From 1275a5b909ddf010442b0b22429f8702e638b1e9 Mon Sep 17 00:00:00 2001 From: Alexander Yastrebov Date: Wed, 10 Nov 2021 07:33:04 +0100 Subject: [PATCH] Allow `none` algorithm in jwt command (#121) --- cmd/jwt/main.go | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/cmd/jwt/main.go b/cmd/jwt/main.go index da48b49..a13790c 100644 --- a/cmd/jwt/main.go +++ b/cmd/jwt/main.go @@ -128,6 +128,9 @@ func verifyToken() error { // Parse the token. Load the key from command line option token, err := jwt.Parse(string(tokData), func(t *jwt.Token) (interface{}, error) { + if isNone() { + return jwt.UnsafeAllowNoneSignatureType, nil + } data, err := loadData(*flagKey) if err != nil { return nil, err @@ -192,9 +195,13 @@ func signToken() error { // get the key var key interface{} - key, err = loadData(*flagKey) - if err != nil { - return fmt.Errorf("couldn't read key: %w", err) + if isNone() { + key = jwt.UnsafeAllowNoneSignatureType + } else { + key, err = loadData(*flagKey) + if err != nil { + return fmt.Errorf("couldn't read key: %w", err) + } } // get the signing alg @@ -296,6 +303,10 @@ func isEd() bool { return *flagAlg == "EdDSA" } +func isNone() bool { + return *flagAlg == "none" +} + type ArgList map[string]string func (l ArgList) String() string {