Allow `none` algorithm in jwt command (#121)

This commit is contained in:
Alexander Yastrebov 2021-11-10 07:33:04 +01:00 committed by GitHub
parent f4865cddea
commit 1275a5b909
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 3 deletions

View File

@ -128,6 +128,9 @@ func verifyToken() error {
// Parse the token. Load the key from command line option
token, err := jwt.Parse(string(tokData), func(t *jwt.Token) (interface{}, error) {
if isNone() {
return jwt.UnsafeAllowNoneSignatureType, nil
}
data, err := loadData(*flagKey)
if err != nil {
return nil, err
@ -192,10 +195,14 @@ func signToken() error {
// get the key
var key interface{}
if isNone() {
key = jwt.UnsafeAllowNoneSignatureType
} else {
key, err = loadData(*flagKey)
if err != nil {
return fmt.Errorf("couldn't read key: %w", err)
}
}
// get the signing alg
alg := jwt.GetSigningMethod(*flagAlg)
@ -296,6 +303,10 @@ func isEd() bool {
return *flagAlg == "EdDSA"
}
func isNone() bool {
return *flagAlg == "none"
}
type ArgList map[string]string
func (l ArgList) String() string {