-
Notifications
You must be signed in to change notification settings - Fork 996
ParseWithClaims: getting json error when processing JWT that has multiple values for audience #348
Comments
I have fixed the code, but ran into an issue trying to push the change to github, so I attached a ZIP file of the changes instead. |
Having a similar issue using the I'm very new to Go so I don't know if this is possible, but it almost seems like Audience needs to be defined as |
Good point. Could make it an interface{} instead. Would have to work through the various test cases to ensure that both Array and string claims are properly decoded and validated. |
@jeffkayser2 why you don't make a PR? |
I don't know git that well. Sorry. Here is a version that will work for Audiences that are both strings and []string. |
Ignore. Code works for string, but not []string. |
This version works for Audiences of type string and []string. Just an alternative. Sorry for the lack of a pull request. I'm not that good at git yet. |
Refactored in favour of your solution (I think it's cleaner, hope it's ok for you me to push parts of your code), please see #355 |
No problem! Thanks for doing that. One of these days, I'll figure out git. :-) |
Is this going to be fixed? Currently, RFC compliant tokens cannot be parsed because of this problem, which is a major issue in my opinion. Is there anything wrong with the proposed pull requests? |
Until now issue is not resolved. |
I took a sneak peek into v4.0.0 preview source code (https://github.com/dgrijalva/jwt-go/releases) and it looks like that v4 will fix this, but I don't know when it will be released. |
I can confirm v4.0.0 preview solves this issue. |
To fix jwt parsing problem (issue in jwt-go [centrifugal#348](dgrijalva/jwt-go#348)) emergency migrated to v4.
Any stable release to fix this issue ? |
@dgrijalva Could you eventually put the contents of |
[note] |
I am using JWT tokens generated by Auth0 and oauth2. The token payload looks like this:
{ "iss": "https://redacted.auth0.com/", "sub": "google-oauth2|redacted", "aud": [ "https://redacted:443/app/v1", "https://redacted.auth0.com/userinfo" ], "iat": 1565196366, "exp": 1565282766, "azp": "redacted", "scope": "openid profile email", "permissions": [ "admin" ] }
Because the audience is multi-valued, I am getting parsing error when trying to read the claims.
My parsing code looks like this:
type CustomClaimType struct { Permissions []string
json:"permissions"Scope string
json:"scope"jwt.StandardClaims }
. . .
// Now parse the token parsedToken, err := jwt.ParseWithClaims(bearerToken, &CustomClaimType{}, auth0ValidationKeyGetter) if err != nil { log.Printf("Got error parsing token: " + err.Error()) return nil, false, err }
When I run this, I get an error:
Got error parsing token: json: cannot unmarshal array into Go struct field CustomClaimType.aud of type string
The text was updated successfully, but these errors were encountered: