Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump github.com/golang-jwt/jwt/v4 from 4.0.0 to 4.5.1 #289

Merged
merged 2 commits into from
Nov 11, 2024
Merged

Bump github.com/golang-jwt/jwt/v4 from 4.0.0 to 4.5.1 #289

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
5147a41
Bump github.com/golang-jwt/jwt/v4 from 4.0.0 to 4.5.1
dependabot[bot] Nov 4, 2024
c9f1ceb
Update auth_jwt plugin to use RegisteredClaims
pkqk Nov 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ require (
github.com/99designs/gqlgen v0.17.41
github.com/felixge/httpsnoop v1.0.4
github.com/fsnotify/fsnotify v1.5.1
github.com/golang-jwt/jwt/v4 v4.0.0
github.com/golang-jwt/jwt/v4 v4.5.1
github.com/golang/protobuf v1.5.4 // indirect
github.com/gorilla/websocket v1.5.0 // indirect
github.com/graph-gophers/graphql-go v1.5.0
Expand Down
4 changes: 2 additions & 2 deletions go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -99,8 +99,8 @@ github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/me
github.com/gofrs/uuid v4.2.0+incompatible h1:yyYWMnhkhrKwwr8gAOcOCYxOOscHgDS9yZgBrnJfGa0=
github.com/gofrs/uuid v4.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
github.com/golang-jwt/jwt/v4 v4.0.0 h1:RAqyYixv1p7uEnocuy8P1nru5wprCh/MH2BIlW5z5/o=
github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo=
github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
Expand Down
15 changes: 8 additions & 7 deletions plugins/auth_jwt.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
log "log/slog"
"net/http"
"os"
"strings"

"github.com/go-jose/go-jose/v4"
"github.com/golang-jwt/jwt/v4"
Expand Down Expand Up @@ -109,7 +110,7 @@ func (p *JWTPlugin) Configure(cfg *bramble.Config, data json.RawMessage) error {
}

type Claims struct {
jwt.StandardClaims
jwt.RegisteredClaims
Role string
}

Expand Down Expand Up @@ -159,18 +160,18 @@ func (p *JWTPlugin) ApplyMiddlewarePublicMux(h http.Handler) http.Handler {

ctx := r.Context()
ctx = bramble.AddPermissionsToContext(ctx, role)
ctx = addStandardJWTClaimsToOutgoingRequest(ctx, claims.StandardClaims)
ctx = addStandardJWTClaimsToOutgoingRequest(ctx, claims.RegisteredClaims)
ctx = bramble.AddOutgoingRequestsHeaderToContext(ctx, "JWT-Claim-Role", claims.Role)
h.ServeHTTP(rw, r.WithContext(ctx))
})
}

func addStandardJWTClaimsToOutgoingRequest(ctx context.Context, claims jwt.StandardClaims) context.Context {
if claims.Audience != "" {
ctx = bramble.AddOutgoingRequestsHeaderToContext(ctx, "JWT-Claim-Audience", claims.Audience)
func addStandardJWTClaimsToOutgoingRequest(ctx context.Context, claims jwt.RegisteredClaims) context.Context {
if len(claims.Audience) > 0 {
ctx = bramble.AddOutgoingRequestsHeaderToContext(ctx, "JWT-Claim-Audience", strings.Join(claims.Audience, ","))
}
if claims.Id != "" {
ctx = bramble.AddOutgoingRequestsHeaderToContext(ctx, "JWT-Claim-ID", claims.Id)
if claims.ID != "" {
ctx = bramble.AddOutgoingRequestsHeaderToContext(ctx, "JWT-Claim-ID", claims.ID)
}
if claims.Issuer != "" {
ctx = bramble.AddOutgoingRequestsHeaderToContext(ctx, "JWT-Claim-Issuer", claims.Issuer)
Expand Down
16 changes: 8 additions & 8 deletions plugins/auth_jwt_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,9 +69,9 @@ func TestJWTPlugin(t *testing.T) {

token, err := jwt.NewWithClaims(jwt.SigningMethodRS256, &Claims{
Role: "basic_role",
StandardClaims: jwt.StandardClaims{
Audience: "test-audience",
Id: "test-id",
RegisteredClaims: jwt.RegisteredClaims{
Audience: jwt.ClaimStrings{"test-audience"},
ID: "test-id",
Issuer: "test-issuer",
Subject: "test-subject",
},
Expand Down Expand Up @@ -104,8 +104,8 @@ func TestJWTPlugin(t *testing.T) {
require.NoError(t, err)

token, err := jwt.NewWithClaims(jwt.SigningMethodRS256, &Claims{
StandardClaims: jwt.StandardClaims{
ExpiresAt: time.Now().Add(-1 * time.Second).Unix(),
RegisteredClaims: jwt.RegisteredClaims{
ExpiresAt: jwt.NewNumericDate(time.Now().Add(-1 * time.Second)),
},
Role: "basic_role",
}).SignedString(privateKey)
Expand Down Expand Up @@ -182,9 +182,9 @@ func TestJWTPlugin(t *testing.T) {

token := jwt.NewWithClaims(jwt.SigningMethodRS256, &Claims{
Role: "basic_role",
StandardClaims: jwt.StandardClaims{
Audience: "test-audience",
Id: "test-id",
RegisteredClaims: jwt.RegisteredClaims{
Audience: jwt.ClaimStrings{"test-audience"},
ID: "test-id",
Issuer: "test-issuer",
Subject: "test-subject",
},
Expand Down
Loading