Go-jwt-middleware Testers Wanted!

We are looking for testers for a new major version of the Golang go-jwt-middleware package. We’ve been working hard on the new version and want to get it tested out by users before we officially release it. For details on how to test it out please see this issue comment: v2 features · Issue #86 · auth0/go-jwt-middleware · GitHub

In this release we’ve addressed some long-standing asks and made some major improvements:

  • Replaceable JWT validation - you can now bring your favorite JWT package to validated tokens by conforming it to a simple interface. We provide two implementations for two different JWT packages.
  • We now support a custom error handler.
  • Under the hood we clone the http.Request instead of a shallow copy in order to better support reverse proxies.
  • We now support extracting JWTs from cookies.
  • We now store the JWT information using a non-string context key to conform to Golang best practices.
  • A caching provider for JWKS is now provided to help you with rate limits from your identity provider.
  • We’ve switched errors to use github.com/pkg/errors to provide better error context. If you’re not familiar with the package, don’t worry as it adheres to the error interface.
2 Likes