From ed990edf4d3a5db76fa4ec3f679569ef86b2d91b Mon Sep 17 00:00:00 2001 From: Christian Banse Date: Sun, 28 Aug 2022 12:05:44 +0200 Subject: [PATCH 1/9] Experimental support for jwt v5 --- README.md | 18 +++++++++--------- alg_test.go | 2 +- checksum_test.go | 2 +- ecdsa_test.go | 2 +- examples/aws_cognito/main.go | 2 +- examples/ctx/main.go | 2 +- examples/custom/main.go | 2 +- examples/given/main.go | 2 +- examples/hmac/main.go | 2 +- examples/interval/main.go | 2 +- examples/json/main.go | 2 +- examples/keycloak/main.go | 2 +- examples/recommended_options/main.go | 2 +- given.go | 4 ++-- given_test.go | 2 +- go.mod | 4 +++- go.sum | 6 ++++-- jwks_test.go | 2 +- keyfunc.go | 4 ++-- multiple.go | 2 +- multiple_test.go | 2 +- options.go | 2 +- override_test.go | 2 +- 23 files changed, 38 insertions(+), 34 deletions(-) diff --git a/README.md b/README.md index 11ae672..7f39f25 100644 --- a/README.md +++ b/README.md @@ -3,8 +3,8 @@ # keyfunc The purpose of this package is to provide a -[`jwt.Keyfunc`](https://pkg.go.dev/github.com/golang-jwt/jwt/v4#Keyfunc) for the -[github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt) package using a JSON Web Key Set (JWK Set or JWKS) for +[`jwt.Keyfunc`](https://pkg.go.dev/github.com/golang-jwt/jwt/v5#Keyfunc) for the +[github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt) package using a JSON Web Key Set (JWK Set or JWKS) for parsing and verifying JSON Web Tokens (JWTs). There is legacy support for `github.com/dgrijalva/jwt-go` and its popular forks. It's in a separate project to keep this @@ -14,10 +14,10 @@ see: [github.com/MicahParks/compatibility-keyfunc](https://github.com/MicahParks It's common for an identity provider, such as [Keycloak](https://www.keycloak.org/) or [Amazon Cognito (AWS)](https://aws.amazon.com/cognito/) to expose a JWKS via an HTTPS endpoint. This package has the ability to consume that JWKS and produce a -[`jwt.Keyfunc`](https://pkg.go.dev/github.com/golang-jwt/jwt/v4#Keyfunc). It is important that a JWKS endpoint is using +[`jwt.Keyfunc`](https://pkg.go.dev/github.com/golang-jwt/jwt/v5#Keyfunc). It is important that a JWKS endpoint is using HTTPS to ensure the keys are from the correct trusted source. -This repository only depends on: [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt) +This repository only depends on: [github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt) `jwt.Keyfunc` signatures are imported from these, implemented, then exported as methods. @@ -57,7 +57,7 @@ import "github.com/MicahParks/keyfunc" The [`JWKS.ReadOnlyKeys`](https://pkg.go.dev/github.com/MicahParks/keyfunc#JWKS.ReadOnlyKeys) method returns a read-only copy of a `map[string]interface{}`. The key to this map is the key ID, `kid`, and the value is the cryptographic key. -This is a useful map for use of keys within a JWKS outside of `github.com/golang-jwt/jwt/v4`. +This is a useful map for use of keys within a JWKS outside of `github.com/golang-jwt/jwt/v5`. The map itself is a copy. So it can be modified safely. However, the values are of type `interface{}`. If these values are modified, it may cause undefined behavior. @@ -115,11 +115,11 @@ jwks := keyfunc.NewGiven(map[string]keyfunc.GivenKey{ }) ``` -Additional options can be passed to the [`keyfunc.Get`](https://pkg.go.dev/github.com/golang-jwt/jwt/v4/keyfunc#Get) -function. See [`keyfunc.Options`](https://pkg.go.dev/github.com/golang-jwt/jwt/v4/keyfunc#Options) and the additional +Additional options can be passed to the [`keyfunc.Get`](https://pkg.go.dev/github.com/golang-jwt/jwt/v5/keyfunc#Get) +function. See [`keyfunc.Options`](https://pkg.go.dev/github.com/golang-jwt/jwt/v5/keyfunc#Options) and the additional features mentioned at the bottom of this `README.md`. -### Step 2: Use the [`JWKS.Keyfunc`](https://pkg.go.dev/github.com/golang-jwt/jwt/v4/keyfunc#JWKS.Keyfunc) method as the [`jwt.Keyfunc`](https://pkg.go.dev/github.com/golang-jwt/jwt/v4#Keyfunc) when parsing tokens +### Step 2: Use the [`JWKS.Keyfunc`](https://pkg.go.dev/github.com/golang-jwt/jwt/v5/keyfunc#JWKS.Keyfunc) method as the [`jwt.Keyfunc`](https://pkg.go.dev/github.com/golang-jwt/jwt/v5#Keyfunc) when parsing tokens ```go // Parse the JWT. @@ -178,7 +178,7 @@ These features can be configured by populating fields in the the `examples/given` directory. * A copy of the latest raw JWKS `[]byte` can be returned. * Custom cryptographic algorithms can be used. Make sure to - use [`jwt.RegisterSigningMethod`](https://pkg.go.dev/github.com/golang-jwt/jwt/v4#RegisterSigningMethod) before + use [`jwt.RegisterSigningMethod`](https://pkg.go.dev/github.com/golang-jwt/jwt/v5#RegisterSigningMethod) before parsing JWTs. For an example, see the `examples/custom` directory. * The remote JWKS resource can be refreshed manually using the `.Refresh` method. This can bypass the rate limit, if the option is set. diff --git a/alg_test.go b/alg_test.go index 9fafae1..1206caf 100644 --- a/alg_test.go +++ b/alg_test.go @@ -5,7 +5,7 @@ import ( "errors" "testing" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/MicahParks/keyfunc" ) diff --git a/checksum_test.go b/checksum_test.go index a5f11eb..b963d22 100644 --- a/checksum_test.go +++ b/checksum_test.go @@ -9,7 +9,7 @@ import ( "reflect" "testing" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/MicahParks/keyfunc" ) diff --git a/ecdsa_test.go b/ecdsa_test.go index c71cacb..c44f4f5 100644 --- a/ecdsa_test.go +++ b/ecdsa_test.go @@ -5,7 +5,7 @@ import ( "errors" "testing" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/MicahParks/keyfunc" ) diff --git a/examples/aws_cognito/main.go b/examples/aws_cognito/main.go index 8359b42..8ba9d41 100644 --- a/examples/aws_cognito/main.go +++ b/examples/aws_cognito/main.go @@ -5,7 +5,7 @@ import ( "log" "time" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/MicahParks/keyfunc" ) diff --git a/examples/ctx/main.go b/examples/ctx/main.go index f854715..a1b95f4 100644 --- a/examples/ctx/main.go +++ b/examples/ctx/main.go @@ -4,7 +4,7 @@ import ( "log" "time" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/MicahParks/keyfunc" ) diff --git a/examples/custom/main.go b/examples/custom/main.go index 1f09865..5c3b151 100644 --- a/examples/custom/main.go +++ b/examples/custom/main.go @@ -3,7 +3,7 @@ package main import ( "log" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/MicahParks/keyfunc" "github.com/MicahParks/keyfunc/examples/custom/method" diff --git a/examples/given/main.go b/examples/given/main.go index 2787b0c..5a0a0a7 100644 --- a/examples/given/main.go +++ b/examples/given/main.go @@ -5,7 +5,7 @@ import ( "log" "time" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/MicahParks/keyfunc" ) diff --git a/examples/hmac/main.go b/examples/hmac/main.go index 79eba13..b1199e3 100644 --- a/examples/hmac/main.go +++ b/examples/hmac/main.go @@ -3,7 +3,7 @@ package main import ( "log" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/MicahParks/keyfunc" ) diff --git a/examples/interval/main.go b/examples/interval/main.go index 130d72d..d65a165 100644 --- a/examples/interval/main.go +++ b/examples/interval/main.go @@ -4,7 +4,7 @@ import ( "log" "time" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/MicahParks/keyfunc" ) diff --git a/examples/json/main.go b/examples/json/main.go index cb890e2..b076a4a 100644 --- a/examples/json/main.go +++ b/examples/json/main.go @@ -4,7 +4,7 @@ import ( "encoding/json" "log" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/MicahParks/keyfunc" ) diff --git a/examples/keycloak/main.go b/examples/keycloak/main.go index 90cf375..42f6df7 100644 --- a/examples/keycloak/main.go +++ b/examples/keycloak/main.go @@ -4,7 +4,7 @@ import ( "log" "time" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/MicahParks/keyfunc" ) diff --git a/examples/recommended_options/main.go b/examples/recommended_options/main.go index d7d73b0..963c6d2 100644 --- a/examples/recommended_options/main.go +++ b/examples/recommended_options/main.go @@ -5,7 +5,7 @@ import ( "log" "time" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/MicahParks/keyfunc" ) diff --git a/given.go b/given.go index 68c8abd..791a038 100644 --- a/given.go +++ b/given.go @@ -45,7 +45,7 @@ func NewGiven(givenKeys map[string]GivenKey) (jwks *JWKS) { // NewGivenCustom creates a new GivenKey given an untyped variable. The key argument is expected to be a supported // by the jwt package used. // -// See the https://pkg.go.dev/github.com/golang-jwt/jwt/v4#RegisterSigningMethod function for registering an unsupported +// See the https://pkg.go.dev/github.com/golang-jwt/jwt/v5#RegisterSigningMethod function for registering an unsupported // signing method. // // Deprecated: This function does not allow the user to specify the JWT's signing algorithm. Use @@ -61,7 +61,7 @@ func NewGivenCustom(key interface{}) (givenKey GivenKey) { // // Consider the options carefully as each field may have a security implication. // -// See the https://pkg.go.dev/github.com/golang-jwt/jwt/v4#RegisterSigningMethod function for registering an unsupported +// See the https://pkg.go.dev/github.com/golang-jwt/jwt/v5#RegisterSigningMethod function for registering an unsupported // signing method. func NewGivenCustomWithOptions(key interface{}, options GivenKeyOptions) (givenKey GivenKey) { return GivenKey{ diff --git a/given_test.go b/given_test.go index 91e4e88..3fcaf8e 100644 --- a/given_test.go +++ b/given_test.go @@ -11,7 +11,7 @@ import ( "fmt" "testing" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/MicahParks/keyfunc" "github.com/MicahParks/keyfunc/examples/custom/method" diff --git a/go.mod b/go.mod index ce7ffcf..94a8e33 100644 --- a/go.mod +++ b/go.mod @@ -2,6 +2,8 @@ module github.com/MicahParks/keyfunc go 1.16 -require github.com/golang-jwt/jwt/v4 v4.4.2 +require ( + github.com/golang-jwt/jwt/v5 v5.0.0-20220827114201-5735b9c09c4f +) retract v1.3.0 // Contains a bug in ResponseExtractorStatusOK where the *http.Response body is not closed. https://github.com/MicahParks/keyfunc/issues/51 diff --git a/go.sum b/go.sum index f214fed..62f1328 100644 --- a/go.sum +++ b/go.sum @@ -1,2 +1,4 @@ -github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQAYs= -github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v5 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= +github.com/golang-jwt/jwt/v5 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v5 v5.0.0-20220827114201-5735b9c09c4f h1:vFMwvx6qRGuY4j1aZNlxMZPjF7l0Pj7L6HIDMtu6M+g= +github.com/golang-jwt/jwt/v5 v5.0.0-20220827114201-5735b9c09c4f/go.mod h1:LStXn4ehBjSFV0xtOEuMWrqlMT24Ftd1MaucI6XwEFo= diff --git a/jwks_test.go b/jwks_test.go index a0b6b77..f28ecdb 100644 --- a/jwks_test.go +++ b/jwks_test.go @@ -18,7 +18,7 @@ import ( "testing" "time" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/MicahParks/keyfunc" ) diff --git a/keyfunc.go b/keyfunc.go index 1f082bd..8c27cd9 100644 --- a/keyfunc.go +++ b/keyfunc.go @@ -6,7 +6,7 @@ import ( "fmt" "strings" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" ) var ( @@ -14,7 +14,7 @@ var ( ErrKID = errors.New("the JWT has an invalid kid") ) -// Keyfunc matches the signature of github.com/golang-jwt/jwt/v4's jwt.Keyfunc function. +// Keyfunc matches the signature of github.com/golang-jwt/jwt/v5's jwt.Keyfunc function. func (j *JWKS) Keyfunc(token *jwt.Token) (interface{}, error) { kid, alg, err := kidAlg(token) if err != nil { diff --git a/multiple.go b/multiple.go index 61ea30b..e506f4a 100644 --- a/multiple.go +++ b/multiple.go @@ -4,7 +4,7 @@ import ( "errors" "fmt" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" ) // ErrMultipleJWKSSize is returned when the number of JWKS given are not enough to make a MultipleJWKS. diff --git a/multiple_test.go b/multiple_test.go index 5762c8a..71af0f8 100644 --- a/multiple_test.go +++ b/multiple_test.go @@ -5,7 +5,7 @@ import ( "net/http/httptest" "testing" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/MicahParks/keyfunc" ) diff --git a/options.go b/options.go index cc4cf5e..34edd25 100644 --- a/options.go +++ b/options.go @@ -9,7 +9,7 @@ import ( "net/http" "time" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" ) // ErrInvalidHTTPStatusCode indicates that the HTTP status code is invalid. diff --git a/override_test.go b/override_test.go index e0f2099..4086453 100644 --- a/override_test.go +++ b/override_test.go @@ -14,7 +14,7 @@ import ( "path/filepath" "testing" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/MicahParks/keyfunc" ) From ee962a7cee1f24eb3afa7ebc47e73b826c84d605 Mon Sep 17 00:00:00 2001 From: Christian Banse Date: Tue, 21 Feb 2023 14:50:20 +0100 Subject: [PATCH 2/9] Setting version to RC1 --- go.mod | 6 +----- go.sum | 6 ++---- 2 files changed, 3 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index 94a8e33..a246c15 100644 --- a/go.mod +++ b/go.mod @@ -2,8 +2,4 @@ module github.com/MicahParks/keyfunc go 1.16 -require ( - github.com/golang-jwt/jwt/v5 v5.0.0-20220827114201-5735b9c09c4f -) - -retract v1.3.0 // Contains a bug in ResponseExtractorStatusOK where the *http.Response body is not closed. https://github.com/MicahParks/keyfunc/issues/51 +require github.com/golang-jwt/jwt/v5 v5.0.0-rc.1 diff --git a/go.sum b/go.sum index 62f1328..d25735e 100644 --- a/go.sum +++ b/go.sum @@ -1,4 +1,2 @@ -github.com/golang-jwt/jwt/v5 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= -github.com/golang-jwt/jwt/v5 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= -github.com/golang-jwt/jwt/v5 v5.0.0-20220827114201-5735b9c09c4f h1:vFMwvx6qRGuY4j1aZNlxMZPjF7l0Pj7L6HIDMtu6M+g= -github.com/golang-jwt/jwt/v5 v5.0.0-20220827114201-5735b9c09c4f/go.mod h1:LStXn4ehBjSFV0xtOEuMWrqlMT24Ftd1MaucI6XwEFo= +github.com/golang-jwt/jwt/v5 v5.0.0-rc.1 h1:tDQ1LjKga657layZ4JLsRdxgvupebc0xuPwRNuTfUgs= +github.com/golang-jwt/jwt/v5 v5.0.0-rc.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= From 6e92c0f50512017f15c45f831cc66afb30eb31fd Mon Sep 17 00:00:00 2001 From: Christian Banse Date: Thu, 30 Mar 2023 21:09:10 +0200 Subject: [PATCH 3/9] Adjusting to Release Candidate 2 --- examples/custom/method/method.go | 6 +++--- go.mod | 2 +- go.sum | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/examples/custom/method/method.go b/examples/custom/method/method.go index 7e03ab5..c431d1e 100644 --- a/examples/custom/method/method.go +++ b/examples/custom/method/method.go @@ -7,13 +7,13 @@ const CustomAlgHeader = "customalg" type EmptyCustom struct{} // Verify helps implement the jwt.SigningMethod interface. It does not verify. -func (e EmptyCustom) Verify(_, _ string, _ interface{}) error { +func (e EmptyCustom) Verify(_ string, _ []byte, _ interface{}) error { return nil } // Sign helps implement the jwt.SigningMethod interface. It does not sign anything. -func (e EmptyCustom) Sign(_ string, _ interface{}) (string, error) { - return CustomAlgHeader, nil +func (e EmptyCustom) Sign(_ string, _ interface{}) ([]byte, error) { + return []byte{}, nil } // Alg helps implement the jwt.SigningMethod. It returns the `alg` JSON attribute for JWTs signed with this method. diff --git a/go.mod b/go.mod index a246c15..bf14282 100644 --- a/go.mod +++ b/go.mod @@ -2,4 +2,4 @@ module github.com/MicahParks/keyfunc go 1.16 -require github.com/golang-jwt/jwt/v5 v5.0.0-rc.1 +require github.com/golang-jwt/jwt/v5 v5.0.0-rc.2 diff --git a/go.sum b/go.sum index d25735e..2b9348a 100644 --- a/go.sum +++ b/go.sum @@ -1,2 +1,2 @@ -github.com/golang-jwt/jwt/v5 v5.0.0-rc.1 h1:tDQ1LjKga657layZ4JLsRdxgvupebc0xuPwRNuTfUgs= -github.com/golang-jwt/jwt/v5 v5.0.0-rc.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= +github.com/golang-jwt/jwt/v5 v5.0.0-rc.2 h1:hXPcSazn8wKOfSb9y2m1bdgUMlDxVDarxh3lJVbC6JE= +github.com/golang-jwt/jwt/v5 v5.0.0-rc.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= From f58778f4bdbfe7b8c4965307c004d7cfc00d5fa7 Mon Sep 17 00:00:00 2001 From: Christian Banse Date: Mon, 17 Apr 2023 19:15:31 +0200 Subject: [PATCH 4/9] Final v5.0.0 release --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index bf14282..8bc1cf3 100644 --- a/go.mod +++ b/go.mod @@ -2,4 +2,4 @@ module github.com/MicahParks/keyfunc go 1.16 -require github.com/golang-jwt/jwt/v5 v5.0.0-rc.2 +require github.com/golang-jwt/jwt/v5 v5.0.0 diff --git a/go.sum b/go.sum index 2b9348a..fcfb224 100644 --- a/go.sum +++ b/go.sum @@ -1,2 +1,2 @@ -github.com/golang-jwt/jwt/v5 v5.0.0-rc.2 h1:hXPcSazn8wKOfSb9y2m1bdgUMlDxVDarxh3lJVbC6JE= -github.com/golang-jwt/jwt/v5 v5.0.0-rc.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= +github.com/golang-jwt/jwt/v5 v5.0.0 h1:1n1XNM9hk7O9mnQoNBGolZvzebBQ7p93ULHRc28XJUE= +github.com/golang-jwt/jwt/v5 v5.0.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= From 0e6885d4b085e67f5e256653207264269bb5d47a Mon Sep 17 00:00:00 2001 From: Micah Parks Date: Tue, 18 Apr 2023 08:02:24 -0400 Subject: [PATCH 5/9] Reclaim deprecated names and add exported asset comments --- examples/custom/main.go | 2 +- examples/given/main.go | 2 +- examples/hmac/main.go | 2 +- given.go | 66 ++++------------------------------------- given_test.go | 14 ++++----- keyfunc.go | 1 + multiple.go | 3 ++ 7 files changed, 20 insertions(+), 70 deletions(-) diff --git a/examples/custom/main.go b/examples/custom/main.go index 5c3b151..abfb7b6 100644 --- a/examples/custom/main.go +++ b/examples/custom/main.go @@ -29,7 +29,7 @@ func main() { // Create the JWKS from the given signing method's key. jwks := keyfunc.NewGiven(map[string]keyfunc.GivenKey{ - exampleKID: keyfunc.NewGivenCustomWithOptions(key, keyfunc.GivenKeyOptions{ + exampleKID: keyfunc.NewGivenCustom(key, keyfunc.GivenKeyOptions{ Algorithm: method.CustomAlgHeader, }), }) diff --git a/examples/given/main.go b/examples/given/main.go index 5a0a0a7..d788509 100644 --- a/examples/given/main.go +++ b/examples/given/main.go @@ -23,7 +23,7 @@ func main() { hmacSecret := []byte("example secret") const givenKID = "givenKID" givenKeys := map[string]keyfunc.GivenKey{ - givenKID: keyfunc.NewGivenHMACCustomWithOptions(hmacSecret, keyfunc.GivenKeyOptions{ + givenKID: keyfunc.NewGivenHMAC(hmacSecret, keyfunc.GivenKeyOptions{ Algorithm: jwt.SigningMethodHS256.Alg(), }), } diff --git a/examples/hmac/main.go b/examples/hmac/main.go index b1199e3..69b0939 100644 --- a/examples/hmac/main.go +++ b/examples/hmac/main.go @@ -23,7 +23,7 @@ func main() { // Create the JWKS from the HMAC key. jwks := keyfunc.NewGiven(map[string]keyfunc.GivenKey{ - exampleKID: keyfunc.NewGivenHMACCustomWithOptions(key, keyfunc.GivenKeyOptions{ + exampleKID: keyfunc.NewGivenHMAC(key, keyfunc.GivenKeyOptions{ Algorithm: jwt.SigningMethodHS512.Alg(), }), }) diff --git a/given.go b/given.go index 791a038..f66df81 100644 --- a/given.go +++ b/given.go @@ -42,28 +42,14 @@ func NewGiven(givenKeys map[string]GivenKey) (jwks *JWKS) { } } -// NewGivenCustom creates a new GivenKey given an untyped variable. The key argument is expected to be a supported +// NewGivenCustom creates a new GivenKey given an untyped variable. The key argument is expected to be a type supported // by the jwt package used. // -// See the https://pkg.go.dev/github.com/golang-jwt/jwt/v5#RegisterSigningMethod function for registering an unsupported -// signing method. -// -// Deprecated: This function does not allow the user to specify the JWT's signing algorithm. Use -// NewGivenCustomWithOptions instead. -func NewGivenCustom(key interface{}) (givenKey GivenKey) { - return GivenKey{ - inter: key, - } -} - -// NewGivenCustomWithOptions creates a new GivenKey given an untyped variable. The key argument is expected to be a type -// supported by the jwt package used. -// // Consider the options carefully as each field may have a security implication. // // See the https://pkg.go.dev/github.com/golang-jwt/jwt/v5#RegisterSigningMethod function for registering an unsupported // signing method. -func NewGivenCustomWithOptions(key interface{}, options GivenKeyOptions) (givenKey GivenKey) { +func NewGivenCustom(key interface{}, options GivenKeyOptions) (givenKey GivenKey) { return GivenKey{ algorithm: options.Algorithm, inter: key, @@ -72,18 +58,8 @@ func NewGivenCustomWithOptions(key interface{}, options GivenKeyOptions) (givenK // NewGivenECDSA creates a new GivenKey given an ECDSA public key. // -// Deprecated: This function does not allow the user to specify the JWT's signing algorithm. Use -// NewGivenECDSACustomWithOptions instead. -func NewGivenECDSA(key *ecdsa.PublicKey) (givenKey GivenKey) { - return GivenKey{ - inter: key, - } -} - -// NewGivenECDSACustomWithOptions creates a new GivenKey given an ECDSA public key. -// // Consider the options carefully as each field may have a security implication. -func NewGivenECDSACustomWithOptions(key *ecdsa.PublicKey, options GivenKeyOptions) (givenKey GivenKey) { +func NewGivenECDSA(key *ecdsa.PublicKey, options GivenKeyOptions) (givenKey GivenKey) { return GivenKey{ algorithm: options.Algorithm, inter: key, @@ -92,18 +68,8 @@ func NewGivenECDSACustomWithOptions(key *ecdsa.PublicKey, options GivenKeyOption // NewGivenEdDSA creates a new GivenKey given an EdDSA public key. // -// Deprecated: This function does not allow the user to specify the JWT's signing algorithm. Use -// NewGivenEdDSACustomWithOptions instead. -func NewGivenEdDSA(key ed25519.PublicKey) (givenKey GivenKey) { - return GivenKey{ - inter: key, - } -} - -// NewGivenEdDSACustomWithOptions creates a new GivenKey given an EdDSA public key. -// // Consider the options carefully as each field may have a security implication. -func NewGivenEdDSACustomWithOptions(key ed25519.PublicKey, options GivenKeyOptions) (givenKey GivenKey) { +func NewGivenEdDSA(key ed25519.PublicKey, options GivenKeyOptions) (givenKey GivenKey) { return GivenKey{ algorithm: options.Algorithm, inter: key, @@ -112,18 +78,8 @@ func NewGivenEdDSACustomWithOptions(key ed25519.PublicKey, options GivenKeyOptio // NewGivenHMAC creates a new GivenKey given an HMAC key in a byte slice. // -// Deprecated: This function does not allow the user to specify the JWT's signing algorithm. Use -// NewGivenHMACCustomWithOptions instead. -func NewGivenHMAC(key []byte) (givenKey GivenKey) { - return GivenKey{ - inter: key, - } -} - -// NewGivenHMACCustomWithOptions creates a new GivenKey given an HMAC key in a byte slice. -// // Consider the options carefully as each field may have a security implication. -func NewGivenHMACCustomWithOptions(key []byte, options GivenKeyOptions) (givenKey GivenKey) { +func NewGivenHMAC(key []byte, options GivenKeyOptions) (givenKey GivenKey) { return GivenKey{ algorithm: options.Algorithm, inter: key, @@ -132,18 +88,8 @@ func NewGivenHMACCustomWithOptions(key []byte, options GivenKeyOptions) (givenKe // NewGivenRSA creates a new GivenKey given an RSA public key. // -// Deprecated: This function does not allow the user to specify the JWT's signing algorithm. Use -// NewGivenRSACustomWithOptions instead. -func NewGivenRSA(key *rsa.PublicKey) (givenKey GivenKey) { - return GivenKey{ - inter: key, - } -} - -// NewGivenRSACustomWithOptions creates a new GivenKey given an RSA public key. -// // Consider the options carefully as each field may have a security implication. -func NewGivenRSACustomWithOptions(key *rsa.PublicKey, options GivenKeyOptions) (givenKey GivenKey) { +func NewGivenRSA(key *rsa.PublicKey, options GivenKeyOptions) (givenKey GivenKey) { return GivenKey{ algorithm: options.Algorithm, inter: key, diff --git a/given_test.go b/given_test.go index 3fcaf8e..a1a2258 100644 --- a/given_test.go +++ b/given_test.go @@ -54,7 +54,7 @@ func TestNewGivenCustomAlg(t *testing.T) { const key = "test-key" givenKeys := make(map[string]keyfunc.GivenKey) - givenKeys[testKID] = keyfunc.NewGivenCustomWithOptions(key, keyfunc.GivenKeyOptions{ + givenKeys[testKID] = keyfunc.NewGivenCustom(key, keyfunc.GivenKeyOptions{ Algorithm: method.CustomAlgHeader, }) @@ -76,7 +76,7 @@ func TestNewGivenCustomAlg_NegativeCase(t *testing.T) { const key = jwt.UnsafeAllowNoneSignatureType // Allow the "none" JWT "alg" header value for golang-jwt. givenKeys := make(map[string]keyfunc.GivenKey) - givenKeys[testKID] = keyfunc.NewGivenCustomWithOptions(key, keyfunc.GivenKeyOptions{ + givenKeys[testKID] = keyfunc.NewGivenCustom(key, keyfunc.GivenKeyOptions{ Algorithm: method.CustomAlgHeader, }) @@ -206,7 +206,7 @@ func TestNewGivenKeysFromJSON_BadParse(t *testing.T) { // addCustom adds a new key wto the given keys map. The new key is using a test jwt.SigningMethod. func addCustom(givenKeys map[string]keyfunc.GivenKey, kid string) (key string) { key = "" - givenKeys[kid] = keyfunc.NewGivenCustomWithOptions(key, keyfunc.GivenKeyOptions{ + givenKeys[kid] = keyfunc.NewGivenCustom(key, keyfunc.GivenKeyOptions{ Algorithm: method.CustomAlgHeader, }) return key @@ -219,7 +219,7 @@ func addECDSA(givenKeys map[string]keyfunc.GivenKey, kid string) (key *ecdsa.Pri return nil, fmt.Errorf("failed to create ECDSA key: %w", err) } - givenKeys[kid] = keyfunc.NewGivenECDSACustomWithOptions(&key.PublicKey, keyfunc.GivenKeyOptions{ + givenKeys[kid] = keyfunc.NewGivenECDSA(&key.PublicKey, keyfunc.GivenKeyOptions{ Algorithm: jwt.SigningMethodES256.Alg(), }) @@ -233,7 +233,7 @@ func addEdDSA(givenKeys map[string]keyfunc.GivenKey, kid string) (key ed25519.Pr return nil, fmt.Errorf("failed to create ECDSA key: %w", err) } - givenKeys[kid] = keyfunc.NewGivenEdDSACustomWithOptions(pub, keyfunc.GivenKeyOptions{ + givenKeys[kid] = keyfunc.NewGivenEdDSA(pub, keyfunc.GivenKeyOptions{ Algorithm: jwt.SigningMethodEdDSA.Alg(), }) @@ -248,7 +248,7 @@ func addHMAC(givenKeys map[string]keyfunc.GivenKey, kid string) (secret []byte, return nil, fmt.Errorf("failed to create HMAC secret: %w", err) } - givenKeys[kid] = keyfunc.NewGivenHMACCustomWithOptions(secret, keyfunc.GivenKeyOptions{ + givenKeys[kid] = keyfunc.NewGivenHMAC(secret, keyfunc.GivenKeyOptions{ Algorithm: jwt.SigningMethodHS256.Alg(), }) @@ -262,7 +262,7 @@ func addRSA(givenKeys map[string]keyfunc.GivenKey, kid string) (key *rsa.Private return nil, fmt.Errorf("failed to create RSA key: %w", err) } - givenKeys[kid] = keyfunc.NewGivenRSACustomWithOptions(&key.PublicKey, keyfunc.GivenKeyOptions{ + givenKeys[kid] = keyfunc.NewGivenRSA(&key.PublicKey, keyfunc.GivenKeyOptions{ Algorithm: jwt.SigningMethodRS256.Alg(), }) diff --git a/keyfunc.go b/keyfunc.go index 8c27cd9..ae62503 100644 --- a/keyfunc.go +++ b/keyfunc.go @@ -23,6 +23,7 @@ func (j *JWKS) Keyfunc(token *jwt.Token) (interface{}, error) { return j.getKey(alg, kid) } +// Keyfunc matches the signature of github.com/golang-jwt/jwt/v5's jwt.Keyfunc function. func (m *MultipleJWKS) Keyfunc(token *jwt.Token) (interface{}, error) { return m.keySelector(m, token) } diff --git a/multiple.go b/multiple.go index e506f4a..08946b0 100644 --- a/multiple.go +++ b/multiple.go @@ -46,6 +46,8 @@ func GetMultiple(multiple map[string]Options, options MultipleOptions) (multiJWK return multiJWKS, nil } +// JWKSets returns a copy of the map of JWK Sets. The map itself is a copy, but the JWKS are not and should be treated +// as read-only. func (m *MultipleJWKS) JWKSets() map[string]*JWKS { sets := make(map[string]*JWKS, len(m.sets)) for u, jwks := range m.sets { @@ -54,6 +56,7 @@ func (m *MultipleJWKS) JWKSets() map[string]*JWKS { return sets } +// KeySelectorFirst returns the first key found in the multiple JWK Sets. func KeySelectorFirst(multiJWKS *MultipleJWKS, token *jwt.Token) (key interface{}, err error) { kid, alg, err := kidAlg(token) if err != nil { From 3caee59fa014ff423a4b3b5bab290b4b58396227 Mon Sep 17 00:00:00 2001 From: Micah Parks Date: Tue, 18 Apr 2023 08:03:11 -0400 Subject: [PATCH 6/9] Update go.mod declaration and minimum Go version --- go.mod | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/go.mod b/go.mod index 8bc1cf3..104d0e2 100644 --- a/go.mod +++ b/go.mod @@ -1,5 +1,5 @@ -module github.com/MicahParks/keyfunc +module github.com/MicahParks/keyfunc/v2 -go 1.16 +go 1.18 require github.com/golang-jwt/jwt/v5 v5.0.0 From e34387086cdbefe9333d1bfd43aff1549a249ed1 Mon Sep 17 00:00:00 2001 From: Micah Parks Date: Tue, 18 Apr 2023 08:15:11 -0400 Subject: [PATCH 7/9] Update README.md --- README.md | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 7f39f25..035b05d 100644 --- a/README.md +++ b/README.md @@ -7,9 +7,13 @@ The purpose of this package is to provide a [github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt) package using a JSON Web Key Set (JWK Set or JWKS) for parsing and verifying JSON Web Tokens (JWTs). +The last version to support `github.com/golang-jwt/jwt/v4` +is [`v1.9.0`](https://github.com/MicahParks/keyfunc/releases/tag/v1.9.0). + There is legacy support for `github.com/dgrijalva/jwt-go` and its popular forks. It's in a separate project to keep this project minimal. If your use case supports a legacy fork, please -see: [github.com/MicahParks/compatibility-keyfunc](https://github.com/MicahParks/compatibility-keyfunc). +see: [github.com/MicahParks/compatibility-keyfunc](https://github.com/MicahParks/compatibility-keyfunc). If an updated +to `keyfunc` is needed for `github.com/golang-jwt/jwt/v4` users, it will be placed into this separate project. It's common for an identity provider, such as [Keycloak](https://www.keycloak.org/) or [Amazon Cognito (AWS)](https://aws.amazon.com/cognito/) to expose a JWKS via an HTTPS endpoint. This package has the @@ -73,7 +77,7 @@ jwksURL := os.Getenv("JWKS_URL") // Confirm the environment variable is not empty. if jwksURL == "" { - log.Fatalln("JWKS_URL environment variable must be populated.") +log.Fatalln("JWKS_URL environment variable must be populated.") } ``` @@ -85,7 +89,7 @@ Via HTTP: // Create the JWKS from the resource at the given URL. jwks, err := keyfunc.Get(jwksURL, keyfunc.Options{}) // See recommended options in the examples directory. if err != nil { - log.Fatalf("Failed to get the JWKS from the given URL.\nError: %s", err) +log.Fatalf("Failed to get the JWKS from the given URL.\nError: %s", err) } ``` @@ -98,7 +102,7 @@ var jwksJSON = json.RawMessage(`{"keys":[{"kid":"zXew0UJ1h6Q4CCcd_9wxMzvcp5cEBif // Create the JWKS from the resource at the given URL. jwks, err := keyfunc.NewJSON(jwksJSON) if err != nil { - log.Fatalf("Failed to create JWKS from JSON.\nError: %s", err) +log.Fatalf("Failed to create JWKS from JSON.\nError: %s", err) } ``` @@ -111,7 +115,7 @@ uniqueKeyID := "myKeyID" // Create the JWKS from the HMAC key. jwks := keyfunc.NewGiven(map[string]keyfunc.GivenKey{ - uniqueKeyID: keyfunc.NewGivenHMAC(key), +uniqueKeyID: keyfunc.NewGivenHMAC(key), }) ``` @@ -125,7 +129,7 @@ features mentioned at the bottom of this `README.md`. // Parse the JWT. token, err := jwt.Parse(jwtB64, jwks.Keyfunc) if err != nil { - return nil, fmt.Errorf("failed to parse token: %w", err) +return nil, fmt.Errorf("failed to parse token: %w", err) } ``` From 6512c9fab2ae27b2f4aad361bb0a0d56be37cf1d Mon Sep 17 00:00:00 2001 From: Micah Parks Date: Tue, 18 Apr 2023 08:29:30 -0400 Subject: [PATCH 8/9] Rename to keyfunc/v2 --- README.md | 18 +++++++++--------- alg_test.go | 2 +- checksum_test.go | 2 +- ecdsa_test.go | 2 +- examples/aws_cognito/main.go | 2 +- examples/ctx/main.go | 2 +- examples/custom/main.go | 4 ++-- examples/given/main.go | 2 +- examples/hmac/main.go | 2 +- examples/interval/main.go | 2 +- examples/json/main.go | 2 +- examples/keycloak/main.go | 2 +- examples/recommended_options/main.go | 2 +- get_test.go | 2 +- given_test.go | 4 ++-- jwks_test.go | 2 +- multiple_test.go | 2 +- options_test.go | 2 +- override_test.go | 2 +- padding_test.go | 2 +- 20 files changed, 30 insertions(+), 30 deletions(-) diff --git a/README.md b/README.md index 035b05d..cb56b54 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -[![Go Report Card](https://goreportcard.com/badge/github.com/MicahParks/keyfunc)](https://goreportcard.com/report/github.com/MicahParks/keyfunc) [![Go Reference](https://pkg.go.dev/badge/github.com/MicahParks/keyfunc.svg)](https://pkg.go.dev/github.com/MicahParks/keyfunc) +[![Go Report Card](https://goreportcard.com/badge/github.com/MicahParks/keyfunc/v2)](https://goreportcard.com/report/github.com/MicahParks/keyfunc/v2) [![Go Reference](https://pkg.go.dev/badge/github.com/MicahParks/keyfunc/v2.svg)](https://pkg.go.dev/github.com/MicahParks/keyfunc/v2) # keyfunc @@ -54,12 +54,12 @@ this Go package, please open an issue or pull request. For complete examples, please see the `examples` directory. ```go -import "github.com/MicahParks/keyfunc" +import "github.com/MicahParks/keyfunc/v2" ``` #### A note on read-only keys -The [`JWKS.ReadOnlyKeys`](https://pkg.go.dev/github.com/MicahParks/keyfunc#JWKS.ReadOnlyKeys) method returns a read-only +The [`JWKS.ReadOnlyKeys`](https://pkg.go.dev/github.com/MicahParks/keyfunc/v2#JWKS.ReadOnlyKeys) method returns a read-only copy of a `map[string]interface{}`. The key to this map is the key ID, `kid`, and the value is the cryptographic key. This is a useful map for use of keys within a JWKS outside of `github.com/golang-jwt/jwt/v5`. @@ -69,7 +69,7 @@ are modified, it may cause undefined behavior. ### Preconditions: Acquire the JWKS URL, JSON, or gather cryptographic keys (given keys) A JWKS URL is not required, one can be created directly from JSON with the -[`keyfunc.NewJSON`](https://pkg.go.dev/github.com/MicahParks/keyfunc#NewJSON) function. +[`keyfunc.NewJSON`](https://pkg.go.dev/github.com/MicahParks/keyfunc/v2#NewJSON) function. ```go // Get the JWKS URL from an environment variable. @@ -133,7 +133,7 @@ return nil, fmt.Errorf("failed to parse token: %w", err) } ``` -The [`JWKS.Keyfunc`](https://pkg.go.dev/github.com/MicahParks/keyfunc#JWKS.Keyfunc) method will automatically select the +The [`JWKS.Keyfunc`](https://pkg.go.dev/github.com/MicahParks/keyfunc/v2#JWKS.Keyfunc) method will automatically select the key with the matching `kid` (if present) and return its public key as the correct Go type to its caller. ## Test coverage @@ -147,8 +147,8 @@ coded JWTs cannot check for parsing and validation errors, just errors within th ## Additional features These features can be configured by populating fields in the -[`keyfunc.Options`](https://pkg.go.dev/github.com/MicahParks/keyfunc#Options) argument to the -[`keyfunc.Get`](https://pkg.go.dev/github.com/MicahParks/keyfunc#Get) function. +[`keyfunc.Options`](https://pkg.go.dev/github.com/MicahParks/keyfunc/v2#Options) argument to the +[`keyfunc.Get`](https://pkg.go.dev/github.com/MicahParks/keyfunc/v2#Get) function. * A background refresh of the JWKS keys can be performed. * A custom background refresh interval can be specified. For an example, please see the `examples/interval` @@ -168,10 +168,10 @@ These features can be configured by populating fields in the * A custom HTTP response extractor can be provided to get the raw JWKS JSON from the `*http.Response`. For example, the HTTP response code could be checked. Implementations are responsible for closing the response body. * By default, - the [`keyfunc.ResponseExtractorStatusOK`](https://pkg.go.dev/github.com/MicahParks/keyfunc#ResponseExtractorStatusOK) + the [`keyfunc.ResponseExtractorStatusOK`](https://pkg.go.dev/github.com/MicahParks/keyfunc/v2#ResponseExtractorStatusOK) function is used. The default behavior changed in `v1.4.0`. * A custom whitelist of acceptable JSON Web Key `"use"` parameter values can be specified. Values not whitelisted will - cause an error from the [`.Keyfunc`](https://pkg.go.dev/github.com/MicahParks/keyfunc#JWKS.Keyfunc) method. This + cause an error from the [`.Keyfunc`](https://pkg.go.dev/github.com/MicahParks/keyfunc/v2#JWKS.Keyfunc) method. This whitelist can be disabled with the `JWKUseNoWhitelist` option. * By default, only JSON Web Keys with a `"use"` parameter value of `"sig"`, an empty string `""`, or a completely omitted `"use"` parameter will be returned. The default behavior changed in `v1.5.0`. diff --git a/alg_test.go b/alg_test.go index 1206caf..391497b 100644 --- a/alg_test.go +++ b/alg_test.go @@ -7,7 +7,7 @@ import ( "github.com/golang-jwt/jwt/v5" - "github.com/MicahParks/keyfunc" + "github.com/MicahParks/keyfunc/v2" ) func TestAlgMismatch(t *testing.T) { diff --git a/checksum_test.go b/checksum_test.go index b963d22..f5de47b 100644 --- a/checksum_test.go +++ b/checksum_test.go @@ -11,7 +11,7 @@ import ( "github.com/golang-jwt/jwt/v5" - "github.com/MicahParks/keyfunc" + "github.com/MicahParks/keyfunc/v2" ) // TestChecksum confirms that the JWKS will only perform a refresh if a new JWKS is read from the remote resource. diff --git a/ecdsa_test.go b/ecdsa_test.go index c44f4f5..b5d7e0b 100644 --- a/ecdsa_test.go +++ b/ecdsa_test.go @@ -7,7 +7,7 @@ import ( "github.com/golang-jwt/jwt/v5" - "github.com/MicahParks/keyfunc" + "github.com/MicahParks/keyfunc/v2" ) func TestBadCurve(t *testing.T) { diff --git a/examples/aws_cognito/main.go b/examples/aws_cognito/main.go index 8ba9d41..f9af653 100644 --- a/examples/aws_cognito/main.go +++ b/examples/aws_cognito/main.go @@ -7,7 +7,7 @@ import ( "github.com/golang-jwt/jwt/v5" - "github.com/MicahParks/keyfunc" + "github.com/MicahParks/keyfunc/v2" ) func main() { diff --git a/examples/ctx/main.go b/examples/ctx/main.go index a1b95f4..bd81fac 100644 --- a/examples/ctx/main.go +++ b/examples/ctx/main.go @@ -6,7 +6,7 @@ import ( "github.com/golang-jwt/jwt/v5" - "github.com/MicahParks/keyfunc" + "github.com/MicahParks/keyfunc/v2" ) func main() { diff --git a/examples/custom/main.go b/examples/custom/main.go index abfb7b6..8fe366c 100644 --- a/examples/custom/main.go +++ b/examples/custom/main.go @@ -5,8 +5,8 @@ import ( "github.com/golang-jwt/jwt/v5" - "github.com/MicahParks/keyfunc" - "github.com/MicahParks/keyfunc/examples/custom/method" + "github.com/MicahParks/keyfunc/v2" + "github.com/MicahParks/keyfunc/v2/examples/custom/method" ) func main() { diff --git a/examples/given/main.go b/examples/given/main.go index d788509..c8b3c51 100644 --- a/examples/given/main.go +++ b/examples/given/main.go @@ -7,7 +7,7 @@ import ( "github.com/golang-jwt/jwt/v5" - "github.com/MicahParks/keyfunc" + "github.com/MicahParks/keyfunc/v2" ) func main() { diff --git a/examples/hmac/main.go b/examples/hmac/main.go index 69b0939..f987771 100644 --- a/examples/hmac/main.go +++ b/examples/hmac/main.go @@ -5,7 +5,7 @@ import ( "github.com/golang-jwt/jwt/v5" - "github.com/MicahParks/keyfunc" + "github.com/MicahParks/keyfunc/v2" ) func main() { diff --git a/examples/interval/main.go b/examples/interval/main.go index d65a165..9516736 100644 --- a/examples/interval/main.go +++ b/examples/interval/main.go @@ -6,7 +6,7 @@ import ( "github.com/golang-jwt/jwt/v5" - "github.com/MicahParks/keyfunc" + "github.com/MicahParks/keyfunc/v2" ) func main() { diff --git a/examples/json/main.go b/examples/json/main.go index b076a4a..8ef1cb5 100644 --- a/examples/json/main.go +++ b/examples/json/main.go @@ -6,7 +6,7 @@ import ( "github.com/golang-jwt/jwt/v5" - "github.com/MicahParks/keyfunc" + "github.com/MicahParks/keyfunc/v2" ) func main() { diff --git a/examples/keycloak/main.go b/examples/keycloak/main.go index 42f6df7..aaea404 100644 --- a/examples/keycloak/main.go +++ b/examples/keycloak/main.go @@ -6,7 +6,7 @@ import ( "github.com/golang-jwt/jwt/v5" - "github.com/MicahParks/keyfunc" + "github.com/MicahParks/keyfunc/v2" ) func main() { diff --git a/examples/recommended_options/main.go b/examples/recommended_options/main.go index 963c6d2..d67228b 100644 --- a/examples/recommended_options/main.go +++ b/examples/recommended_options/main.go @@ -7,7 +7,7 @@ import ( "github.com/golang-jwt/jwt/v5" - "github.com/MicahParks/keyfunc" + "github.com/MicahParks/keyfunc/v2" ) func main() { diff --git a/get_test.go b/get_test.go index 4fc9cdb..30fbbe6 100644 --- a/get_test.go +++ b/get_test.go @@ -8,7 +8,7 @@ import ( "testing" "time" - "github.com/MicahParks/keyfunc" + "github.com/MicahParks/keyfunc/v2" ) func TestJWKS_Refresh(t *testing.T) { diff --git a/given_test.go b/given_test.go index a1a2258..4039317 100644 --- a/given_test.go +++ b/given_test.go @@ -13,8 +13,8 @@ import ( "github.com/golang-jwt/jwt/v5" - "github.com/MicahParks/keyfunc" - "github.com/MicahParks/keyfunc/examples/custom/method" + "github.com/MicahParks/keyfunc/v2" + "github.com/MicahParks/keyfunc/v2/examples/custom/method" ) const ( diff --git a/jwks_test.go b/jwks_test.go index f28ecdb..527e5da 100644 --- a/jwks_test.go +++ b/jwks_test.go @@ -20,7 +20,7 @@ import ( "github.com/golang-jwt/jwt/v5" - "github.com/MicahParks/keyfunc" + "github.com/MicahParks/keyfunc/v2" ) const ( diff --git a/multiple_test.go b/multiple_test.go index 71af0f8..8227864 100644 --- a/multiple_test.go +++ b/multiple_test.go @@ -7,7 +7,7 @@ import ( "github.com/golang-jwt/jwt/v5" - "github.com/MicahParks/keyfunc" + "github.com/MicahParks/keyfunc/v2" ) const ( diff --git a/options_test.go b/options_test.go index 70ff741..3d7abad 100644 --- a/options_test.go +++ b/options_test.go @@ -7,7 +7,7 @@ import ( "sync" "testing" - "github.com/MicahParks/keyfunc" + "github.com/MicahParks/keyfunc/v2" ) func TestResponseExtractorStatusOK(t *testing.T) { diff --git a/override_test.go b/override_test.go index 4086453..30df8a5 100644 --- a/override_test.go +++ b/override_test.go @@ -16,7 +16,7 @@ import ( "github.com/golang-jwt/jwt/v5" - "github.com/MicahParks/keyfunc" + "github.com/MicahParks/keyfunc/v2" ) const ( diff --git a/padding_test.go b/padding_test.go index 8ae0bc8..ca837bf 100644 --- a/padding_test.go +++ b/padding_test.go @@ -3,7 +3,7 @@ package keyfunc_test import ( "testing" - "github.com/MicahParks/keyfunc" + "github.com/MicahParks/keyfunc/v2" ) const ( From ffe995582505e3d8f2bbaf61121e9c2876889614 Mon Sep 17 00:00:00 2001 From: Micah Parks Date: Tue, 18 Apr 2023 08:38:27 -0400 Subject: [PATCH 9/9] Undo IDE auto-format --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index cb56b54..c04b3dc 100644 --- a/README.md +++ b/README.md @@ -77,7 +77,7 @@ jwksURL := os.Getenv("JWKS_URL") // Confirm the environment variable is not empty. if jwksURL == "" { -log.Fatalln("JWKS_URL environment variable must be populated.") + log.Fatalln("JWKS_URL environment variable must be populated.") } ``` @@ -89,7 +89,7 @@ Via HTTP: // Create the JWKS from the resource at the given URL. jwks, err := keyfunc.Get(jwksURL, keyfunc.Options{}) // See recommended options in the examples directory. if err != nil { -log.Fatalf("Failed to get the JWKS from the given URL.\nError: %s", err) + log.Fatalf("Failed to get the JWKS from the given URL.\nError: %s", err) } ``` @@ -102,7 +102,7 @@ var jwksJSON = json.RawMessage(`{"keys":[{"kid":"zXew0UJ1h6Q4CCcd_9wxMzvcp5cEBif // Create the JWKS from the resource at the given URL. jwks, err := keyfunc.NewJSON(jwksJSON) if err != nil { -log.Fatalf("Failed to create JWKS from JSON.\nError: %s", err) + log.Fatalf("Failed to create JWKS from JSON.\nError: %s", err) } ``` @@ -115,7 +115,7 @@ uniqueKeyID := "myKeyID" // Create the JWKS from the HMAC key. jwks := keyfunc.NewGiven(map[string]keyfunc.GivenKey{ -uniqueKeyID: keyfunc.NewGivenHMAC(key), + uniqueKeyID: keyfunc.NewGivenHMAC(key), }) ``` @@ -129,7 +129,7 @@ features mentioned at the bottom of this `README.md`. // Parse the JWT. token, err := jwt.Parse(jwtB64, jwks.Keyfunc) if err != nil { -return nil, fmt.Errorf("failed to parse token: %w", err) + return nil, fmt.Errorf("failed to parse token: %w", err) } ```