From deb3337a8f5c7d6debbd04a99e47512621cc27c8 Mon Sep 17 00:00:00 2001 From: renaldybrada Date: Wed, 18 Feb 2026 08:17:38 +0700 Subject: [PATCH] adjust response keycloak validation --- internal/middleware/authKeycloak.go | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/internal/middleware/authKeycloak.go b/internal/middleware/authKeycloak.go index 91a071e..a7793c2 100644 --- a/internal/middleware/authKeycloak.go +++ b/internal/middleware/authKeycloak.go @@ -1,6 +1,7 @@ package middleware import ( + "antrian-operasi/internal/shared" "fmt" "log" "net/http" @@ -36,9 +37,15 @@ func AuthKeycloak() (gin.HandlerFunc, error) { } return func(c *gin.Context) { + errorResponse := shared.BaseErrorResponse{ + Success: false, + Code: 401, + } + auth := c.GetHeader("Authorization") if auth == "" { - c.AbortWithStatusJSON(401, gin.H{"message": "missing token"}) + errorResponse.Message = "missing token" + c.AbortWithStatusJSON(http.StatusUnauthorized, errorResponse) return } @@ -46,7 +53,8 @@ func AuthKeycloak() (gin.HandlerFunc, error) { token, err := jwt.Parse(tokenStr, jwks.Keyfunc) if err != nil || !token.Valid { - c.AbortWithStatusJSON(401, gin.H{"message": err.Error()}) + errorResponse.Message = err.Error() + c.AbortWithStatusJSON(http.StatusUnauthorized, errorResponse) return } @@ -54,14 +62,17 @@ func AuthKeycloak() (gin.HandlerFunc, error) { log.Println(claims) // validate issuer + errorResponse.Message = "invalid keycloak configuration" if claims["iss"] != issuer { - c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "invalid issuer"}) + errorResponse.Errors = []string{"invalid issuer"} + c.AbortWithStatusJSON(http.StatusUnauthorized, errorResponse) return } // validate audience if !claims.VerifyAudience(audience, true) { - c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "invalid audience"}) + errorResponse.Errors = []string{"invalid audience"} + c.AbortWithStatusJSON(http.StatusUnauthorized, errorResponse) return }