From 749d686021b015dad8618d61a2b870fa9b105392 Mon Sep 17 00:00:00 2001 From: sadmansakib Date: Thu, 27 May 2021 00:05:18 +0600 Subject: [PATCH 01/10] initial go module file Signed-off-by: sadmansakib --- go.mod | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 go.mod diff --git a/go.mod b/go.mod new file mode 100644 index 00000000..2b116411 --- /dev/null +++ b/go.mod @@ -0,0 +1,3 @@ +module github.com/dgrijalva/jwt-go + +go 1.16 From 5c807dfba73f5fcd429abf0cccb112c7eb7cd442 Mon Sep 17 00:00:00 2001 From: sadmansakib Date: Thu, 27 May 2021 00:05:42 +0600 Subject: [PATCH 02/10] fix linting issues Signed-off-by: sadmansakib --- http_example_test.go | 6 ++++-- token.go | 2 +- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/http_example_test.go b/http_example_test.go index 82e9c50a..f3e72c83 100644 --- a/http_example_test.go +++ b/http_example_test.go @@ -7,8 +7,6 @@ import ( "bytes" "crypto/rsa" "fmt" - "github.com/dgrijalva/jwt-go" - "github.com/dgrijalva/jwt-go/request" "io" "io/ioutil" "log" @@ -17,6 +15,9 @@ import ( "net/url" "strings" "time" + + "github.com/dgrijalva/jwt-go" + "github.com/dgrijalva/jwt-go/request" ) // location of the files used for signing and verification @@ -55,6 +56,7 @@ func init() { // Setup listener listener, err := net.ListenTCP("tcp", &net.TCPAddr{}) + fatal(err) serverPort = listener.Addr().(*net.TCPAddr).Port log.Println("Listening...") diff --git a/token.go b/token.go index d637e086..99868d29 100644 --- a/token.go +++ b/token.go @@ -65,7 +65,7 @@ func (t *Token) SignedString(key interface{}) (string, error) { func (t *Token) SigningString() (string, error) { var err error parts := make([]string, 2) - for i, _ := range parts { + for i := range parts { var jsonValue []byte if i == 0 { if jsonValue, err = json.Marshal(t.Header); err != nil { From fbb4be196a708aa31f5d1ada9de1282cb02ebcde Mon Sep 17 00:00:00 2001 From: sadmansakib Date: Thu, 27 May 2021 00:14:48 +0600 Subject: [PATCH 03/10] rename module to golang-jwt/jwt Signed-off-by: sadmansakib --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 2b116411..9c8f708b 100644 --- a/go.mod +++ b/go.mod @@ -1,3 +1,3 @@ -module github.com/dgrijalva/jwt-go +module github.com/golang-jwt/jwt go 1.16 From e5d8c0657e88b5ccf3e67ff4d5659d43b5c8d2a0 Mon Sep 17 00:00:00 2001 From: sadmansakib Date: Thu, 27 May 2021 00:15:57 +0600 Subject: [PATCH 04/10] Renamed imports to match with go module name. Signed-off-by: sadmansakib --- README.md | 20 ++++++++++---------- cmd/jwt/README.md | 2 +- cmd/jwt/app.go | 2 +- ecdsa_test.go | 2 +- example_test.go | 3 ++- hmac_example_test.go | 5 +++-- hmac_test.go | 3 ++- http_example_test.go | 4 ++-- none_test.go | 3 ++- parser_test.go | 4 ++-- request/request.go | 3 ++- request/request_test.go | 5 +++-- rsa_pss.go | 2 +- rsa_pss_test.go | 6 +++--- rsa_test.go | 3 ++- test/helpers.go | 3 ++- 16 files changed, 39 insertions(+), 31 deletions(-) diff --git a/README.md b/README.md index d7749077..8c4bb5b4 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # jwt-go [![Build Status](https://travis-ci.org/dgrijalva/jwt-go.svg?branch=master)](https://travis-ci.org/dgrijalva/jwt-go) -[![GoDoc](https://godoc.org/github.com/dgrijalva/jwt-go?status.svg)](https://godoc.org/github.com/dgrijalva/jwt-go) +[![GoDoc](https://godoc.org/github.com/golang-jwt/jwt?status.svg)](https://godoc.org/github.com/golang-jwt/jwt) A [go](http://www.golang.org) (or 'golang' for search engine friendliness) implementation of [JSON Web Tokens](http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html) @@ -27,11 +27,11 @@ This library supports the parsing and verification as well as the generation and ## Examples -See [the project documentation](https://godoc.org/github.com/dgrijalva/jwt-go) for examples of usage: +See [the project documentation](https://godoc.org/github.com/golang-jwt/jwt) for examples of usage: -* [Simple example of parsing and validating a token](https://godoc.org/github.com/dgrijalva/jwt-go#example-Parse--Hmac) -* [Simple example of building and signing a token](https://godoc.org/github.com/dgrijalva/jwt-go#example-New--Hmac) -* [Directory of Examples](https://godoc.org/github.com/dgrijalva/jwt-go#pkg-examples) +* [Simple example of parsing and validating a token](https://godoc.org/github.com/golang-jwt/jwt#example-Parse--Hmac) +* [Simple example of building and signing a token](https://godoc.org/github.com/golang-jwt/jwt#example-New--Hmac) +* [Directory of Examples](https://godoc.org/github.com/golang-jwt/jwt#pkg-examples) ## Extensions @@ -49,7 +49,7 @@ This library was last reviewed to comply with [RTF 7519](http://www.rfc-editor.o This library is considered production ready. Feedback and feature requests are appreciated. The API should be considered stable. There should be very few backwards-incompatible changes outside of major version updates (and only with good reason). -This project uses [Semantic Versioning 2.0.0](http://semver.org). Accepted pull requests will land on `master`. Periodically, versions will be tagged from `master`. You can find all the releases on [the project releases page](https://github.com/dgrijalva/jwt-go/releases). +This project uses [Semantic Versioning 2.0.0](http://semver.org). Accepted pull requests will land on `master`. Periodically, versions will be tagged from `master`. You can find all the releases on [the project releases page](https://github.com/golang-jwt/jwt/releases). While we try to make it obvious when we make breaking changes, there isn't a great mechanism for pushing announcements out to users. You may want to use this alternative package include: `gopkg.in/dgrijalva/jwt-go.v3`. It will do the right thing WRT semantic versioning. @@ -79,9 +79,9 @@ Asymmetric signing methods, such as RSA, use different keys for signing and veri Each signing method expects a different object type for its signing keys. See the package documentation for details. Here are the most common ones: -* The [HMAC signing method](https://godoc.org/github.com/dgrijalva/jwt-go#SigningMethodHMAC) (`HS256`,`HS384`,`HS512`) expect `[]byte` values for signing and validation -* The [RSA signing method](https://godoc.org/github.com/dgrijalva/jwt-go#SigningMethodRSA) (`RS256`,`RS384`,`RS512`) expect `*rsa.PrivateKey` for signing and `*rsa.PublicKey` for validation -* The [ECDSA signing method](https://godoc.org/github.com/dgrijalva/jwt-go#SigningMethodECDSA) (`ES256`,`ES384`,`ES512`) expect `*ecdsa.PrivateKey` for signing and `*ecdsa.PublicKey` for validation +* The [HMAC signing method](https://godoc.org/github.com/golang-jwt/jwt#SigningMethodHMAC) (`HS256`,`HS384`,`HS512`) expect `[]byte` values for signing and validation +* The [RSA signing method](https://godoc.org/github.com/golang-jwt/jwt#SigningMethodRSA) (`RS256`,`RS384`,`RS512`) expect `*rsa.PrivateKey` for signing and `*rsa.PublicKey` for validation +* The [ECDSA signing method](https://godoc.org/github.com/golang-jwt/jwt#SigningMethodECDSA) (`ES256`,`ES384`,`ES512`) expect `*ecdsa.PrivateKey` for signing and `*ecdsa.PublicKey` for validation ### JWT and OAuth @@ -99,6 +99,6 @@ This library uses descriptive error messages whenever possible. If you are not g ## More -Documentation can be found [on godoc.org](http://godoc.org/github.com/dgrijalva/jwt-go). +Documentation can be found [on godoc.org](http://godoc.org/github.com/golang-jwt/jwt). The command line utility included in this project (cmd/jwt) provides a straightforward example of token creation and parsing as well as a useful tool for debugging your own integration. You'll also find several implementation examples in the documentation. diff --git a/cmd/jwt/README.md b/cmd/jwt/README.md index d9d06e72..8c659e9c 100644 --- a/cmd/jwt/README.md +++ b/cmd/jwt/README.md @@ -16,5 +16,5 @@ To simply display a token, use: You can install this tool with the following command: - go install github.com/dgrijalva/jwt-go/cmd/jwt + go install github.com/golang-jwt/jwt/cmd/jwt diff --git a/cmd/jwt/app.go b/cmd/jwt/app.go index cdf25008..491f5d2a 100644 --- a/cmd/jwt/app.go +++ b/cmd/jwt/app.go @@ -16,7 +16,7 @@ import ( "regexp" "strings" - jwt "github.com/dgrijalva/jwt-go" + "github.com/golang-jwt/jwt" ) var ( diff --git a/ecdsa_test.go b/ecdsa_test.go index 753047b1..ad0a401a 100644 --- a/ecdsa_test.go +++ b/ecdsa_test.go @@ -6,7 +6,7 @@ import ( "strings" "testing" - "github.com/dgrijalva/jwt-go" + "github.com/golang-jwt/jwt" ) var ecdsaTestData = []struct { diff --git a/example_test.go b/example_test.go index ae8b788a..5be4a296 100644 --- a/example_test.go +++ b/example_test.go @@ -2,8 +2,9 @@ package jwt_test import ( "fmt" - "github.com/dgrijalva/jwt-go" "time" + + "github.com/golang-jwt/jwt" ) // Example (atypical) using the StandardClaims type by itself to parse a token. diff --git a/hmac_example_test.go b/hmac_example_test.go index 00278314..76576771 100644 --- a/hmac_example_test.go +++ b/hmac_example_test.go @@ -2,9 +2,10 @@ package jwt_test import ( "fmt" - "github.com/dgrijalva/jwt-go" "io/ioutil" "time" + + "github.com/golang-jwt/jwt" ) // For HMAC signing method, the key can be any []byte. It is recommended to generate @@ -51,7 +52,7 @@ func ExampleParse_hmac() { if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"]) } - + // hmacSampleSecret is a []byte containing your secret, e.g. []byte("my_secret_key") return hmacSampleSecret, nil }) diff --git a/hmac_test.go b/hmac_test.go index c7e114f4..f45d5dbe 100644 --- a/hmac_test.go +++ b/hmac_test.go @@ -1,10 +1,11 @@ package jwt_test import ( - "github.com/dgrijalva/jwt-go" "io/ioutil" "strings" "testing" + + "github.com/golang-jwt/jwt" ) var hmacTestData = []struct { diff --git a/http_example_test.go b/http_example_test.go index f3e72c83..3b6330b5 100644 --- a/http_example_test.go +++ b/http_example_test.go @@ -16,8 +16,8 @@ import ( "strings" "time" - "github.com/dgrijalva/jwt-go" - "github.com/dgrijalva/jwt-go/request" + "github.com/golang-jwt/jwt" + "github.com/golang-jwt/jwt/request" ) // location of the files used for signing and verification diff --git a/none_test.go b/none_test.go index 29a69efe..9e3371a7 100644 --- a/none_test.go +++ b/none_test.go @@ -1,9 +1,10 @@ package jwt_test import ( - "github.com/dgrijalva/jwt-go" "strings" "testing" + + "github.com/golang-jwt/jwt" ) var noneTestData = []struct { diff --git a/parser_test.go b/parser_test.go index 39077978..7fb15809 100644 --- a/parser_test.go +++ b/parser_test.go @@ -8,8 +8,8 @@ import ( "testing" "time" - "github.com/dgrijalva/jwt-go" - "github.com/dgrijalva/jwt-go/test" + "github.com/golang-jwt/jwt" + "github.com/golang-jwt/jwt/test" ) var keyFuncError error = fmt.Errorf("error loading key") diff --git a/request/request.go b/request/request.go index 70525cfa..32b27297 100644 --- a/request/request.go +++ b/request/request.go @@ -1,8 +1,9 @@ package request import ( - "github.com/dgrijalva/jwt-go" "net/http" + + "github.com/golang-jwt/jwt" ) // Extract and parse a JWT token from an HTTP request. diff --git a/request/request_test.go b/request/request_test.go index b4365cd8..fd3a850b 100644 --- a/request/request_test.go +++ b/request/request_test.go @@ -2,13 +2,14 @@ package request import ( "fmt" - "github.com/dgrijalva/jwt-go" - "github.com/dgrijalva/jwt-go/test" "net/http" "net/url" "reflect" "strings" "testing" + + "github.com/golang-jwt/jwt" + "github.com/golang-jwt/jwt/test" ) var requestTestData = []struct { diff --git a/rsa_pss.go b/rsa_pss.go index c0147086..db237699 100644 --- a/rsa_pss.go +++ b/rsa_pss.go @@ -15,7 +15,7 @@ type SigningMethodRSAPSS struct { // VerifyOptions is optional. If set overrides Options for rsa.VerifyPPS. // Used to accept tokens signed with rsa.PSSSaltLengthAuto, what doesn't follow // https://tools.ietf.org/html/rfc7518#section-3.5 but was used previously. - // See https://github.com/dgrijalva/jwt-go/issues/285#issuecomment-437451244 for details. + // See https://github.com/golang-jwt/jwt/issues/285#issuecomment-437451244 for details. VerifyOptions *rsa.PSSOptions } diff --git a/rsa_pss_test.go b/rsa_pss_test.go index e0134d9d..167731aa 100644 --- a/rsa_pss_test.go +++ b/rsa_pss_test.go @@ -9,8 +9,8 @@ import ( "testing" "time" - "github.com/dgrijalva/jwt-go" - "github.com/dgrijalva/jwt-go/test" + "github.com/golang-jwt/jwt" + "github.com/golang-jwt/jwt/test" ) var rsaPSSTestData = []struct { @@ -106,7 +106,7 @@ func TestRSAPSSSaltLengthCompatibility(t *testing.T) { }, } - // Behaves as before https://github.com/dgrijalva/jwt-go/issues/285 fix. + // Behaves as before https://github.com/golang-jwt/jwt/issues/285 fix. ps256SaltLengthAuto := &jwt.SigningMethodRSAPSS{ SigningMethodRSA: jwt.SigningMethodPS256.SigningMethodRSA, Options: &rsa.PSSOptions{ diff --git a/rsa_test.go b/rsa_test.go index 7f67c5db..fba45e07 100644 --- a/rsa_test.go +++ b/rsa_test.go @@ -1,10 +1,11 @@ package jwt_test import ( - "github.com/dgrijalva/jwt-go" "io/ioutil" "strings" "testing" + + "github.com/golang-jwt/jwt" ) var rsaTestData = []struct { diff --git a/test/helpers.go b/test/helpers.go index f84c3ef6..ef54aeab 100644 --- a/test/helpers.go +++ b/test/helpers.go @@ -2,8 +2,9 @@ package test import ( "crypto/rsa" - "github.com/dgrijalva/jwt-go" "io/ioutil" + + "github.com/golang-jwt/jwt" ) func LoadRSAPrivateKeyFromDisk(location string) *rsa.PrivateKey { From c917b35c01fb0884e322f7fc2e7bd63076baf2be Mon Sep 17 00:00:00 2001 From: sadmansakib Date: Thu, 27 May 2021 00:30:24 +0600 Subject: [PATCH 05/10] update travis for latest go versions Signed-off-by: sadmansakib --- .travis.yml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/.travis.yml b/.travis.yml index 1027f56c..eaa72cc2 100644 --- a/.travis.yml +++ b/.travis.yml @@ -5,9 +5,7 @@ script: - go test -v ./... go: - - 1.3 - - 1.4 - - 1.5 - - 1.6 - - 1.7 + - 1.14 + - 1.15 + - 1.16 - tip From fde4323b654818e6635439596ad5927877fcbc01 Mon Sep 17 00:00:00 2001 From: Sadman Sakib Date: Thu, 27 May 2021 01:49:46 +0600 Subject: [PATCH 06/10] Set go version to 1.14 lowered the go version to make it consistent with matrix build --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 9c8f708b..bc56991b 100644 --- a/go.mod +++ b/go.mod @@ -1,3 +1,3 @@ module github.com/golang-jwt/jwt -go 1.16 +go 1.14 From 56d1ae1715e603648c84ad6e2fe96174f6460504 Mon Sep 17 00:00:00 2001 From: sadmansakib Date: Thu, 27 May 2021 02:09:37 +0600 Subject: [PATCH 07/10] revert accidental changes while renaming Signed-off-by: sadmansakib --- rsa_pss.go | 2 +- rsa_pss_test.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/rsa_pss.go b/rsa_pss.go index db237699..c0147086 100644 --- a/rsa_pss.go +++ b/rsa_pss.go @@ -15,7 +15,7 @@ type SigningMethodRSAPSS struct { // VerifyOptions is optional. If set overrides Options for rsa.VerifyPPS. // Used to accept tokens signed with rsa.PSSSaltLengthAuto, what doesn't follow // https://tools.ietf.org/html/rfc7518#section-3.5 but was used previously. - // See https://github.com/golang-jwt/jwt/issues/285#issuecomment-437451244 for details. + // See https://github.com/dgrijalva/jwt-go/issues/285#issuecomment-437451244 for details. VerifyOptions *rsa.PSSOptions } diff --git a/rsa_pss_test.go b/rsa_pss_test.go index 167731aa..d1cafe71 100644 --- a/rsa_pss_test.go +++ b/rsa_pss_test.go @@ -106,7 +106,7 @@ func TestRSAPSSSaltLengthCompatibility(t *testing.T) { }, } - // Behaves as before https://github.com/golang-jwt/jwt/issues/285 fix. + // Behaves as before https://github.com/dgrijalva/jwt-go/issues/285 fix. ps256SaltLengthAuto := &jwt.SigningMethodRSAPSS{ SigningMethodRSA: jwt.SigningMethodPS256.SigningMethodRSA, Options: &rsa.PSSOptions{ From b3ae57f710a7756c001e03d1809610bbe6e9ff48 Mon Sep 17 00:00:00 2001 From: sadmansakib Date: Fri, 28 May 2021 14:34:15 +0600 Subject: [PATCH 08/10] remove travis CI no longer needed since github actions workflow was created for the project Signed-off-by: sadmansakib --- .travis.yml | 11 ----------- 1 file changed, 11 deletions(-) delete mode 100644 .travis.yml diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index eaa72cc2..00000000 --- a/.travis.yml +++ /dev/null @@ -1,11 +0,0 @@ -language: go - -script: - - go vet ./... - - go test -v ./... - -go: - - 1.14 - - 1.15 - - 1.16 - - tip From fe8527872272e1ceb4a05f6f7e52ad440bfb71eb Mon Sep 17 00:00:00 2001 From: sadmansakib Date: Fri, 28 May 2021 19:53:32 +0600 Subject: [PATCH 09/10] Revert "remove travis CI" This reverts commit b3ae57f710a7756c001e03d1809610bbe6e9ff48. --- .travis.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 .travis.yml diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 00000000..eaa72cc2 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,11 @@ +language: go + +script: + - go vet ./... + - go test -v ./... + +go: + - 1.14 + - 1.15 + - 1.16 + - tip From dfcbd2ba27c1f291face547c5a037946d5b9e0b6 Mon Sep 17 00:00:00 2001 From: Sadman Sakib Date: Fri, 28 May 2021 19:59:12 +0600 Subject: [PATCH 10/10] update travis for older go versions --- .travis.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.travis.yml b/.travis.yml index eaa72cc2..036a862f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -5,7 +5,7 @@ script: - go test -v ./... go: - - 1.14 - - 1.15 - - 1.16 - - tip + - 1.7 + - 1.8 + - 1.9 + - 1.10