refactor: unify function parameter order for context and data/error

appleboy · appleboy · commit bad9f439e6cb · 2025-10-11T12:54:52.000+08:00
- Change Authorizator function signature: swap parameter order to (c *gin.Context, data any) across all usages
- Update HTTPStatusMessageFunc signature: swap parameter order to (c *gin.Context, e error)
- Update middleware code and handler implementations to use new function signatures
- Modify all relevant test cases to reflect the changed parameter order for Authorizator and HTTPStatusMessageFunc functions

Signed-off-by: appleboy &lt;appleboy.tw@gmail.com&gt;
diff --git a/_example/basic/server.go b/_example/basic/server.go
@@ -133,8 +133,8 @@ func authenticator() func(c *gin.Context) (any, error) {
 	}
 }
 
-func authorizator() func(data any, c *gin.Context) bool {
-	return func(data any, c *gin.Context) bool {
+func authorizator() func(c *gin.Context, data any) bool {
+	return func(c *gin.Context, data any) bool {
 		if v, ok := data.(*User); ok && v.UserName == "admin" {
 			return true
 		}
diff --git a/_example/redis_simple/main.go b/_example/redis_simple/main.go
@@ -65,7 +65,7 @@ func main() {
 			return nil, jwt.ErrFailedAuthentication
 		},
 
-		Authorizator: func(data any, c *gin.Context) bool {
+		Authorizator: func(c *gin.Context, data any) bool {
 			if v, ok := data.(*User); ok && v.UserName == "admin" {
 				return true
 			}
diff --git a/_example/redis_store/main.go b/_example/redis_store/main.go
@@ -61,7 +61,7 @@ func main() {
 
 			return nil, jwt.ErrFailedAuthentication
 		},
-		Authorizator: func(data any, c *gin.Context) bool {
+		Authorizator: func(c *gin.Context, data any) bool {
 			if v, ok := data.(*User); ok && v.UserName == "admin" {
 				return true
 			}
diff --git a/auth_jwt.go b/auth_jwt.go
@@ -58,7 +58,7 @@ type GinJWTMiddleware struct {
 	// Callback function that should perform the authorization of the authenticated user. Called
 	// only after an authentication success. Must return true on success, false on failure.
 	// Optional, default to success.
-	Authorizator func(data any, c *gin.Context) bool
+	Authorizator func(c *gin.Context, data any) bool
 
 	// Callback function that will be called during login.
 	// Using this function it is possible to add additional payload data to the webtoken.
@@ -103,7 +103,7 @@ type GinJWTMiddleware struct {
 
 	// HTTP Status messages for when something in the JWT middleware fails.
 	// Check error (e) to determine the appropriate error message.
-	HTTPStatusMessageFunc func(e error, c *gin.Context) string
+	HTTPStatusMessageFunc func(c *gin.Context, e error) string
 
 	// Private key file for asymmetric algorithms
 	PrivKeyFile string
@@ -383,7 +383,7 @@ func (mw *GinJWTMiddleware) MiddlewareInit() error {
 	}
 
 	if mw.Authorizator == nil {
-		mw.Authorizator = func(data any, c *gin.Context) bool {
+		mw.Authorizator = func(c *gin.Context, data any) bool {
 			return true
 		}
 	}
@@ -431,7 +431,7 @@ func (mw *GinJWTMiddleware) MiddlewareInit() error {
 	}
 
 	if mw.HTTPStatusMessageFunc == nil {
-		mw.HTTPStatusMessageFunc = func(e error, c *gin.Context) string {
+		mw.HTTPStatusMessageFunc = func(c *gin.Context, e error) string {
 			return e.Error()
 		}
 	}
@@ -509,7 +509,7 @@ func (mw *GinJWTMiddleware) middlewareImpl(c *gin.Context) {
 
 	// For backwards compatibility since technically exp is not required in the spec but has been in gin-jwt
 	if claims["exp"] == nil {
-		mw.unauthorized(c, http.StatusBadRequest, mw.HTTPStatusMessageFunc(ErrMissingExpField, c))
+		mw.unauthorized(c, http.StatusBadRequest, mw.HTTPStatusMessageFunc(c,ErrMissingExpField))
 		return
 	}
 
@@ -520,8 +520,8 @@ func (mw *GinJWTMiddleware) middlewareImpl(c *gin.Context) {
 		c.Set(mw.IdentityKey, identity)
 	}
 
-	if !mw.Authorizator(identity, c) {
-		mw.unauthorized(c, http.StatusForbidden, mw.HTTPStatusMessageFunc(ErrForbidden, c))
+	if !mw.Authorizator(c, identity) {
+		mw.unauthorized(c, http.StatusForbidden, mw.HTTPStatusMessageFunc(c,ErrForbidden))
 		return
 	}
 
@@ -557,20 +557,20 @@ func (mw *GinJWTMiddleware) GetClaimsFromJWT(c *gin.Context) (jwt.MapClaims, err
 // Reply will be of the form {"token": "TOKEN"}.
 func (mw *GinJWTMiddleware) LoginHandler(c *gin.Context) {
 	if mw.Authenticator == nil {
-		mw.unauthorized(c, http.StatusInternalServerError, mw.HTTPStatusMessageFunc(ErrMissingAuthenticatorFunc, c))
+		mw.unauthorized(c, http.StatusInternalServerError, mw.HTTPStatusMessageFunc(c,ErrMissingAuthenticatorFunc))
 		return
 	}
 
 	data, err := mw.Authenticator(c)
 	if err != nil {
-		mw.unauthorized(c, http.StatusUnauthorized, mw.HTTPStatusMessageFunc(err, c))
+		mw.unauthorized(c, http.StatusUnauthorized, mw.HTTPStatusMessageFunc(c,err))
 		return
 	}
 
 	// Generate complete token pair
 	tokenPair, err := mw.GenerateTokenPair(data)
 	if err != nil {
-		mw.unauthorized(c, http.StatusInternalServerError, mw.HTTPStatusMessageFunc(ErrFailedTokenCreation, c))
+		mw.unauthorized(c, http.StatusInternalServerError, mw.HTTPStatusMessageFunc(c,ErrFailedTokenCreation))
 		return
 	}
 
@@ -694,14 +694,14 @@ func (mw *GinJWTMiddleware) RefreshHandler(c *gin.Context) {
 	// Validate refresh token
 	userData, err := mw.validateRefreshToken(refreshToken)
 	if err != nil {
-		mw.unauthorized(c, http.StatusUnauthorized, mw.HTTPStatusMessageFunc(err, c))
+		mw.unauthorized(c, http.StatusUnauthorized, mw.HTTPStatusMessageFunc(c,err))
 		return
 	}
 
 	// Generate new token pair and revoke old refresh token
 	tokenPair, err := mw.GenerateTokenPairWithRevocation(userData, refreshToken)
 	if err != nil {
-		mw.unauthorized(c, http.StatusInternalServerError, mw.HTTPStatusMessageFunc(err, c))
+		mw.unauthorized(c, http.StatusInternalServerError, mw.HTTPStatusMessageFunc(c,err))
 		return
 	}
 
@@ -1022,13 +1022,13 @@ func (mw *GinJWTMiddleware) SetCookie(c *gin.Context, token string) {
 func (mw *GinJWTMiddleware) handleTokenError(c *gin.Context, err error) {
 	switch {
 	case errors.Is(err, jwt.ErrTokenExpired):
-		mw.unauthorized(c, http.StatusUnauthorized, mw.HTTPStatusMessageFunc(ErrExpiredToken, c))
+		mw.unauthorized(c, http.StatusUnauthorized, mw.HTTPStatusMessageFunc(c, ErrExpiredToken))
 	case errors.Is(err, jwt.ErrInvalidType) && strings.Contains(err.Error(), "exp is invalid"):
-		mw.unauthorized(c, http.StatusBadRequest, mw.HTTPStatusMessageFunc(ErrWrongFormatOfExp, c))
+		mw.unauthorized(c, http.StatusBadRequest, mw.HTTPStatusMessageFunc(c, ErrWrongFormatOfExp))
 	case errors.Is(err, jwt.ErrTokenRequiredClaimMissing) && strings.Contains(err.Error(), "exp claim is required"):
-		mw.unauthorized(c, http.StatusBadRequest, mw.HTTPStatusMessageFunc(ErrMissingExpField, c))
+		mw.unauthorized(c, http.StatusBadRequest, mw.HTTPStatusMessageFunc(c, ErrMissingExpField))
 	default:
-		mw.unauthorized(c, http.StatusUnauthorized, mw.HTTPStatusMessageFunc(err, c))
+		mw.unauthorized(c, http.StatusUnauthorized, mw.HTTPStatusMessageFunc(c, err))
 	}
 }
 
diff --git a/auth_jwt_test.go b/auth_jwt_test.go
@@ -273,7 +273,7 @@ func TestLoginHandler(t *testing.T) {
 			}
 			return "", ErrFailedAuthentication
 		},
-		Authorizator: func(user any, c *gin.Context) bool {
+		Authorizator: func(c *gin.Context, user any) bool {
 			return true
 		},
 		LoginResponse: func(c *gin.Context, token *core.Token) {
@@ -675,7 +675,7 @@ func TestAuthorizator(t *testing.T) {
 		Timeout:       time.Hour,
 		MaxRefresh:    time.Hour * 24,
 		Authenticator: defaultAuthenticator,
-		Authorizator: func(data any, c *gin.Context) bool {
+		Authorizator: func(c *gin.Context, data any) bool {
 			return data.(string) == "admin"
 		},
 	})
@@ -782,7 +782,7 @@ func TestClaimsDuringAuthorization(t *testing.T) {
 
 			return "Guest", ErrFailedAuthentication
 		},
-		Authorizator: func(user any, c *gin.Context) bool {
+		Authorizator: func(c *gin.Context, user any) bool {
 			jwtClaims := ExtractClaims(c)
 
 			if jwtClaims["identity"] == "administrator" {
@@ -1125,7 +1125,7 @@ func TestHTTPStatusMessageFunc(t *testing.T) {
 		MaxRefresh:    time.Hour * 24,
 		Authenticator: defaultAuthenticator,
 
-		HTTPStatusMessageFunc: func(e error, c *gin.Context) string {
+		HTTPStatusMessageFunc: func(c *gin.Context, e error) string {
 			if e == successError {
 				return successMessage
 			}
@@ -1134,8 +1134,8 @@ func TestHTTPStatusMessageFunc(t *testing.T) {
 		},
 	})
 
-	successString := authMiddleware.HTTPStatusMessageFunc(successError, nil)
-	failedString := authMiddleware.HTTPStatusMessageFunc(failedError, nil)
+	successString := authMiddleware.HTTPStatusMessageFunc(nil, successError)
+	failedString := authMiddleware.HTTPStatusMessageFunc(nil, failedError)
 
 	assert.Equal(t, successMessage, successString)
 	assert.NotEqual(t, successMessage, failedString)
@@ -1150,7 +1150,7 @@ func TestSendAuthorizationBool(t *testing.T) {
 		MaxRefresh:        time.Hour * 24,
 		Authenticator:     defaultAuthenticator,
 		SendAuthorization: true,
-		Authorizator: func(data any, c *gin.Context) bool {
+		Authorizator: func(c *gin.Context, data any) bool {
 			return data.(string) == "admin"
 		},
 	})
@@ -1188,7 +1188,7 @@ func TestExpiredTokenOnAuth(t *testing.T) {
 		MaxRefresh:        time.Hour * 24,
 		Authenticator:     defaultAuthenticator,
 		SendAuthorization: true,
-		Authorizator: func(data any, c *gin.Context) bool {
+		Authorizator: func(c *gin.Context, data any) bool {
 			return data.(string) == "admin"
 		},
 		TimeFunc: func() time.Time {
@@ -1456,7 +1456,7 @@ func TestGenerateTokenPair(t *testing.T) {
 				"identity": data,
 			}
 		},
-		Authorizator: func(data any, c *gin.Context) bool {
+		Authorizator: func(c *gin.Context, data any) bool {
 			return data == "admin"
 		},
 		Unauthorized: func(c *gin.Context, code int, message string) {

Original file line number	Diff line number	Diff line change
`@@ -133,8 +133,8 @@ func authenticator() func(c *gin.Context) (any, error) {`
`133`	`133`	`}`
`134`	`134`	`}`
`135`	`135`
`136`		`-func authorizator() func(data any, c *gin.Context) bool {`
`137`		`- return func(data any, c *gin.Context) bool {`
	`136`	`+func authorizator() func(c *gin.Context, data any) bool {`
	`137`	`+ return func(c *gin.Context, data any) bool {`
`138`	`138`	`if v, ok := data.(*User); ok && v.UserName == "admin" {`
`139`	`139`	`return true`
`140`	`140`	`}`
Original file line number	Diff line number	Diff line change
`@@ -65,7 +65,7 @@ func main() {`
`65`	`65`	`return nil, jwt.ErrFailedAuthentication`
`66`	`66`	`},`
`67`	`67`
`68`		`- Authorizator: func(data any, c *gin.Context) bool {`
	`68`	`+ Authorizator: func(c *gin.Context, data any) bool {`
`69`	`69`	`if v, ok := data.(*User); ok && v.UserName == "admin" {`
`70`	`70`	`return true`
`71`	`71`	`}`
Original file line number	Diff line number	Diff line change
`@@ -61,7 +61,7 @@ func main() {`
`61`	`61`
`62`	`62`	`return nil, jwt.ErrFailedAuthentication`
`63`	`63`	`},`
`64`		`- Authorizator: func(data any, c *gin.Context) bool {`
	`64`	`+ Authorizator: func(c *gin.Context, data any) bool {`
`65`	`65`	`if v, ok := data.(*User); ok && v.UserName == "admin" {`
`66`	`66`	`return true`
`67`	`67`	`}`