diff options
| author |  dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 2025-01-27 11:08:13 +0000 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2025-01-27 11:08:13 +0000 |
| commit | a7737687182dbf8803800f575e2083cecfd481f7 (patch) | |
| tree | 05a7aa5535bc5eb0ee6c8b4b529aa959ab9fdbbe /vendor/github.com/SherClockHolmes/webpush-go/vapid.go | |
| parent | [chore]: Bump github.com/miekg/dns from 1.1.62 to 1.1.63 (#3695) (diff) | |
| download | gotosocial-a7737687182dbf8803800f575e2083cecfd481f7.tar.xz | |
[chore]: Bump github.com/SherClockHolmes/webpush-go from 1.3.0 to 1.4.0 (#3694)
Bumps [github.com/SherClockHolmes/webpush-go](https://github.com/SherClockHolmes/webpush-go) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/SherClockHolmes/webpush-go/releases)
- [Commits](https://github.com/SherClockHolmes/webpush-go/compare/v1.3.0...v1.4.0)
---
updated-dependencies:
- dependency-name: github.com/SherClockHolmes/webpush-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Diffstat (limited to 'vendor/github.com/SherClockHolmes/webpush-go/vapid.go')
| -rw-r--r-- | vendor/github.com/SherClockHolmes/webpush-go/vapid.go | 21 |
1 files changed, 11 insertions, 10 deletions
diff --git a/vendor/github.com/SherClockHolmes/webpush-go/vapid.go b/vendor/github.com/SherClockHolmes/webpush-go/vapid.go index fe2c580a6..d1c2a9154 100644 --- a/vendor/github.com/SherClockHolmes/webpush-go/vapid.go +++ b/vendor/github.com/SherClockHolmes/webpush-go/vapid.go @@ -5,12 +5,12 @@ import ( "crypto/elliptic" "crypto/rand" "encoding/base64" - "fmt" "math/big" "net/url" + "strings" "time" - "github.com/golang-jwt/jwt" + "github.com/golang-jwt/jwt/v5" ) // GenerateVAPIDKeys will create a private and public VAPID key pair @@ -72,10 +72,15 @@ func getVAPIDAuthorizationHeader( return "", err } + // Unless subscriber is an HTTPS URL, assume an e-mail address + if !strings.HasPrefix(subscriber, "https:") { + subscriber = "mailto:" + subscriber + } + token := jwt.NewWithClaims(jwt.SigningMethodES256, jwt.MapClaims{ - "aud": fmt.Sprintf("%s://%s", subURL.Scheme, subURL.Host), - "exp": expiration.Unix(), - "sub": fmt.Sprintf("mailto:%s", subscriber), + "aud": subURL.Scheme + "://" + subURL.Host, + "exp": time.Now().Add(time.Hour * 12).Unix(), + "sub": subscriber, }) // Decode the VAPID private key @@ -98,11 +103,7 @@ func getVAPIDAuthorizationHeader( return "", err } - return fmt.Sprintf( - "vapid t=%s, k=%s", - jwtString, - base64.RawURLEncoding.EncodeToString(pubKey), - ), nil + return "vapid t=" + jwtString + ", k=" + base64.RawURLEncoding.EncodeToString(pubKey), nil } // Need to decode the vapid private key in multiple base64 formats |