mirror of
https://github.com/ethereum/go-ethereum.git
synced 2026-07-18 10:50:44 +00:00
parent
fbd4364fc3
commit
7a659c9e7d
2 changed files with 8 additions and 8 deletions
|
|
@ -51,7 +51,7 @@ func (handler *jwtHandler) ServeHTTP(out http.ResponseWriter, r *http.Request) {
|
||||||
strToken = strings.TrimPrefix(auth, "Bearer ")
|
strToken = strings.TrimPrefix(auth, "Bearer ")
|
||||||
}
|
}
|
||||||
if len(strToken) == 0 {
|
if len(strToken) == 0 {
|
||||||
http.Error(out, "missing token", http.StatusForbidden)
|
http.Error(out, "missing token", http.StatusUnauthorized)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
// We explicitly set only HS256 allowed, and also disables the
|
// We explicitly set only HS256 allowed, and also disables the
|
||||||
|
|
@ -63,17 +63,17 @@ func (handler *jwtHandler) ServeHTTP(out http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
switch {
|
switch {
|
||||||
case err != nil:
|
case err != nil:
|
||||||
http.Error(out, err.Error(), http.StatusForbidden)
|
http.Error(out, err.Error(), http.StatusUnauthorized)
|
||||||
case !token.Valid:
|
case !token.Valid:
|
||||||
http.Error(out, "invalid token", http.StatusForbidden)
|
http.Error(out, "invalid token", http.StatusUnauthorized)
|
||||||
case !claims.VerifyExpiresAt(time.Now(), false): // optional
|
case !claims.VerifyExpiresAt(time.Now(), false): // optional
|
||||||
http.Error(out, "token is expired", http.StatusForbidden)
|
http.Error(out, "token is expired", http.StatusUnauthorized)
|
||||||
case claims.IssuedAt == nil:
|
case claims.IssuedAt == nil:
|
||||||
http.Error(out, "missing issued-at", http.StatusForbidden)
|
http.Error(out, "missing issued-at", http.StatusUnauthorized)
|
||||||
case time.Since(claims.IssuedAt.Time) > jwtExpiryTimeout:
|
case time.Since(claims.IssuedAt.Time) > jwtExpiryTimeout:
|
||||||
http.Error(out, "stale token", http.StatusForbidden)
|
http.Error(out, "stale token", http.StatusUnauthorized)
|
||||||
case time.Until(claims.IssuedAt.Time) > jwtExpiryTimeout:
|
case time.Until(claims.IssuedAt.Time) > jwtExpiryTimeout:
|
||||||
http.Error(out, "future token", http.StatusForbidden)
|
http.Error(out, "future token", http.StatusUnauthorized)
|
||||||
default:
|
default:
|
||||||
handler.next.ServeHTTP(out, r)
|
handler.next.ServeHTTP(out, r)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -412,7 +412,7 @@ func TestJWT(t *testing.T) {
|
||||||
|
|
||||||
token = tokenFn()
|
token = tokenFn()
|
||||||
resp := rpcRequest(t, htUrl, testMethod, "Authorization", token)
|
resp := rpcRequest(t, htUrl, testMethod, "Authorization", token)
|
||||||
if resp.StatusCode != http.StatusForbidden {
|
if resp.StatusCode != http.StatusUnauthorized {
|
||||||
t.Errorf("tc %d-http, token '%v': expected not to allow, got %v", i, token, resp.StatusCode)
|
t.Errorf("tc %d-http, token '%v': expected not to allow, got %v", i, token, resp.StatusCode)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue