NOTICE This is a fork of github.com/akhettar/gin-jwt-cognito since that seems to be abandoned.

Changes done in this fork

• Do constant time comparison for sensitive data to avoid information leak
• Simplifications
• Constantify errors
• Increase test coverage
• Get rid of testify
• Update dependencies
• Use JWT v4
• Add support for Bearer

Gin Cognito JWT Authentication Middleware

This is a JWT auth Gin middleware to validate JWT token issued by AWS Cognito identity manager. The implementation of this middleware is based on the AWS documentation on how to verify the JWT token

Here is an example of how can this be invoked. It should be attached to all endpoint you would want to authenticate against the user.

package main

import (
    "github.com/gin-gonic/gin"
    "github.com/akhettar/gin-jwt-cognito"
)

func main() {
 // Creates a gin router with default middleware:
 router := gin.Default()

 // Create Cognito JWT auth middleware and set it  in all authenticated endpoints
 mw, err := jwt.AuthJWTMiddleware("<some_iss>", "<some_userpool_id>", "region")
 if err != nil {
  panic(err)
 }

 router.GET("/someGet", mw.MiddlewareFunc(), func(context *gin.Context) {
  // some implementation
 })
 router.POST("/somePost", mw.MiddlewareFunc(), func(context *gin.Context) {
  // some implementation
 })
 router.PUT("/somePut", mw.MiddlewareFunc(), func(context *gin.Context) {
  // some implementation
 })

 // By default it serves on :8080 unless a
 // PORT environment variable was defined.
 router.Run()
}

License

MIT