From 6b9408d1d1f356a75c9ce61ee708f0d62d686931 Mon Sep 17 00:00:00 2001
From: ozburo <hq@ozburo.com>
Date: Sun, 9 Jun 2019 11:49:52 -0500
Subject: [PATCH] Added param:<name> lookup option to JWT Middleware (#1296)

* Added  lookup option to JWT Middleware

* Added param:<name> lookup option to JWT Middleware
---
 middleware/jwt.go      | 14 ++++++++++++++
 middleware/jwt_test.go | 13 +++++++++++++
 2 files changed, 27 insertions(+)

diff --git a/middleware/jwt.go b/middleware/jwt.go
index 279cb6f24..d44202460 100644
--- a/middleware/jwt.go
+++ b/middleware/jwt.go
@@ -52,6 +52,7 @@ type (
 		// Possible values:
 		// - "header:<name>"
 		// - "query:<name>"
+		// - "param:<name>"
 		// - "cookie:<name>"
 		TokenLookup string
 
@@ -155,6 +156,8 @@ func JWTWithConfig(config JWTConfig) echo.MiddlewareFunc {
 	switch parts[0] {
 	case "query":
 		extractor = jwtFromQuery(parts[1])
+	case "param":
+		extractor = jwtFromParam(parts[1])
 	case "cookie":
 		extractor = jwtFromCookie(parts[1])
 	}
@@ -228,6 +231,17 @@ func jwtFromQuery(param string) jwtExtractor {
 	}
 }
 
+// jwtFromParam returns a `jwtExtractor` that extracts token from the url param string.
+func jwtFromParam(param string) jwtExtractor {
+	return func(c echo.Context) (string, error) {
+		token := c.Param(param)
+		if token == "" {
+			return "", ErrJWTMissing
+		}
+		return token, nil
+	}
+}
+
 // jwtFromCookie returns a `jwtExtractor` that extracts token from the named cookie.
 func jwtFromCookie(name string) jwtExtractor {
 	return func(c echo.Context) (string, error) {
diff --git a/middleware/jwt_test.go b/middleware/jwt_test.go
index 8165c2d62..7f15bd467 100644
--- a/middleware/jwt_test.go
+++ b/middleware/jwt_test.go
@@ -159,6 +159,14 @@ func TestJWT(t *testing.T) {
 			expErrCode: http.StatusBadRequest,
 			info:       "Empty query",
 		},
+		{
+			config: JWTConfig{
+				SigningKey:  validKey,
+				TokenLookup: "param:jwt",
+			},
+			reqURL: "/" + token,
+			info:   "Valid param method",
+		},
 		{
 			config: JWTConfig{
 				SigningKey:  validKey,
@@ -195,6 +203,11 @@ func TestJWT(t *testing.T) {
 		req.Header.Set(echo.HeaderCookie, tc.hdrCookie)
 		c := e.NewContext(req, res)
 
+		if tc.reqURL == "/" + token {
+			c.SetParamNames("jwt")
+			c.SetParamValues(token)
+		}
+
 		if tc.expPanic {
 			assert.Panics(t, func() {
 				JWTWithConfig(tc.config)