Replies: 1 comment
-
Ok here is a small example of how to add a profile route to the example app. Use IDtoken as a bearer token. // register route
http.Handle("/profile", a.middleware(http.HandlerFunc(a.handleProfile))) // middleware
func (a *app) middleware(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
ctx := r.Context()
authHeader := strings.Split(r.Header.Get("Authorization"), "Bearer ")
if len(authHeader) != 2 {
w.WriteHeader(http.StatusUnauthorized)
http.Error(w, "malformed Token", http.StatusUnauthorized)
return
}
idToken, err := a.verifier.Verify(r.Context(), strings.TrimSpace(authHeader[1]))
if err != nil {
http.Error(w, fmt.Sprintf("could not verify bearer token: %v", err), http.StatusUnauthorized)
return
}
// Extract custom claims.
var claims json.RawMessage
if err := idToken.Claims(&claims); err != nil {
http.Error(w, fmt.Sprintf("failed to parse claims: %v", err), http.StatusUnauthorized)
return
}
ctx = context.WithValue(ctx, "idclaims", claims)
// Access context values in handlers like this
// props, _ := r.Context().Value("props").(jwt.MapClaims)
next.ServeHTTP(w, r.WithContext(ctx))
})
} // profile handler
func (a *app) handleProfile(w http.ResponseWriter, r *http.Request) {
ctx := r.Context()
claims, ok := ctx.Value("idclaims").(json.RawMessage)
if ok {
fmt.Fprintf(w, "profile: %s", claims)
}
} Token refresh is already presented in the example app. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi everyone. I've just tested the example app (https://github.com/dexidp/dex/tree/master/examples/example-app) works perfectly.
But now I am a bit confused.
Which data should be persistent between visits of protected pages? It looks like a pair of access + refresh tokens.
Then question which actions I should perform in the middleware? How to verify access token and in case of expiration - refresh it.
Many thanks in advance. Would be really good to add some cookies stuff and some protected page with implied middleware to the example app.
Thanks for the Dex!
Beta Was this translation helpful? Give feedback.
All reactions