Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for roles to be obtained from JWTs. #2694

Merged
merged 16 commits into from
Mar 24, 2020
Merged

Add support for roles to be obtained from JWTs. #2694

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
16 commits
Select commit Hold shift + click to select a range
22ab3e5
Add support for roles to be obtained from JWTs.
atrauzzi Mar 21, 2020
dfcd01b
Include roles in testing.
atrauzzi Mar 21, 2020
4964881
Merge branch 'master' into jwt-add-role-support
atrauzzi Mar 21, 2020
6ab8c9d
Add a second role-less test, use an array within the token for roles.
atrauzzi Mar 21, 2020
d9da984
Simplify the retrieval of roles from claims.
atrauzzi Mar 22, 2020
ccc9193
Sync with master, update test.
atrauzzi Mar 23, 2020
93b31d6
Merge branch 'master' into jwt-add-role-support
atrauzzi Mar 23, 2020
9bf4ff1
Elixir uses binary strings already.
atrauzzi Mar 24, 2020
0921af4
Add support for roles to be obtained from JWTs.
atrauzzi Mar 21, 2020
2ff7703
Include roles in testing.
atrauzzi Mar 21, 2020
c83fc58
Add a second role-less test, use an array within the token for roles.
atrauzzi Mar 21, 2020
a5cb841
Simplify the retrieval of roles from claims.
atrauzzi Mar 22, 2020
9068b15
Sync with master, update test.
atrauzzi Mar 23, 2020
795039d
Elixir uses binary strings already.
atrauzzi Mar 24, 2020
4f97934
Merge branch 'jwt-add-role-support' of github.com:atrauzzi/couchdb in…
atrauzzi Mar 24, 2020
6752539
Disclaimer: I'm not good at rebases.
atrauzzi Mar 24, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 7 additions & 1 deletion src/couch/src/couch_httpd_auth.erl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -198,7 +198,13 @@ jwt_authentication_handler(Req) ->
case lists:keyfind(<<"sub">>, 1, Claims) of
false -> throw({unauthorized, <<"Token missing sub claim.">>});
{_, User} -> Req#httpd{user_ctx=#user_ctx{
name=User
name=User,
roles=case lists:keyfind(<<"roles">>, 1, Claims) of
atrauzzi marked this conversation as resolved.
Show resolved Hide resolved
false -> [];
{_, Roles} ->
erlang:display(Roles),
atrauzzi marked this conversation as resolved.
Show resolved Hide resolved
re:split(Roles, "\s*,\s*", [{return, binary}])
end
}}
end;
{error, Reason} ->
Expand Down
3 changes: 2 additions & 1 deletion test/elixir/test/jwtauth_test.exs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,10 +22,11 @@ defmodule JwtAuthTest do

def test_fun() do
resp = Couch.get("/_session",
headers: [authorization: "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJjb3VjaEBhcGFjaGUub3JnIn0.KYHmGXWj0HNHzZCjfOfsIfZWdguEBSn31jUdDUA9118"]
headers: [authorization: "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJjb3VjaEBhcGFjaGUub3JnIiwicm9sZXMiOiJfYWRtaW4ifQ.hP_nxaHADCkx5cNzHGQUFm2j0OEbtYvL7c1fEdmBQSU"]
atrauzzi marked this conversation as resolved.
Show resolved Hide resolved
)

assert resp.body["userCtx"]["name"] == "[email protected]"
assert resp.body["userCtx"]["roles"] == [<<"_admin">>]
assert resp.body["info"]["authenticated"] == "jwt"
end

Expand Down