It's entirely possible I'm doing something wrong, but I can't see it. The parsed jwt d

If you don't correctly type assert the token by removing the <code class="notranslate"

Thanks <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-u

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

`jwt` key not being retrieved from context about jwtauth HOT 11 CLOSED

go-chi commented on August 15, 2024

`jwt` key not being retrieved from context

from jwtauth.

Comments (11)

pkieltyka commented on August 15, 2024 1

Okay, thanks. I'll check it out in a few minutes and get back to you.

from jwtauth.

bradleyfalzon commented on August 15, 2024

If you don't correctly type assert the token by removing the ok check, eg:

   52 func FooIndex(w http.ResponseWriter, r *http.Request) {
   53     ctx := r.Context()
   54     spew.Dump(ctx.Value("jwt"))
   55     var ok = true
   56     token := ctx.Value("jwt").(*jwt.Token)
   57     if !ok {
...

You get an interesting panic:

(*jwt.Token)(0xc420062870)({
 Raw: (string) (len=140) "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0NzM4MzM4NjIsImlhdCI6MTQ3Mzc0NzQ2MiwidWlkIjoxM30.2-kOSbYyWNAJ2KEBrfxLqrRKY0C9mNopsq6VFzm05hI",
 Method: (*jwt.SigningMethodHMAC)(0xc4200d4820)({
  Name: (string) (len=5) "HS256",
  Hash: (crypto.Hash) 5
 }),
 Header: (map[string]interface {}) (len=2) {
  (string) (len=3) "alg": (string) (len=5) "HS256",
  (string) (len=3) "typ": (string) (len=3) "JWT"
 },
 Claims: (map[string]interface {}) (len=3) {
  (string) (len=3) "exp": (float64) 1.473833862e+09,
  (string) (len=3) "iat": (float64) 1.473747462e+09,
  (string) (len=3) "uid": (float64) 13
 },
 Signature: (string) (len=43) "2-kOSbYyWNAJ2KEBrfxLqrRKY0C9mNopsq6VFzm05hI",
 Valid: (bool) true
})
2016/09/13 16:31:09 http: panic serving 127.0.0.1:50206: interface conversion: interface {} is *jwt.Token, not *jwt.Token

from jwtauth.

yargevad commented on August 15, 2024

Thanks @bradleyfalzon, that's due to a mismatch between the version of jwt-go that jwtauth vendors, and what I was using (latest, unvendored). Vendoring the same version as jwtauth and removing a no-longer-necessary cast unfortunately lands me back at the same issue.

Here's the output I see after hitting the example server with http http://localhost:8080 --follow --all --session=yargevad:

context.Background.WithValue(&http.contextKey{name:"http-server"}, &http.Server{Addr:":8080", Handler:(*chi.Mux)(0xc42001a1e0), ReadTimeout:0, WriteTimeout:0, TLSConfig:(*tls.Config)(0xc42008c6e0), MaxHeaderBytes:0, TLSNextProto:map[string]func(*http.Server, *tls.Conn, http.Handler){"h2":(func(*http.Server, *tls.Conn, http.Handler))(0xb40c0), "h2-14":(func(*http.Server, *tls.Conn, http.Handler))(0xb40c0)}, ConnState:(func(net.Conn, http.ConnState))(nil), ErrorLog:(*log.Logger)(nil), disableKeepAlives:0, nextProtoOnce:sync.Once{m:sync.Mutex{state:0, sema:0x0}, done:0x1}, nextProtoErr:error(nil)}).WithValue(&http.contextKey{name:"local-addr"}, &net.TCPAddr{IP:net.IP{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, Port:8080, Zone:""}).WithCancel.WithCancel.WithValue(&chi.contextKey{name:"RouteContext"}, &chi.Context{URLParams:chi.params(nil), RoutePath:"/", RoutePattern:"/", RoutePatterns:[]string{"/foo", "/"}}).WithValue("jwt", &jwt.Token{Raw:"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0NzM4MzQzMjQsImlhdCI6MTQ3Mzc0NzkyNCwidWlkIjoxM30.7PYt8BkVYvM76m5qUtYocuZXnD5Lp2TefnBtEuklFl8", Method:(*jwt.SigningMethodHMAC)(0xc4200cea40), Header:map[string]interface {}{"alg":"HS256", "typ":"JWT"}, Claims:map[string]interface {}{"exp":1.473834324e+09, "iat":1.473747924e+09, "uid":13}, Signature:"7PYt8BkVYvM76m5qUtYocuZXnD5Lp2TefnBtEuklFl8", Valid:true}).WithValue("jwt.err", <nil>)
no auth context available!

from jwtauth.

pkieltyka commented on August 15, 2024

ah yes, that would do it. jwtauth latest stable doesn't support jwt-go v3.0

I will update the README right now to note jwtauth requires https://github.com/dgrijalva/jwt-go/tree/v2.7.0 and that there is a PR here #8 for jwt-go v3.0 support

TBH, jwt-go made some poor design decisions about its code structure, which I think some of its been improved, but this is the reason I wasn't rushing to get to the latest version.

from jwtauth.

pkieltyka commented on August 15, 2024

@yargevad is your example in the first post working now?

from jwtauth.

yargevad commented on August 15, 2024

Unfortunately not, it's still hitting the no auth context available! case.

from jwtauth.

pkieltyka commented on August 15, 2024

@yargevad can you try to run https://github.com/goware/jwtauth/blob/master/_example/main.go ? I just whipped this up and it works great. As well, what happens if you run: go test -v in the project? the tests should pass as well.

from jwtauth.

yargevad commented on August 15, 2024

Looks like this was entirely due to the vendoring errors on my part. The newer package was still being used.

Thanks for the sanity check & sorry for the noise!

from jwtauth.

pkieltyka commented on August 15, 2024

no problem at all, thanks for helping me fix the docs! best regards.

from jwtauth.

dhax commented on August 15, 2024

as a note hoping to save others from some headache, I was having the same error:
http: panic serving 127.0.0.1:50206: interface conversion: interface {} is *jwt.Token, not *jwt.Token

Only vendoring dgrijalva/[email protected] didn't solve this, I also had to vendor this package itself, i.e. goware/jwtauth

As I am new to go I am not sure if this is intended or some packaging or vendoring error...
Anyway, thx for this package 👍

from jwtauth.

pkieltyka commented on August 15, 2024

@DiknT thanks for the note and no prob!

from jwtauth.

`jwt` key not being retrieved from context about jwtauth HOT 11 CLOSED

Comments (11)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent