Commit Graph

143 Commits

Author SHA1 Message Date
Jamie Stackhouse 44718f8a89 Structured Claims object!
Only verify claim if it isn't a default value.

The alternative here would be to use pointers in the Claims structure then we
would know which were nil, or if they were explicitly set to zero in the
claim section

Updated MapClaim implementation to check for existance of keys before
using them.

If they don't exists, validation functions simply return true.
2015-07-17 15:13:59 -03:00
Jamie Stackhouse febded4195 Added a few new methods to use custom Claims structs.
Must implement interface Claims, which means there is a Valid method.
2015-07-14 14:34:09 -03:00
Jamie Stackhouse fa9a0b8c45 Add validation error bit for generic validation error. 2015-07-14 14:31:32 -03:00
Jamie Stackhouse 94cd619027 Switch to Claims interface, tests pass. 2015-07-13 16:14:12 -03:00
Dave Grijalva 2e53eb673c dropped go v1.2.2 from travis ci config. it's missing some of the things required 2015-06-02 15:39:46 -07:00
Dave Grijalva 2c5741b3e7 Merge branch 'dg/travisci' of github.com:dgrijalva/jwt-go into dg/travisci 2015-06-02 15:31:19 -07:00
Dave Grijalva fa34eafcec .travis.yml (not json) 2015-06-02 15:31:04 -07:00
Dave Grijalva 919016a560 Add travis CI tag to README.md 2015-06-02 15:05:49 -07:00
Dave Grijalva ceceae9e6c added travis ci file 2015-06-02 15:02:28 -07:00
Dave Grijalva 5ca80149b9 added reference to gopkg.in 2015-04-20 13:43:07 -07:00
Dave Grijalva 38ff32c7bf Merge pull request #60 from glkz/master
Fix variable name in parse and verify example
2015-04-17 14:20:58 -07:00
Dave Grijalva e430b188c0 use pre-parsed rsa key for rsa benchmark and make sure signing actually succeeds 2015-04-11 14:04:22 -07:00
Dave Grijalva c0c67af490 cleaned up benchmarks 2015-04-11 13:53:09 -07:00
Dave Grijalva 901c439dfe added benchmark for hmac signing 2015-04-11 13:31:06 -07:00
Mustafa Altun 211399e41a Fix variable name in parse and verify example 2015-04-10 15:31:30 +03:00
Dave Grijalva 3dd0a21a31 move error types and constants out to separate file 2015-04-09 13:20:10 -07:00
Dave Grijalva c48cfd5d97 Updated README
... to discuss recently published vulnerability
2015-04-01 11:06:36 -07:00
Dave Grijalva 61124b62ad Merge pull request #54 from thatderek/patch-1
Updated token creation example to use the proper method.
2015-01-26 13:04:01 -08:00
thatderek c5c16083c7 Updated token creation example to use the proper method.
Example broke with error `undefined: SigningMethodHS256`. Edited to use jwt.SigningMethodHS256
2015-01-25 01:25:58 -05:00
Dave Grijalva a3e2f13bb7 added documentation for HMAC Sign method 2015-01-13 21:33:50 -08:00
Dave Grijalva fb5e9d4418 updated ExampleNew with correct key type 2015-01-13 21:31:08 -08:00
Dave Grijalva 7c18dce7b8 Merge branch 'master' of github.com:dgrijalva/jwt-go 2015-01-07 09:54:51 -08:00
Dave Grijalva 7597fd422d added a test condition 2015-01-07 09:52:08 -08:00
Dave Grijalva 7b97402710 Merge pull request #47 from kofalt/master
Fix timing side-channel attack in hmac comparison
2014-12-28 17:36:52 -08:00
Nathaniel Kofalt 9a3c6fd1e3 Fix timing side-channel attack in hmac comparison 2014-12-28 19:31:54 -06:00
Dave Grijalva d9679c1420 added some examples of unpacking errors from the bitfield 2014-12-28 12:44:46 -08:00
Dave Grijalva db4251f9dd added examples 2014-12-28 12:24:54 -08:00
Dave Grijalva 6a9bcca4b5 moved tests into jwt_test package for better clarity 2014-12-28 12:24:41 -08:00
Dave Grijalva 93e34196bb Merge pull request #46 from albrow/use-signing-methods-directly
Reference signing methods directly instead of by a string name
2014-12-28 11:53:36 -08:00
Alex Browne bfe701fdf5 When possible, instead of identifying signing methods by string, pass
them in directly by name. This is less error-prone and avoids an unnecessary
map lookup. Also encourage this type of usage by using it in the README.
2014-12-27 14:14:23 -05:00
Dave Grijalva 47b263f020 Merge pull request #38 from BugHerd/var-errors
Move errors to variables so they can be matched against
2014-11-03 13:11:22 -08:00
Alan Harper 1663b3c6c2 Move errors to variables so they can be matched against 2014-10-20 16:09:02 +11:00
Dave Grijalva 8c45ba33b0 version notes for 2.2.0 2014-10-11 13:58:31 -07:00
Dave Grijalva 4beb9b5850 gracefully handle a nil keyfunc passed to Parse. (and more tests) 2014-10-11 13:54:16 -07:00
Dave Grijalva e1571c8f04 Fixed issue #36 - out of date example code 2014-10-06 22:41:14 -07:00
Dave Grijalva d82ad649e4 version 2.1.0 2014-09-30 12:21:30 -07:00
TommyO e82659ca5b Updated to accept interface{} as supported by underlying Verify methods.
Needed to support precompiled public keys.
2014-09-29 14:00:25 -04:00
Dave Grijalva c0da491622 Merge pull request #32 from porjo/porjo
Lowercase error messages
2014-09-15 11:11:21 -07:00
Ian Bishop 0c21a058ab Lowercase error messages 2014-09-08 11:42:58 +10:00
Dave Grijalva ed42077928 Added note about 2.0.0 change. 2014-08-26 18:22:44 -07:00
Dave Grijalva 35c43501ff documentation 2014-08-26 15:30:37 -07:00
Dave Grijalva 2ef58916cc return an error if the requested hash method hasn't been compiled in 2014-08-26 15:00:15 -07:00
Dave Grijalva 48aa7e5db1 documentation 2014-08-26 14:41:32 -07:00
Dave Grijalva bcec7fbe47 documentation fix 2014-08-26 14:25:13 -07:00
Dave Grijalva 652b4be28c make helper methods more specific 2014-08-26 14:24:20 -07:00
Simon Jefford 1363e28b6a expose RSA key PEM parsing funcs 2014-08-26 14:21:38 -07:00
Simon Jefford 33523225e1 can now pass a PublicKey to SigningMethodRSA.Verify 2014-08-26 14:20:56 -07:00
Simon Jefford dc2f34cdb1 can now pass a PrivateKey to SigningMethodRSA.Sign
Conflicts:
	rsa.go
2014-08-26 14:20:28 -07:00
Dave Grijalva c9b532b51b cleanup and documentation updates 2014-08-26 14:18:59 -07:00
Simon Jefford 23cb3af02c pass keys as interface{} rather than []byte
This will allow clients to pass, for example, their own instances of
rsa.PublicKey if the key is not specified as some flavour of X509
cert. For example, Salesforce just specify the modulus and
exponent (https://login.salesforce.com/id/keys)
2014-08-26 14:14:17 -07:00