Migrate jwt token lib (#332)

* migrate from github.com/dgrijalva/jwt-go to github.com/golang-jwt/jwt * migrate
2024-06-10 17:39:37 +00:00 · 2021-09-21 12:55:25 +02:00 · 2021-09-21 12:55:25 +02:00 · 46f6747558
parent c304996250
commit 46f6747558
3 changed files with 18 additions and 9 deletions
--- a/go.mod
+++ b/go.mod
@ -8,7 +8,6 @@ require (
 	github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 // indirect
 	github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5 // indirect
 	github.com/cpuguy83/go-md2man/v2 v2.0.0 // indirect
-	github.com/dgrijalva/jwt-go v0.0.0-20150904212456-c1da56349675
 	github.com/dimfeld/httptreemux v5.0.1+incompatible
 	github.com/docker/cli v0.0.0-20200303215952-eb310fca4956
 	github.com/docker/distribution v2.7.1+incompatible
@ -26,6 +25,7 @@ require (
 	github.com/go-sql-driver/mysql v1.5.0
 	github.com/gogits/go-gogs-client v0.0.0-20160212212711-d584b1e0fb4d
 	github.com/gogo/protobuf v1.3.1 // indirect
+	github.com/golang-jwt/jwt v3.2.2+incompatible
 	github.com/golang/protobuf v1.5.2
 	github.com/google/go-github v0.0.0-20151120211125-47f2593dad19
 	github.com/google/go-querystring v1.0.0 // indirect
--- a/go.sum
+++ b/go.sum
@ -30,8 +30,6 @@ github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ3
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/dgrijalva/jwt-go v0.0.0-20150904212456-c1da56349675 h1:MIkcjohFTgoQVDHtspV6VlbdH47ArW++NRDaAHKillo=
-github.com/dgrijalva/jwt-go v0.0.0-20150904212456-c1da56349675/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
 github.com/dimfeld/httptreemux v5.0.1+incompatible h1:Qj3gVcDNoOthBAqftuD596rm4wg/adLLz5xh5CmpiCA=
 github.com/dimfeld/httptreemux v5.0.1+incompatible/go.mod h1:rbUlSV+CCpv/SuqUTP/8Bk2O3LyUV436/yaRGkhP6Z0=
 github.com/docker/cli v0.0.0-20200303215952-eb310fca4956 h1:5/ZRsUbguX7xFNLlbxVQY/yhD3Psy+vylKZrNme5BJs=
@ -86,6 +84,8 @@ github.com/gogits/go-gogs-client v0.0.0-20160212212711-d584b1e0fb4d/go.mod h1:cY
 github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
 github.com/gogo/protobuf v1.3.1 h1:DqDEcV5aeaTmdFBePNpYsp3FlcVH/2ISVVM9Qf8PSls=
 github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
+github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
+github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
--- a/shared/token/token.go
+++ b/shared/token/token.go
@ -18,7 +18,7 @@ import (
 	"fmt"
 	"net/http"

-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt"
 )

 type SecretFunc func(*Token) (string, error)
@ -106,16 +106,25 @@ func (t *Token) Sign(secret string) (string, error) {
 // with an expiration date.
 func (t *Token) SignExpires(secret string, exp int64) (string, error) {
 	token := jwt.New(jwt.SigningMethodHS256)
-	token.Claims["type"] = t.Kind
-	token.Claims["text"] = t.Text
+	claims, ok := token.Claims.(jwt.MapClaims)
+	if !ok {
+		return "", fmt.Errorf("token claim is not a MapClaims")
+	}
+	claims["type"] = t.Kind
+	claims["text"] = t.Text
 	if exp > 0 {
-		token.Claims["exp"] = float64(exp)
+		claims["exp"] = float64(exp)
 	}
 	return token.SignedString([]byte(secret))
 }

 func keyFunc(token *Token, fn SecretFunc) jwt.Keyfunc {
 	return func(t *jwt.Token) (interface{}, error) {
+		claims, ok := t.Claims.(jwt.MapClaims)
+		if !ok {
+			return nil, fmt.Errorf("token claim is not a MapClaims")
+		}
+
 		// validate the correct algorithm is being used
 		if t.Method.Alg() != SignerAlgo {
 			return nil, jwt.ErrSignatureInvalid
@ -123,7 +132,7 @@ func keyFunc(token *Token, fn SecretFunc) jwt.Keyfunc {

 		// extract the token kind and cast to
 		// the expected type.
-		kindv, ok := t.Claims["type"]
+		kindv, ok := claims["type"]
 		if !ok {
 			return nil, jwt.ValidationError{}
 		}
@ -131,7 +140,7 @@ func keyFunc(token *Token, fn SecretFunc) jwt.Keyfunc {

 		// extract the token value and cast to
 		// exepected type.
-		textv, ok := t.Claims["text"]
+		textv, ok := claims["text"]
 		if !ok {
 			return nil, jwt.ValidationError{}
 		}