https://github.com/ansrivas/chi-jwt-go

A very naive but almost complete method of jwt-authentication using chi and jwt-go
https://github.com/ansrivas/chi-jwt-go

chi golang jwt jwt-go

Last synced: about 1 year ago
JSON representation

A very naive but almost complete method of jwt-authentication using chi and jwt-go

• Host: GitHub
• URL: https://github.com/ansrivas/chi-jwt-go
• Owner: ansrivas
• Created: 2017-10-28T01:26:31.000Z (over 8 years ago)
• Default Branch: master
• Last Pushed: 2022-05-31T21:56:37.000Z (about 4 years ago)
• Last Synced: 2025-02-05T02:51:47.618Z (over 1 year ago)
• Topics: chi, golang, jwt, jwt-go
• Language: Go
• Homepage:
• Size: 1.55 MB
• Stars: 5
• Watchers: 3
• Forks: 1
• Open Issues: 1
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
chi-jwt

---

Using jwt-go with go-chi:

Install

---

* Clone the project and run

 `go get -u github.com/ansrivas/chi-jwt-go`

* Create a directory named `keys` and copy the keys from the repository

* Execute your program as `chi-jwt-go -keyPath keys`

* Install [httpie](https://github.com/jakubroztocil/httpie) ( super awesome curl alternative )

* Authenticate to the service:

```

$ http POST localhost:8080/login username="someone" password="p@assword"

HTTP/1.1 200 OK

Content-Length: 439

Content-Type: text/plain; charset=utf-8

Date: Sat, 28 Oct 2017 01:12:20 GMT

Strict-Transport-Security: max-age=63072000; includeSubDomains

{"token":"some-token"}

```

* Use `token` from previous output after `Bearer ` in below example.

```

$ http GET localhost:8080/resource Authorization:"Bearer "

HTTP/1.1 200 OK

Content-Length: 46

Content-Type: text/plain; charset=utf-8

Date: Sat, 28 Oct 2017 01:16:55 GMT

Strict-Transport-Security: max-age=63072000; includeSubDomains

{"data":"Gained access to protected resource"}

```

References

---

1. 

2. 

3. 

4. 

Create keys

------

### .p12 format keys

### Private key

`keytool -genkeypair -keystore jwtsig-test-prv-ks.p12 -storetype pkcs12 -alias jwtsigtest -keyalg RSA -keysize 2048 -sigalg SHA384withRSA -dname "CN=jwtsigtest,OU=Auth Test,O=private purpose,L=Cologne,ST=NRW,C=DE" -validity 3652`

### Public key

`keytool -exportcert -alias jwtsigtest -file jwtsig-test-pub.cert -storetype pkcs12 -keystore jwtsig-test-prv-ks.p12 -rfc`

`keytool -importcert -alias jwtsigtest -file jwtsig-test-pub.cert -storetype pkcs12 -keystore jwtsig-test-pub-ks.p12`

`rm jwtsig-test-pub.cert`

### Convert to .pem format from p12 format, this is what we will use

### Private key

`openssl pkcs12 -in jwtsig-test-prv-ks.p12 -nocerts -out jwtsig-test-prv-ks.pem -nodes`

### Public key

Generate certificate:

`openssl pkcs12 -in jwtsig-test-pub-ks.p12 -out jwtsig-test-pub-cert.pem`

Determine public key from certificate file:

`openssl x509 -in jwtsig-test-pub-cert.pem -pubkey -noout > jwtsig-test-pub-ks.pem`