json"
"fmt"
"net/http"
"os"
"strings"
"github.com/go-chi/chi/v5"
"git.rootprojects.org/root/keypairs/keyfetch"
"git.rootprojects.org/root/libauth/chiauth"
)
func main() {
r := chi.NewRouter()
whitelist, err := keyfetch.NewWhitelist([]string{"https://therootcompany.github.io/libauth/"})
if nil != err {
panic(err)
}
// Unauthenticated Routes
r.Group(func(r chi.Router) {
r.Post("/api/hello", func(w http.ResponseWriter, r *http.Request) {
w.Write([]byte(`{ "message": "Hello, World!" }`))
})
})
// Authenticated Routes
r.Group(func(r chi.Router) {
tokenVerifier := chiauth.NewTokenVerifier(chiauth.VerificationParams{
Issuers: whitelist,
Optional: true,
})
r.Use(tokenVerifier)
r.Post("/api/users/profile", func(w http.ResponseWriter, r *http.Request) {
2022-05-09 21:14:12 +00:00
jws := chiauth.GetJWS(r)
if nil == jws || !jws.Trusted {
2022-05-09 19:35:47 +00:00
http.Error(w, "Unauthorized", http.StatusUnauthorized)
return
}
userID := jws.Claims["sub"].(string)
b, _ := json.MarshalIndent(struct {
UserID string `json:"user_id"`
}{
UserID: userID,
}, "", " ")
w.Write(append(b, '\n'))
})
})
// ...
bindAddr := ":3000"
fmt.Println("Listening on", bindAddr)
fmt.Println("")
fmt.Println("Try this:")
fmt.Println("")
fmt.Println("")
cwd, _ := os.Getwd()
fmt.Println(" pushd", cwd)
fmt.Println("")
fmt.Println(" my_jwt=\"$(cat ./jwt.txt)\"")
fmt.Println(
strings.Join(
[]string{
" curl -X POST http://localhost:3000/api/users/profile",
" -H \"Authorization: Bearer ${my_jwt}\"",
" -H 'Content-Type: application/json'",
" --data-binary '{ \"foo\": \"bar\" }'",
},
" \\\n",
),
)
fmt.Println("")
http.ListenAndServe(bindAddr, r)
}