Emergency migration to jwt-go v4

To fix jwt parsing problem (issue in jwt-go [centrifugal#348](dgrijalva/jwt-go#348)) emergency migrated to v4.
GSokol · Apr 30, 2020 · e389243 · e389243
1 parent b500398
commit e389243
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 19 deletions.
diff --git a/client_test.go b/client_test.go
@@ -9,7 +9,7 @@ import (
 	"time"
 
 	"github.com/centrifugal/protocol"
-	"github.com/dgrijalva/jwt-go"
+	"github.com/dgrijalva/jwt-go/v4"
 	"github.com/google/uuid"
 	"github.com/stretchr/testify/require"
 )

diff --git a/go.mod b/go.mod
@@ -6,7 +6,7 @@ require (
 	github.com/FZambia/eagle v0.0.1
 	github.com/FZambia/sentinel v1.1.0
 	github.com/centrifugal/protocol v0.3.0
-	github.com/dgrijalva/jwt-go v3.2.0+incompatible
+	github.com/dgrijalva/jwt-go/v4 v4.0.0-preview1
 	github.com/gogo/protobuf v1.3.1
 	github.com/golang/protobuf v1.3.3 // indirect
 	github.com/gomodule/redigo v2.0.0+incompatible

diff --git a/go.sum b/go.sum
@@ -9,8 +9,8 @@ github.com/centrifugal/protocol v0.3.0/go.mod h1:2YbBCaDwQHl37ErRdMrKSj18X2yVvpk
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM=
-github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
+github.com/dgrijalva/jwt-go/v4 v4.0.0-preview1 h1:CaO/zOnF8VvUfEbhRatPcwKVWamvbYd8tQGRWacE9kU=
+github.com/dgrijalva/jwt-go/v4 v4.0.0-preview1/go.mod h1:+hnT3ywWDTAFrW5aE+u2Sa/wT555ZqwoCS+pk3p6ry4=
 github.com/gogo/protobuf v1.3.1 h1:DqDEcV5aeaTmdFBePNpYsp3FlcVH/2ISVVM9Qf8PSls=
 github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
 github.com/golang/protobuf v1.2.0 h1:P3YflyNX/ehuJFLhxviNdFxQPkGK5cDcApsge1SqnvM=
@@ -51,6 +51,8 @@ golang.org/x/sync v0.0.0-20181108010431-42b317875d0f h1:Bl/8QSvNqXvPGPGXa2z5xUTm
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563 h1:NIou6eNFigscvKJmsbyez16S2cIS6idossORlFtSt2E=
 golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=

diff --git a/token_verifier_jwt.go b/token_verifier_jwt.go
@@ -8,7 +8,7 @@ import (
 	"fmt"
 	"sync"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/dgrijalva/jwt-go/v4"
 )
 
 type tokenVerifierJWT struct {
@@ -48,22 +48,22 @@ type subscribeTokenClaims struct {
 func (verifier *tokenVerifierJWT) VerifyConnectToken(token string) (connectToken, error) {
 	parsedToken, err := jwt.ParseWithClaims(token, &connectTokenClaims{}, verifier.jwtKeyFunc())
 	if err != nil {
-		if err, ok := err.(*jwt.ValidationError); ok {
-			if err.Errors == jwt.ValidationErrorExpired {
-				// The only problem with token is its expiration - no other
-				// errors set in Errors bitfield.
-				return connectToken{}, errTokenExpired
-			}
+		if _, ok := err.(*jwt.TokenExpiredError); ok {
+			// The only problem with token is its expiration - no other
+			// errors set in Errors bitfield.
+			return connectToken{}, errTokenExpired
 		}
 		return connectToken{}, err
 	}
 	if claims, ok := parsedToken.Claims.(*connectTokenClaims); ok && parsedToken.Valid {
 		token := connectToken{
 			UserID:   claims.StandardClaims.Subject,
-			ExpireAt: claims.StandardClaims.ExpiresAt,
 			Info:     claims.Info,
 			Channels: claims.Channels,
 		}
+		if claims.StandardClaims.ExpiresAt != nil {
+			token.ExpireAt = claims.StandardClaims.ExpiresAt.Unix()
+		}
 		if claims.Base64Info != "" {
 			byteInfo, err := base64.StdEncoding.DecodeString(claims.Base64Info)
 			if err != nil {
@@ -79,12 +79,10 @@ func (verifier *tokenVerifierJWT) VerifyConnectToken(token string) (connectToken
 func (verifier *tokenVerifierJWT) VerifySubscribeToken(token string) (subscribeToken, error) {
 	parsedToken, err := jwt.ParseWithClaims(token, &subscribeTokenClaims{}, verifier.jwtKeyFunc())
 	if err != nil {
-		if validationErr, ok := err.(*jwt.ValidationError); ok {
-			if validationErr.Errors == jwt.ValidationErrorExpired {
-				// The only problem with token is its expiration - no other
-				// errors set in Errors bitfield.
-				return subscribeToken{}, errTokenExpired
-			}
+		if _, ok := err.(*jwt.TokenExpiredError); ok {
+			// The only problem with token is its expiration - no other
+			// errors set in Errors bitfield.
+			return subscribeToken{}, errTokenExpired
 		}
 		return subscribeToken{}, err
 	}
@@ -93,9 +91,11 @@ func (verifier *tokenVerifierJWT) VerifySubscribeToken(token string) (subscribeT
 			Client:          claims.Client,
 			Info:            claims.Info,
 			Channel:         claims.Channel,
-			ExpireAt:        claims.StandardClaims.ExpiresAt,
 			ExpireTokenOnly: claims.ExpireTokenOnly,
 		}
+		if claims.StandardClaims.ExpiresAt != nil {
+			token.ExpireAt = claims.StandardClaims.ExpiresAt.Unix()
+		}
 		if claims.Base64Info != "" {
 			byteInfo, err := base64.StdEncoding.DecodeString(claims.Base64Info)
 			if err != nil {