ParseUnverified parses the token but does not validate the signature. WARNING: Don't use this method unless you know what you're doing. It's only ever useful in cases where you know the signature is valid (since it has already been or will be checked elsewhere in the stack) and you want to extract
(tokenString string, claims Claims)
| 134 | // It's only ever useful in cases where you know the signature is valid (since it has already |
| 135 | // been or will be checked elsewhere in the stack) and you want to extract values from it. |
| 136 | func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Token, parts []string, err error) { |
| 137 | var ok bool |
| 138 | parts, ok = splitToken(tokenString) |
| 139 | if !ok { |
| 140 | return nil, nil, newError("token contains an invalid number of segments", ErrTokenMalformed) |
| 141 | } |
| 142 | |
| 143 | token = &Token{Raw: tokenString} |
| 144 | |
| 145 | // Parse Header |
| 146 | var headerBytes []byte |
| 147 | if headerBytes, err = p.DecodeSegment(parts[0]); err != nil { |
| 148 | return token, parts, newError("could not base64 decode header", ErrTokenMalformed, err) |
| 149 | } |
| 150 | if err = json.Unmarshal(headerBytes, &token.Header); err != nil { |
| 151 | return token, parts, newError("could not JSON decode header", ErrTokenMalformed, err) |
| 152 | } |
| 153 | |
| 154 | // Parse Claims |
| 155 | token.Claims = claims |
| 156 | |
| 157 | claimBytes, err := p.DecodeSegment(parts[1]) |
| 158 | if err != nil { |
| 159 | return token, parts, newError("could not base64 decode claim", ErrTokenMalformed, err) |
| 160 | } |
| 161 | |
| 162 | // If `useJSONNumber` is enabled then we must use *json.Decoder to decode |
| 163 | // the claims. However, this comes with a performance penalty so only use |
| 164 | // it if we must and, otherwise, simple use json.Unmarshal. |
| 165 | if !p.useJSONNumber { |
| 166 | // JSON Unmarshal. Special case for map type to avoid weird pointer behavior. |
| 167 | if c, ok := token.Claims.(MapClaims); ok { |
| 168 | err = json.Unmarshal(claimBytes, &c) |
| 169 | } else { |
| 170 | err = json.Unmarshal(claimBytes, &claims) |
| 171 | } |
| 172 | } else { |
| 173 | dec := json.NewDecoder(bytes.NewBuffer(claimBytes)) |
| 174 | dec.UseNumber() |
| 175 | // JSON Decode. Special case for map type to avoid weird pointer behavior. |
| 176 | if c, ok := token.Claims.(MapClaims); ok { |
| 177 | err = dec.Decode(&c) |
| 178 | } else { |
| 179 | err = dec.Decode(&claims) |
| 180 | } |
| 181 | } |
| 182 | if err != nil { |
| 183 | return token, parts, newError("could not JSON decode claim", ErrTokenMalformed, err) |
| 184 | } |
| 185 | |
| 186 | // Lookup signature method |
| 187 | if method, ok := token.Header["alg"].(string); ok { |
| 188 | if token.Method = GetSigningMethod(method); token.Method == nil { |
| 189 | return token, parts, newError("signing method (alg) is unavailable", ErrTokenUnverifiable) |
| 190 | } |
| 191 | } else { |
| 192 | return token, parts, newError("signing method (alg) is unspecified", ErrTokenUnverifiable) |
| 193 | } |