diff --git a/auth/jwt/claims.go b/auth/jwt/claims.go index 4d4e285..b43b1a1 100644 --- a/auth/jwt/claims.go +++ b/auth/jwt/claims.go @@ -3,7 +3,7 @@ package jwt import ( "errors" - "github.com/go-chi/jwtauth" + "github.com/dgrijalva/jwt-go" ) // AppClaims represent the claims parsed from JWT access token. @@ -14,20 +14,20 @@ type AppClaims struct { } // ParseClaims parses JWT claims into AppClaims. -func (c *AppClaims) ParseClaims(claims jwtauth.Claims) error { - id, ok := claims.Get("id") +func (c *AppClaims) ParseClaims(claims jwt.MapClaims) error { + id, ok := claims["id"] if !ok { return errors.New("could not parse claim id") } c.ID = int(id.(float64)) - sub, ok := claims.Get("sub") + sub, ok := claims["sub"] if !ok { return errors.New("could not parse claim sub") } c.Sub = sub.(string) - rl, ok := claims.Get("roles") + rl, ok := claims["roles"] if !ok { return errors.New("could not parse claims roles") } @@ -49,8 +49,8 @@ type RefreshClaims struct { } // ParseClaims parses the JWT claims into RefreshClaims. -func (c *RefreshClaims) ParseClaims(claims jwtauth.Claims) error { - token, ok := claims.Get("token") +func (c *RefreshClaims) ParseClaims(claims jwt.MapClaims) error { + token, ok := claims["token"] if !ok { return errors.New("could not parse claim token") } diff --git a/auth/jwt/token.go b/auth/jwt/token.go index 48aed23..b3f2ba8 100644 --- a/auth/jwt/token.go +++ b/auth/jwt/token.go @@ -3,7 +3,7 @@ package jwt import ( "time" - "github.com/go-chi/jwtauth" + "github.com/dgrijalva/jwt-go" "github.com/go-pg/pg/orm" ) @@ -37,8 +37,8 @@ func (t *Token) BeforeUpdate(db orm.DB) error { } // Claims returns the token claims to be signed -func (t *Token) Claims() jwtauth.Claims { - return jwtauth.Claims{ +func (t *Token) Claims() jwt.MapClaims { + return jwt.MapClaims{ "id": t.ID, "token": t.Token, } diff --git a/auth/jwt/tokenauth.go b/auth/jwt/tokenauth.go index 2d2d589..cdf04be 100644 --- a/auth/jwt/tokenauth.go +++ b/auth/jwt/tokenauth.go @@ -5,6 +5,7 @@ import ( "net/http" "time" + jwt "github.com/dgrijalva/jwt-go" "github.com/go-chi/jwtauth" "github.com/spf13/viper" ) @@ -38,7 +39,7 @@ func (a *TokenAuth) Verifier() func(http.Handler) http.Handler { } // GenTokenPair returns both an access token and a refresh token. -func (a *TokenAuth) GenTokenPair(ca jwtauth.Claims, cr jwtauth.Claims) (string, string, error) { +func (a *TokenAuth) GenTokenPair(ca jwt.MapClaims, cr jwt.MapClaims) (string, string, error) { access, err := a.CreateJWT(ca) if err != nil { return "", "", err @@ -51,17 +52,17 @@ func (a *TokenAuth) GenTokenPair(ca jwtauth.Claims, cr jwtauth.Claims) (string, } // CreateJWT returns an access token for provided account claims. -func (a *TokenAuth) CreateJWT(c jwtauth.Claims) (string, error) { - c.SetIssuedNow() - c.SetExpiryIn(a.JwtExpiry) +func (a *TokenAuth) CreateJWT(c jwt.MapClaims) (string, error) { + jwtauth.SetIssuedNow(c) + jwtauth.SetExpiryIn(c, a.JwtExpiry) _, tokenString, err := a.JwtAuth.Encode(c) return tokenString, err } // CreateRefreshJWT returns a refresh token for provided token Claims. -func (a *TokenAuth) CreateRefreshJWT(c jwtauth.Claims) (string, error) { - c.SetIssuedNow() - c.SetExpiryIn(a.JwtRefreshExpiry) +func (a *TokenAuth) CreateRefreshJWT(c jwt.MapClaims) (string, error) { + jwtauth.SetIssuedNow(c) + jwtauth.SetExpiryIn(c, a.JwtRefreshExpiry) _, tokenString, err := a.JwtAuth.Encode(c) return tokenString, err } diff --git a/auth/pwdless/account.go b/auth/pwdless/account.go index 74a623c..cdc4e5b 100644 --- a/auth/pwdless/account.go +++ b/auth/pwdless/account.go @@ -5,7 +5,7 @@ import ( "time" "github.com/dhax/go-base/auth/jwt" - "github.com/go-chi/jwtauth" + jwtgo "github.com/dgrijalva/jwt-go" validation "github.com/go-ozzo/ozzo-validation" "github.com/go-ozzo/ozzo-validation/is" "github.com/go-pg/pg/orm" @@ -65,8 +65,8 @@ func (a *Account) CanLogin() bool { } // Claims returns the account's claims to be signed -func (a *Account) Claims() jwtauth.Claims { - return jwtauth.Claims{ +func (a *Account) Claims() jwtgo.MapClaims { + return jwtgo.MapClaims{ "id": a.ID, "sub": a.Name, "roles": a.Roles, diff --git a/auth/pwdless/api.go b/auth/pwdless/api.go index 4816824..1e373c2 100644 --- a/auth/pwdless/api.go +++ b/auth/pwdless/api.go @@ -16,8 +16,8 @@ import ( "github.com/go-chi/render" validation "github.com/go-ozzo/ozzo-validation" "github.com/go-ozzo/ozzo-validation/is" + "github.com/gofrs/uuid" "github.com/mssola/user_agent" - uuid "github.com/satori/go.uuid" "github.com/sirupsen/logrus" ) @@ -187,7 +187,7 @@ func (rs *Resource) token(w http.ResponseWriter, r *http.Request) { browser, _ := ua.Browser() token := &jwt.Token{ - Token: uuid.NewV4().String(), + Token: uuid.Must(uuid.NewV4()).String(), Expiry: time.Now().Add(rs.TokenAuth.JwtRefreshExpiry), UpdatedAt: time.Now(), AccountID: acc.ID, @@ -247,7 +247,7 @@ func (rs *Resource) refresh(w http.ResponseWriter, r *http.Request) { return } - token.Token = uuid.NewV4().String() + token.Token = uuid.Must(uuid.NewV4()).String() token.Expiry = time.Now().Add(rs.TokenAuth.JwtRefreshExpiry) token.UpdatedAt = time.Now() diff --git a/auth/pwdless/api_test.go b/auth/pwdless/api_test.go index 11ce752..0fceb44 100644 --- a/auth/pwdless/api_test.go +++ b/auth/pwdless/api_test.go @@ -14,8 +14,8 @@ import ( "testing" "time" + jwtgo "github.com/dgrijalva/jwt-go" "github.com/go-chi/chi" - "github.com/go-chi/jwtauth" "github.com/spf13/viper" "github.com/dhax/go-base/auth/jwt" @@ -240,7 +240,7 @@ func TestAuthResource_refresh(t *testing.T) { for _, tc := range tests { t.Run(tc.name, func(t *testing.T) { - jwt := genJWT(jwtauth.Claims{"token": tc.token, "exp": time.Minute * tc.exp}) + jwt := genJWT(jwtgo.MapClaims{"token": tc.token, "exp": time.Minute * tc.exp}) res, body := testRequest(t, ts, "POST", "/refresh", nil, jwt) if res.StatusCode != tc.status { t.Errorf("got http status %d, want: %d", res.StatusCode, tc.status) @@ -300,7 +300,7 @@ func TestAuthResource_logout(t *testing.T) { for _, tc := range tests { t.Run(tc.name, func(t *testing.T) { - jwt := genJWT(jwtauth.Claims{"token": tc.token, "exp": time.Minute * tc.exp}) + jwt := genJWT(jwtgo.MapClaims{"token": tc.token, "exp": time.Minute * tc.exp}) res, body := testRequest(t, ts, "POST", "/logout", nil, jwt) if res.StatusCode != tc.status { t.Errorf("got http status %d, want: %d", res.StatusCode, tc.status) @@ -343,7 +343,7 @@ func testRequest(t *testing.T, ts *httptest.Server, method, path string, body io return resp, string(respBody) } -func genJWT(c jwtauth.Claims) string { +func genJWT(c jwtgo.MapClaims) string { _, tokenString, _ := auth.TokenAuth.JwtAuth.Encode(c) return tokenString } diff --git a/go.mod b/go.mod index bbd7763..823359e 100644 --- a/go.mod +++ b/go.mod @@ -6,15 +6,16 @@ require ( github.com/andybalholm/cascadia v1.0.0 // indirect github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf // indirect github.com/coreos/etcd v3.3.11+incompatible // indirect - github.com/dgrijalva/jwt-go v3.2.0+incompatible // indirect + github.com/dgrijalva/jwt-go v3.2.0+incompatible github.com/go-chi/chi v4.0.0+incompatible github.com/go-chi/cors v1.0.0 github.com/go-chi/docgen v1.0.2 - github.com/go-chi/jwtauth v3.3.0+incompatible + github.com/go-chi/jwtauth v0.0.0-20190109153619-47840abb19b3 github.com/go-chi/render v1.0.1 github.com/go-ozzo/ozzo-validation v3.5.0+incompatible github.com/go-pg/migrations v6.2.0+incompatible github.com/go-pg/pg v7.1.5+incompatible + github.com/gofrs/uuid v3.2.0+incompatible github.com/google/pprof v0.0.0-20190109223431-e84dfd68c163 // indirect github.com/gorilla/css v1.0.0 // indirect github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6 // indirect diff --git a/go.sum b/go.sum index cc8e6c4..90e52e2 100644 --- a/go.sum +++ b/go.sum @@ -26,6 +26,8 @@ github.com/go-chi/cors v1.0.0 h1:e6x8k7uWbUwYs+aXDoiUzeQFT6l0cygBYyNhD7/1Tg0= github.com/go-chi/cors v1.0.0/go.mod h1:K2Yje0VW/SJzxiyMYu6iPQYa7hMjQX2i/F491VChg1I= github.com/go-chi/docgen v1.0.2 h1:BL7Y/SQlZMlhEI8dgukaEvF0AqdqG7axNdJsUVAzbRE= github.com/go-chi/docgen v1.0.2/go.mod h1:n7Wqcp0XCeIb/IHrd6hxqtFJzCklt0pKeo7uVUXkrdY= +github.com/go-chi/jwtauth v0.0.0-20190109153619-47840abb19b3 h1:cFmETtRzAus3IXaJbth19NdbGOrgjCP86WVK7E8xONM= +github.com/go-chi/jwtauth v0.0.0-20190109153619-47840abb19b3/go.mod h1:ZdbLUuUBAgS2xbrMtdm0EXaHZ2uruR+RMdGn2bnlUtU= github.com/go-chi/jwtauth v3.3.0+incompatible h1:BEOEx6OueP61EfhuOTDqgroY0SYdcFsFsbY/n4f5+Kk= github.com/go-chi/jwtauth v3.3.0+incompatible/go.mod h1:Q5EIArY/QnD6BdS+IyDw7B2m6iNbnPxtfd6/BcmtWbs= github.com/go-chi/render v1.0.1 h1:4/5tis2cKaNdnv9zFLfXzcquC9HbeZgCnxGnKrltBS8= @@ -38,6 +40,8 @@ github.com/go-pg/pg v6.15.0+incompatible h1:jwhQz62bkCc+VqBXyUTHzcESgACF6S9qsHAJ github.com/go-pg/pg v6.15.0+incompatible/go.mod h1:a2oXow+aFOrvwcKs3eIA0lNFmMilrxK2sOkB5NWe0vA= github.com/go-pg/pg v7.1.5+incompatible h1:FiXgxxswY4dfMMqrDFUCgqFt77hnCav8HHpPAvwZSxk= github.com/go-pg/pg v7.1.5+incompatible/go.mod h1:a2oXow+aFOrvwcKs3eIA0lNFmMilrxK2sOkB5NWe0vA= +github.com/gofrs/uuid v3.2.0+incompatible h1:y12jRkkFxsd7GpqdSZ+/KCs/fJbqpEXSGd4+jfEaewE= +github.com/gofrs/uuid v3.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= github.com/golang/protobuf v1.2.0 h1:P3YflyNX/ehuJFLhxviNdFxQPkGK5cDcApsge1SqnvM= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/google/pprof v0.0.0-20190109223431-e84dfd68c163 h1:beB+Da4k9B1zmgag78k3k1Bx4L/fdWr5FwNa0f8RxmY=