summaryrefslogtreecommitdiff
path: root/vendor/code.superseriousbusiness.org/oauth2/v4/generates
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/code.superseriousbusiness.org/oauth2/v4/generates')
-rw-r--r--vendor/code.superseriousbusiness.org/oauth2/v4/generates/access.go76
-rw-r--r--vendor/code.superseriousbusiness.org/oauth2/v4/generates/authorize.go60
-rw-r--r--vendor/code.superseriousbusiness.org/oauth2/v4/generates/jwt_access.go22
3 files changed, 84 insertions, 74 deletions
diff --git a/vendor/code.superseriousbusiness.org/oauth2/v4/generates/access.go b/vendor/code.superseriousbusiness.org/oauth2/v4/generates/access.go
index 972b5dce1..ca66f840a 100644
--- a/vendor/code.superseriousbusiness.org/oauth2/v4/generates/access.go
+++ b/vendor/code.superseriousbusiness.org/oauth2/v4/generates/access.go
@@ -1,38 +1,38 @@
-package generates
-
-import (
- "bytes"
- "context"
- "encoding/base64"
- "strconv"
- "strings"
-
- "code.superseriousbusiness.org/oauth2/v4"
- "github.com/google/uuid"
-)
-
-// NewAccessGenerate create to generate the access token instance
-func NewAccessGenerate() *AccessGenerate {
- return &AccessGenerate{}
-}
-
-// AccessGenerate generate the access token
-type AccessGenerate struct {
-}
-
-// Token based on the UUID generated token
-func (ag *AccessGenerate) Token(ctx context.Context, data *oauth2.GenerateBasic, isGenRefresh bool) (string, string, error) {
- buf := bytes.NewBufferString(data.Client.GetID())
- buf.WriteString(data.UserID)
- buf.WriteString(strconv.FormatInt(data.CreateAt.UnixNano(), 10))
-
- access := base64.URLEncoding.EncodeToString([]byte(uuid.NewMD5(uuid.Must(uuid.NewRandom()), buf.Bytes()).String()))
- access = strings.ToUpper(strings.TrimRight(access, "="))
- refresh := ""
- if isGenRefresh {
- refresh = base64.URLEncoding.EncodeToString([]byte(uuid.NewSHA1(uuid.Must(uuid.NewRandom()), buf.Bytes()).String()))
- refresh = strings.ToUpper(strings.TrimRight(refresh, "="))
- }
-
- return access, refresh, nil
-}
+package generates
+
+import (
+ "bytes"
+ "context"
+ "encoding/base64"
+ "strconv"
+ "strings"
+
+ "code.superseriousbusiness.org/oauth2/v4"
+ "github.com/google/uuid"
+)
+
+// NewAccessGenerate create to generate the access token instance
+func NewAccessGenerate() *AccessGenerate {
+ return &AccessGenerate{}
+}
+
+// AccessGenerate generate the access token
+type AccessGenerate struct {
+}
+
+// Token based on the UUID generated token
+func (ag *AccessGenerate) Token(ctx context.Context, data *oauth2.GenerateBasic, isGenRefresh bool) (string, string, error) {
+ buf := bytes.NewBufferString(data.Client.GetID())
+ buf.WriteString(data.UserID)
+ buf.WriteString(strconv.FormatInt(data.CreateAt.UnixNano(), 10))
+
+ access := base64.URLEncoding.EncodeToString([]byte(uuid.NewMD5(uuid.Must(uuid.NewRandom()), buf.Bytes()).String()))
+ access = strings.ToUpper(strings.TrimRight(access, "="))
+ refresh := ""
+ if isGenRefresh {
+ refresh = base64.URLEncoding.EncodeToString([]byte(uuid.NewSHA1(uuid.Must(uuid.NewRandom()), buf.Bytes()).String()))
+ refresh = strings.ToUpper(strings.TrimRight(refresh, "="))
+ }
+
+ return access, refresh, nil
+}
diff --git a/vendor/code.superseriousbusiness.org/oauth2/v4/generates/authorize.go b/vendor/code.superseriousbusiness.org/oauth2/v4/generates/authorize.go
index 9d8f3fb45..0a4784903 100644
--- a/vendor/code.superseriousbusiness.org/oauth2/v4/generates/authorize.go
+++ b/vendor/code.superseriousbusiness.org/oauth2/v4/generates/authorize.go
@@ -1,30 +1,30 @@
-package generates
-
-import (
- "bytes"
- "context"
- "encoding/base64"
- "strings"
-
- "code.superseriousbusiness.org/oauth2/v4"
- "github.com/google/uuid"
-)
-
-// NewAuthorizeGenerate create to generate the authorize code instance
-func NewAuthorizeGenerate() *AuthorizeGenerate {
- return &AuthorizeGenerate{}
-}
-
-// AuthorizeGenerate generate the authorize code
-type AuthorizeGenerate struct{}
-
-// Token based on the UUID generated token
-func (ag *AuthorizeGenerate) Token(ctx context.Context, data *oauth2.GenerateBasic) (string, error) {
- buf := bytes.NewBufferString(data.Client.GetID())
- buf.WriteString(data.UserID)
- token := uuid.NewMD5(uuid.Must(uuid.NewRandom()), buf.Bytes())
- code := base64.URLEncoding.EncodeToString([]byte(token.String()))
- code = strings.ToUpper(strings.TrimRight(code, "="))
-
- return code, nil
-}
+package generates
+
+import (
+ "bytes"
+ "context"
+ "encoding/base64"
+ "strings"
+
+ "code.superseriousbusiness.org/oauth2/v4"
+ "github.com/google/uuid"
+)
+
+// NewAuthorizeGenerate create to generate the authorize code instance
+func NewAuthorizeGenerate() *AuthorizeGenerate {
+ return &AuthorizeGenerate{}
+}
+
+// AuthorizeGenerate generate the authorize code
+type AuthorizeGenerate struct{}
+
+// Token based on the UUID generated token
+func (ag *AuthorizeGenerate) Token(ctx context.Context, data *oauth2.GenerateBasic) (string, error) {
+ buf := bytes.NewBufferString(data.Client.GetID())
+ buf.WriteString(data.UserID)
+ token := uuid.NewMD5(uuid.Must(uuid.NewRandom()), buf.Bytes())
+ code := base64.URLEncoding.EncodeToString([]byte(token.String()))
+ code = strings.ToUpper(strings.TrimRight(code, "="))
+
+ return code, nil
+}
diff --git a/vendor/code.superseriousbusiness.org/oauth2/v4/generates/jwt_access.go b/vendor/code.superseriousbusiness.org/oauth2/v4/generates/jwt_access.go
index 57c2950f0..10021812b 100644
--- a/vendor/code.superseriousbusiness.org/oauth2/v4/generates/jwt_access.go
+++ b/vendor/code.superseriousbusiness.org/oauth2/v4/generates/jwt_access.go
@@ -8,18 +8,18 @@ import (
"code.superseriousbusiness.org/oauth2/v4"
"code.superseriousbusiness.org/oauth2/v4/errors"
- "github.com/golang-jwt/jwt"
+ "github.com/golang-jwt/jwt/v5"
"github.com/google/uuid"
)
// JWTAccessClaims jwt claims
type JWTAccessClaims struct {
- jwt.StandardClaims
+ jwt.RegisteredClaims
}
// Valid claims verification
func (a *JWTAccessClaims) Valid() error {
- if time.Unix(a.ExpiresAt, 0).Before(time.Now()) {
+ if a.ExpiresAt != nil && time.Unix(a.ExpiresAt.Unix(), 0).Before(time.Now()) {
return errors.ErrInvalidAccessToken
}
return nil
@@ -44,10 +44,10 @@ type JWTAccessGenerate struct {
// Token based on the UUID generated token
func (a *JWTAccessGenerate) Token(ctx context.Context, data *oauth2.GenerateBasic, isGenRefresh bool) (string, string, error) {
claims := &JWTAccessClaims{
- StandardClaims: jwt.StandardClaims{
- Audience: data.Client.GetID(),
+ RegisteredClaims: jwt.RegisteredClaims{
+ Audience: jwt.ClaimStrings{data.Client.GetID()},
Subject: data.UserID,
- ExpiresAt: data.TokenInfo.GetAccessCreateAt().Add(data.TokenInfo.GetAccessExpiresIn()).Unix(),
+ ExpiresAt: jwt.NewNumericDate(data.TokenInfo.GetAccessCreateAt().Add(data.TokenInfo.GetAccessExpiresIn())),
},
}
@@ -70,6 +70,12 @@ func (a *JWTAccessGenerate) Token(ctx context.Context, data *oauth2.GenerateBasi
key = v
} else if a.isHs() {
key = a.SignedKey
+ } else if a.isEd() {
+ v, err := jwt.ParseEdPrivateKeyFromPEM(a.SignedKey)
+ if err != nil {
+ return "", "", err
+ }
+ key = v
} else {
return "", "", errors.New("unsupported sign method")
}
@@ -102,3 +108,7 @@ func (a *JWTAccessGenerate) isRsOrPS() bool {
func (a *JWTAccessGenerate) isHs() bool {
return strings.HasPrefix(a.SignedMethod.Alg(), "HS")
}
+
+func (a *JWTAccessGenerate) isEd() bool {
+ return strings.HasPrefix(a.SignedMethod.Alg(), "Ed")
+}
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-05 11:27:19 +0000