//package jwt // //import ( // //"strings" // // "github.com/dgrijalva/jwt-go" // "github.com/gin-gonic/gin" // "kpt.xdmy/pkg/e" // "kpt.xdmy/pkg/util" // jwtGet "kpt.xdmy/pkg/util" //) // //func JWT() gin.HandlerFunc { // return func(c *gin.Context) { // var code int // var data interface{} // // code = e.SUCCESS // //Authorization := c.GetHeader("Authorization") // //token := strings.Split(Authorization, " ") // Authorization := c.GetHeader("token") // token := Authorization // if Authorization == "" { // code = e.INVALID_PARAMS // } else { // //_, err := util.ParseToken(token[1]) // _, err := util.ParseToken(token) // if err != nil { // switch err.(*jwt.ValidationError).Errors { // case jwt.ValidationErrorExpired: // code = e.ERROR_AUTH_CHECK_TOKEN_TIMEOUT // default: // code = e.ERROR_AUTH_CHECK_TOKEN_FAIL // } // } // } // // if code != e.SUCCESS { // c.JSON(e.SUCCESS, gin.H{ // "code": code, // "msg": "登录超时", // "data": data, // }) // // c.Abort() // return // } // // t, _ := jwt.Parse(token, func(*jwt.Token) (interface{}, error) { // return jwtGet.JwtSecret, nil // }) // c.Set("jwt_username", jwtGet.GetIdFromClaims("username", t.Claims)) // c.Next() // } //} package jwt import ( "bytes" "encoding/base64" "encoding/json" "fmt" "github.com/astaxie/beego/logs" "github.com/dgrijalva/jwt-go" "github.com/gin-gonic/gin" "github.com/pkg/errors" "io/ioutil" "kpt.xdmy/pkg/e" jwtGet "kpt.xdmy/pkg/util" "net/http" "strings" //"strings" "kpt.xdmy/pkg/setting" ) //var ( // svc *service.Service //) type Introspect struct { Active bool `json:"active"` UserName string `json:"user_name"` } func JWT() gin.HandlerFunc { if setting.IDaaSSetting.IsDaaS == 1 { return func(c *gin.Context) { //s := new(service.Service) fmt.Println(setting.IDaaSSetting) authorization := fmt.Sprintf("Basic %s", base64.StdEncoding.EncodeToString([]byte(setting.IDaaSSetting.ClientId+":"+setting.IDaaSSetting.ClientSecret))) fmt.Println(authorization) //tokenData := make(map[string]string, 0) //tokenData["token"] = c.GetHeader("token") //tokenDataByte, _ := json.Marshal(tokenData) tokenRespByte, _ := PostPush(setting.IDaaSSetting.Url+fmt.Sprintf("/api/v1/oauth2/introspect?token=%s", c.GetHeader("token")), nil, authorization) IntrospectResp := new(Introspect) json.Unmarshal(tokenRespByte, &IntrospectResp) if !IntrospectResp.Active { c.JSON(e.SUCCESS, gin.H{ "code": e.INVALID_PARAMS, "msg": "登录失效!", "data": "", }) c.Abort() return } c.Set("jwt_username", IntrospectResp.UserName) c.Next() } } else { return func(c *gin.Context) { var code int var data interface{} code = e.SUCCESS //Authorization := c.GetHeader("Authorization") //token := strings.Split(Authorization, " ") Authorization := c.GetHeader("token") token := Authorization if Authorization == "" { code = e.INVALID_PARAMS } else { //_, err := util.ParseToken(token[1]) _, err := jwtGet.ParseToken(token) if err != nil { switch err.(*jwt.ValidationError).Errors { case jwt.ValidationErrorExpired: code = e.ERROR_AUTH_CHECK_TOKEN_TIMEOUT default: code = e.ERROR_AUTH_CHECK_TOKEN_FAIL } } } if code != e.SUCCESS { c.JSON(e.SUCCESS, gin.H{ "code": code, "msg": "登录超时", "data": data, }) c.Abort() return } t, _ := jwt.Parse(token, func(*jwt.Token) (interface{}, error) { return jwtGet.JwtSecret, nil }) c.Set("jwt_username", jwtGet.GetIdFromClaims("username", t.Claims)) c.Next() } } } func PostPush(url string, data []byte, authorization string) ([]byte, error) { req, err := http.NewRequest("POST", url, bytes.NewBuffer(data)) if err != nil { logs.Error(err) return nil, err } req.Header.Set("Content-Type", "application/x-www-form-urlencoded") req.Header.Set("Authorization", authorization) client := &http.Client{} resp, err := client.Do(req) if err != nil { logs.Error(err) return nil, err } defer resp.Body.Close() body, _ := ioutil.ReadAll(resp.Body) fmt.Println(string(body)) if strings.Index(resp.Status, "200") == -1 { return nil, errors.New(fmt.Sprintf("%s 请求失败!", resp.Status)) } return body, nil }