fix(deps): update module github.com/golang-jwt/jwt/v4 to v5

go.mod

@@ -6,7 +6,7 @@ require (
  github.com/alexflint/go-filemutex v1.2.0
  github.com/chromedp/chromedp v0.9.1
  github.com/coreos/go-oidc/v3 v3.5.0
- github.com/golang-jwt/jwt/v4 v4.5.0
+ github.com/golang-jwt/jwt/v5 v5.0.0
  github.com/google/go-cmp v0.5.9
  github.com/google/wire v0.5.0
  github.com/int128/oauth2cli v1.14.0

go.sum

@@ -78,8 +78,8 @@ github.com/gobwas/ws v1.1.0 h1:7RFti/xnNkMJnrK7D1yQ/iCIB5OrrY/54/H930kIbHA=
 github.com/gobwas/ws v1.1.0/go.mod h1:nzvNcVha5eUziGrbxFCo6qFIojQHjJV5cLYIbezhfL0=
 github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
 github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
-github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
-github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
+github.com/golang-jwt/jwt/v5 v5.0.0 h1:1n1XNM9hk7O9mnQoNBGolZvzebBQ7p93ULHRc28XJUE=
+github.com/golang-jwt/jwt/v5 v5.0.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=

integration_test/oidcserver/server.go

@@ -10,10 +10,11 @@ import (
  "testing"
  "time"
 
+ "github.com/golang-jwt/jwt/v5"
  "github.com/int128/kubelogin/integration_test/keypair"
  "github.com/int128/kubelogin/integration_test/oidcserver/handler"
  "github.com/int128/kubelogin/integration_test/oidcserver/http"
- "github.com/int128/kubelogin/pkg/testing/jwt"
+ testingJWT "github.com/int128/kubelogin/pkg/testing/jwt"
 )
 
 type Server interface {
@@ -94,7 +95,7 @@ func (sv *server) Discovery() *handler.DiscoveryResponse {
 }
 
 func (sv *server) GetCertificates() *handler.CertificatesResponse {
- idTokenKeyPair := jwt.PrivateKey
+ idTokenKeyPair := testingJWT.PrivateKey
  return &handler.CertificatesResponse{
  Keys: []*handler.CertificatesResponseKey{
  {
@@ -145,11 +146,11 @@ func (sv *server) Exchange(req handler.TokenRequest) (*handler.TokenResponse, er
  ExpiresIn: 3600,
  AccessToken: "YOUR_ACCESS_TOKEN",
  RefreshToken: sv.Response.RefreshToken,
- IDToken: jwt.EncodeF(sv.t, func(claims *jwt.Claims) {
+ IDToken: testingJWT.EncodeF(sv.t, func(claims *testingJWT.Claims) {
  claims.Issuer = sv.issuerURL
  claims.Subject = "SUBJECT"
- claims.IssuedAt = sv.Response.IDTokenExpiry.Add(-time.Hour).Unix()
- claims.ExpiresAt = sv.Response.IDTokenExpiry.Unix()
+ claims.IssuedAt = jwt.NewNumericDate(sv.Response.IDTokenExpiry.Add(-time.Hour))
+ claims.ExpiresAt = jwt.NewNumericDate(sv.Response.IDTokenExpiry)
  claims.Audience = []string{"kubernetes"}
  claims.Nonce = sv.lastAuthenticationRequest.Nonce
  }),
@@ -178,11 +179,11 @@ func (sv *server) AuthenticatePassword(username, password, scope string) (*handl
  ExpiresIn: 3600,
  AccessToken: "YOUR_ACCESS_TOKEN",
  RefreshToken: sv.Response.RefreshToken,
- IDToken: jwt.EncodeF(sv.t, func(claims *jwt.Claims) {
+ IDToken: testingJWT.EncodeF(sv.t, func(claims *testingJWT.Claims) {
  claims.Issuer = sv.issuerURL
  claims.Subject = "SUBJECT"
- claims.IssuedAt = sv.Response.IDTokenExpiry.Add(-time.Hour).Unix()
- claims.ExpiresAt = sv.Response.IDTokenExpiry.Unix()
+ claims.IssuedAt = jwt.NewNumericDate(sv.Response.IDTokenExpiry.Add(-time.Hour))
+ claims.ExpiresAt = jwt.NewNumericDate(sv.Response.IDTokenExpiry)
  claims.Audience = []string{"kubernetes"}
  }),
  }
@@ -202,11 +203,11 @@ func (sv *server) Refresh(refreshToken string) (*handler.TokenResponse, error) {
  ExpiresIn: 3600,
  AccessToken: "YOUR_ACCESS_TOKEN",
  RefreshToken: sv.Response.RefreshToken,
- IDToken: jwt.EncodeF(sv.t, func(claims *jwt.Claims) {
+ IDToken: testingJWT.EncodeF(sv.t, func(claims *testingJWT.Claims) {
  claims.Issuer = sv.issuerURL
  claims.Subject = "SUBJECT"
- claims.IssuedAt = sv.Response.IDTokenExpiry.Add(-time.Hour).Unix()
- claims.ExpiresAt = sv.Response.IDTokenExpiry.Unix()
+ claims.IssuedAt = jwt.NewNumericDate(sv.Response.IDTokenExpiry.Add(-time.Hour))
+ claims.ExpiresAt = jwt.NewNumericDate(sv.Response.IDTokenExpiry)
  claims.Audience = []string{"kubernetes"}
  }),
  }

pkg/testing/jwt/encode.go

@@ -5,7 +5,7 @@ import (
  "crypto/rsa"
  "testing"
 
- "github.com/golang-jwt/jwt/v4"
+ "github.com/golang-jwt/jwt/v5"
 )
 
 var PrivateKey = generateKey(1024)
@@ -19,7 +19,7 @@ func generateKey(b int) *rsa.PrivateKey {
 }
 
 type Claims struct {
- jwt.StandardClaims
+ jwt.RegisteredClaims
  // aud claim is either a string or an array of strings.
  // https://tools.ietf.org/html/rfc7519#section-4.1.3
  Audience []string `json:"aud,omitempty"`

pkg/usecases/authentication/authentication_test.go

@@ -6,6 +6,7 @@ import (
  "testing"
  "time"
 
+ "github.com/golang-jwt/jwt/v5"
  "github.com/google/go-cmp/cmp"
  "github.com/int128/kubelogin/pkg/oidc"
  "github.com/int128/kubelogin/pkg/oidc/client"
@@ -32,7 +33,7 @@ func TestAuthentication_Do(t *testing.T) {
  issuedIDToken := testingJWT.EncodeF(t, func(claims *testingJWT.Claims) {
  claims.Issuer = "https://accounts.google.com"
  claims.Subject = "YOUR_SUBJECT"
- claims.ExpiresAt = expiryTime.Unix()
+ claims.ExpiresAt = jwt.NewNumericDate(expiryTime)
  })
 
  t.Run("HasValidIDToken", func(t *testing.T) {

pkg/usecases/credentialplugin/get_token_test.go

@@ -6,6 +6,7 @@ import (
  "testing"
  "time"
 
+ "github.com/golang-jwt/jwt/v5"
  "github.com/int128/kubelogin/pkg/credentialplugin"
  "github.com/int128/kubelogin/pkg/credentialplugin/writer"
  "github.com/int128/kubelogin/pkg/infrastructure/mutex"
@@ -30,7 +31,7 @@ func TestGetToken_Do(t *testing.T) {
  issuedIDToken := testingJWT.EncodeF(t, func(claims *testingJWT.Claims) {
  claims.Issuer = "https://accounts.google.com"
  claims.Subject = "YOUR_SUBJECT"
- claims.ExpiresAt = issuedIDTokenExpiration.Unix()
+ claims.ExpiresAt = jwt.NewNumericDate(issuedIDTokenExpiration)
  })
  issuedTokenSet := oidc.TokenSet{
  IDToken: issuedIDToken,

pkg/usecases/setup/stage2_test.go

@@ -5,6 +5,7 @@ import (
  "testing"
  "time"
 
+ "github.com/golang-jwt/jwt/v5"
  "github.com/int128/kubelogin/pkg/oidc"
  testingJWT "github.com/int128/kubelogin/pkg/testing/jwt"
  "github.com/int128/kubelogin/pkg/testing/logger"
@@ -19,7 +20,7 @@ func TestSetup_DoStage2(t *testing.T) {
  issuedIDToken := testingJWT.EncodeF(t, func(claims *testingJWT.Claims) {
  claims.Issuer = "https://issuer.example.com"
  claims.Subject = "YOUR_SUBJECT"
- claims.ExpiresAt = time.Now().Add(1 * time.Hour).Unix()
+ claims.ExpiresAt = jwt.NewNumericDate(time.Now().Add(1 * time.Hour))
  })
  dummyTLSClientConfig := tlsclientconfig.Config{
  CACertFilename: []string{"/path/to/cert"},

pkg/usecases/standalone/standalone_test.go

@@ -6,6 +6,7 @@ import (
  "testing"
  "time"
 
+ "github.com/golang-jwt/jwt/v5"
  "github.com/int128/kubelogin/pkg/kubeconfig"
  "github.com/int128/kubelogin/pkg/kubeconfig/loader"
  "github.com/int128/kubelogin/pkg/kubeconfig/writer"
@@ -21,7 +22,7 @@ func TestStandalone_Do(t *testing.T) {
  issuedIDToken := testingJWT.EncodeF(t, func(claims *testingJWT.Claims) {
  claims.Issuer = "https://accounts.google.com"
  claims.Subject = "YOUR_SUBJECT"
- claims.ExpiresAt = issuedIDTokenExpiration.Unix()
+ claims.ExpiresAt = jwt.NewNumericDate(issuedIDTokenExpiration)
  })
 
  t.Run("FullOptions", func(t *testing.T) {