go-grpc_basic/pkg/v1/jwt/jwt.go

package jwt

import (
	"strings"
	"time"

	"github.com/ajikamaludin/go-grpc_basic/pkg/v1/utils/errors"

	"github.com/ajikamaludin/go-grpc_basic/pkg/v1/config"
	"github.com/ajikamaludin/go-grpc_basic/pkg/v1/utils/constants"
	"github.com/dgrijalva/jwt-go"
)

type CustomClaims struct {
	User      string `json:"user,omitempty"`
	IsRefresh bool   `json:"isRefresh,omitempty"`
	jwt.StandardClaims
}

type Token struct {
	Type           string
	Access         string
	ExpiredPeriode int64
	Refresh        string
}

func GenerateToken(config *config.Config, user string) (*Token, error) {
	atoken, err := set(user, false, constants.Jwt_Token_Expired_Periode, config)
	if err != nil {
		return nil, err
	}

	arefresh, err := set(user, true, constants.Jwt_Refresh_Expired_Periode, config)
	if err != nil {
		return nil, err
	}

	return &Token{
		Type:           config.Jwt.Type,
		Access:         atoken,
		ExpiredPeriode: constants.Jwt_Token_Expired_Periode,
		Refresh:        arefresh,
	}, nil
}

func set(user string, isrefresh bool, exp time.Duration, config *config.Config) (string, error) {
	// create refresh token
	claims := CustomClaims{
		User:      user,
		IsRefresh: isrefresh,
		StandardClaims: jwt.StandardClaims{
			ExpiresAt: time.Now().Add(exp * time.Second).Unix(),
			Issuer:    config.Jwt.Issuer,
		},
	}

	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
	atoken, err := token.SignedString([]byte(config.Jwt.Key))
	if err != nil {
		return "", err
	}

	return atoken, nil
}

func ClaimToken(config *config.Config, auth string, isrefresh bool) (jwt.MapClaims, error) {
	var token *jwt.Token
	var err error

	if !isrefresh {
		// Bearer token as  RFC 6750 standard
		if strings.Split(auth, " ")[0] != config.Jwt.Type {
			return nil, errors.New("Invalid token")
		}

		token, err = claim(auth, config.Jwt.Key, false)
		if err != nil {
			return nil, err
		}
	} else {
		token, err = claim(auth, config.Jwt.Key, true)
		if err != nil {
			return nil, err
		}
	}

	claims, ok := token.Claims.(jwt.MapClaims)
	if !ok || !token.Valid {
		return nil, errors.New("failed to claim token")
	}

	// validate issuer
	if claims["iss"] != config.Jwt.Issuer {
		return nil, errors.New("Invalid token")
	}

	// validate refresh token
	if isrefresh {
		if claims["IsRefresh"] == false {
			return nil, errors.New("Invalid token")
		}
	} else {
		if claims["IsRefresh"] == true {
			return nil, errors.New("Invalid token")
		}
	}

	return claims, nil
}

func claim(auth, key string, isrefresh bool) (*jwt.Token, error) {
	if !isrefresh {
		auth = strings.Split(auth, " ")[1]
	}

	token, err := jwt.Parse(auth, func(token *jwt.Token) (interface{}, error) {
		if method, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
			errors.New("Signing method invalid")
		} else if method != jwt.SigningMethodHS256 {
			errors.New("Signing method invalid")
		}

		return []byte(key), nil
	})
	if err != nil {
		return nil, err
	}

	return token, nil
}
updated jwt 2 years ago			`package jwt`

			`import (`
			`"strings"`
			`"time"`

			`"github.com/ajikamaludin/go-grpc_basic/pkg/v1/utils/errors"`

			`"github.com/ajikamaludin/go-grpc_basic/pkg/v1/config"`
			`"github.com/ajikamaludin/go-grpc_basic/pkg/v1/utils/constants"`
			`"github.com/dgrijalva/jwt-go"`
			`)`

			`type CustomClaims struct {`
			User string `json:"user,omitempty"`
			IsRefresh bool `json:"isRefresh,omitempty"`
			`jwt.StandardClaims`
			`}`

			`type Token struct {`
			`Type string`
			`Access string`
			`ExpiredPeriode int64`
			`Refresh string`
			`}`

			`func GenerateToken(config config.Config, user string) (Token, error) {`
			`atoken, err := set(user, false, constants.Jwt_Token_Expired_Periode, config)`
			`if err != nil {`
			`return nil, err`
			`}`

			`arefresh, err := set(user, true, constants.Jwt_Refresh_Expired_Periode, config)`
			`if err != nil {`
			`return nil, err`
			`}`

			`return &Token{`
			`Type: config.Jwt.Type,`
			`Access: atoken,`
			`ExpiredPeriode: constants.Jwt_Token_Expired_Periode,`
			`Refresh: arefresh,`
			`}, nil`
			`}`

			`func set(user string, isrefresh bool, exp time.Duration, config *config.Config) (string, error) {`
			`// create refresh token`
			`claims := CustomClaims{`
			`User: user,`
			`IsRefresh: isrefresh,`
			`StandardClaims: jwt.StandardClaims{`
			`ExpiresAt: time.Now().Add(exp * time.Second).Unix(),`
			`Issuer: config.Jwt.Issuer,`
			`},`
			`}`

			`token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)`
			`atoken, err := token.SignedString([]byte(config.Jwt.Key))`
			`if err != nil {`
			`return "", err`
			`}`

			`return atoken, nil`
			`}`

			`func ClaimToken(config *config.Config, auth string, isrefresh bool) (jwt.MapClaims, error) {`
			`var token *jwt.Token`
			`var err error`

			`if !isrefresh {`
			`// Bearer token as RFC 6750 standard`
			`if strings.Split(auth, " ")[0] != config.Jwt.Type {`
			`return nil, errors.New("Invalid token")`
			`}`

			`token, err = claim(auth, config.Jwt.Key, false)`
			`if err != nil {`
			`return nil, err`
			`}`
			`} else {`
			`token, err = claim(auth, config.Jwt.Key, true)`
			`if err != nil {`
			`return nil, err`
			`}`
			`}`

			`claims, ok := token.Claims.(jwt.MapClaims)`
			`if !ok \|\| !token.Valid {`
			`return nil, errors.New("failed to claim token")`
			`}`

			`// validate issuer`
			`if claims["iss"] != config.Jwt.Issuer {`
			`return nil, errors.New("Invalid token")`
			`}`

			`// validate refresh token`
			`if isrefresh {`
			`if claims["IsRefresh"] == false {`
			`return nil, errors.New("Invalid token")`
			`}`
			`} else {`
			`if claims["IsRefresh"] == true {`
			`return nil, errors.New("Invalid token")`
			`}`
			`}`

			`return claims, nil`
			`}`

			`func claim(auth, key string, isrefresh bool) (*jwt.Token, error) {`
			`if !isrefresh {`
			`auth = strings.Split(auth, " ")[1]`
			`}`

			`token, err := jwt.Parse(auth, func(token *jwt.Token) (interface{}, error) {`
			`if method, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {`
			`errors.New("Signing method invalid")`
			`} else if method != jwt.SigningMethodHS256 {`
			`errors.New("Signing method invalid")`
			`}`

			`return []byte(key), nil`
			`})`
			`if err != nil {`
			`return nil, err`
			`}`

			`return token, nil`
			`}`