only accessible with a valid token
(w http.ResponseWriter, r *http.Request)
| 187 | |
| 188 | // only accessible with a valid token |
| 189 | func restrictedHandler(w http.ResponseWriter, r *http.Request) { |
| 190 | // Get token from request |
| 191 | token, err := request.ParseFromRequest(r, request.OAuth2Extractor, func(token *jwt.Token) (any, error) { |
| 192 | // since we only use the one private key to sign the tokens, |
| 193 | // we also only use its public counter part to verify |
| 194 | return verifyKey, nil |
| 195 | }, request.WithClaims(&CustomClaimsExample{})) |
| 196 | |
| 197 | // If the token is missing or invalid, return error |
| 198 | if err != nil { |
| 199 | w.WriteHeader(http.StatusUnauthorized) |
| 200 | _, _ = fmt.Fprintln(w, "Invalid token:", err) |
| 201 | return |
| 202 | } |
| 203 | |
| 204 | // Token is valid |
| 205 | _, _ = fmt.Fprintln(w, "Welcome,", token.Claims.(*CustomClaimsExample).Name) |
| 206 | } |
nothing calls this directly
no test coverage detected