forked from mirror/jwt
repo fixes
This commit is contained in:
parent
1ef0fe8cd4
commit
a2e408bd30
|
@ -2,18 +2,18 @@
|
|||
|
||||
Starting from [v4.0.0](https://github.com/golang-jwt/jwt/releases/tag/v4.0.0), the import path will be:
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
"git.internal/re/jwt/v5"
|
||||
|
||||
The `/v4` version will be backwards compatible with existing `v3.x.y` tags in this repo, as well as
|
||||
`github.com/dgrijalva/jwt-go`. For most users this should be a drop-in replacement, if you're having
|
||||
troubles migrating, please open an issue.
|
||||
|
||||
You can replace all occurrences of `github.com/dgrijalva/jwt-go` or `github.com/golang-jwt/jwt` with `github.com/golang-jwt/jwt/v5`, either manually or by using tools such as `sed` or `gofmt`.
|
||||
You can replace all occurrences of `github.com/dgrijalva/jwt-go` or `github.com/golang-jwt/jwt` with `git.internal/re/jwt/v5`, either manually or by using tools such as `sed` or `gofmt`.
|
||||
|
||||
And then you'd typically run:
|
||||
|
||||
```
|
||||
go get github.com/golang-jwt/jwt/v5
|
||||
go get git.internal/re/jwt/v5
|
||||
go mod tidy
|
||||
```
|
||||
|
||||
|
|
24
README.md
24
README.md
|
@ -1,7 +1,7 @@
|
|||
# jwt-go
|
||||
|
||||
[![build](https://github.com/golang-jwt/jwt/actions/workflows/build.yml/badge.svg)](https://github.com/golang-jwt/jwt/actions/workflows/build.yml)
|
||||
[![Go Reference](https://pkg.go.dev/badge/github.com/golang-jwt/jwt/v5.svg)](https://pkg.go.dev/github.com/golang-jwt/jwt/v5)
|
||||
[![Go Reference](https://pkg.go.dev/badge/git.internal/re/jwt/v5.svg)](https://pkg.go.dev/git.internal/re/jwt/v5)
|
||||
|
||||
A [go](http://www.golang.org) (or 'golang' for search engine friendliness) implementation of [JSON Web Tokens](https://datatracker.ietf.org/doc/html/rfc7519).
|
||||
|
||||
|
@ -41,22 +41,22 @@ This library supports the parsing and verification as well as the generation and
|
|||
1. To install the jwt package, you first need to have [Go](https://go.dev/doc/install) installed, then you can use the command below to add `jwt-go` as a dependency in your Go program.
|
||||
|
||||
```sh
|
||||
go get -u github.com/golang-jwt/jwt/v5
|
||||
go get -u git.internal/re/jwt/v5
|
||||
```
|
||||
|
||||
2. Import it in your code:
|
||||
|
||||
```go
|
||||
import "github.com/golang-jwt/jwt/v5"
|
||||
import "git.internal/re/jwt/v5"
|
||||
```
|
||||
|
||||
## Examples
|
||||
|
||||
See [the project documentation](https://pkg.go.dev/github.com/golang-jwt/jwt/v5) for examples of usage:
|
||||
See [the project documentation](https://pkg.go.dev/git.internal/re/jwt/v5) for examples of usage:
|
||||
|
||||
* [Simple example of parsing and validating a token](https://pkg.go.dev/github.com/golang-jwt/jwt/v5#example-Parse-Hmac)
|
||||
* [Simple example of building and signing a token](https://pkg.go.dev/github.com/golang-jwt/jwt/v5#example-New-Hmac)
|
||||
* [Directory of Examples](https://pkg.go.dev/github.com/golang-jwt/jwt/v5#pkg-examples)
|
||||
* [Simple example of parsing and validating a token](https://pkg.go.dev/git.internal/re/jwt/v5#example-Parse-Hmac)
|
||||
* [Simple example of building and signing a token](https://pkg.go.dev/git.internal/re/jwt/v5#example-New-Hmac)
|
||||
* [Directory of Examples](https://pkg.go.dev/git.internal/re/jwt/v5#pkg-examples)
|
||||
|
||||
## Extensions
|
||||
|
||||
|
@ -110,10 +110,10 @@ Asymmetric signing methods, such as RSA, use different keys for signing and veri
|
|||
|
||||
Each signing method expects a different object type for its signing keys. See the package documentation for details. Here are the most common ones:
|
||||
|
||||
* The [HMAC signing method](https://pkg.go.dev/github.com/golang-jwt/jwt/v5#SigningMethodHMAC) (`HS256`,`HS384`,`HS512`) expect `[]byte` values for signing and validation
|
||||
* The [RSA signing method](https://pkg.go.dev/github.com/golang-jwt/jwt/v5#SigningMethodRSA) (`RS256`,`RS384`,`RS512`) expect `*rsa.PrivateKey` for signing and `*rsa.PublicKey` for validation
|
||||
* The [ECDSA signing method](https://pkg.go.dev/github.com/golang-jwt/jwt/v5#SigningMethodECDSA) (`ES256`,`ES384`,`ES512`) expect `*ecdsa.PrivateKey` for signing and `*ecdsa.PublicKey` for validation
|
||||
* The [EdDSA signing method](https://pkg.go.dev/github.com/golang-jwt/jwt/v5#SigningMethodEd25519) (`Ed25519`) expect `ed25519.PrivateKey` for signing and `ed25519.PublicKey` for validation
|
||||
* The [HMAC signing method](https://pkg.go.dev/git.internal/re/jwt/v5#SigningMethodHMAC) (`HS256`,`HS384`,`HS512`) expect `[]byte` values for signing and validation
|
||||
* The [RSA signing method](https://pkg.go.dev/git.internal/re/jwt/v5#SigningMethodRSA) (`RS256`,`RS384`,`RS512`) expect `*rsa.PrivateKey` for signing and `*rsa.PublicKey` for validation
|
||||
* The [ECDSA signing method](https://pkg.go.dev/git.internal/re/jwt/v5#SigningMethodECDSA) (`ES256`,`ES384`,`ES512`) expect `*ecdsa.PrivateKey` for signing and `*ecdsa.PublicKey` for validation
|
||||
* The [EdDSA signing method](https://pkg.go.dev/git.internal/re/jwt/v5#SigningMethodEd25519) (`Ed25519`) expect `ed25519.PrivateKey` for signing and `ed25519.PublicKey` for validation
|
||||
|
||||
### JWT and OAuth
|
||||
|
||||
|
@ -131,7 +131,7 @@ This library uses descriptive error messages whenever possible. If you are not g
|
|||
|
||||
## More
|
||||
|
||||
Documentation can be found [on pkg.go.dev](https://pkg.go.dev/github.com/golang-jwt/jwt/v5).
|
||||
Documentation can be found [on pkg.go.dev](https://pkg.go.dev/git.internal/re/jwt/v5).
|
||||
|
||||
The command line utility included in this project (cmd/jwt) provides a straightforward example of token creation and parsing as well as a useful tool for debugging your own integration. You'll also find several implementation examples in the documentation.
|
||||
|
||||
|
|
|
@ -16,4 +16,4 @@ To simply display a token, use:
|
|||
|
||||
You can install this tool with the following command:
|
||||
|
||||
go install github.com/golang-jwt/jwt/v5/cmd/jwt
|
||||
go install git.internal/re/jwt/v5/cmd/jwt
|
|
@ -17,7 +17,7 @@ import (
|
|||
"sort"
|
||||
"strings"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
"git.internal/re/jwt/v5"
|
||||
)
|
||||
|
||||
var (
|
||||
|
|
|
@ -6,7 +6,7 @@ import (
|
|||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
"git.internal/re/jwt/v5"
|
||||
)
|
||||
|
||||
var ecdsaTestData = []struct {
|
||||
|
@ -90,7 +90,6 @@ func TestECDSASign(t *testing.T) {
|
|||
toSign := strings.Join(parts[0:2], ".")
|
||||
method := jwt.GetSigningMethod(data.alg)
|
||||
sig, err := method.Sign(toSign, ecdsaKey)
|
||||
|
||||
if err != nil {
|
||||
t.Errorf("[%v] Error signing token: %v", data.name, err)
|
||||
}
|
||||
|
|
|
@ -5,7 +5,7 @@ import (
|
|||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
"git.internal/re/jwt/v5"
|
||||
)
|
||||
|
||||
var ed25519TestData = []struct {
|
||||
|
|
|
@ -5,7 +5,7 @@ import (
|
|||
"fmt"
|
||||
"time"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
"git.internal/re/jwt/v5"
|
||||
)
|
||||
|
||||
// Example (atypical) using the RegisteredClaims type by itself to parse a token.
|
||||
|
@ -25,7 +25,7 @@ func ExampleNewWithClaims_registeredClaims() {
|
|||
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
|
||||
ss, err := token.SignedString(mySigningKey)
|
||||
fmt.Printf("%v %v", ss, err)
|
||||
//Output: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJ0ZXN0IiwiZXhwIjoxNTE2MjM5MDIyfQ.0XN_1Tpp9FszFOonIBpwha0c_SfnNI22DhTnjMshPg8 <nil>
|
||||
// Output: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJ0ZXN0IiwiZXhwIjoxNTE2MjM5MDIyfQ.0XN_1Tpp9FszFOonIBpwha0c_SfnNI22DhTnjMshPg8 <nil>
|
||||
}
|
||||
|
||||
// Example creating a token using a custom claims type. The RegisteredClaims is embedded
|
||||
|
@ -67,7 +67,7 @@ func ExampleNewWithClaims_customClaimsType() {
|
|||
ss, err := token.SignedString(mySigningKey)
|
||||
fmt.Printf("%v %v", ss, err)
|
||||
|
||||
//Output: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJmb28iOiJiYXIiLCJpc3MiOiJ0ZXN0IiwiZXhwIjoxNTE2MjM5MDIyfQ.xVuY2FZ_MRXMIEgVQ7J-TFtaucVFRXUzHm9LmV41goM <nil>
|
||||
// Output: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJmb28iOiJiYXIiLCJpc3MiOiJ0ZXN0IiwiZXhwIjoxNTE2MjM5MDIyfQ.xVuY2FZ_MRXMIEgVQ7J-TFtaucVFRXUzHm9LmV41goM <nil>
|
||||
}
|
||||
|
||||
// Example creating a token using a custom claims type. The RegisteredClaims is embedded
|
||||
|
@ -152,7 +152,7 @@ func ExampleParseWithClaims_customValidation() {
|
|||
// An example of parsing the error types using errors.Is.
|
||||
func ExampleParse_errorChecking() {
|
||||
// Token from another example. This token is expired
|
||||
var tokenString = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJmb28iOiJiYXIiLCJleHAiOjE1MDAwLCJpc3MiOiJ0ZXN0In0.HE7fK0xOQwFEr4WDgRWj4teRPZ6i3GLwD5YCm6Pwu_c"
|
||||
tokenString := "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJmb28iOiJiYXIiLCJleHAiOjE1MDAwLCJpc3MiOiJ0ZXN0In0.HE7fK0xOQwFEr4WDgRWj4teRPZ6i3GLwD5YCm6Pwu_c"
|
||||
|
||||
token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
|
||||
return []byte("AllYourBase"), nil
|
||||
|
|
2
go.mod
2
go.mod
|
@ -1,3 +1,3 @@
|
|||
module github.com/golang-jwt/jwt/v5
|
||||
module git.internal/re/jwt/v5
|
||||
|
||||
go 1.16
|
||||
|
|
|
@ -5,7 +5,7 @@ import (
|
|||
"os"
|
||||
"time"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
"git.internal/re/jwt/v5"
|
||||
)
|
||||
|
||||
// For HMAC signing method, the key can be any []byte. It is recommended to generate
|
||||
|
|
|
@ -5,7 +5,7 @@ import (
|
|||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
"git.internal/re/jwt/v5"
|
||||
)
|
||||
|
||||
var hmacTestData = []struct {
|
||||
|
|
|
@ -16,8 +16,8 @@ import (
|
|||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
"github.com/golang-jwt/jwt/v5/request"
|
||||
"git.internal/re/jwt/v5"
|
||||
"git.internal/re/jwt/v5/request"
|
||||
)
|
||||
|
||||
// location of the files used for signing and verification
|
||||
|
@ -109,11 +109,10 @@ func Example_getTokenViaHTTP() {
|
|||
claims := token.Claims.(*CustomClaimsExample)
|
||||
fmt.Println(claims.CustomerInfo.Name)
|
||||
|
||||
//Output: test
|
||||
// Output: test
|
||||
}
|
||||
|
||||
func Example_useTokenViaHTTP() {
|
||||
|
||||
// Make a sample token
|
||||
// In a real world situation, this token will have been acquired from
|
||||
// some other API call (see Example_getTokenViaHTTP)
|
||||
|
@ -197,7 +196,6 @@ func restrictedHandler(w http.ResponseWriter, r *http.Request) {
|
|||
// we also only use its public counter part to verify
|
||||
return verifyKey, nil
|
||||
}, request.WithClaims(&CustomClaimsExample{}))
|
||||
|
||||
// If the token is missing or invalid, return error
|
||||
if err != nil {
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
|
|
|
@ -4,7 +4,7 @@ import (
|
|||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
"git.internal/re/jwt/v5"
|
||||
)
|
||||
|
||||
var noneTestData = []struct {
|
||||
|
|
|
@ -10,8 +10,8 @@ import (
|
|||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
"github.com/golang-jwt/jwt/v5/test"
|
||||
"git.internal/re/jwt/v5"
|
||||
"git.internal/re/jwt/v5/test"
|
||||
)
|
||||
|
||||
var errKeyFuncError error = fmt.Errorf("error loading key")
|
||||
|
@ -42,7 +42,6 @@ func init() {
|
|||
// Load private keys
|
||||
jwtTestRSAPrivateKey = test.LoadRSAPrivateKeyFromDisk("test/sample_key")
|
||||
jwtTestEC256PrivateKey = test.LoadECPrivateKeyFromDisk("test/ec256-private.pem")
|
||||
|
||||
}
|
||||
|
||||
var jwtTestData = []struct {
|
||||
|
@ -347,11 +346,9 @@ func signToken(claims jwt.Claims, signingMethod jwt.SigningMethod) string {
|
|||
}
|
||||
|
||||
func TestParser_Parse(t *testing.T) {
|
||||
|
||||
// Iterate over test data set and run tests
|
||||
for _, data := range jwtTestData {
|
||||
t.Run(data.name, func(t *testing.T) {
|
||||
|
||||
// If the token string is blank, use helper function to generate string
|
||||
if data.tokenString == "" {
|
||||
data.tokenString = signToken(data.claims, data.signingMethod)
|
||||
|
@ -361,7 +358,7 @@ func TestParser_Parse(t *testing.T) {
|
|||
var token *jwt.Token
|
||||
var ve *jwt.ValidationError
|
||||
var err error
|
||||
var parser = data.parser
|
||||
parser := data.parser
|
||||
if parser == nil {
|
||||
parser = jwt.NewParser()
|
||||
}
|
||||
|
@ -411,7 +408,7 @@ func TestParser_Parse(t *testing.T) {
|
|||
if err == nil {
|
||||
t.Errorf("[%v] Expecting error(s). Didn't get one.", data.name)
|
||||
} else {
|
||||
var all = false
|
||||
all := false
|
||||
for _, e := range data.err {
|
||||
all = errors.Is(err, e)
|
||||
}
|
||||
|
@ -436,7 +433,6 @@ func TestParser_Parse(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestParser_ParseUnverified(t *testing.T) {
|
||||
|
||||
// Iterate over test data set and run tests
|
||||
for _, data := range jwtTestData {
|
||||
// Skip test data, that intentionally contains malformed tokens, as they would lead to an error
|
||||
|
@ -453,7 +449,7 @@ func TestParser_ParseUnverified(t *testing.T) {
|
|||
// Parse the token
|
||||
var token *jwt.Token
|
||||
var err error
|
||||
var parser = data.parser
|
||||
parser := data.parser
|
||||
if parser == nil {
|
||||
parser = new(jwt.Parser)
|
||||
}
|
||||
|
@ -672,7 +668,6 @@ func TestSetPadding(t *testing.T) {
|
|||
err,
|
||||
)
|
||||
}
|
||||
|
||||
})
|
||||
jwt.DecodePaddingAllowed = false
|
||||
jwt.DecodeStrict = false
|
||||
|
@ -680,7 +675,6 @@ func TestSetPadding(t *testing.T) {
|
|||
}
|
||||
|
||||
func BenchmarkParseUnverified(b *testing.B) {
|
||||
|
||||
// Iterate over test data set and run tests
|
||||
for _, data := range jwtTestData {
|
||||
// If the token string is blank, use helper function to generate string
|
||||
|
@ -689,7 +683,7 @@ func BenchmarkParseUnverified(b *testing.B) {
|
|||
}
|
||||
|
||||
// Parse the token
|
||||
var parser = data.parser
|
||||
parser := data.parser
|
||||
if parser == nil {
|
||||
parser = new(jwt.Parser)
|
||||
}
|
||||
|
|
|
@ -3,7 +3,7 @@ package request
|
|||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
"git.internal/re/jwt/v5"
|
||||
)
|
||||
|
||||
// ParseFromRequest extracts and parses a JWT token from an HTTP request.
|
||||
|
|
|
@ -8,8 +8,8 @@ import (
|
|||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
"github.com/golang-jwt/jwt/v5/test"
|
||||
"git.internal/re/jwt/v5"
|
||||
"git.internal/re/jwt/v5/test"
|
||||
)
|
||||
|
||||
var requestTestData = []struct {
|
||||
|
|
|
@ -10,8 +10,8 @@ import (
|
|||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
"github.com/golang-jwt/jwt/v5/test"
|
||||
"git.internal/re/jwt/v5"
|
||||
"git.internal/re/jwt/v5/test"
|
||||
)
|
||||
|
||||
var rsaPSSTestData = []struct {
|
||||
|
|
|
@ -5,7 +5,7 @@ import (
|
|||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
"git.internal/re/jwt/v5"
|
||||
)
|
||||
|
||||
var rsaTestData = []struct {
|
||||
|
@ -147,7 +147,6 @@ func TestRSAKeyParsing(t *testing.T) {
|
|||
if k, e := jwt.ParseRSAPublicKeyFromPEM(badKey); e == nil {
|
||||
t.Errorf("Parsed invalid key as valid private key: %v", k)
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
func BenchmarkRSAParsing(b *testing.B) {
|
||||
|
|
|
@ -5,7 +5,7 @@ import (
|
|||
"crypto/rsa"
|
||||
"os"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
"git.internal/re/jwt/v5"
|
||||
)
|
||||
|
||||
func LoadRSAPrivateKeyFromDisk(location string) *rsa.PrivateKey {
|
||||
|
|
|
@ -3,7 +3,7 @@ package jwt_test
|
|||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
"git.internal/re/jwt/v5"
|
||||
)
|
||||
|
||||
func TestToken_SigningString(t1 *testing.T) {
|
||||
|
|
|
@ -6,7 +6,7 @@ import (
|
|||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
"git.internal/re/jwt/v5"
|
||||
)
|
||||
|
||||
func TestNumericDate(t *testing.T) {
|
||||
|
@ -41,7 +41,6 @@ func TestSingleArrayMarshal(t *testing.T) {
|
|||
expected := `"test"`
|
||||
|
||||
b, err := json.Marshal(s)
|
||||
|
||||
if err != nil {
|
||||
t.Errorf("Unexpected error: %s", err)
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue