Areas not present in JWT's Golang and Goa claim
I am using a great package goa
to build my API in Go.
However, I am having a problem with its security middleware and when I send a bearer token to my controllers, I get "authorization" due to "scopes: null". I am using Auth0 for authentication and it generates a bearer token. The exact error in Postman:
{"id":"xOUR882s","code":"jwt_security_error","status":401,"detail":"authorization failed: required 'scopes' not present in JWT claim","meta":{"required":["read:meta"],"scopes":null}}
However, my token includes the required scope read:meta
. jwt.io returns the following decoded channel:
{
"iss": "https://learnlogic.au.auth0.com/",
"sub": "exJMkK7hXX56lrLwoTqna3s0jh7Gq67e@clients",
"aud": "https://api.learn-logic.com",
"exp": 1494855336,
"iat": 1494768936,
"scopes": "read:meta"
}
I hope someone can help me because I don't understand what is going on middleware/jwt.go
in the project goa
that can be found here . My only thought is that something about the formatted media Auth0 is not compatible with the function parseClaimScopes
in middleware/jwt.go
, but I don't know what.
I have the following code main.go
:
b, err := ioutil.ReadFile("util/jwt.key")
if err != nil {
return
}
block, _ := pem.Decode([]byte(b))
var cert *x509.Certificate
cert, _ = x509.ParseCertificate(block.Bytes)
rsaPublicKey := cert.PublicKey.(*rsa.PublicKey)
fmt.Println(rsaPublicKey.N)
fmt.Println(rsaPublicKey.E)
fmt.Println(cert)
var keyx = []jwt.Key{rsaPublicKey}
var jwtResolver = jwt.NewSimpleResolver(keyx)
app.UseJWTMiddleware(service, jwt.New(jwtResolver, nil, app.NewJWTSecurity()))
The certificate I am reading is the same one used in jwt.io to decode the bearer token.
Any help is greatly appreciated.
source to share
No one has answered this question yet
Check out similar questions: