fix: allow using cookie and header in case of validating jwt

2022-01-24 09:56:12 +05:30 · 2022-01-24 09:56:12 +05:30 · 4bc9059b0f
commit 4bc9059b0f
parent 87b1cac979
5 changed files with 21 additions and 9 deletions
--- a/server/graph/generated/generated.go
+++ b/server/graph/generated/generated.go
@ -1227,7 +1227,7 @@ input SessionQueryInput {
 }
 input IsValidJWTQueryInput {
-	jwt: String!
+	jwt: String
 	roles: [String!]
 }
@ -6052,7 +6052,7 @@ func (ec *executionContext) unmarshalInputIsValidJWTQueryInput(ctx context.Conte
 			var err error
 			ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("jwt"))
-			it.Jwt, err = ec.unmarshalNString2string(ctx, v)
+			it.Jwt, err = ec.unmarshalOString2ᚖstring(ctx, v)
 			if err != nil {
 				return it, err
 			}
--- a/server/graph/model/models_gen.go
+++ b/server/graph/model/models_gen.go
@ -64,7 +64,7 @@ type ForgotPasswordInput struct {
 }
 type IsValidJWTQueryInput struct {
-	Jwt   string   `json:"jwt"`
+	Jwt   *string  `json:"jwt"`
 	Roles []string `json:"roles"`
 }
--- a/server/graph/schema.graphqls
+++ b/server/graph/schema.graphqls
@ -225,7 +225,7 @@ input SessionQueryInput {
 }
 input IsValidJWTQueryInput {
-	jwt: String!
+	jwt: String
 	roles: [String!]
 }
--- a/server/resolvers/is_valid_jwt.go
+++ b/server/resolvers/is_valid_jwt.go
@ -2,18 +2,31 @@ package resolvers
 import (
 	"context"
 	"errors"
 	"fmt"
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/envstore"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/token"
 	tokenHelper "github.com/authorizerdev/authorizer/server/token"
 	"github.com/authorizerdev/authorizer/server/utils"
 )
 // IsValidJwtResolver resolver to return if given jwt is valid
 func IsValidJwtResolver(ctx context.Context, params *model.IsValidJWTQueryInput) (*model.ValidJWTResponse, error) {
-	claims, err := tokenHelper.VerifyJWTToken(params.Jwt)
+	gc, err := utils.GinContextFromContext(ctx)
 	token, err := token.GetAccessToken(gc)
 	if token == "" || err != nil {
 		if params != nil && *params.Jwt != "" {
 			token = *params.Jwt
 		} else {
 			return nil, errors.New("no jwt provided via cookie / header / params")
 		}
 	}
 	claims, err := tokenHelper.VerifyJWTToken(token)
 	if err != nil {
 		return nil, err
 	}
--- a/server/test/is_valid_jwt_test.go
+++ b/server/test/is_valid_jwt_test.go
@ -1,7 +1,6 @@
 package test
 import (
 	"context"
 	"testing"
 	"github.com/authorizerdev/authorizer/server/db/models"
@ -14,12 +13,12 @@ import (
 func isValidJWTTests(t *testing.T, s TestSetup) {
 	t.Helper()
-	ctx := context.Background()
+	_, ctx := createContext(s)
 	expiredToken := "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhbGxvd2VkX3JvbGVzIjpbIiJdLCJiaXJ0aGRhdGUiOm51bGwsImNyZWF0ZWRfYXQiOjAsImVtYWlsIjoiam9obi5kb2VAZ21haWwuY29tIiwiZW1haWxfdmVyaWZpZWQiOmZhbHNlLCJleHAiOjE2NDI5NjEwMTEsImV4dHJhIjp7IngtZXh0cmEtaWQiOiJkMmNhMjQwNy05MzZmLTQwYzQtOTQ2NS05Y2M5MWYxZTJhNDQifSwiZmFtaWx5X25hbWUiOm51bGwsImdlbmRlciI6bnVsbCwiZ2l2ZW5fbmFtZSI6bnVsbCwiaWF0IjoxNjQyOTYwOTgxLCJpZCI6ImQyY2EyNDA3LTkzNmYtNDBjNC05NDY1LTljYzkxZjFlMmE0NCIsIm1pZGRsZV9uYW1lIjpudWxsLCJuaWNrbmFtZSI6bnVsbCwicGhvbmVfbnVtYmVyIjpudWxsLCJwaG9uZV9udW1iZXJfdmVyaWZpZWQiOmZhbHNlLCJwaWN0dXJlIjpudWxsLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJqb2huLmRvZUBnbWFpbC5jb20iLCJyb2xlIjpbXSwic2lnbnVwX21ldGhvZHMiOiIiLCJ0b2tlbl90eXBlIjoiYWNjZXNzX3Rva2VuIiwidXBkYXRlZF9hdCI6MH0.FrdyeOC5e8uU1SowGj0omFJuwRnh4BrEk89S_fbEkzs"
 	t.Run(`should fail for invalid jwt`, func(t *testing.T) {
 		_, err := resolvers.IsValidJwtResolver(ctx, &model.IsValidJWTQueryInput{
-			Jwt: expiredToken,
+			Jwt: &expiredToken,
 		})
 		assert.NotNil(t, err)
 	})
@ -31,7 +30,7 @@ func isValidJWTTests(t *testing.T, s TestSetup) {
 		}, []string{})
 		assert.Nil(t, err)
 		res, err := resolvers.IsValidJwtResolver(ctx, &model.IsValidJWTQueryInput{
-			Jwt: authToken.AccessToken.Token,
+			Jwt: &authToken.AccessToken.Token,
 		})
 		assert.Nil(t, err)
 		assert.True(t, res.Valid)