feat(jwt): make KeyFunc public in JWT middleware

[antonindrawan]

It allows a user-defined function to supply the key for a token
verification.

Address #1731

Since this is my first contribution to echo, please suggest any improvements.

[codecov]

Codecov Report

Merging #1756 (1df126e) into master (d9e2354) will increase coverage by 0.00%.
The diff coverage is 84.61%.

@@           Coverage Diff           @@
##           master    #1756   +/-   ##
=======================================
  Coverage   89.73%   89.74%           
=======================================
  Files          32       32           
  Lines        2669     2671    +2     
=======================================
+ Hits         2395     2397    +2     
  Misses        175      175           
  Partials       99       99           

Impacted Files	Coverage Δ
middleware/jwt.go	78.35% <84.61%> (+0.45%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update d9e2354...1df126e. Read the comment docs.

[antonindrawan]

I have no idea why codecov/patch failed with '84.61% of diff hit (target 89.43%)'. It would be nice if I could get some pointer and improve it.

[lammel]

Thanks for your contribution!

Could you shed some light on what is you actual use case is and why his PR is needed?

[antonindrawan]

Thanks for your contribution!

Could you shed some light on what is you actual use case is and why his PR is needed?

Sorry, for my late reaction. I didn't notice that you commented 3 weeks ago.

I would like to use Google to issue a sign-in token and echo verifies the token. I came across that someone else wanted to have it too (#1731)

I try to approach it using a custom KeyFunc which does:

• Downloads the key sets from https://www.googleapis.com/oauth2/v3/certs and cache it for X hours.
• Verifies the token according https://developers.google.com/identity/sign-in/web/backend-auth
• Returns the public key

Is there another way with the existing JWT Middleware functions?
That would be great if there is one.

[lammel]

Looks good. Approved from my side!
Thanks @antonindrawan

[antonindrawan]

Looks good. Approved from my side!
Thanks @antonindrawan

No problem. Thank you for reviewing @lammel .
I will have to create a PR on the echox project (likely this weekend or the next weekend) and will refer the PR here.
Edit: PR for updating the documentation: labstack/echox#196

One other question: I see that the code coverage result fails. I have added test cases but I can't understand the code coverage result. Will it block the pull request to be merged later?