Initial cloud-services repo - gateway service + pkg modules

pkg/jwt/jwt_parser.go

@@ -0,0 +1,76 @@
+package jwt
+
+import (
+	"encoding/base64"
+	"encoding/json"
+	"net/http"
+	"strings"
+
+	"github.com/pkg/errors"
+)
+
+// AuthToken token json
+type AuthToken struct {
+	Token string `json:"token" validate:"jwt"`
+}
+
+// GetPayload decodes the token payload
+func GetPayload(token string) (map[string]interface{}, error) {
+	payload := map[string]interface{}{}
+
+	data, err := parsePayload(token)
+	if err != nil {
+		return nil, err
+	}
+
+	err = json.Unmarshal(data, &payload)
+	if err != nil {
+		return nil, errors.WithStack(err)
+	}
+
+	return payload, nil
+}
+
+// GetAuthorizationHeader parses auth token from Authorization header
+func GetAuthorizationHeader(r *http.Request) (AuthToken, error) {
+	auth := AuthToken{}
+	header := r.Header.Get(AuthenticationHeader)
+	if header == "" {
+		return auth, errors.New("no authorization header")
+	}
+	if !strings.Contains(header, "Bearer ") {
+		return auth, errors.New("missing Bearer")
+	}
+	auth.Token = ParseJWTToken(header)
+	return auth, nil
+}
+
+func ParseJWTToken(token string) string {
+	return strings.ReplaceAll(token, "Bearer ", "")
+}
+
+func parsePayload(token string) ([]byte, error) {
+	parts := strings.Split(token, ".")
+	if len(parts) < 3 {
+		return nil, errors.New("unable to parse token")
+	}
+	raw, err := decodeJWT(parts[1])
+	if err != nil {
+		return nil, err
+	}
+
+	return raw, nil
+}
+
+func decodeJWT(src string) ([]byte, error) {
+	if l := len(src) % 4; l > 0 {
+		src += strings.Repeat("=", 4-l)
+	}
+
+	decoded, err := base64.URLEncoding.DecodeString(src)
+	if err != nil {
+		return nil, errors.WithStack(err)
+	}
+
+	return decoded, nil
+}