From b059607c6dd5f553edbe301fa407df3bbb9be7ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandor=20Sz=C3=BCcs?= Date: Fri, 8 Oct 2021 11:33:14 +0200 Subject: [PATCH 1/3] drop legacy MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Sandor Szücs --- go.mod | 1 - go.sum | 2 -- jwks_test.go | 8 -------- keyfunc.go | 15 --------------- 4 files changed, 26 deletions(-) diff --git a/go.mod b/go.mod index 794f6e4..725bb51 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,6 @@ module github.com/MicahParks/keyfunc go 1.13 require ( - github.com/dgrijalva/jwt-go v3.2.0+incompatible github.com/form3tech-oss/jwt-go v3.2.5+incompatible github.com/golang-jwt/jwt/v4 v4.0.0 ) diff --git a/go.sum b/go.sum index f643b13..2489db0 100644 --- a/go.sum +++ b/go.sum @@ -1,5 +1,3 @@ -github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM= -github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/form3tech-oss/jwt-go v3.2.5+incompatible h1:/l4kBbb4/vGSsdtB5nUe8L7B9mImVMaBPw9L/0TBHU8= github.com/form3tech-oss/jwt-go v3.2.5+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/golang-jwt/jwt/v4 v4.0.0 h1:RAqyYixv1p7uEnocuy8P1nru5wprCh/MH2BIlW5z5/o= diff --git a/jwks_test.go b/jwks_test.go index fb4bbf8..fe349ac 100644 --- a/jwks_test.go +++ b/jwks_test.go @@ -14,7 +14,6 @@ import ( "testing" "time" - jwtLegacy "github.com/dgrijalva/jwt-go" jwtF3T "github.com/form3tech-oss/jwt-go" "github.com/golang-jwt/jwt/v4" @@ -177,13 +176,6 @@ func TestJWKs(t *testing.T) { } } - // Use the JWKs jwt.Keyfunc to parse the token for supported forks. - if _, err = jwtLegacy.Parse(tc.token, jwks.KeyfuncLegacy); err != nil { - if errors.Is(err, jwt.ErrInvalidKeyType) { - t.Errorf("Invaild key type selected for legacy.\nError: %s", err.Error()) - t.FailNow() - } - } if _, err = jwtF3T.Parse(tc.token, jwks.KeyfuncF3T); err != nil { if errors.Is(err, jwt.ErrInvalidKeyType) { t.Errorf("Invaild key type selected for F3T.\nError: %s", err.Error()) diff --git a/keyfunc.go b/keyfunc.go index 5a2d365..284a200 100644 --- a/keyfunc.go +++ b/keyfunc.go @@ -4,7 +4,6 @@ import ( "errors" "fmt" - legacy "github.com/dgrijalva/jwt-go" f3t "github.com/form3tech-oss/jwt-go" "github.com/golang-jwt/jwt/v4" ) @@ -71,17 +70,3 @@ func (j *JWKs) KeyfuncF3T(f3tToken *f3t.Token) (interface{}, error) { } return j.Keyfunc(token) } - -// KeyfuncLegacy is a compatibility function that matches the signature of the legacy github.com/dgrijalva/jwt-go's -// Keyfunc function. -func (j *JWKs) KeyfuncLegacy(legacyToken *legacy.Token) (interface{}, error) { - token := &jwt.Token{ - Raw: legacyToken.Raw, - Method: legacyToken.Method, - Header: legacyToken.Header, - Claims: legacyToken.Claims, - Signature: legacyToken.Signature, - Valid: legacyToken.Valid, - } - return j.Keyfunc(token) -} From d4fab8ded356ada764acb84348374406736ca8f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandor=20Sz=C3=BCcs?= Date: Fri, 8 Oct 2021 11:41:50 +0200 Subject: [PATCH 2/3] drop legacy from README MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Sandor Szücs --- README.md | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/README.md b/README.md index bd9a127..452c3ef 100644 --- a/README.md +++ b/README.md @@ -5,9 +5,7 @@ The purpose of this package is to provide a [`jwt.Keyfunc`](https://pkg.go.dev/github.com/golang-jwt/jwt/v4#Keyfunc) for the [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt) package and its popular forks using a JSON Web Key Set -(JWKs) for parsing and verifying JSON Web Tokens (JWTs). This -was [formally](https://github.com/dgrijalva/jwt-go/issues/462) -the [github.com/dgrijalva/jwt-go](https://github.com/dgrijalva/jwt-go) package. +(JWKs) for parsing and verifying JSON Web Tokens (JWTs). It's common for an identity provider, such as [Keycloak](https://www.keycloak.org/) or [Amazon Cognito (AWS)](https://aws.amazon.com/cognito/) to expose a JWKs via an HTTPS endpoint. This package has the @@ -17,7 +15,6 @@ HTTPS to ensure the keys are from the correct trusted source. This repository has the following dependencies: * [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt) -* [github.com/dgrijalva/jwt-go](https://github.com/dgrijalva/jwt-go) * [github.com/form3tech-oss/jwt-go](https://github.com/form3tech-oss/jwt-go) `jwt.Keyfunc` signatures are imported from these, implemented, then exported as methods. @@ -154,12 +151,6 @@ jwtMiddleware := jwtmiddleware.New(jwtmiddleware.Options{ }) ``` -### Support for [github.com/dgrijalva/jwt-go](https://github.com/dgrijalva/jwt-go) -This project originally only supported [github.com/dgrijalva/jwt-go](https://github.com/dgrijalva/jwt-go), but since it -is no longer maintained, it's method was moved -to [`JWKs.KeyfuncLegacy`](https://pkg.go.dev/github.com/MicahParks/keyfunc#JWKs.KeyfuncLegacy) if you have not moved to -[github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt) yet. - ## Test coverage Test coverage is currently `>90%`. From 5c35d2f480244a0fb452247106acaabe7324724e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandor=20Sz=C3=BCcs?= Date: Fri, 8 Oct 2021 11:53:27 +0200 Subject: [PATCH 3/3] remove legacy dependency form example MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Sandor Szücs --- examples/auth0middleware/go.sum | 2 -- 1 file changed, 2 deletions(-) diff --git a/examples/auth0middleware/go.sum b/examples/auth0middleware/go.sum index 9f0a263..8f34cd1 100644 --- a/examples/auth0middleware/go.sum +++ b/examples/auth0middleware/go.sum @@ -1,7 +1,5 @@ github.com/auth0/go-jwt-middleware v1.0.1 h1:/fsQ4vRr4zod1wKReUH+0A3ySRjGiT9G34kypO/EKwI= github.com/auth0/go-jwt-middleware v1.0.1/go.mod h1:YSeUX3z6+TF2H+7padiEqNJ73Zy9vXW72U//IgN0BIM= -github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM= -github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/form3tech-oss/jwt-go v3.2.5+incompatible h1:/l4kBbb4/vGSsdtB5nUe8L7B9mImVMaBPw9L/0TBHU8= github.com/form3tech-oss/jwt-go v3.2.5+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k=