首頁 探索
註冊 登入
TopProject
/
GoZeroPlus
镜像来自 https://code-git.song-zh.com/SongZihuan/GoZeroPlus.git
2
0
複刻 0
檔案 問題管理 0 Wiki
瀏覽代碼

fix panic on auth

kevin 4 年之前
父節點
e56ebf1f72
當前提交
53973bc0f7
共有 2 個文件被更改,包括 30 次插入10 次删除
統一視圖 顯示文件統計
  1. 22 10
      ngin/handler/authhandler.go
  2. 8 0
      ngin/handler/authhandler_test.go

+ 22 - 10
ngin/handler/authhandler.go
查看文件 

@@ -2,6 +2,7 @@ package handler
 
 
 
 import (
 
 import (
 
 	"context"
 
 	"context"
 
+	"errors"
 
 	"net/http"
 
 	"net/http"
 
 	"net/http/httputil"
 
 	"net/http/httputil"
 
 
 
@@ -12,13 +13,19 @@ import (
 
 )
 
 )
 
 
 
 const (
 
 const (
 
-	jwtAudience  = "aud"
 
-	jwtExpire    = "exp"
 
-	jwtId        = "jti"
 
-	jwtIssueAt   = "iat"
 
-	jwtIssuer    = "iss"
 
-	jwtNotBefore = "nbf"
 
-	jwtSubject   = "sub"
 
+	jwtAudience    = "aud"
 
+	jwtExpire      = "exp"
 
+	jwtId          = "jti"
 
+	jwtIssueAt     = "iat"
 
+	jwtIssuer      = "iss"
 
+	jwtNotBefore   = "nbf"
 
+	jwtSubject     = "sub"
 
+	noDetailReason = "no detail reason"
 
+)
 
+
 
+var (
 
+	errInvalidToken = errors.New("invalid auth token")
 
+	errNoClaims     = errors.New("no auth params")
 
 )
 
 )
 
 
 
 type (
 
 type (
 
@@ -47,13 +54,13 @@ func Authorize(secret string, opts ...AuthorizeOption) func(http.Handler) http.H
 
 			}
 
 			}
 
 
 
 			if !token.Valid {
 
 			if !token.Valid {
 
-				unauthorized(w, r, err, authOpts.Callback)
 
+				unauthorized(w, r, errInvalidToken, authOpts.Callback)
 
 				return
 
 				return
 
 			}
 
 			}
 
 
 
 			claims, ok := token.Claims.(jwt.MapClaims)
 
 			claims, ok := token.Claims.(jwt.MapClaims)
 
 			if !ok {
 
 			if !ok {
 
-				unauthorized(w, r, err, authOpts.Callback)
 
+				unauthorized(w, r, errNoClaims, authOpts.Callback)
 
 				return
 
 				return
 
 			}
 
 			}
 
 
 
@@ -93,10 +100,15 @@ func detailAuthLog(r *http.Request, reason string) {
 
 func unauthorized(w http.ResponseWriter, r *http.Request, err error, callback UnauthorizedCallback) {
 
 func unauthorized(w http.ResponseWriter, r *http.Request, err error, callback UnauthorizedCallback) {
 
 	writer := newGuardedResponseWriter(w)
 
 	writer := newGuardedResponseWriter(w)
 
 
 
-	detailAuthLog(r, err.Error())
 
+	if err != nil {
 
+		detailAuthLog(r, err.Error())
 
+	} else {
 
+		detailAuthLog(r, noDetailReason)
 
+	}
 
 	if callback != nil {
 
 	if callback != nil {
 
 		callback(writer, r, err)
 
 		callback(writer, r, err)
 
 	}
 
 	}
 
+
 
 	writer.WriteHeader(http.StatusUnauthorized)
 
 	writer.WriteHeader(http.StatusUnauthorized)
 
 }
 
 }

+ 8 - 0
ngin/handler/authhandler_test.go
查看文件 

@@ -75,6 +75,14 @@ func TestAuthHandlerWithPrevSecret(t *testing.T) {
 
 	assert.Equal(t, "content", resp.Body.String())
 
 	assert.Equal(t, "content", resp.Body.String())
 
 }
 
 }
 
 
 
+func TestAuthHandler_NilError(t *testing.T) {
 
+	req := httptest.NewRequest(http.MethodGet, "http://localhost", nil)
 
+	resp := httptest.NewRecorder()
 
+	assert.NotPanics(t, func() {
 
+		unauthorized(resp, req, nil, nil)
 
+	})
 
+}
 
+
 
 func buildToken(secretKey string, payloads map[string]interface{}, seconds int64) (string, error) {
 
 func buildToken(secretKey string, payloads map[string]interface{}, seconds int64) (string, error) {
 
 	now := time.Now().Unix()
 
 	now := time.Now().Unix()
 
 	claims := make(jwt.MapClaims)
 
 	claims := make(jwt.MapClaims)