diff --git a/.golangci.yaml b/.golangci.yaml index 5333f86b47f94..1d5ed4c45dfe6 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -14,8 +14,10 @@ linters: - gocritic - gofumpt - goimports + - gomodguard - gosimple - - govet + - govet + - importas - ineffassign - misspell - perfsprint @@ -40,6 +42,19 @@ linters-settings: - typeSwitchVar goimports: local-prefixes: github.com/argoproj/argo-cd/v2 + gomodguard: + blocked: + modules: + - github.com/golang-jwt/jwt: + recommendations: + - github.com/golang-jwt/jwt/v5 + - github.com/golang-jwt/jwt/v4: + recommendations: + - github.com/golang-jwt/jwt/v5 + importas: + alias: + - alias: jwtgo + pkg: github.com/golang-jwt/jwt/v5 perfsprint: # Optimizes even if it requires an int or uint type cast. int-conversion: true diff --git a/cmd/argocd/commands/login.go b/cmd/argocd/commands/login.go index 72b89dae1771c..2843972e7e476 100644 --- a/cmd/argocd/commands/login.go +++ b/cmd/argocd/commands/login.go @@ -13,7 +13,7 @@ import ( "time" "github.com/coreos/go-oidc/v3/oidc" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" log "github.com/sirupsen/logrus" "github.com/skratchdot/open-golang/open" "github.com/spf13/cobra" diff --git a/cmd/argocd/commands/login_test.go b/cmd/argocd/commands/login_test.go index 420b484674901..91cf3e11388b3 100644 --- a/cmd/argocd/commands/login_test.go +++ b/cmd/argocd/commands/login_test.go @@ -7,7 +7,7 @@ import ( utils "github.com/argoproj/argo-cd/v2/util/io" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/stretchr/testify/assert" ) diff --git a/cmd/argocd/commands/project_role.go b/cmd/argocd/commands/project_role.go index a0da6793fa7e6..759608575908b 100644 --- a/cmd/argocd/commands/project_role.go +++ b/cmd/argocd/commands/project_role.go @@ -8,7 +8,7 @@ import ( "time" timeutil "github.com/argoproj/pkg/time" - jwtgo "github.com/golang-jwt/jwt/v4" + jwtgo "github.com/golang-jwt/jwt/v5" "github.com/spf13/cobra" "github.com/argoproj/argo-cd/v2/cmd/argocd/commands/headless" diff --git a/go.mod b/go.mod index 10b440abf904b..32b2c9cbdde30 100644 --- a/go.mod +++ b/go.mod @@ -39,7 +39,7 @@ require ( github.com/gobwas/glob v0.2.3 github.com/gogits/go-gogs-client v0.0.0-20200905025246-8bb8a50cb355 github.com/gogo/protobuf v1.3.2 - github.com/golang-jwt/jwt/v4 v4.5.1 + github.com/golang-jwt/jwt/v5 v5.2.1 github.com/golang/protobuf v1.5.4 github.com/google/btree v1.1.3 github.com/google/go-cmp v0.6.0 @@ -137,7 +137,7 @@ require ( github.com/fxamacker/cbor/v2 v2.7.0 // indirect github.com/go-fed/httpsig v1.1.0 // indirect github.com/go-jose/go-jose/v4 v4.0.2 // indirect - github.com/golang-jwt/jwt/v5 v5.2.1 // indirect + github.com/golang-jwt/jwt/v4 v4.5.1 // indirect github.com/google/gnostic-models v0.6.8 // indirect github.com/google/s2a-go v0.1.7 // indirect github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect diff --git a/pkg/apiclient/apiclient.go b/pkg/apiclient/apiclient.go index b0c8f83bc6362..e3d11e3b03a9b 100644 --- a/pkg/apiclient/apiclient.go +++ b/pkg/apiclient/apiclient.go @@ -16,7 +16,7 @@ import ( "time" "github.com/coreos/go-oidc/v3/oidc" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/golang/protobuf/ptypes/empty" grpc_middleware "github.com/grpc-ecosystem/go-grpc-middleware" grpc_retry "github.com/grpc-ecosystem/go-grpc-middleware/retry" @@ -402,7 +402,8 @@ func (c *client) refreshAuthToken(localCfg *localconfig.LocalConfig, ctxName, co if err != nil { return err } - if claims.Valid() == nil { + validator := jwt.NewValidator(jwt.WithLeeway(5 * time.Second)) + if validator.Validate(claims) == nil { // token is still valid return nil } diff --git a/server/account/account_test.go b/server/account/account_test.go index 81e0abc0785f4..eb20c3195d21b 100644 --- a/server/account/account_test.go +++ b/server/account/account_test.go @@ -5,7 +5,7 @@ import ( "testing" "time" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "google.golang.org/grpc/codes" diff --git a/server/application/application_test.go b/server/application/application_test.go index a011014e32ed1..6884159e08cd7 100644 --- a/server/application/application_test.go +++ b/server/application/application_test.go @@ -17,7 +17,7 @@ import ( "github.com/argoproj/gitops-engine/pkg/utils/kube" "github.com/argoproj/gitops-engine/pkg/utils/kube/kubetest" "github.com/argoproj/pkg/sync" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" "github.com/stretchr/testify/require" diff --git a/server/application/websocket_test.go b/server/application/websocket_test.go index 25ff759f32538..9264846a0a82d 100644 --- a/server/application/websocket_test.go +++ b/server/application/websocket_test.go @@ -16,7 +16,7 @@ import ( "github.com/argoproj/argo-cd/v2/util/assets" "github.com/argoproj/argo-cd/v2/util/rbac" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/gorilla/websocket" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" diff --git a/server/cluster/cluster_test.go b/server/cluster/cluster_test.go index f5540dd30753d..94b1060dcc8bc 100644 --- a/server/cluster/cluster_test.go +++ b/server/cluster/cluster_test.go @@ -8,7 +8,7 @@ import ( "testing" "time" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/argoproj/argo-cd/v2/server/rbacpolicy" "github.com/argoproj/argo-cd/v2/util/assets" diff --git a/server/logout/logout.go b/server/logout/logout.go index 6129e2f9a85be..cb253d990d11c 100644 --- a/server/logout/logout.go +++ b/server/logout/logout.go @@ -8,7 +8,7 @@ import ( "strings" "time" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" log "github.com/sirupsen/logrus" "github.com/argoproj/argo-cd/v2/common" diff --git a/server/logout/logout_test.go b/server/logout/logout_test.go index 83bf8ee5d92f3..9571de128e693 100644 --- a/server/logout/logout_test.go +++ b/server/logout/logout_test.go @@ -15,7 +15,7 @@ import ( "github.com/argoproj/argo-cd/v2/util/session" "github.com/argoproj/argo-cd/v2/util/settings" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" corev1 "k8s.io/api/core/v1" diff --git a/server/project/project.go b/server/project/project.go index cac913715b623..c361d9d990882 100644 --- a/server/project/project.go +++ b/server/project/project.go @@ -8,7 +8,7 @@ import ( "github.com/argoproj/gitops-engine/pkg/utils/kube" "github.com/argoproj/pkg/sync" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/google/uuid" log "github.com/sirupsen/logrus" "google.golang.org/grpc/codes" diff --git a/server/project/project_test.go b/server/project/project_test.go index d4d9c3e40e4eb..9c76381dd4caf 100644 --- a/server/project/project_test.go +++ b/server/project/project_test.go @@ -10,7 +10,7 @@ import ( "github.com/argoproj/argo-cd/v2/util/db" "github.com/argoproj/pkg/sync" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/google/uuid" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" diff --git a/server/rbacpolicy/rbacpolicy.go b/server/rbacpolicy/rbacpolicy.go index ea2b0ee0c166d..08bff84c30b7c 100644 --- a/server/rbacpolicy/rbacpolicy.go +++ b/server/rbacpolicy/rbacpolicy.go @@ -3,7 +3,7 @@ package rbacpolicy import ( "strings" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" log "github.com/sirupsen/logrus" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" diff --git a/server/rbacpolicy/rbacpolicy_test.go b/server/rbacpolicy/rbacpolicy_test.go index ae8a9442e80df..b0674ecce577c 100644 --- a/server/rbacpolicy/rbacpolicy_test.go +++ b/server/rbacpolicy/rbacpolicy_test.go @@ -4,7 +4,7 @@ import ( "fmt" "testing" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/stretchr/testify/assert" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/kubernetes/fake" diff --git a/server/repository/repository_test.go b/server/repository/repository_test.go index 7b4b77bca2ab1..a60e0f5504934 100644 --- a/server/repository/repository_test.go +++ b/server/repository/repository_test.go @@ -6,7 +6,7 @@ import ( "testing" "time" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" "github.com/stretchr/testify/require" diff --git a/server/server.go b/server/server.go index 91007bfd34333..6c23cde7368ca 100644 --- a/server/server.go +++ b/server/server.go @@ -33,7 +33,7 @@ import ( "github.com/argoproj/notifications-engine/pkg/api" "github.com/argoproj/pkg/sync" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/gorilla/handlers" grpc_middleware "github.com/grpc-ecosystem/go-grpc-middleware" grpc_auth "github.com/grpc-ecosystem/go-grpc-middleware/auth" diff --git a/server/server_test.go b/server/server_test.go index 87a782b0fe245..3e7f6b11ae235 100644 --- a/server/server_test.go +++ b/server/server_test.go @@ -15,7 +15,7 @@ import ( "testing" "time" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" log "github.com/sirupsen/logrus" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" diff --git a/util/clusterauth/clusterauth.go b/util/clusterauth/clusterauth.go index d57e27792ecb6..a68f6e528dbc2 100644 --- a/util/clusterauth/clusterauth.go +++ b/util/clusterauth/clusterauth.go @@ -7,7 +7,7 @@ import ( "strings" "time" - jwt "github.com/golang-jwt/jwt/v4" + jwtgo "github.com/golang-jwt/jwt/v5" log "github.com/sirupsen/logrus" corev1 "k8s.io/api/core/v1" rbacv1 "k8s.io/api/rbac/v1" @@ -368,22 +368,16 @@ func UninstallRBAC(clientset kubernetes.Interface, namespace, bindingName, roleN } type ServiceAccountClaims struct { - Sub string `json:"sub"` - Iss string `json:"iss"` Namespace string `json:"kubernetes.io/serviceaccount/namespace"` SecretName string `json:"kubernetes.io/serviceaccount/secret.name"` ServiceAccountName string `json:"kubernetes.io/serviceaccount/service-account.name"` ServiceAccountUID string `json:"kubernetes.io/serviceaccount/service-account.uid"` -} - -// Valid satisfies the jwt.Claims interface to enable JWT parsing -func (sac *ServiceAccountClaims) Valid() error { - return nil + jwtgo.RegisteredClaims } // ParseServiceAccountToken parses a Kubernetes service account token func ParseServiceAccountToken(token string) (*ServiceAccountClaims, error) { - parser := jwt.NewParser(jwt.WithoutClaimsValidation()) + parser := jwtgo.NewParser(jwtgo.WithoutClaimsValidation()) var claims ServiceAccountClaims _, _, err := parser.ParseUnverified(token, &claims) if err != nil { diff --git a/util/clusterauth/clusterauth_test.go b/util/clusterauth/clusterauth_test.go index 73a99d58d78aa..a43bdde716603 100644 --- a/util/clusterauth/clusterauth_test.go +++ b/util/clusterauth/clusterauth_test.go @@ -6,6 +6,7 @@ import ( "testing" "time" + jwtgo "github.com/golang-jwt/jwt/v5" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" corev1 "k8s.io/api/core/v1" @@ -27,12 +28,14 @@ const ( ) var testClaims = ServiceAccountClaims{ - Sub: "system:serviceaccount:kube-system:argocd-manager", - Iss: "kubernetes/serviceaccount", - Namespace: "kube-system", - SecretName: "argocd-manager-token-tj79r", - ServiceAccountName: "argocd-manager", - ServiceAccountUID: "91dd37cf-8d92-11e9-a091-d65f2ae7fa8d", + "kube-system", + "argocd-manager-token-tj79r", + "argocd-manager", + "91dd37cf-8d92-11e9-a091-d65f2ae7fa8d", + jwtgo.RegisteredClaims{ + Subject: "system:serviceaccount:kube-system:argocd-manager", + Issuer: "kubernetes/serviceaccount", + }, } func newServiceAccount() *corev1.ServiceAccount { diff --git a/util/grpc/logging.go b/util/grpc/logging.go index 37dfc286caaed..e9569bd9c64c3 100644 --- a/util/grpc/logging.go +++ b/util/grpc/logging.go @@ -8,7 +8,7 @@ import ( "github.com/gogo/protobuf/jsonpb" "github.com/gogo/protobuf/proto" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" grpc_logging "github.com/grpc-ecosystem/go-grpc-middleware/logging" ctx_logrus "github.com/grpc-ecosystem/go-grpc-middleware/tags/logrus" "github.com/sirupsen/logrus" diff --git a/util/grpc/logging_test.go b/util/grpc/logging_test.go index 98be425928b69..4dfbaf1c2816e 100644 --- a/util/grpc/logging_test.go +++ b/util/grpc/logging_test.go @@ -6,7 +6,7 @@ import ( "fmt" "testing" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/sirupsen/logrus" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" diff --git a/util/jwt/jwt.go b/util/jwt/jwt.go index 585025990bf8d..e2ca9e92141e9 100644 --- a/util/jwt/jwt.go +++ b/util/jwt/jwt.go @@ -6,7 +6,7 @@ import ( "strings" "time" - jwtgo "github.com/golang-jwt/jwt/v4" + jwtgo "github.com/golang-jwt/jwt/v5" ) // MapClaims converts a jwt.Claims to a MapClaims diff --git a/util/jwt/jwt_test.go b/util/jwt/jwt_test.go index 1b0ac87fe9752..32b87300874dc 100644 --- a/util/jwt/jwt_test.go +++ b/util/jwt/jwt_test.go @@ -4,19 +4,19 @@ import ( "testing" "time" - jwt "github.com/golang-jwt/jwt/v4" + jwtgo "github.com/golang-jwt/jwt/v5" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) func TestGetSingleStringScope(t *testing.T) { - claims := jwt.MapClaims{"groups": "my-org:my-team"} + claims := jwtgo.MapClaims{"groups": "my-org:my-team"} groups := GetScopeValues(claims, []string{"groups"}) assert.Contains(t, groups, "my-org:my-team") } func TestGetMultipleListScopes(t *testing.T) { - claims := jwt.MapClaims{"groups1": []string{"my-org:my-team1"}, "groups2": []string{"my-org:my-team2"}} + claims := jwtgo.MapClaims{"groups1": []string{"my-org:my-team1"}, "groups2": []string{"my-org:my-team2"}} groups := GetScopeValues(claims, []string{"groups1", "groups2"}) assert.Contains(t, groups, "my-org:my-team1") assert.Contains(t, groups, "my-org:my-team2") @@ -24,24 +24,24 @@ func TestGetMultipleListScopes(t *testing.T) { func TestClaims(t *testing.T) { assert.Nil(t, Claims(nil)) - assert.NotNil(t, Claims(jwt.MapClaims{})) + assert.NotNil(t, Claims(jwtgo.MapClaims{})) } func TestIsMember(t *testing.T) { - assert.False(t, IsMember(jwt.MapClaims{}, nil, []string{"groups"})) - assert.False(t, IsMember(jwt.MapClaims{"groups": []string{""}}, []string{"my-group"}, []string{"groups"})) - assert.False(t, IsMember(jwt.MapClaims{"groups": []string{"my-group"}}, []string{""}, []string{"groups"})) - assert.True(t, IsMember(jwt.MapClaims{"groups": []string{"my-group"}}, []string{"my-group"}, []string{"groups"})) + assert.False(t, IsMember(jwtgo.MapClaims{}, nil, []string{"groups"})) + assert.False(t, IsMember(jwtgo.MapClaims{"groups": []string{""}}, []string{"my-group"}, []string{"groups"})) + assert.False(t, IsMember(jwtgo.MapClaims{"groups": []string{"my-group"}}, []string{""}, []string{"groups"})) + assert.True(t, IsMember(jwtgo.MapClaims{"groups": []string{"my-group"}}, []string{"my-group"}, []string{"groups"})) } func TestGetGroups(t *testing.T) { - assert.Empty(t, GetGroups(jwt.MapClaims{}, []string{"groups"})) - assert.Equal(t, []string{"foo"}, GetGroups(jwt.MapClaims{"groups": []string{"foo"}}, []string{"groups"})) + assert.Empty(t, GetGroups(jwtgo.MapClaims{}, []string{"groups"})) + assert.Equal(t, []string{"foo"}, GetGroups(jwtgo.MapClaims{"groups": []string{"foo"}}, []string{"groups"})) } func TestIssuedAtTime_Int64(t *testing.T) { // Tuesday, 1 December 2020 14:00:00 - claims := jwt.MapClaims{"iat": int64(1606831200)} + claims := jwtgo.MapClaims{"iat": int64(1606831200)} issuedAt, err := IssuedAtTime(claims) require.NoError(t, err) str := issuedAt.UTC().Format("Mon Jan _2 15:04:05 2006") @@ -49,13 +49,13 @@ func TestIssuedAtTime_Int64(t *testing.T) { } func TestIssuedAtTime_Error_NoInt(t *testing.T) { - claims := jwt.MapClaims{"iat": 1606831200} + claims := jwtgo.MapClaims{"iat": 1606831200} _, err := IssuedAtTime(claims) assert.Error(t, err) } func TestIssuedAtTime_Error_Missing(t *testing.T) { - claims := jwt.MapClaims{} + claims := jwtgo.MapClaims{} iat, err := IssuedAtTime(claims) require.Error(t, err) assert.Equal(t, time.Unix(0, 0), iat) diff --git a/util/localconfig/localconfig.go b/util/localconfig/localconfig.go index 221695354ec7f..cdaf7adcc970e 100644 --- a/util/localconfig/localconfig.go +++ b/util/localconfig/localconfig.go @@ -6,7 +6,7 @@ import ( "path" "strings" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/argoproj/argo-cd/v2/util/config" configUtil "github.com/argoproj/argo-cd/v2/util/config" diff --git a/util/oidc/oidc.go b/util/oidc/oidc.go index 2f01dc167e3d4..9e018dfc67cea 100644 --- a/util/oidc/oidc.go +++ b/util/oidc/oidc.go @@ -17,7 +17,7 @@ import ( "time" gooidc "github.com/coreos/go-oidc/v3/oidc" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" log "github.com/sirupsen/logrus" "golang.org/x/oauth2" diff --git a/util/oidc/oidc_test.go b/util/oidc/oidc_test.go index 40c606dcd9671..82f06367be9c1 100644 --- a/util/oidc/oidc_test.go +++ b/util/oidc/oidc_test.go @@ -14,7 +14,7 @@ import ( "time" gooidc "github.com/coreos/go-oidc/v3/oidc" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "golang.org/x/oauth2" diff --git a/util/rbac/rbac.go b/util/rbac/rbac.go index ab45cf5c0d69f..76e8487f62005 100644 --- a/util/rbac/rbac.go +++ b/util/rbac/rbac.go @@ -18,7 +18,7 @@ import ( "github.com/casbin/casbin/v2/model" "github.com/casbin/casbin/v2/util" "github.com/casbin/govaluate" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" gocache "github.com/patrickmn/go-cache" log "github.com/sirupsen/logrus" "google.golang.org/grpc/codes" diff --git a/util/rbac/rbac_test.go b/util/rbac/rbac_test.go index 8bf1b780af6b4..ba24ce9402e86 100644 --- a/util/rbac/rbac_test.go +++ b/util/rbac/rbac_test.go @@ -7,7 +7,7 @@ import ( "testing" "time" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" log "github.com/sirupsen/logrus" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" diff --git a/util/security/jwt_test.go b/util/security/jwt_test.go index f8131259c1138..87b6cfb7dd636 100644 --- a/util/security/jwt_test.go +++ b/util/security/jwt_test.go @@ -4,7 +4,7 @@ import ( "testing" "time" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" diff --git a/util/session/sessionmanager.go b/util/session/sessionmanager.go index 09ba6aa43cd38..0483c94a65641 100644 --- a/util/session/sessionmanager.go +++ b/util/session/sessionmanager.go @@ -14,7 +14,7 @@ import ( "time" "github.com/coreos/go-oidc/v3/oidc" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/google/uuid" log "github.com/sirupsen/logrus" "google.golang.org/grpc/codes" diff --git a/util/session/sessionmanager_test.go b/util/session/sessionmanager_test.go index 73d8fdb8eaecb..cb0174e261759 100644 --- a/util/session/sessionmanager_test.go +++ b/util/session/sessionmanager_test.go @@ -14,7 +14,7 @@ import ( "testing" "time" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "google.golang.org/grpc/codes" @@ -220,16 +220,8 @@ func TestSessionManager_ProjectToken(t *testing.T) { }) } -type claimsMock struct { - err error -} - -func (cm *claimsMock) Valid() error { - return cm.err -} - type tokenVerifierMock struct { - claims *claimsMock + claims *jwt.RegisteredClaims err error } @@ -258,7 +250,7 @@ func TestSessionManager_WithAuthMiddleware(t *testing.T) { name string authDisabled bool cookieHeader bool - verifiedClaims *claimsMock + verifiedClaims *jwt.RegisteredClaims verifyTokenErr error expectedStatusCode int expectedResponseBody *string @@ -269,7 +261,7 @@ func TestSessionManager_WithAuthMiddleware(t *testing.T) { name: "will authenticate successfully", authDisabled: false, cookieHeader: true, - verifiedClaims: &claimsMock{}, + verifiedClaims: &jwt.RegisteredClaims{}, verifyTokenErr: nil, expectedStatusCode: http.StatusOK, expectedResponseBody: strPointer("Ok"), @@ -287,7 +279,7 @@ func TestSessionManager_WithAuthMiddleware(t *testing.T) { name: "will return 400 if no cookie header", authDisabled: false, cookieHeader: false, - verifiedClaims: &claimsMock{}, + verifiedClaims: &jwt.RegisteredClaims{}, verifyTokenErr: nil, expectedStatusCode: http.StatusBadRequest, expectedResponseBody: nil, @@ -296,7 +288,7 @@ func TestSessionManager_WithAuthMiddleware(t *testing.T) { name: "will return 401 verify token fails", authDisabled: false, cookieHeader: true, - verifiedClaims: &claimsMock{}, + verifiedClaims: &jwt.RegisteredClaims{}, verifyTokenErr: stderrors.New("token error"), expectedStatusCode: http.StatusUnauthorized, expectedResponseBody: nil, diff --git a/util/test/testutil.go b/util/test/testutil.go index a8e506300864d..61fa0e74616fe 100644 --- a/util/test/testutil.go +++ b/util/test/testutil.go @@ -9,7 +9,7 @@ import ( "testing" "github.com/go-jose/go-jose/v3" - "github.com/golang-jwt/jwt/v4" + "github.com/golang-jwt/jwt/v5" "github.com/stretchr/testify/require" )