Merge branch 'piotrkochan-master'

auth/jwt/claims.go

@@ -3,7 +3,7 @@ package jwt
 import (
 	"errors"
 
-	"github.com/go-chi/jwtauth"
+	"github.com/dgrijalva/jwt-go"
 )
 
 // AppClaims represent the claims parsed from JWT access token.
@@ -14,20 +14,20 @@ type AppClaims struct {
 }
 
 // ParseClaims parses JWT claims into AppClaims.
-func (c *AppClaims) ParseClaims(claims jwtauth.Claims) error {
+func (c *AppClaims) ParseClaims(claims jwt.MapClaims) error {
-	id, ok := claims.Get("id")
+	id, ok := claims["id"]
 	if !ok {
 		return errors.New("could not parse claim id")
 	}
 	c.ID = int(id.(float64))
 
-	sub, ok := claims.Get("sub")
+	sub, ok := claims["sub"]
 	if !ok {
 		return errors.New("could not parse claim sub")
 	}
 	c.Sub = sub.(string)
 
-	rl, ok := claims.Get("roles")
+	rl, ok := claims["roles"]
 	if !ok {
 		return errors.New("could not parse claims roles")
 	}
@@ -49,8 +49,8 @@ type RefreshClaims struct {
 }
 
 // ParseClaims parses the JWT claims into RefreshClaims.
-func (c *RefreshClaims) ParseClaims(claims jwtauth.Claims) error {
+func (c *RefreshClaims) ParseClaims(claims jwt.MapClaims) error {
-	token, ok := claims.Get("token")
+	token, ok := claims["token"]
 	if !ok {
 		return errors.New("could not parse claim token")
 	}

auth/jwt/token.go

@@ -3,7 +3,7 @@ package jwt
 import (
 	"time"
 
-	"github.com/go-chi/jwtauth"
+	"github.com/dgrijalva/jwt-go"
 	"github.com/go-pg/pg/orm"
 )
 
@@ -37,8 +37,8 @@ func (t *Token) BeforeUpdate(db orm.DB) error {
 }
 
 // Claims returns the token claims to be signed
-func (t *Token) Claims() jwtauth.Claims {
+func (t *Token) Claims() jwt.MapClaims {
-	return jwtauth.Claims{
+	return jwt.MapClaims{
 		"id":    t.ID,
 		"token": t.Token,
 	}

auth/jwt/tokenauth.go

@@ -5,6 +5,7 @@ import (
 	"net/http"
 	"time"
 
+	jwt "github.com/dgrijalva/jwt-go"
 	"github.com/go-chi/jwtauth"
 	"github.com/spf13/viper"
 )
@@ -38,7 +39,7 @@ func (a *TokenAuth) Verifier() func(http.Handler) http.Handler {
 }
 
 // GenTokenPair returns both an access token and a refresh token.
-func (a *TokenAuth) GenTokenPair(ca jwtauth.Claims, cr jwtauth.Claims) (string, string, error) {
+func (a *TokenAuth) GenTokenPair(ca jwt.MapClaims, cr jwt.MapClaims) (string, string, error) {
 	access, err := a.CreateJWT(ca)
 	if err != nil {
 		return "", "", err
@@ -51,17 +52,17 @@ func (a *TokenAuth) GenTokenPair(ca jwtauth.Claims, cr jwtauth.Claims) (string,
 }
 
 // CreateJWT returns an access token for provided account claims.
-func (a *TokenAuth) CreateJWT(c jwtauth.Claims) (string, error) {
+func (a *TokenAuth) CreateJWT(c jwt.MapClaims) (string, error) {
-	c.SetIssuedNow()
+	jwtauth.SetIssuedNow(c)
-	c.SetExpiryIn(a.JwtExpiry)
+	jwtauth.SetExpiryIn(c, a.JwtExpiry)
 	_, tokenString, err := a.JwtAuth.Encode(c)
 	return tokenString, err
 }
 
 // CreateRefreshJWT returns a refresh token for provided token Claims.
-func (a *TokenAuth) CreateRefreshJWT(c jwtauth.Claims) (string, error) {
+func (a *TokenAuth) CreateRefreshJWT(c jwt.MapClaims) (string, error) {
-	c.SetIssuedNow()
+	jwtauth.SetIssuedNow(c)
-	c.SetExpiryIn(a.JwtRefreshExpiry)
+	jwtauth.SetExpiryIn(c, a.JwtRefreshExpiry)
 	_, tokenString, err := a.JwtAuth.Encode(c)
 	return tokenString, err
 }

auth/pwdless/account.go

@@ -5,7 +5,7 @@ import (
 	"time"
 
 	"github.com/dhax/go-base/auth/jwt"
-	"github.com/go-chi/jwtauth"
+	jwtgo "github.com/dgrijalva/jwt-go"
 	validation "github.com/go-ozzo/ozzo-validation"
 	"github.com/go-ozzo/ozzo-validation/is"
 	"github.com/go-pg/pg/orm"
@@ -65,8 +65,8 @@ func (a *Account) CanLogin() bool {
 }
 
 // Claims returns the account's claims to be signed
-func (a *Account) Claims() jwtauth.Claims {
+func (a *Account) Claims() jwtgo.MapClaims {
-	return jwtauth.Claims{
+	return jwtgo.MapClaims{
 		"id":    a.ID,
 		"sub":   a.Name,
 		"roles": a.Roles,

auth/pwdless/api.go

@@ -16,8 +16,8 @@ import (
 	"github.com/go-chi/render"
 	validation "github.com/go-ozzo/ozzo-validation"
 	"github.com/go-ozzo/ozzo-validation/is"
+	"github.com/gofrs/uuid"
 	"github.com/mssola/user_agent"
-	uuid "github.com/satori/go.uuid"
 	"github.com/sirupsen/logrus"
 )
 
@@ -187,7 +187,7 @@ func (rs *Resource) token(w http.ResponseWriter, r *http.Request) {
 	browser, _ := ua.Browser()
 
 	token := &jwt.Token{
-		Token:      uuid.NewV4().String(),
+		Token:      uuid.Must(uuid.NewV4()).String(),
 		Expiry:     time.Now().Add(rs.TokenAuth.JwtRefreshExpiry),
 		UpdatedAt:  time.Now(),
 		AccountID:  acc.ID,
@@ -247,7 +247,7 @@ func (rs *Resource) refresh(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	token.Token = uuid.NewV4().String()
+	token.Token = uuid.Must(uuid.NewV4()).String()
 	token.Expiry = time.Now().Add(rs.TokenAuth.JwtRefreshExpiry)
 	token.UpdatedAt = time.Now()
 

auth/pwdless/api_test.go

@@ -14,8 +14,8 @@ import (
 	"testing"
 	"time"
 
+	jwtgo "github.com/dgrijalva/jwt-go"
 	"github.com/go-chi/chi"
-	"github.com/go-chi/jwtauth"
 	"github.com/spf13/viper"
 
 	"github.com/dhax/go-base/auth/jwt"
@@ -240,7 +240,7 @@ func TestAuthResource_refresh(t *testing.T) {
 
 	for _, tc := range tests {
 		t.Run(tc.name, func(t *testing.T) {
-			jwt := genJWT(jwtauth.Claims{"token": tc.token, "exp": time.Minute * tc.exp})
+			jwt := genJWT(jwtgo.MapClaims{"token": tc.token, "exp": time.Minute * tc.exp})
 			res, body := testRequest(t, ts, "POST", "/refresh", nil, jwt)
 			if res.StatusCode != tc.status {
 				t.Errorf("got http status %d, want: %d", res.StatusCode, tc.status)
@@ -300,7 +300,7 @@ func TestAuthResource_logout(t *testing.T) {
 
 	for _, tc := range tests {
 		t.Run(tc.name, func(t *testing.T) {
-			jwt := genJWT(jwtauth.Claims{"token": tc.token, "exp": time.Minute * tc.exp})
+			jwt := genJWT(jwtgo.MapClaims{"token": tc.token, "exp": time.Minute * tc.exp})
 			res, body := testRequest(t, ts, "POST", "/logout", nil, jwt)
 			if res.StatusCode != tc.status {
 				t.Errorf("got http status %d, want: %d", res.StatusCode, tc.status)
@@ -343,7 +343,7 @@ func testRequest(t *testing.T, ts *httptest.Server, method, path string, body io
 	return resp, string(respBody)
 }
 
-func genJWT(c jwtauth.Claims) string {
+func genJWT(c jwtgo.MapClaims) string {
 	_, tokenString, _ := auth.TokenAuth.JwtAuth.Encode(c)
 	return tokenString
 }

go.mod

@@ -6,15 +6,16 @@ require (
 	github.com/andybalholm/cascadia v1.0.0 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf // indirect
 	github.com/coreos/etcd v3.3.11+incompatible // indirect
-	github.com/dgrijalva/jwt-go v3.2.0+incompatible // indirect
+	github.com/dgrijalva/jwt-go v3.2.0+incompatible
 	github.com/go-chi/chi v4.0.0+incompatible
 	github.com/go-chi/cors v1.0.0
 	github.com/go-chi/docgen v1.0.2
-	github.com/go-chi/jwtauth v3.3.0+incompatible
+	github.com/go-chi/jwtauth v0.0.0-20190109153619-47840abb19b3
 	github.com/go-chi/render v1.0.1
 	github.com/go-ozzo/ozzo-validation v3.5.0+incompatible
 	github.com/go-pg/migrations v6.2.0+incompatible
 	github.com/go-pg/pg v7.1.5+incompatible
+	github.com/gofrs/uuid v3.2.0+incompatible
 	github.com/google/pprof v0.0.0-20190109223431-e84dfd68c163 // indirect
 	github.com/gorilla/css v1.0.0 // indirect
 	github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6 // indirect

go.sum

@@ -26,6 +26,8 @@ github.com/go-chi/cors v1.0.0 h1:e6x8k7uWbUwYs+aXDoiUzeQFT6l0cygBYyNhD7/1Tg0=
 github.com/go-chi/cors v1.0.0/go.mod h1:K2Yje0VW/SJzxiyMYu6iPQYa7hMjQX2i/F491VChg1I=
 github.com/go-chi/docgen v1.0.2 h1:BL7Y/SQlZMlhEI8dgukaEvF0AqdqG7axNdJsUVAzbRE=
 github.com/go-chi/docgen v1.0.2/go.mod h1:n7Wqcp0XCeIb/IHrd6hxqtFJzCklt0pKeo7uVUXkrdY=
+github.com/go-chi/jwtauth v0.0.0-20190109153619-47840abb19b3 h1:cFmETtRzAus3IXaJbth19NdbGOrgjCP86WVK7E8xONM=
+github.com/go-chi/jwtauth v0.0.0-20190109153619-47840abb19b3/go.mod h1:ZdbLUuUBAgS2xbrMtdm0EXaHZ2uruR+RMdGn2bnlUtU=
 github.com/go-chi/jwtauth v3.3.0+incompatible h1:BEOEx6OueP61EfhuOTDqgroY0SYdcFsFsbY/n4f5+Kk=
 github.com/go-chi/jwtauth v3.3.0+incompatible/go.mod h1:Q5EIArY/QnD6BdS+IyDw7B2m6iNbnPxtfd6/BcmtWbs=
 github.com/go-chi/render v1.0.1 h1:4/5tis2cKaNdnv9zFLfXzcquC9HbeZgCnxGnKrltBS8=
@@ -38,6 +40,8 @@ github.com/go-pg/pg v6.15.0+incompatible h1:jwhQz62bkCc+VqBXyUTHzcESgACF6S9qsHAJ
 github.com/go-pg/pg v6.15.0+incompatible/go.mod h1:a2oXow+aFOrvwcKs3eIA0lNFmMilrxK2sOkB5NWe0vA=
 github.com/go-pg/pg v7.1.5+incompatible h1:FiXgxxswY4dfMMqrDFUCgqFt77hnCav8HHpPAvwZSxk=
 github.com/go-pg/pg v7.1.5+incompatible/go.mod h1:a2oXow+aFOrvwcKs3eIA0lNFmMilrxK2sOkB5NWe0vA=
+github.com/gofrs/uuid v3.2.0+incompatible h1:y12jRkkFxsd7GpqdSZ+/KCs/fJbqpEXSGd4+jfEaewE=
+github.com/gofrs/uuid v3.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
 github.com/golang/protobuf v1.2.0 h1:P3YflyNX/ehuJFLhxviNdFxQPkGK5cDcApsge1SqnvM=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/google/pprof v0.0.0-20190109223431-e84dfd68c163 h1:beB+Da4k9B1zmgag78k3k1Bx4L/fdWr5FwNa0f8RxmY=