| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364 |
- package validatetoken
- import (
- "encoding/json"
- "github.com/cristalhq/jwt"
- "standard/token/avata/model"
- "time"
- )
- //
- func ValidateToken(tokenType model.TokenType, tokenInfo *model.OauthToken) bool {
- if tokenInfo.RTokenExpiredAt.Before(time.Now()) {
- return false
- }
- if tokenType == model.TokenTypeAccess && tokenInfo.ExpiredAt.Before(time.Now()) {
- return false
- }
- switch tokenType {
- case model.TokenTypeRefresh:
- if tokenInfo.RefreshToken != tokenInfo.Token {
- return false
- }
- default:
- if tokenInfo.Token != tokenInfo.Token {
- return false
- }
- }
- return true
- }
- //根据token获取id
- func ParseIdFromToken(tokenType model.TokenType, token string) (string, error) {
- var claim model.TokenClaim
- var key string
- switch tokenType {
- case model.TokenTypeRefresh:
- key = "REFRESH_TOKEN_KEY"
- default:
- key = "ACCESS_TOKEN_KEY"
- }
- err := verifyToken(key, token, &claim)
- if err != nil {
- return "", err
- }
- return claim.Id, nil
- }
- //验证token
- func verifyToken(key, token string, claim interface{}) error {
- verifier, err := jwt.NewVerifierHS(jwt.HS256, []byte(key))
- if err != nil {
- return err
- }
- // parse and verify a token
- newToken, err := jwt.Parse([]byte(token), verifier)
- if err != nil {
- return err
- }
- if err = json.Unmarshal(newToken.Claims(), claim); err != nil {
- return err
- }
- return nil
- }
|
