diff --git a/CHANGELOG.md b/CHANGELOG.md index 9570a3b..a5ed47a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,9 @@ Based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## HEAD +* Replace deprecated gopkg.in/square/go-jose.v2 with github.com/square/go-jose/v3 [#29] +* Update golang.org/x/crypto from 0.14.0 to 0.17.0 [#27] + ## 1.2.0 * Add `authn.ClaimsFrom` and `authn.ClaimsFromWithAudience` to support diff --git a/authn/authn.go b/authn/authn.go index 42002ba..cc36301 100644 --- a/authn/authn.go +++ b/authn/authn.go @@ -5,7 +5,7 @@ import ( "net/http" "time" - jwt "gopkg.in/square/go-jose.v2/jwt" + jwt "github.com/go-jose/go-jose/v3/jwt" ) // TODO: jose/jwt references are all over the place. Refactor possible? diff --git a/authn/claims.go b/authn/claims.go index 12c3761..cf7aa5c 100644 --- a/authn/claims.go +++ b/authn/claims.go @@ -1,6 +1,6 @@ package authn -import "gopkg.in/square/go-jose.v2/jwt" +import "github.com/go-jose/go-jose/v3/jwt" type Claims struct { AuthTime *jwt.NumericDate `json:"auth_time"` diff --git a/authn/interfaces.go b/authn/interfaces.go index 51b0ab5..f8e6284 100644 --- a/authn/interfaces.go +++ b/authn/interfaces.go @@ -1,7 +1,7 @@ package authn import ( - jose "gopkg.in/square/go-jose.v2" + jose "github.com/go-jose/go-jose/v3" ) // Provides a JSON Web Key from a Key ID diff --git a/authn/internal_client.go b/authn/internal_client.go index 96a4940..daa1fd4 100644 --- a/authn/internal_client.go +++ b/authn/internal_client.go @@ -11,7 +11,7 @@ import ( "strings" "time" - jose "gopkg.in/square/go-jose.v2" + jose "github.com/go-jose/go-jose/v3" ) type internalClient struct { diff --git a/authn/keychain_cache.go b/authn/keychain_cache.go index 5d3e1d3..41667c3 100644 --- a/authn/keychain_cache.go +++ b/authn/keychain_cache.go @@ -3,9 +3,8 @@ package authn import ( "time" + jose "github.com/go-jose/go-jose/v3" "github.com/patrickmn/go-cache" - - jose "gopkg.in/square/go-jose.v2" ) // keychainCache is a JWKProvider which wraps around another JWKProvider diff --git a/authn/keychain_cache_test.go b/authn/keychain_cache_test.go index cce2ddf..93c3e2c 100644 --- a/authn/keychain_cache_test.go +++ b/authn/keychain_cache_test.go @@ -5,11 +5,9 @@ import ( "testing" "time" - "github.com/stretchr/testify/assert" - - jose "gopkg.in/square/go-jose.v2" - + jose "github.com/go-jose/go-jose/v3" "github.com/patrickmn/go-cache" + "github.com/stretchr/testify/assert" ) // Mock JWKProvider for tests diff --git a/authn/verifier.go b/authn/verifier.go index 6d08adb..86e3733 100644 --- a/authn/verifier.go +++ b/authn/verifier.go @@ -5,7 +5,7 @@ import ( "net/url" "time" - jwt "gopkg.in/square/go-jose.v2/jwt" + jwt "github.com/go-jose/go-jose/v3/jwt" ) var ErrNoKey = errors.New("No keys found") diff --git a/authn/verifier_test.go b/authn/verifier_test.go index eb3c9fe..d06ede0 100644 --- a/authn/verifier_test.go +++ b/authn/verifier_test.go @@ -11,10 +11,10 @@ import ( "testing" "time" + jose "github.com/go-jose/go-jose/v3" + jwt "github.com/go-jose/go-jose/v3/jwt" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - jose "gopkg.in/square/go-jose.v2" - jwt "gopkg.in/square/go-jose.v2/jwt" ) func TestIDTokenVerifier(t *testing.T) { @@ -92,9 +92,9 @@ func TestIDTokenVerifier(t *testing.T) { token string err error }{ - {"", fmt.Errorf("square/go-jose: compact JWS format must have three parts")}, - {"a", fmt.Errorf("square/go-jose: compact JWS format must have three parts")}, - {"a.b", fmt.Errorf("square/go-jose: compact JWS format must have three parts")}, + {"", fmt.Errorf("go-jose/go-jose: compact JWS format must have three parts")}, + {"a", fmt.Errorf("go-jose/go-jose: compact JWS format must have three parts")}, + {"a.b", fmt.Errorf("go-jose/go-jose: compact JWS format must have three parts")}, {"a.b.c", base64.CorruptInputError(0)}, } diff --git a/go.mod b/go.mod index d28c624..812d047 100644 --- a/go.mod +++ b/go.mod @@ -3,9 +3,9 @@ module github.com/keratin/authn-go go 1.12 require ( + github.com/go-jose/go-jose/v3 v3.0.1 github.com/google/go-cmp v0.6.0 // indirect github.com/patrickmn/go-cache v2.1.0+incompatible github.com/stretchr/testify v1.8.4 golang.org/x/crypto v0.17.0 // indirect - gopkg.in/square/go-jose.v2 v2.6.0 ) diff --git a/go.sum b/go.sum index de0b753..6bdf5b3 100644 --- a/go.sum +++ b/go.sum @@ -1,6 +1,9 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/go-jose/go-jose/v3 v3.0.1 h1:pWmKFVtt+Jl0vBZTIpz/eAKwsm6LkIxDVVbFHKkchhA= +github.com/go-jose/go-jose/v3 v3.0.1/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8= +github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/patrickmn/go-cache v2.1.0+incompatible h1:HRMgzkcYKYpi3C8ajMPV8OFXaaRUnok+kx1WdO15EQc= @@ -10,17 +13,20 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k= golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= @@ -30,6 +36,7 @@ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -53,10 +60,9 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/square/go-jose.v2 v2.6.0 h1:NGk74WTnPKBNUhNzQX7PYcTLUjoq7mzKk2OKbvwk2iI= -gopkg.in/square/go-jose.v2 v2.6.0/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=