Skip to content

Authenticator and PrivateKey should not be required by default #274

New issue
New issue
Open
Open
Authenticator and PrivateKey should not be required by default#274
@renta

Description

@renta
renta
opened on May 19, 2021

Authenticator function and private key are required now if you want to use this middleware in a Gin project. But sometimes your application does not issue JWT-tokens, refresh and destroy them (especially in a microservice architecture where this functions usually do a separate service), but only needs an ability to read the token and extract claims from it. In such a case you just should provide a public file and encryption algorithm name. For example, Echo framework jwt-middleware could be created with only public key and algo name (see https://echo.labstack.com/middleware/jwt/):

jwtConfig := middleware.JWTConfig{
	SigningKey:    publicKey,
	SigningMethod: jwt.SigningMethodRS256.Name,
}

I believe that this middleware also should require only minimum for tokens parsing.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions