From 30caf25ab580c15ae611418c812a4d1536f07166 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lu=C3=ADs=20Portela=20Afonso?= Date: Fri, 22 Mar 2024 14:53:48 +0000 Subject: [PATCH] chore(deps): bump jwt --- Dockerfile | 2 +- go.mod | 2 +- go.sum | 4 ++-- internal/models/tokens.go | 2 +- internal/services/oidc.go | 19 +++++++++++++------ 5 files changed, 18 insertions(+), 11 deletions(-) diff --git a/Dockerfile b/Dockerfile index 2db0d9e..f509b02 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -ARG GOLANG_VERSION=1.21 +ARG GOLANG_VERSION=1.22 FROM golang:${GOLANG_VERSION} as builder diff --git a/go.mod b/go.mod index 954cf42..6461e3b 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ toolchain go1.22.1 require ( github.com/coreos/go-oidc/v3 v3.10.0 github.com/gin-gonic/gin v1.9.1 - github.com/golang-jwt/jwt/v4 v4.5.0 + github.com/golang-jwt/jwt/v5 v5.2.1 github.com/kelseyhightower/envconfig v1.4.0 github.com/stretchr/testify v1.9.0 github.com/ydataai/go-core v0.15.1 diff --git a/go.sum b/go.sum index 0a76c57..4be637b 100644 --- a/go.sum +++ b/go.sum @@ -32,8 +32,8 @@ github.com/go-playground/validator/v10 v10.19.0 h1:ol+5Fu+cSq9JD7SoSqe04GMI92cbn github.com/go-playground/validator/v10 v10.19.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM= github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU= github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= -github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= -github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk= +github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= diff --git a/internal/models/tokens.go b/internal/models/tokens.go index 8756049..0c8326a 100644 --- a/internal/models/tokens.go +++ b/internal/models/tokens.go @@ -4,7 +4,7 @@ import ( "encoding/json" "time" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" ) // Tokens defines the token struct. diff --git a/internal/services/oidc.go b/internal/services/oidc.go index 61b4a51..e0cbe25 100644 --- a/internal/services/oidc.go +++ b/internal/services/oidc.go @@ -7,7 +7,7 @@ import ( "fmt" "time" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/ydataai/authentication-service/internal/clients" "github.com/ydataai/authentication-service/internal/configurations" @@ -148,17 +148,24 @@ func (osvc *OAuth2OIDCService) Decode(tokenString string) (models.UserInfo, erro }, nil } - if ve, ok := err.(*jwt.ValidationError); ok { - if ve.Errors&jwt.ValidationErrorMalformed != 0 { + if err != nil { + if err == jwt.ErrTokenMalformed { return models.UserInfo{}, authErrors.ErrorTokenMalformed - } else if ve.Errors&jwt.ValidationErrorExpired != 0 { + } + + if err == jwt.ErrTokenExpired { return models.UserInfo{}, authErrors.ErrorTokenExpired - } else if ve.Errors&jwt.ValidationErrorNotValidYet != 0 { + } + + if err == jwt.ErrTokenNotValidYet { return models.UserInfo{}, authErrors.ErrorTokenInactive - } else if ve.Errors&jwt.ValidationErrorSignatureInvalid != 0 { + } + + if err == jwt.ErrTokenSignatureInvalid { return models.UserInfo{}, authErrors.ErrorTokenSignatureInvalid } } + return models.UserInfo{}, fmt.Errorf("couldn't handle this token: %v", err) }