Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Exported NewValidator #349

Merged
merged 2 commits into from
Nov 8, 2023
Merged

Exported NewValidator #349

merged 2 commits into from
Nov 8, 2023

Conversation

oxisto
Copy link
Collaborator

@oxisto oxisto commented Sep 27, 2023

Previously, we had newValidator as a private function. This PR exports this function so that validation can be done independtly of parsing the claim.

@oxisto oxisto linked an issue Sep 27, 2023 that may be closed by this pull request
@oxisto oxisto requested a review from mfridman September 27, 2023 15:42
@oxisto
Copy link
Collaborator Author

oxisto commented Sep 27, 2023

I wonder if it would make sense to return an interface instead?

@jcburley
Copy link

This worked perfectly (as far as building and passing unit tests in two of our repos), so I would like to see it Merged (and Released) if TPTB approve.

validator.go Outdated Show resolved Hide resolved
@mfridman
Copy link
Member

mfridman commented Oct 2, 2023

I wonder if it would make sense to return an interface instead?

Ye, it's uncommon to have an exported function return an unexported type.

An interface would be better, although then we'd be stuck with it in the public API.

@jcburley
Copy link

What's the status of this? (We're "on hold" upgrading to jwt v5 pending resolution.)

@mfridman
Copy link
Member

mfridman commented Oct 16, 2023

I think it's "on hold' / "gathering more feedback", given this is a potential foot gun.

We've been exporting and adding to the public API sparingly, and want to make sure we're at least having a discussion around it.

Previously, we had `newValidator` as a private function. This PR exports this function so that validation can be done independtly of parsing the claim.
MIGRATION_GUIDE.md Outdated Show resolved Hide resolved
@vtolstov
Copy link
Contributor

i'm realy need ability to validate generic claims and don't copy code from jwt repo.
What you want to provide if NewValidator does not exported?

validator.go Show resolved Hide resolved
@oxisto oxisto merged commit a49fa5d into main Nov 8, 2023
7 checks passed
@oxisto oxisto deleted the validator-public branch November 8, 2023 13:21
@vtolstov
Copy link
Contributor

vtolstov commented Nov 8, 2023

waiting for release =)

@oxisto
Copy link
Collaborator Author

oxisto commented Nov 8, 2023

waiting for release =)

Unfortunately, we just released 5.1.0 so it might take a while as we usually wait until a few PRs come together. If you really need this feature you can use the pseudo version of the main branch / commit.

@mfridman
Copy link
Member

mfridman commented Nov 8, 2023

You should be able to fetch the latest main or the merged commit on main, for example:

go get github.com/golang-jwt/jwt/v5@main
go get github.com/golang-jwt/jwt/v5@a49fa5d91db7b2230d0af0ea591b85f0fa77da3e

This will pull in the pseudo-version:

github.com/golang-jwt/jwt/v5 v5.1.1-0.20231108132144-a49fa5d91db7

nono referenced this pull request in cozy/cozy-stack Dec 4, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [github.com/golang-jwt/jwt/v5](https://togithub.com/golang-jwt/jwt) |
require | minor | `v5.1.0` -> `v5.2.0` |

---

### Release Notes

<details>
<summary>golang-jwt/jwt (github.com/golang-jwt/jwt/v5)</summary>

### [`v5.2.0`](https://togithub.com/golang-jwt/jwt/releases/tag/v5.2.0)

[Compare
Source](https://togithub.com/golang-jwt/jwt/compare/v5.1.0...v5.2.0)

#### What's Changed

- Exported `NewValidator` by
[@&#8203;oxisto](https://togithub.com/oxisto) in
[https://github.com/golang-jwt/jwt/pull/349](https://togithub.com/golang-jwt/jwt/pull/349)
- Improve ErrInvalidKeyType error messages by
[@&#8203;Laurin-Notemann](https://togithub.com/Laurin-Notemann) in
[https://github.com/golang-jwt/jwt/pull/361](https://togithub.com/golang-jwt/jwt/pull/361)
- Update MIGRATION_GUIDE.md by
[@&#8203;jbarham](https://togithub.com/jbarham) in
[https://github.com/golang-jwt/jwt/pull/363](https://togithub.com/golang-jwt/jwt/pull/363)

#### New Contributors

- [@&#8203;Laurin-Notemann](https://togithub.com/Laurin-Notemann) made
their first contribution in
[https://github.com/golang-jwt/jwt/pull/361](https://togithub.com/golang-jwt/jwt/pull/361)
- [@&#8203;jbarham](https://togithub.com/jbarham) made their first
contribution in
[https://github.com/golang-jwt/jwt/pull/363](https://togithub.com/golang-jwt/jwt/pull/363)

**Full Changelog**:
golang-jwt/jwt@v5.1.0...v5.2.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 6am on Monday" in timezone
Europe/Paris, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/cozy/cozy-stack).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy44MS4zIiwidXBkYXRlZEluVmVyIjoiMzcuODEuMyIsInRhcmdldEJyYW5jaCI6Im1hc3RlciJ9-->
renovate bot referenced this pull request in woodpecker-ci/woodpecker Dec 4, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| code.gitea.io/sdk/gitea | require | minor | `v0.16.0` -> `v0.17.0` |
| [github.com/antonmedv/expr](https://togithub.com/antonmedv/expr) |
require | patch | `v1.15.5` -> `v1.15.6` |
| [github.com/golang-jwt/jwt/v5](https://togithub.com/golang-jwt/jwt) |
require | minor | `v5.1.0` -> `v5.2.0` |
| [github.com/urfave/cli/v2](https://togithub.com/urfave/cli) | require
| minor | `v2.25.7` -> `v2.26.0` |

---

### Release Notes

<details>
<summary>antonmedv/expr (github.com/antonmedv/expr)</summary>

###
[`v1.15.6`](https://togithub.com/expr-lang/expr/releases/tag/v1.15.6)

[Compare
Source](https://togithub.com/antonmedv/expr/compare/v1.15.5...v1.15.6)

-   This is a new release for `expr-lang/epxr`.

</details>

<details>
<summary>golang-jwt/jwt (github.com/golang-jwt/jwt/v5)</summary>

### [`v5.2.0`](https://togithub.com/golang-jwt/jwt/releases/tag/v5.2.0)

[Compare
Source](https://togithub.com/golang-jwt/jwt/compare/v5.1.0...v5.2.0)

#### What's Changed

- Exported `NewValidator` by
[@&#8203;oxisto](https://togithub.com/oxisto) in
[https://github.com/golang-jwt/jwt/pull/349](https://togithub.com/golang-jwt/jwt/pull/349)
- Improve ErrInvalidKeyType error messages by
[@&#8203;Laurin-Notemann](https://togithub.com/Laurin-Notemann) in
[https://github.com/golang-jwt/jwt/pull/361](https://togithub.com/golang-jwt/jwt/pull/361)
- Update MIGRATION_GUIDE.md by
[@&#8203;jbarham](https://togithub.com/jbarham) in
[https://github.com/golang-jwt/jwt/pull/363](https://togithub.com/golang-jwt/jwt/pull/363)

#### New Contributors

- [@&#8203;Laurin-Notemann](https://togithub.com/Laurin-Notemann) made
their first contribution in
[https://github.com/golang-jwt/jwt/pull/361](https://togithub.com/golang-jwt/jwt/pull/361)
- [@&#8203;jbarham](https://togithub.com/jbarham) made their first
contribution in
[https://github.com/golang-jwt/jwt/pull/363](https://togithub.com/golang-jwt/jwt/pull/363)

**Full Changelog**:
golang-jwt/jwt@v5.1.0...v5.2.0

</details>

<details>
<summary>urfave/cli (github.com/urfave/cli/v2)</summary>

### [`v2.26.0`](https://togithub.com/urfave/cli/releases/tag/v2.26.0)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.25.7...v2.26.0)

#### What's Changed

- Bash completion nits by
[@&#8203;meatballhat](https://togithub.com/meatballhat) in
[https://github.com/urfave/cli/pull/1762](https://togithub.com/urfave/cli/pull/1762)
- Chore: Rename mkdocs requirements file name by
[@&#8203;dearchap](https://togithub.com/dearchap) in
[https://github.com/urfave/cli/pull/1776](https://togithub.com/urfave/cli/pull/1776)
- Fix:(issue\_1787) Add fix for commands not listed when hide help
comma… by [@&#8203;dearchap](https://togithub.com/dearchap) in
[https://github.com/urfave/cli/pull/1788](https://togithub.com/urfave/cli/pull/1788)
- Fix nil HelpFlag panic (v2) by
[@&#8203;wxiaoguang](https://togithub.com/wxiaoguang) in
[https://github.com/urfave/cli/pull/1795](https://togithub.com/urfave/cli/pull/1795)
- Always get 0 for a nested int64 value in v2.25.7 by
[@&#8203;stephenfire](https://togithub.com/stephenfire) in
[https://github.com/urfave/cli/pull/1799](https://togithub.com/urfave/cli/pull/1799)
- Helper messages for documenting build process by
[@&#8203;abitrolly](https://togithub.com/abitrolly) in
[https://github.com/urfave/cli/pull/1800](https://togithub.com/urfave/cli/pull/1800)
- fix: check duplicated sub command name and alias by
[@&#8203;linrl3](https://togithub.com/linrl3) in
[https://github.com/urfave/cli/pull/1805](https://togithub.com/urfave/cli/pull/1805)
- Fix:(issue\_1689) Have consistent behavior for default text in man
and… by [@&#8203;dearchap](https://togithub.com/dearchap) in
[https://github.com/urfave/cli/pull/1825](https://togithub.com/urfave/cli/pull/1825)
- Fix linting issues by
[@&#8203;skelouse](https://togithub.com/skelouse) in
[https://github.com/urfave/cli/pull/1696](https://togithub.com/urfave/cli/pull/1696)

#### New Contributors

- [@&#8203;stephenfire](https://togithub.com/stephenfire) made their
first contribution in
[https://github.com/urfave/cli/pull/1799](https://togithub.com/urfave/cli/pull/1799)
- [@&#8203;linrl3](https://togithub.com/linrl3) made their first
contribution in
[https://github.com/urfave/cli/pull/1805](https://togithub.com/urfave/cli/pull/1805)

**Full Changelog**:
urfave/cli@v2.25.7...v2.26.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 4am" (UTC), Automerge -
"before 4am" (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/woodpecker-ci/woodpecker).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy44MS4zIiwidXBkYXRlZEluVmVyIjoiMzcuODEuMyIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: qwerty287 <ndev@web.de>
github-merge-queue bot referenced this pull request in infratographer/x Apr 2, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [github.com/golang-jwt/jwt/v5](https://togithub.com/golang-jwt/jwt) |
`v5.0.0` -> `v5.2.1` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fgolang-jwt%2fjwt%2fv5/v5.2.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fgolang-jwt%2fjwt%2fv5/v5.2.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fgolang-jwt%2fjwt%2fv5/v5.0.0/v5.2.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fgolang-jwt%2fjwt%2fv5/v5.0.0/v5.2.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>golang-jwt/jwt (github.com/golang-jwt/jwt/v5)</summary>

### [`v5.2.1`](https://togithub.com/golang-jwt/jwt/releases/tag/v5.2.1)

[Compare
Source](https://togithub.com/golang-jwt/jwt/compare/v5.2.0...v5.2.1)

#### What's Changed

- chore: remove unnecessary conversions from tests by
[@&#8203;estensen](https://togithub.com/estensen) in
[https://github.com/golang-jwt/jwt/pull/370](https://togithub.com/golang-jwt/jwt/pull/370)
- Trivial: Typo fix for ECDSA error message by
[@&#8203;tjs-cinemo](https://togithub.com/tjs-cinemo) in
[https://github.com/golang-jwt/jwt/pull/373](https://togithub.com/golang-jwt/jwt/pull/373)
- Fix incorrect error return by
[@&#8203;ss49919201](https://togithub.com/ss49919201) in
[https://github.com/golang-jwt/jwt/pull/371](https://togithub.com/golang-jwt/jwt/pull/371)

#### New Contributors

- [@&#8203;tjs-cinemo](https://togithub.com/tjs-cinemo) made their first
contribution in
[https://github.com/golang-jwt/jwt/pull/373](https://togithub.com/golang-jwt/jwt/pull/373)
- [@&#8203;ss49919201](https://togithub.com/ss49919201) made their first
contribution in
[https://github.com/golang-jwt/jwt/pull/371](https://togithub.com/golang-jwt/jwt/pull/371)

**Full Changelog**:
golang-jwt/jwt@v5.2.0...v5.2.1

### [`v5.2.0`](https://togithub.com/golang-jwt/jwt/releases/tag/v5.2.0)

[Compare
Source](https://togithub.com/golang-jwt/jwt/compare/v5.1.0...v5.2.0)

#### What's Changed

- Exported `NewValidator` by
[@&#8203;oxisto](https://togithub.com/oxisto) in
[https://github.com/golang-jwt/jwt/pull/349](https://togithub.com/golang-jwt/jwt/pull/349)
- Improve ErrInvalidKeyType error messages by
[@&#8203;Laurin-Notemann](https://togithub.com/Laurin-Notemann) in
[https://github.com/golang-jwt/jwt/pull/361](https://togithub.com/golang-jwt/jwt/pull/361)
- Update MIGRATION_GUIDE.md by
[@&#8203;jbarham](https://togithub.com/jbarham) in
[https://github.com/golang-jwt/jwt/pull/363](https://togithub.com/golang-jwt/jwt/pull/363)

#### New Contributors

- [@&#8203;Laurin-Notemann](https://togithub.com/Laurin-Notemann) made
their first contribution in
[https://github.com/golang-jwt/jwt/pull/361](https://togithub.com/golang-jwt/jwt/pull/361)
- [@&#8203;jbarham](https://togithub.com/jbarham) made their first
contribution in
[https://github.com/golang-jwt/jwt/pull/363](https://togithub.com/golang-jwt/jwt/pull/363)

**Full Changelog**:
golang-jwt/jwt@v5.1.0...v5.2.0

### [`v5.1.0`](https://togithub.com/golang-jwt/jwt/releases/tag/v5.1.0)

[Compare
Source](https://togithub.com/golang-jwt/jwt/compare/v5.0.0...v5.1.0)

#### What's Changed

- Using jwt's native `ErrInvalidType` instead of
`json.UnsupportedTypeError` by
[@&#8203;oxisto](https://togithub.com/oxisto) in
[https://github.com/golang-jwt/jwt/pull/316](https://togithub.com/golang-jwt/jwt/pull/316)
- Fix typos in comments and test names by
[@&#8203;alexandear](https://togithub.com/alexandear) in
[https://github.com/golang-jwt/jwt/pull/317](https://togithub.com/golang-jwt/jwt/pull/317)
- Format: add whitespaces, remove empty lines by
[@&#8203;alexandear](https://togithub.com/alexandear) in
[https://github.com/golang-jwt/jwt/pull/319](https://togithub.com/golang-jwt/jwt/pull/319)
- Refactor example: use io.ReadAll instead of io.Copy by
[@&#8203;alexandear](https://togithub.com/alexandear) in
[https://github.com/golang-jwt/jwt/pull/320](https://togithub.com/golang-jwt/jwt/pull/320)
- Refactor code by using switch instead of if-else by
[@&#8203;alexandear](https://togithub.com/alexandear) in
[https://github.com/golang-jwt/jwt/pull/318](https://togithub.com/golang-jwt/jwt/pull/318)
- A quick way to validate token string by
[@&#8203;dcalsky](https://togithub.com/dcalsky) in
[https://github.com/golang-jwt/jwt/pull/302](https://togithub.com/golang-jwt/jwt/pull/302)
- Refactor: remove unnecessary \[]byte conversion to string by
[@&#8203;alexandear](https://togithub.com/alexandear) in
[https://github.com/golang-jwt/jwt/pull/330](https://togithub.com/golang-jwt/jwt/pull/330)
- Refactor: compare strings with strings.EqualFold by
[@&#8203;alexandear](https://togithub.com/alexandear) in
[https://github.com/golang-jwt/jwt/pull/329](https://togithub.com/golang-jwt/jwt/pull/329)
- Avoid use of json.NewDecoder by
[@&#8203;craigpastro](https://togithub.com/craigpastro) in
[https://github.com/golang-jwt/jwt/pull/313](https://togithub.com/golang-jwt/jwt/pull/313)
- Update ParseUnverified godoc by
[@&#8203;duhaesbaert](https://togithub.com/duhaesbaert) in
[https://github.com/golang-jwt/jwt/pull/341](https://togithub.com/golang-jwt/jwt/pull/341)
- Update ci workflows (add go1.21) by
[@&#8203;mfridman](https://togithub.com/mfridman) in
[https://github.com/golang-jwt/jwt/pull/345](https://togithub.com/golang-jwt/jwt/pull/345)
- Bump actions/checkout from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golang-jwt/jwt/pull/346](https://togithub.com/golang-jwt/jwt/pull/346)
- Key rotation with VerificationKeySet by
[@&#8203;mfridman](https://togithub.com/mfridman) in
[https://github.com/golang-jwt/jwt/pull/344](https://togithub.com/golang-jwt/jwt/pull/344)
- Add explicit ClaimsValidator implementation check for custom claims by
[@&#8203;epelc](https://togithub.com/epelc) in
[https://github.com/golang-jwt/jwt/pull/343](https://togithub.com/golang-jwt/jwt/pull/343)
- feat: allow making exp claim required by
[@&#8203;tareksha](https://togithub.com/tareksha) in
[https://github.com/golang-jwt/jwt/pull/351](https://togithub.com/golang-jwt/jwt/pull/351)
- Add error handling to examples by
[@&#8203;craigpastro](https://togithub.com/craigpastro) in
[https://github.com/golang-jwt/jwt/pull/312](https://togithub.com/golang-jwt/jwt/pull/312)

#### New Contributors

- [@&#8203;alexandear](https://togithub.com/alexandear) made their first
contribution in
[https://github.com/golang-jwt/jwt/pull/317](https://togithub.com/golang-jwt/jwt/pull/317)
- [@&#8203;dcalsky](https://togithub.com/dcalsky) made their first
contribution in
[https://github.com/golang-jwt/jwt/pull/302](https://togithub.com/golang-jwt/jwt/pull/302)
- [@&#8203;craigpastro](https://togithub.com/craigpastro) made their
first contribution in
[https://github.com/golang-jwt/jwt/pull/313](https://togithub.com/golang-jwt/jwt/pull/313)
- [@&#8203;duhaesbaert](https://togithub.com/duhaesbaert) made their
first contribution in
[https://github.com/golang-jwt/jwt/pull/341](https://togithub.com/golang-jwt/jwt/pull/341)
- [@&#8203;epelc](https://togithub.com/epelc) made their first
contribution in
[https://github.com/golang-jwt/jwt/pull/343](https://togithub.com/golang-jwt/jwt/pull/343)
- [@&#8203;tareksha](https://togithub.com/tareksha) made their first
contribution in
[https://github.com/golang-jwt/jwt/pull/351](https://togithub.com/golang-jwt/jwt/pull/351)

**Full Changelog**:
golang-jwt/jwt@v5.0.0...v5.1.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/infratographer/x).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNjkuMiIsInVwZGF0ZWRJblZlciI6IjM3LjI2OS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Restore .Valid() Functionality Somehow
4 participants