Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bump github.com/golang-jwt/jwt/v4 from v4.5.0 to v4.5.1 #10

Merged
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ module github.com/luthersystems/lutherauth-sdk-go
go 1.22

require (
github.com/golang-jwt/jwt/v4 v4.5.0
github.com/golang-jwt/jwt/v4 v4.5.1
github.com/mendsley/gojwk v0.0.0-20141217222730-4d5ec6e58103
github.com/sirupsen/logrus v1.9.3
github.com/stretchr/testify v1.8.4
Expand Down
4 changes: 2 additions & 2 deletions go.sum
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo=
github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/mendsley/gojwk v0.0.0-20141217222730-4d5ec6e58103 h1:Z/i1e+gTZrmcGeZyWckaLfucYG6KYOXLWo4co8pZYNY=
Expand Down
32 changes: 21 additions & 11 deletions jwk/rs256.go
Original file line number Diff line number Diff line change
Expand Up @@ -23,24 +23,34 @@ import (

// parseClaims parses a token for claims, and validates using a signature key.
func parseClaims(tokenString string, pubKey *rsa.PublicKey, validate bool, claims jwtgo.Claims) (*jwtgo.Token, error) {
var parser jwtgo.Parser
var parser *jwtgo.Parser
alg := jwtgo.SigningMethodRS256.Name
parser = jwtgo.Parser{ValidMethods: []string{alg}}
if validate {
parser = jwtgo.NewParser(jwtgo.WithValidMethods([]string{alg}))
} else {
parser = jwtgo.NewParser(jwtgo.WithValidMethods([]string{alg}), jwtgo.WithoutClaimsValidation())
}

token, err := parser.ParseWithClaims(tokenString, claims, func(token *jwtgo.Token) (verifykey interface{}, err error) {
return pubKey, nil
})
// NOTE: we check err futher down due to how jwt-go handles sig verification errors

if err != nil {
if errors.Is(err, jwtgo.ErrTokenMalformed) {
return nil, fmt.Errorf("malformed token: %w", err)
}
if errors.Is(err, jwtgo.ErrTokenSignatureInvalid) {
return nil, fmt.Errorf("invalid signature: %w", err)
}
if errors.Is(err, jwtgo.ErrTokenExpired) {
return nil, fmt.Errorf("expired token: %w", err)
}
return nil, fmt.Errorf("token validation failed: %w", err)
}

if token == nil {
return nil, fmt.Errorf("nil jwk token")
}
validErr := token.Claims.Valid()
if validate && validErr != nil {
return nil, fmt.Errorf("jwk token claim invalid: %v", validErr)
}
// NOTE: check if there was a parse error from above
if err != nil {
return nil, err
}
if !token.Valid {
return nil, fmt.Errorf("invalid jwk token")
}
Expand Down