Merged
Conversation
Collaborator
Author
|
I wonder if it would make sense to return an interface instead? |
|
This worked perfectly (as far as building and passing unit tests in two of our repos), so I would like to see it Merged (and Released) if TPTB approve. |
mfridman
reviewed
Oct 2, 2023
Member
Ye, it's uncommon to have an exported function return an unexported type. An interface would be better, although then we'd be stuck with it in the public API. |
|
What's the status of this? (We're "on hold" upgrading to jwt v5 pending resolution.) |
Member
|
I think it's "on hold' / "gathering more feedback", given this is a potential foot gun. We've been exporting and adding to the public API sparingly, and want to make sure we're at least having a discussion around it. |
cf2cf1b to
1940dc7
Compare
Previously, we had `newValidator` as a private function. This PR exports this function so that validation can be done independtly of parsing the claim.
1940dc7 to
cf5c7ca
Compare
jcburley
reviewed
Oct 17, 2023
Contributor
|
i'm realy need ability to validate generic claims and don't copy code from jwt repo. |
mfridman
reviewed
Oct 18, 2023
mfridman
approved these changes
Nov 8, 2023
Contributor
|
waiting for release =) |
Collaborator
Author
Unfortunately, we just released 5.1.0 so it might take a while as we usually wait until a few PRs come together. If you really need this feature you can use the pseudo version of the main branch / commit. |
Member
|
You should be able to fetch the latest This will pull in the pseudo-version: |
nono
referenced
this pull request
in cozy/cozy-stack
Dec 4, 2023
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/golang-jwt/jwt/v5](https://togithub.com/golang-jwt/jwt) | require | minor | `v5.1.0` -> `v5.2.0` | --- ### Release Notes <details> <summary>golang-jwt/jwt (github.com/golang-jwt/jwt/v5)</summary> ### [`v5.2.0`](https://togithub.com/golang-jwt/jwt/releases/tag/v5.2.0) [Compare Source](https://togithub.com/golang-jwt/jwt/compare/v5.1.0...v5.2.0) #### What's Changed - Exported `NewValidator` by [@​oxisto](https://togithub.com/oxisto) in [https://github.com/golang-jwt/jwt/pull/349](https://togithub.com/golang-jwt/jwt/pull/349) - Improve ErrInvalidKeyType error messages by [@​Laurin-Notemann](https://togithub.com/Laurin-Notemann) in [https://github.com/golang-jwt/jwt/pull/361](https://togithub.com/golang-jwt/jwt/pull/361) - Update MIGRATION_GUIDE.md by [@​jbarham](https://togithub.com/jbarham) in [https://github.com/golang-jwt/jwt/pull/363](https://togithub.com/golang-jwt/jwt/pull/363) #### New Contributors - [@​Laurin-Notemann](https://togithub.com/Laurin-Notemann) made their first contribution in [https://github.com/golang-jwt/jwt/pull/361](https://togithub.com/golang-jwt/jwt/pull/361) - [@​jbarham](https://togithub.com/jbarham) made their first contribution in [https://github.com/golang-jwt/jwt/pull/363](https://togithub.com/golang-jwt/jwt/pull/363) **Full Changelog**: golang-jwt/jwt@v5.1.0...v5.2.0 </details> --- ### Configuration π **Schedule**: Branch creation - "before 6am on Monday" in timezone Europe/Paris, Automerge - At any time (no schedule defined). π¦ **Automerge**: Disabled by config. Please merge this manually once you are satisfied. β» **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. π **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/cozy/cozy-stack). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy44MS4zIiwidXBkYXRlZEluVmVyIjoiMzcuODEuMyIsInRhcmdldEJyYW5jaCI6Im1hc3RlciJ9-->
renovate bot
referenced
this pull request
in woodpecker-ci/woodpecker
Dec 4, 2023
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | code.gitea.io/sdk/gitea | require | minor | `v0.16.0` -> `v0.17.0` | | [github.com/antonmedv/expr](https://togithub.com/antonmedv/expr) | require | patch | `v1.15.5` -> `v1.15.6` | | [github.com/golang-jwt/jwt/v5](https://togithub.com/golang-jwt/jwt) | require | minor | `v5.1.0` -> `v5.2.0` | | [github.com/urfave/cli/v2](https://togithub.com/urfave/cli) | require | minor | `v2.25.7` -> `v2.26.0` | --- ### Release Notes <details> <summary>antonmedv/expr (github.com/antonmedv/expr)</summary> ### [`v1.15.6`](https://togithub.com/expr-lang/expr/releases/tag/v1.15.6) [Compare Source](https://togithub.com/antonmedv/expr/compare/v1.15.5...v1.15.6) - This is a new release for `expr-lang/epxr`. </details> <details> <summary>golang-jwt/jwt (github.com/golang-jwt/jwt/v5)</summary> ### [`v5.2.0`](https://togithub.com/golang-jwt/jwt/releases/tag/v5.2.0) [Compare Source](https://togithub.com/golang-jwt/jwt/compare/v5.1.0...v5.2.0) #### What's Changed - Exported `NewValidator` by [@​oxisto](https://togithub.com/oxisto) in [https://github.com/golang-jwt/jwt/pull/349](https://togithub.com/golang-jwt/jwt/pull/349) - Improve ErrInvalidKeyType error messages by [@​Laurin-Notemann](https://togithub.com/Laurin-Notemann) in [https://github.com/golang-jwt/jwt/pull/361](https://togithub.com/golang-jwt/jwt/pull/361) - Update MIGRATION_GUIDE.md by [@​jbarham](https://togithub.com/jbarham) in [https://github.com/golang-jwt/jwt/pull/363](https://togithub.com/golang-jwt/jwt/pull/363) #### New Contributors - [@​Laurin-Notemann](https://togithub.com/Laurin-Notemann) made their first contribution in [https://github.com/golang-jwt/jwt/pull/361](https://togithub.com/golang-jwt/jwt/pull/361) - [@​jbarham](https://togithub.com/jbarham) made their first contribution in [https://github.com/golang-jwt/jwt/pull/363](https://togithub.com/golang-jwt/jwt/pull/363) **Full Changelog**: golang-jwt/jwt@v5.1.0...v5.2.0 </details> <details> <summary>urfave/cli (github.com/urfave/cli/v2)</summary> ### [`v2.26.0`](https://togithub.com/urfave/cli/releases/tag/v2.26.0) [Compare Source](https://togithub.com/urfave/cli/compare/v2.25.7...v2.26.0) #### What's Changed - Bash completion nits by [@​meatballhat](https://togithub.com/meatballhat) in [https://github.com/urfave/cli/pull/1762](https://togithub.com/urfave/cli/pull/1762) - Chore: Rename mkdocs requirements file name by [@​dearchap](https://togithub.com/dearchap) in [https://github.com/urfave/cli/pull/1776](https://togithub.com/urfave/cli/pull/1776) - Fix:(issue\_1787) Add fix for commands not listed when hide help commaβ¦ by [@​dearchap](https://togithub.com/dearchap) in [https://github.com/urfave/cli/pull/1788](https://togithub.com/urfave/cli/pull/1788) - Fix nil HelpFlag panic (v2) by [@​wxiaoguang](https://togithub.com/wxiaoguang) in [https://github.com/urfave/cli/pull/1795](https://togithub.com/urfave/cli/pull/1795) - Always get 0 for a nested int64 value in v2.25.7 by [@​stephenfire](https://togithub.com/stephenfire) in [https://github.com/urfave/cli/pull/1799](https://togithub.com/urfave/cli/pull/1799) - Helper messages for documenting build process by [@​abitrolly](https://togithub.com/abitrolly) in [https://github.com/urfave/cli/pull/1800](https://togithub.com/urfave/cli/pull/1800) - fix: check duplicated sub command name and alias by [@​linrl3](https://togithub.com/linrl3) in [https://github.com/urfave/cli/pull/1805](https://togithub.com/urfave/cli/pull/1805) - Fix:(issue\_1689) Have consistent behavior for default text in man andβ¦ by [@​dearchap](https://togithub.com/dearchap) in [https://github.com/urfave/cli/pull/1825](https://togithub.com/urfave/cli/pull/1825) - Fix linting issues by [@​skelouse](https://togithub.com/skelouse) in [https://github.com/urfave/cli/pull/1696](https://togithub.com/urfave/cli/pull/1696) #### New Contributors - [@​stephenfire](https://togithub.com/stephenfire) made their first contribution in [https://github.com/urfave/cli/pull/1799](https://togithub.com/urfave/cli/pull/1799) - [@​linrl3](https://togithub.com/linrl3) made their first contribution in [https://github.com/urfave/cli/pull/1805](https://togithub.com/urfave/cli/pull/1805) **Full Changelog**: urfave/cli@v2.25.7...v2.26.0 </details> --- ### Configuration π **Schedule**: Branch creation - "before 4am" (UTC), Automerge - "before 4am" (UTC). π¦ **Automerge**: Enabled. β» **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. π» **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/woodpecker-ci/woodpecker). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy44MS4zIiwidXBkYXRlZEluVmVyIjoiMzcuODEuMyIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: qwerty287 <[email protected]>
github-merge-queue bot
referenced
this pull request
in infratographer/x
Apr 2, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [github.com/golang-jwt/jwt/v5](https://togithub.com/golang-jwt/jwt) | `v5.0.0` -> `v5.2.1` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>golang-jwt/jwt (github.com/golang-jwt/jwt/v5)</summary> ### [`v5.2.1`](https://togithub.com/golang-jwt/jwt/releases/tag/v5.2.1) [Compare Source](https://togithub.com/golang-jwt/jwt/compare/v5.2.0...v5.2.1) #### What's Changed - chore: remove unnecessary conversions from tests by [@​estensen](https://togithub.com/estensen) in [https://github.com/golang-jwt/jwt/pull/370](https://togithub.com/golang-jwt/jwt/pull/370) - Trivial: Typo fix for ECDSA error message by [@​tjs-cinemo](https://togithub.com/tjs-cinemo) in [https://github.com/golang-jwt/jwt/pull/373](https://togithub.com/golang-jwt/jwt/pull/373) - Fix incorrect error return by [@​ss49919201](https://togithub.com/ss49919201) in [https://github.com/golang-jwt/jwt/pull/371](https://togithub.com/golang-jwt/jwt/pull/371) #### New Contributors - [@​tjs-cinemo](https://togithub.com/tjs-cinemo) made their first contribution in [https://github.com/golang-jwt/jwt/pull/373](https://togithub.com/golang-jwt/jwt/pull/373) - [@​ss49919201](https://togithub.com/ss49919201) made their first contribution in [https://github.com/golang-jwt/jwt/pull/371](https://togithub.com/golang-jwt/jwt/pull/371) **Full Changelog**: golang-jwt/jwt@v5.2.0...v5.2.1 ### [`v5.2.0`](https://togithub.com/golang-jwt/jwt/releases/tag/v5.2.0) [Compare Source](https://togithub.com/golang-jwt/jwt/compare/v5.1.0...v5.2.0) #### What's Changed - Exported `NewValidator` by [@​oxisto](https://togithub.com/oxisto) in [https://github.com/golang-jwt/jwt/pull/349](https://togithub.com/golang-jwt/jwt/pull/349) - Improve ErrInvalidKeyType error messages by [@​Laurin-Notemann](https://togithub.com/Laurin-Notemann) in [https://github.com/golang-jwt/jwt/pull/361](https://togithub.com/golang-jwt/jwt/pull/361) - Update MIGRATION_GUIDE.md by [@​jbarham](https://togithub.com/jbarham) in [https://github.com/golang-jwt/jwt/pull/363](https://togithub.com/golang-jwt/jwt/pull/363) #### New Contributors - [@​Laurin-Notemann](https://togithub.com/Laurin-Notemann) made their first contribution in [https://github.com/golang-jwt/jwt/pull/361](https://togithub.com/golang-jwt/jwt/pull/361) - [@​jbarham](https://togithub.com/jbarham) made their first contribution in [https://github.com/golang-jwt/jwt/pull/363](https://togithub.com/golang-jwt/jwt/pull/363) **Full Changelog**: golang-jwt/jwt@v5.1.0...v5.2.0 ### [`v5.1.0`](https://togithub.com/golang-jwt/jwt/releases/tag/v5.1.0) [Compare Source](https://togithub.com/golang-jwt/jwt/compare/v5.0.0...v5.1.0) #### What's Changed - Using jwt's native `ErrInvalidType` instead of `json.UnsupportedTypeError` by [@​oxisto](https://togithub.com/oxisto) in [https://github.com/golang-jwt/jwt/pull/316](https://togithub.com/golang-jwt/jwt/pull/316) - Fix typos in comments and test names by [@​alexandear](https://togithub.com/alexandear) in [https://github.com/golang-jwt/jwt/pull/317](https://togithub.com/golang-jwt/jwt/pull/317) - Format: add whitespaces, remove empty lines by [@​alexandear](https://togithub.com/alexandear) in [https://github.com/golang-jwt/jwt/pull/319](https://togithub.com/golang-jwt/jwt/pull/319) - Refactor example: use io.ReadAll instead of io.Copy by [@​alexandear](https://togithub.com/alexandear) in [https://github.com/golang-jwt/jwt/pull/320](https://togithub.com/golang-jwt/jwt/pull/320) - Refactor code by using switch instead of if-else by [@​alexandear](https://togithub.com/alexandear) in [https://github.com/golang-jwt/jwt/pull/318](https://togithub.com/golang-jwt/jwt/pull/318) - A quick way to validate token string by [@​dcalsky](https://togithub.com/dcalsky) in [https://github.com/golang-jwt/jwt/pull/302](https://togithub.com/golang-jwt/jwt/pull/302) - Refactor: remove unnecessary \[]byte conversion to string by [@​alexandear](https://togithub.com/alexandear) in [https://github.com/golang-jwt/jwt/pull/330](https://togithub.com/golang-jwt/jwt/pull/330) - Refactor: compare strings with strings.EqualFold by [@​alexandear](https://togithub.com/alexandear) in [https://github.com/golang-jwt/jwt/pull/329](https://togithub.com/golang-jwt/jwt/pull/329) - Avoid use of json.NewDecoder by [@​craigpastro](https://togithub.com/craigpastro) in [https://github.com/golang-jwt/jwt/pull/313](https://togithub.com/golang-jwt/jwt/pull/313) - Update ParseUnverified godoc by [@​duhaesbaert](https://togithub.com/duhaesbaert) in [https://github.com/golang-jwt/jwt/pull/341](https://togithub.com/golang-jwt/jwt/pull/341) - Update ci workflows (add go1.21) by [@​mfridman](https://togithub.com/mfridman) in [https://github.com/golang-jwt/jwt/pull/345](https://togithub.com/golang-jwt/jwt/pull/345) - Bump actions/checkout from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golang-jwt/jwt/pull/346](https://togithub.com/golang-jwt/jwt/pull/346) - Key rotation with VerificationKeySet by [@​mfridman](https://togithub.com/mfridman) in [https://github.com/golang-jwt/jwt/pull/344](https://togithub.com/golang-jwt/jwt/pull/344) - Add explicit ClaimsValidator implementation check for custom claims by [@​epelc](https://togithub.com/epelc) in [https://github.com/golang-jwt/jwt/pull/343](https://togithub.com/golang-jwt/jwt/pull/343) - feat: allow making exp claim required by [@​tareksha](https://togithub.com/tareksha) in [https://github.com/golang-jwt/jwt/pull/351](https://togithub.com/golang-jwt/jwt/pull/351) - Add error handling to examples by [@​craigpastro](https://togithub.com/craigpastro) in [https://github.com/golang-jwt/jwt/pull/312](https://togithub.com/golang-jwt/jwt/pull/312) #### New Contributors - [@​alexandear](https://togithub.com/alexandear) made their first contribution in [https://github.com/golang-jwt/jwt/pull/317](https://togithub.com/golang-jwt/jwt/pull/317) - [@​dcalsky](https://togithub.com/dcalsky) made their first contribution in [https://github.com/golang-jwt/jwt/pull/302](https://togithub.com/golang-jwt/jwt/pull/302) - [@​craigpastro](https://togithub.com/craigpastro) made their first contribution in [https://github.com/golang-jwt/jwt/pull/313](https://togithub.com/golang-jwt/jwt/pull/313) - [@​duhaesbaert](https://togithub.com/duhaesbaert) made their first contribution in [https://github.com/golang-jwt/jwt/pull/341](https://togithub.com/golang-jwt/jwt/pull/341) - [@​epelc](https://togithub.com/epelc) made their first contribution in [https://github.com/golang-jwt/jwt/pull/343](https://togithub.com/golang-jwt/jwt/pull/343) - [@​tareksha](https://togithub.com/tareksha) made their first contribution in [https://github.com/golang-jwt/jwt/pull/351](https://togithub.com/golang-jwt/jwt/pull/351) **Full Changelog**: golang-jwt/jwt@v5.0.0...v5.1.0 </details> --- ### Configuration π **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). π¦ **Automerge**: Disabled by config. Please merge this manually once you are satisfied. β» **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. π **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/infratographer/x). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNjkuMiIsInVwZGF0ZWRJblZlciI6IjM3LjI2OS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Previously, we had
newValidatoras a private function. This PR exports this function so that validation can be done independtly of parsing the claim.