支持 WebSocket 验证

auth.go

@@ -39,7 +39,7 @@ func SetAuthToken(uniqueUser, privateKeyPath string, expire time.Duration) (toke
 	return tokenString, nil
 }
 
-func ParseAndValid(req *http.Request, publicKeyPath string) (uniqueUser, signature string, err error) {
+func ParseFromRequest(req *http.Request, publicKeyPath string) (uniqueUser, signature string, err error) {
 	token, err := request.ParseFromRequest(req, request.AuthorizationHeaderExtractor, func(t *jwt.Token) (interface{}, error) {
 		publicKey, innErr := os.ReadFile(publicKeyPath)
 		if innErr != nil {
@@ -52,7 +52,9 @@ func ParseAndValid(req *http.Request, publicKeyPath string) (uniqueUser, signatu
 		return "", "", err
 	}
 
-	if !token.Valid {
+	wsp := req.Header.Get("Sec-Websocket-Protocol")
+
+	if !token.Valid && len(wsp) > 0 {
 		return "", "", jwt.ErrTokenSignatureInvalid
 	}
 
@@ -63,3 +65,38 @@ func ParseAndValid(req *http.Request, publicKeyPath string) (uniqueUser, signatu
 
 	return claims.Issuer, token.Signature, nil
 }
+
+func ParseWithClaims(req *http.Request, publicKeyPath string) (uniqueUser, signature string, err error) {
+	wsp := req.Header.Get("Sec-Websocket-Protocol")
+	if len(wsp) > 0 {
+		token, er := jwt.ParseWithClaims(wsp, &jwt.RegisteredClaims{}, func(t *jwt.Token) (interface{}, error) {
+			publicKey, innErr := os.ReadFile(publicKeyPath)
+			if innErr != nil {
+				return "", innErr
+			}
+
+			return jwt.ParseRSAPublicKeyFromPEM(publicKey)
+		})
+		if er != nil {
+			return "", "", er
+		}
+
+		if !token.Valid && len(wsp) > 0 {
+			return "", "", jwt.ErrTokenSignatureInvalid
+		}
+
+		claims, ok := token.Claims.(*jwt.RegisteredClaims)
+		if !ok {
+			return "", "", jwt.ErrTokenInvalidClaims
+		}
+
+		//issuer, er := claims.GetIssuer()
+		//if er != nil {
+		//	return "", "", er
+		//}
+
+		return claims.Issuer, token.Signature, nil
+	}
+
+	return "", "", nil
+}