mirror
/
jwt
mirror of https://github.com/golang-jwt/jwt.git
1
0
Fork 1
Code Issues Packages Projects Releases Wiki Activity

Allow `none` algorithm in jwt command (#121)

This commit is contained in:
Alexander Yastrebov 2021-11-10 07:33:04 +01:00 committed by GitHub
parent f4865cddea
commit 1275a5b909
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
cmd/jwt/main.go
View File

@ -128,6 +128,9 @@ func verifyToken() error {
// Parse the token. Load the key from command line option
token, err := jwt.Parse(string(tokData), func(t *jwt.Token) (interface{}, error) {
if isNone() {
return jwt.UnsafeAllowNoneSignatureType, nil
}
data, err := loadData(*flagKey)
if err != nil {
return nil, err
@ -192,9 +195,13 @@ func signToken() error {
// get the key
var key interface{}
key, err = loadData(*flagKey)
if err != nil {
return fmt.Errorf("couldn't read key: %w", err)
if isNone() {
key = jwt.UnsafeAllowNoneSignatureType
} else {
key, err = loadData(*flagKey)
if err != nil {
return fmt.Errorf("couldn't read key: %w", err)
}
}
// get the signing alg
@ -296,6 +303,10 @@ func isEd() bool {
return *flagAlg == "EdDSA"
}
func isNone() bool {
return *flagAlg == "none"
}
type ArgList map[string]string
func (l ArgList) String() string {