Update go-chi/jwtauth to v3.3 and remove dgrijalva from direct dependencies

auth/jwt/claims.go

@@ -2,8 +2,7 @@ package jwt
 
 import (
 	"errors"
-
+	"github.com/go-chi/jwtauth"
-	"github.com/dgrijalva/jwt-go"
 )
 
 // AppClaims represent the claims parsed from JWT access token.
@@ -14,7 +13,7 @@ type AppClaims struct {
 }
 
 // ParseClaims parses JWT claims into AppClaims.
-func (c *AppClaims) ParseClaims(claims jwt.MapClaims) error {
+func (c *AppClaims) ParseClaims(claims jwtauth.Claims) error {
 	id, ok := claims["id"]
 	if !ok {
 		return errors.New("could not parse claim id")
@@ -49,7 +48,7 @@ type RefreshClaims struct {
 }
 
 // ParseClaims parses the JWT claims into RefreshClaims.
-func (c *RefreshClaims) ParseClaims(claims jwt.MapClaims) error {
+func (c *RefreshClaims) ParseClaims(claims jwtauth.Claims) error {
 	token, ok := claims["token"]
 	if !ok {
 		return errors.New("could not parse claim token")

auth/jwt/token.go

@@ -3,7 +3,7 @@ package jwt
 import (
 	"time"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/go-chi/jwtauth"
 	"github.com/go-pg/pg/orm"
 )
 
@@ -37,8 +37,8 @@ func (t *Token) BeforeUpdate(db orm.DB) error {
 }
 
 // Claims returns the token claims to be signed
-func (t *Token) Claims() jwt.MapClaims {
+func (t *Token) Claims() jwtauth.Claims {
-	return jwt.MapClaims{
+	return jwtauth.Claims{
 		"id":    t.ID,
 		"token": t.Token,
 	}

auth/jwt/tokenauth.go

@@ -5,7 +5,6 @@ import (
 	"net/http"
 	"time"
 
-	jwt "github.com/dgrijalva/jwt-go"
 	"github.com/go-chi/jwtauth"
 	"github.com/spf13/viper"
 )
@@ -39,7 +38,7 @@ func (a *TokenAuth) Verifier() func(http.Handler) http.Handler {
 }
 
 // GenTokenPair returns both an access token and a refresh token.
-func (a *TokenAuth) GenTokenPair(ca jwt.MapClaims, cr jwt.MapClaims) (string, string, error) {
+func (a *TokenAuth) GenTokenPair(ca jwtauth.Claims, cr jwtauth.Claims) (string, string, error) {
 	access, err := a.CreateJWT(ca)
 	if err != nil {
 		return "", "", err
@@ -52,17 +51,17 @@ func (a *TokenAuth) GenTokenPair(ca jwt.MapClaims, cr jwt.MapClaims) (string, st
 }
 
 // CreateJWT returns an access token for provided account claims.
-func (a *TokenAuth) CreateJWT(c jwt.MapClaims) (string, error) {
+func (a *TokenAuth) CreateJWT(c jwtauth.Claims) (string, error) {
-	jwtauth.SetIssuedNow(c)
+	c.SetIssuedNow()
-	jwtauth.SetExpiryIn(c, a.JwtExpiry)
+	c.SetExpiryIn(a.JwtExpiry)
 	_, tokenString, err := a.JwtAuth.Encode(c)
 	return tokenString, err
 }
 
 // CreateRefreshJWT returns a refresh token for provided token Claims.
-func (a *TokenAuth) CreateRefreshJWT(c jwt.MapClaims) (string, error) {
+func (a *TokenAuth) CreateRefreshJWT(c jwtauth.Claims) (string, error) {
-	jwtauth.SetIssuedNow(c)
+	c.SetIssuedNow()
-	jwtauth.SetExpiryIn(c, a.JwtRefreshExpiry)
+	c.SetExpiryIn(a.JwtRefreshExpiry)
 	_, tokenString, err := a.JwtAuth.Encode(c)
 	return tokenString, err
 }

auth/pwdless/account.go

@@ -5,7 +5,7 @@ import (
 	"time"
 
 	"github.com/dhax/go-base/auth/jwt"
-	jwtgo "github.com/dgrijalva/jwt-go"
+	"github.com/go-chi/jwtauth"
 	validation "github.com/go-ozzo/ozzo-validation"
 	"github.com/go-ozzo/ozzo-validation/is"
 	"github.com/go-pg/pg/orm"
@@ -65,8 +65,8 @@ func (a *Account) CanLogin() bool {
 }
 
 // Claims returns the account's claims to be signed
-func (a *Account) Claims() jwtgo.MapClaims {
+func (a *Account) Claims() jwtauth.Claims {
-	return jwtgo.MapClaims{
+	return jwtauth.Claims{
 		"id":    a.ID,
 		"sub":   a.Name,
 		"roles": a.Roles,

auth/pwdless/api_test.go

@@ -14,8 +14,8 @@ import (
 	"testing"
 	"time"
 
-	jwtgo "github.com/dgrijalva/jwt-go"
 	"github.com/go-chi/chi"
+	"github.com/go-chi/jwtauth"
 	"github.com/spf13/viper"
 
 	"github.com/dhax/go-base/auth/jwt"
@@ -240,7 +240,7 @@ func TestAuthResource_refresh(t *testing.T) {
 
 	for _, tc := range tests {
 		t.Run(tc.name, func(t *testing.T) {
-			jwt := genJWT(jwtgo.MapClaims{"token": tc.token, "exp": time.Minute * tc.exp})
+			jwt := genJWT(jwtauth.Claims{"token": tc.token, "exp": time.Minute * tc.exp})
 			res, body := testRequest(t, ts, "POST", "/refresh", nil, jwt)
 			if res.StatusCode != tc.status {
 				t.Errorf("got http status %d, want: %d", res.StatusCode, tc.status)
@@ -300,7 +300,7 @@ func TestAuthResource_logout(t *testing.T) {
 
 	for _, tc := range tests {
 		t.Run(tc.name, func(t *testing.T) {
-			jwt := genJWT(jwtgo.MapClaims{"token": tc.token, "exp": time.Minute * tc.exp})
+			jwt := genJWT(jwtauth.Claims{"token": tc.token, "exp": time.Minute * tc.exp})
 			res, body := testRequest(t, ts, "POST", "/logout", nil, jwt)
 			if res.StatusCode != tc.status {
 				t.Errorf("got http status %d, want: %d", res.StatusCode, tc.status)
@@ -343,7 +343,7 @@ func testRequest(t *testing.T, ts *httptest.Server, method, path string, body io
 	return resp, string(respBody)
 }
 
-func genJWT(c jwtgo.MapClaims) string {
+func genJWT(c jwtauth.Claims) string {
 	_, tokenString, _ := auth.TokenAuth.JwtAuth.Encode(c)
 	return tokenString
 }

go.mod

@@ -5,11 +5,11 @@ require (
 	github.com/PuerkitoBio/goquery v1.4.1 // indirect
 	github.com/andybalholm/cascadia v1.0.0 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf // indirect
-	github.com/dgrijalva/jwt-go v3.2.0+incompatible
+	github.com/dgrijalva/jwt-go v3.2.0+incompatible // indirect
 	github.com/go-chi/chi v4.0.0+incompatible
 	github.com/go-chi/cors v1.0.0
 	github.com/go-chi/docgen v1.0.2
-	github.com/go-chi/jwtauth v0.0.0-20190109153619-47840abb19b3
+	github.com/go-chi/jwtauth v3.3.0+incompatible
 	github.com/go-chi/render v1.0.1
 	github.com/go-mail/mail v2.3.1+incompatible
 	github.com/go-ozzo/ozzo-validation v3.5.0+incompatible
@@ -39,5 +39,6 @@ require (
 	golang.org/x/sys v0.0.0-20190109145017-48ac38b7c8cb // indirect
 	gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
 	gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect
+	gopkg.in/mail.v2 v2.3.1 // indirect
 	mellium.im/sasl v0.2.1 // indirect
 )

go.sum

@@ -23,8 +23,8 @@ github.com/go-chi/cors v1.0.0 h1:e6x8k7uWbUwYs+aXDoiUzeQFT6l0cygBYyNhD7/1Tg0=
 github.com/go-chi/cors v1.0.0/go.mod h1:K2Yje0VW/SJzxiyMYu6iPQYa7hMjQX2i/F491VChg1I=
 github.com/go-chi/docgen v1.0.2 h1:BL7Y/SQlZMlhEI8dgukaEvF0AqdqG7axNdJsUVAzbRE=
 github.com/go-chi/docgen v1.0.2/go.mod h1:n7Wqcp0XCeIb/IHrd6hxqtFJzCklt0pKeo7uVUXkrdY=
-github.com/go-chi/jwtauth v0.0.0-20190109153619-47840abb19b3 h1:cFmETtRzAus3IXaJbth19NdbGOrgjCP86WVK7E8xONM=
+github.com/go-chi/jwtauth v3.3.0+incompatible h1:BEOEx6OueP61EfhuOTDqgroY0SYdcFsFsbY/n4f5+Kk=
-github.com/go-chi/jwtauth v0.0.0-20190109153619-47840abb19b3/go.mod h1:ZdbLUuUBAgS2xbrMtdm0EXaHZ2uruR+RMdGn2bnlUtU=
+github.com/go-chi/jwtauth v3.3.0+incompatible/go.mod h1:Q5EIArY/QnD6BdS+IyDw7B2m6iNbnPxtfd6/BcmtWbs=
 github.com/go-chi/render v1.0.1 h1:4/5tis2cKaNdnv9zFLfXzcquC9HbeZgCnxGnKrltBS8=
 github.com/go-chi/render v1.0.1/go.mod h1:pq4Rr7HbnsdaeHagklXub+p6Wd16Af5l9koip1OvJns=
 github.com/go-mail/mail v2.3.1+incompatible h1:UzNOn0k5lpfVtO31cK3hn6I4VEVGhe3lX8AJBAxXExM=
@@ -135,8 +135,8 @@ gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4=
 gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
-gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df h1:n7WqCuqOuCbNr617RXOY0AWRXxgwEyPp2z+p0+hgMuE=
+gopkg.in/mail.v2 v2.3.1 h1:WYFn/oANrAGP2C0dcV6/pbkPzv8yGzqTjPmTeO7qoXk=
-gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df/go.mod h1:LRQQ+SO6ZHR7tOkpBDuZnXENFzX8qRjMDMyPD6BRkCw=
+gopkg.in/mail.v2 v2.3.1/go.mod h1:htwXN1Qh09vZJ1NVKxQqHPBaCBbzKhp5GzuJEA4VJWw=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
 gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE=