-
-
Notifications
You must be signed in to change notification settings - Fork 64
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #110 from vapor/tn-jwt-provider
jwt provider
- Loading branch information
Showing
30 changed files
with
263 additions
and
1,675 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,23 +1,20 @@ | ||
// swift-tools-version:5.0 | ||
// swift-tools-version:5.1 | ||
import PackageDescription | ||
|
||
let package = Package( | ||
name: "jwt-kit", | ||
name: "jwt", | ||
platforms: [ | ||
.macOS(.v10_14) | ||
], | ||
products: [ | ||
.library(name: "JWTKit", targets: ["JWTKit"]), | ||
.library(name: "JWT", targets: ["JWT"]), | ||
], | ||
dependencies: [ | ||
.package(url: "https://github.com/vapor/jwt-kit.git", from: "4.0.0-beta.2"), | ||
.package(url: "https://github.com/vapor/vapor.git", from: "4.0.0-beta.2"), | ||
], | ||
dependencies: [ ], | ||
targets: [ | ||
.systemLibrary( | ||
name: "CJWTKitOpenSSL", | ||
pkgConfig: "openssl", | ||
providers: [ | ||
.apt(["openssl libssl-dev"]), | ||
.brew(["openssl"]) | ||
] | ||
), | ||
.target(name: "CJWTKitCrypto", dependencies: ["CJWTKitOpenSSL"]), | ||
.target(name: "JWTKit", dependencies: ["CJWTKitCrypto"]), | ||
.testTarget(name: "JWTKitTests", dependencies: ["JWTKit"]), | ||
.target(name: "JWT", dependencies: ["JWTKit", "Vapor"]), | ||
.testTarget(name: "JWTTests", dependencies: ["JWT", "XCTVapor"]), | ||
] | ||
) |
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
@_exported import JWTKit |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,81 @@ | ||
import Vapor | ||
|
||
extension Application { | ||
public var jwt: JWT { | ||
.init(application: self) | ||
} | ||
|
||
public struct JWT { | ||
final class Storage { | ||
var signers: JWTSigners | ||
init() { | ||
self.signers = .init() | ||
} | ||
} | ||
|
||
struct Key: StorageKey { | ||
typealias Value = Storage | ||
} | ||
|
||
let application: Application | ||
|
||
public var signers: JWTSigners { | ||
get { self.storage.signers } | ||
set { self.storage.signers = newValue } | ||
} | ||
|
||
var storage: Storage { | ||
if let existing = self.application.storage[Key.self] { | ||
return existing | ||
} else { | ||
let new = Storage() | ||
self.application.storage[Key.self] = new | ||
return new | ||
} | ||
} | ||
} | ||
} | ||
|
||
extension Request { | ||
public var jwt: JWT { | ||
.init(request: self) | ||
} | ||
|
||
public struct JWT { | ||
let request: Request | ||
|
||
public func verify<Payload>(as payload: Payload.Type = Payload.self) throws -> Payload | ||
where Payload: JWTPayload | ||
{ | ||
guard let token = self.request.headers.bearerAuthorization?.token else { | ||
self.request.logger.error("Request is missing JWT bearer header") | ||
throw Abort(.unauthorized) | ||
} | ||
return try self.verify(token, as: Payload.self) | ||
} | ||
|
||
public func verify<Payload>(_ message: String, as payload: Payload.Type = Payload.self) throws -> Payload | ||
where Payload: JWTPayload | ||
{ | ||
try self.verify([UInt8](message.utf8), as: Payload.self) | ||
} | ||
|
||
public func verify<Message, Payload>(_ message: Message, as payload: Payload.Type = Payload.self) throws -> Payload | ||
where Message: DataProtocol, Payload: JWTPayload | ||
{ | ||
try self.request.application.jwt.signers.verify(message, as: Payload.self) | ||
} | ||
|
||
public func sign<Payload>(_ jwt: Payload, kid: JWKIdentifier? = nil) throws -> String | ||
where Payload: JWTPayload | ||
{ | ||
try self.request.application.jwt.signers.sign(jwt, kid: kid) | ||
} | ||
} | ||
} | ||
|
||
extension JWTError: AbortError { | ||
public var status: HTTPResponseStatus { | ||
.unauthorized | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
import Vapor | ||
|
||
public protocol JWTAuthenticator: BearerAuthenticator { | ||
associatedtype Payload: JWTPayload | ||
func authenticate(jwt: Payload, for request: Request) -> EventLoopFuture<User?> | ||
} | ||
|
||
extension JWTAuthenticator { | ||
public func authenticate(bearer: BearerAuthorization, for request: Request) -> EventLoopFuture<User?> { | ||
do { | ||
return try self.authenticate( | ||
jwt: request.jwt.verify([UInt8](bearer.token.utf8)), | ||
for: request | ||
) | ||
} catch { | ||
return request.eventLoop.makeFailedFuture(error) | ||
} | ||
} | ||
} |
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
Oops, something went wrong.