From 97e0d3beb5851ea5d897c1ebd4d31d5e7e8f947a Mon Sep 17 00:00:00 2001 From: lestrrat <49281+lestrrat@users.noreply.github.com> Date: Tue, 25 Feb 2025 07:34:57 +0900 Subject: [PATCH] [v3] Fixes to work with go1.24 (#1299) * Update go versions * silence linter * Update go versions * fix typo * Work with go1.24 * rename examples to work with go1.24 * tweak test --------- Co-authored-by: Daisuke Maki --- .github/workflows/ci.yml | 2 +- .github/workflows/smoke.yml | 2 +- examples/jwe_decrypt_with_key_example_test.go | 2 +- examples/jwe_decrypt_with_keyset_example_test.go | 2 +- examples/jwe_encrypt_example_test.go | 2 +- examples/jwe_encrypt_json_example_test.go | 4 ++-- examples/jwe_encrypt_with_headers_example_test.go | 2 +- examples/jwe_example_test.go | 4 ++-- examples/jwe_parse_example_test.go | 2 +- examples/jwe_readfile_example_test.go | 2 +- examples/jwk_cache_example_test.go | 2 +- examples/jwk_cached_set_example_test.go | 2 +- examples/jwk_comparison_example_test.go | 2 +- examples/jwk_example_test.go | 4 ++-- examples/jwk_fetch_example_test.go | 2 +- examples/jwk_import_example_test.go | 2 +- examples/jwk_key_specific_methods_example_test.go | 2 +- examples/jwk_parse_jwks_example_test.go | 2 +- examples/jwk_parse_key_example_test.go | 2 +- examples/jwk_parse_with_pem_example_test.go | 2 +- examples/jwk_readfile_example_test.go | 2 +- examples/jwk_readfile_with_pem_example_test.go | 2 +- examples/jwk_struct_field_example_test.go | 2 +- examples/jwk_whitelist_example_test.go | 2 +- examples/jws_custom_signer_verifier_example_test.go | 2 +- examples/jws_example_test.go | 2 +- examples/jws_parse_example_test.go | 2 +- examples/jws_readfile_example_test.go | 2 +- examples/jws_sign_detached_payload_example_test.go | 2 +- examples/jws_sign_example_test.go | 2 +- examples/jws_sign_json_example_test.go | 2 +- examples/jws_sign_with_headers_example_test.go | 2 +- examples/jws_use_jws_header_test.go | 2 +- .../jws_verify_detached_payload_example_test.go | 2 +- examples/jws_verify_with_key_example_test.go | 2 +- examples/jws_verify_with_keyset_example_test.go | 2 +- examples/jwt_builder_example_test.go | 2 +- examples/jwt_construct_example_test.go | 2 +- examples/jwt_example_test.go | 13 ++++++------- examples/jwt_flatten_audience_example_test.go | 2 +- examples/jwt_get_claims_example_test.go | 2 +- examples/jwt_parse_example_test.go | 2 +- examples/jwt_parse_request_example_test.go | 2 +- examples/jwt_parse_with_jku_example_test.go | 2 +- examples/jwt_parse_with_key_example_test.go | 2 +- .../jwt_parse_with_key_provider_example_test.go | 4 ++-- examples/jwt_parse_with_keyset_example_test.go | 2 +- examples/jwt_raw_struct_example_test.go | 2 +- examples/jwt_readfile_example_test.go | 2 +- examples/jwt_serialize_json_example_test.go | 2 +- examples/jwt_serialize_jwe_jws_example_test.go | 2 +- examples/jwt_serialize_jws_example_test.go | 2 +- .../jwt_validate_detect_error_type_example_test.go | 2 +- examples/jwt_validate_example_test.go | 2 +- examples/jwt_validate_issuer_example_test.go | 2 +- examples/jwt_validate_validator_example_test.go | 2 +- examples/jwx_readme_example_test.go | 2 +- examples/jwx_register_ec_and_key_example_test.go | 2 +- jwk/fetch.go | 1 + jwk/jwk_test.go | 9 ++++++++- jws/jws_test.go | 8 ++++++++ 61 files changed, 84 insertions(+), 69 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 88684e141..fe45ab66e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -11,7 +11,7 @@ jobs: strategy: matrix: go_tags: [ 'stdlib', 'goccy', 'es256k', 'secp256k1-pem', 'asmbase64', 'alltags'] - go: [ '1.23', '1.22', '1.21' ] + go: [ '1.24', '1.23', '1.22' ] name: "Test [ Go ${{ matrix.go }} / Tags ${{ matrix.go_tags }} ]" steps: - name: Checkout repository diff --git a/.github/workflows/smoke.yml b/.github/workflows/smoke.yml index 2f6a9354d..8d38431c6 100644 --- a/.github/workflows/smoke.yml +++ b/.github/workflows/smoke.yml @@ -14,7 +14,7 @@ jobs: strategy: matrix: go_tags: [ 'stdlib', 'goccy', 'es256k', 'alltags' ] - go: [ '1.22', '1.21' ] + go: [ '1.24', '1.23', '1.22' ] name: "Smoke [ Go ${{ matrix.go }} / Tags ${{ matrix.go_tags }} ]" steps: - name: Checkout repository diff --git a/examples/jwe_decrypt_with_key_example_test.go b/examples/jwe_decrypt_with_key_example_test.go index 7f5cb3fd0..2bd2db788 100644 --- a/examples/jwe_decrypt_with_key_example_test.go +++ b/examples/jwe_decrypt_with_key_example_test.go @@ -7,7 +7,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwe" ) -func ExampleJWE_VerifyWithKey() { +func Example_jwe_verify_with_key() { const payload = "Lorem ipsum" encrypted, err := jwe.Encrypt([]byte(payload), jwe.WithKey(jwa.RSA_OAEP(), jwkRSAPublicKey)) if err != nil { diff --git a/examples/jwe_decrypt_with_keyset_example_test.go b/examples/jwe_decrypt_with_keyset_example_test.go index c1aee6c52..40c82f727 100644 --- a/examples/jwe_decrypt_with_keyset_example_test.go +++ b/examples/jwe_decrypt_with_keyset_example_test.go @@ -10,7 +10,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwk" ) -func ExampleJWE_VerifyWithJWKSet() { +func Example_jwe_verify_with_jwk_set() { privkey, err := rsa.GenerateKey(rand.Reader, 2048) if err != nil { fmt.Printf("failed to create private key: %s\n", err) diff --git a/examples/jwe_encrypt_example_test.go b/examples/jwe_encrypt_example_test.go index cf7f05705..1091f4a00 100644 --- a/examples/jwe_encrypt_example_test.go +++ b/examples/jwe_encrypt_example_test.go @@ -10,7 +10,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwk" ) -func ExampleJWE_Encrypt() { +func Example_jwe_encrypt() { rawprivkey, err := rsa.GenerateKey(rand.Reader, 2048) if err != nil { fmt.Printf("failed to create raw private key: %s\n", err) diff --git a/examples/jwe_encrypt_json_example_test.go b/examples/jwe_encrypt_json_example_test.go index 044d64af8..89ee1a99e 100644 --- a/examples/jwe_encrypt_json_example_test.go +++ b/examples/jwe_encrypt_json_example_test.go @@ -10,7 +10,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwk" ) -func ExampleJWE_EncryptJSON() { +func Example_jwe_encrypt_json() { rawprivkey, err := rsa.GenerateKey(rand.Reader, 2048) if err != nil { fmt.Printf("failed to create raw private key: %s\n", err) @@ -45,7 +45,7 @@ func ExampleJWE_EncryptJSON() { // Lorem ipsum } -func ExampleJWE_EncryptJSONMulti() { +func Example_jwe_encrypt_json_multi() { var privkeys []jwk.Key var pubkeys []jwk.Key diff --git a/examples/jwe_encrypt_with_headers_example_test.go b/examples/jwe_encrypt_with_headers_example_test.go index c43b38018..2b1d78840 100644 --- a/examples/jwe_encrypt_with_headers_example_test.go +++ b/examples/jwe_encrypt_with_headers_example_test.go @@ -11,7 +11,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwe" ) -func ExampleJWE_SignWithHeaders() { +func Example_jwe_sign_with_headers() { privkey, err := rsa.GenerateKey(rand.Reader, 2048) if err != nil { fmt.Printf("failed to create private key: %s\n", err) diff --git a/examples/jwe_example_test.go b/examples/jwe_example_test.go index 7c528dd59..fd927d96d 100644 --- a/examples/jwe_example_test.go +++ b/examples/jwe_example_test.go @@ -27,7 +27,7 @@ func exampleGenPayload() (*rsa.PrivateKey, []byte, error) { return privkey, encrypted, nil } -func ExampleJWE_Decrypt() { +func Example_jwe_decrypt() { privkey, encrypted, err := exampleGenPayload() if err != nil { log.Printf("failed to generate encrypted payload: %s", err) @@ -47,7 +47,7 @@ func ExampleJWE_Decrypt() { // OUTPUT: } -func ExampleJWE_ComplexDecrypt() { +func Example_jwe_complex_decrypt() { // WARNING: THIS USAGE IS NOT FOR A CASUAL USER. ONLY use it when you must. // Only use it when you understand how JWE is supposed to work. Only use it // when you understand the inner workings of this code. diff --git a/examples/jwe_parse_example_test.go b/examples/jwe_parse_example_test.go index 6363cfccf..dfcd16739 100644 --- a/examples/jwe_parse_example_test.go +++ b/examples/jwe_parse_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwe" ) -func ExampleJWE_Parse() { +func Example_jwe_parse() { const src = `eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.KrFTaMKVY_iUKYYk905QjbUf_fpBXvXCzIAfbPoPMGViDzxtgz5qnch8waV7wraVDfzpW7JfPOw6Nz_-XRwN3Vbud48bRYFw92GkC0M6kpKFpl_xgZxGN47ggNk9hzgqd7mFCuyufeYdn5c2fPoRZAV4UxvakLozEYcQo-eZaFmoYS4pyoC-IKKRikobW8n__LksMzXc_Vps1axn5kdpxsKQ4k1oayvUrgWX2PMxKn_TcLEKHtCN7qRlJ5hkKbZAXAdd34zGWcFV5gc1tcLs6HFhnebo8GUgItTYWBKSKzF6MyLJNRSUPFVq9q-Jxi1juXIlDrv_7rHVsdokQmBfvA.bK7z7Z3gEzFDgDQvNen0Ww.2hngnAVrmucUpJKLgIzYcg.CHs3ZP7JtG430Dl9YAKLMAl` msg, err := jwe.Parse([]byte(src)) diff --git a/examples/jwe_readfile_example_test.go b/examples/jwe_readfile_example_test.go index e9a55c4b7..a4190318d 100644 --- a/examples/jwe_readfile_example_test.go +++ b/examples/jwe_readfile_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwe" ) -func ExampleJWE_ReadFile() { +func Example_jwe_readfile() { const src = `eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.KrFTaMKVY_iUKYYk905QjbUf_fpBXvXCzIAfbPoPMGViDzxtgz5qnch8waV7wraVDfzpW7JfPOw6Nz_-XRwN3Vbud48bRYFw92GkC0M6kpKFpl_xgZxGN47ggNk9hzgqd7mFCuyufeYdn5c2fPoRZAV4UxvakLozEYcQo-eZaFmoYS4pyoC-IKKRikobW8n__LksMzXc_Vps1axn5kdpxsKQ4k1oayvUrgWX2PMxKn_TcLEKHtCN7qRlJ5hkKbZAXAdd34zGWcFV5gc1tcLs6HFhnebo8GUgItTYWBKSKzF6MyLJNRSUPFVq9q-Jxi1juXIlDrv_7rHVsdokQmBfvA.bK7z7Z3gEzFDgDQvNen0Ww.2hngnAVrmucUpJKLgIzYcg.CHs3ZP7JtG430Dl9YAKLMAl` f, err := os.CreateTemp(``, `jwe_readfile_example-*.jwe`) diff --git a/examples/jwk_cache_example_test.go b/examples/jwk_cache_example_test.go index b197e0081..095ba085d 100644 --- a/examples/jwk_cache_example_test.go +++ b/examples/jwk_cache_example_test.go @@ -9,7 +9,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwk" ) -func ExampleJWK_Cache() { +func Example_jwk_cache() { ctx, cancel := context.WithCancel(context.Background()) const googleCerts = `https://www.googleapis.com/oauth2/v3/certs` diff --git a/examples/jwk_cached_set_example_test.go b/examples/jwk_cached_set_example_test.go index 565214f52..6af038b33 100644 --- a/examples/jwk_cached_set_example_test.go +++ b/examples/jwk_cached_set_example_test.go @@ -13,7 +13,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jws" ) -func ExampleJWK_CachedSet() { +func Example_jwk_cached_set() { ctx, cancel := context.WithCancel(context.Background()) defer cancel() diff --git a/examples/jwk_comparison_example_test.go b/examples/jwk_comparison_example_test.go index ef670fbb8..bf47eb9ae 100644 --- a/examples/jwk_comparison_example_test.go +++ b/examples/jwk_comparison_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwk" ) -func ExampleJWK_Comparison() { +func Example_jwk_comparison() { genKey := func() (jwk.Key, error) { raw, err := rsa.GenerateKey(rand.Reader, 2048) if err != nil { diff --git a/examples/jwk_example_test.go b/examples/jwk_example_test.go index 2c5ed6543..821eb7a9e 100644 --- a/examples/jwk_example_test.go +++ b/examples/jwk_example_test.go @@ -9,7 +9,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwk" ) -func ExampleJWK_Usage() { +func Example_jwk_usage() { // Use jwk.Cache if you intend to keep reuse the JWKS over and over set, err := jwk.Fetch(context.Background(), "https://www.googleapis.com/oauth2/v3/certs") if err != nil { @@ -69,7 +69,7 @@ func ExampleJWK_Usage() { } //nolint:govet -func ExampleJWK_MarshalJSON() { +func Example_jwk_marshal_json() { // JWKs that inherently involve randomness such as RSA and EC keys are // not used in this example, because they may produce different results // depending on the environment. diff --git a/examples/jwk_fetch_example_test.go b/examples/jwk_fetch_example_test.go index 08ba38b69..ac7a4df38 100644 --- a/examples/jwk_fetch_example_test.go +++ b/examples/jwk_fetch_example_test.go @@ -11,7 +11,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwk" ) -func ExampleJWK_Fetch() { +func Example_jwk_fetch() { srv := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.WriteHeader(http.StatusOK) fmt.Fprintf(w, `{ diff --git a/examples/jwk_import_example_test.go b/examples/jwk_import_example_test.go index 625a18062..7413265bd 100644 --- a/examples/jwk_import_example_test.go +++ b/examples/jwk_import_example_test.go @@ -10,7 +10,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwk" ) -func ExampleJWK_Import() { +func Example_jwk_import() { // First, THIS IS THE WRONG WAY TO USE jwk.Import(). // // Assume that the file contains a JWK in JSON format diff --git a/examples/jwk_key_specific_methods_example_test.go b/examples/jwk_key_specific_methods_example_test.go index ef5124f2c..47ce5eaa2 100644 --- a/examples/jwk_key_specific_methods_example_test.go +++ b/examples/jwk_key_specific_methods_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwk" ) -func ExampleJWK_KeySpecificMethods() { +func Example_jwk_key_specific_metehods() { raw, err := rsa.GenerateKey(rand.Reader, 2048) if err != nil { fmt.Printf("failed to generate RSA private key: %s\n", err) diff --git a/examples/jwk_parse_jwks_example_test.go b/examples/jwk_parse_jwks_example_test.go index 540c6d4d7..18d41f0ed 100644 --- a/examples/jwk_parse_jwks_example_test.go +++ b/examples/jwk_parse_jwks_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwk" ) -func ExampleJWK_ParseJWKS() { +func Example_jwk_parse_jwks() { const src = `{ "keys": [ {"kty":"EC", diff --git a/examples/jwk_parse_key_example_test.go b/examples/jwk_parse_key_example_test.go index 300b9d91a..417c04a79 100644 --- a/examples/jwk_parse_key_example_test.go +++ b/examples/jwk_parse_key_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwk" ) -func ExampleJWK_ParseKey() { +func Example_jwk_parse_key() { const src = `{ "kty":"EC", "crv":"P-256", diff --git a/examples/jwk_parse_with_pem_example_test.go b/examples/jwk_parse_with_pem_example_test.go index 844ed1924..a5fe1623b 100644 --- a/examples/jwk_parse_with_pem_example_test.go +++ b/examples/jwk_parse_with_pem_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwk" ) -func ExampleJWK_ParseWithPEM() { +func Example_jwk_parse_with_pem() { const src = `-----BEGIN CERTIFICATE----- MIIEljCCAn4CCQCTQBoGDvUbQTANBgkqhkiG9w0BAQsFADANMQswCQYDVQQGEwJK UDAeFw0yMTA0MDEwMDE4MjhaFw0yMjA0MDEwMDE4MjhaMA0xCzAJBgNVBAYTAkpQ diff --git a/examples/jwk_readfile_example_test.go b/examples/jwk_readfile_example_test.go index fa1c7c6cc..f4d607b47 100644 --- a/examples/jwk_readfile_example_test.go +++ b/examples/jwk_readfile_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwk" ) -func ExampleJWK_ReadFile() { +func Example_jwk_readfile() { const src = `{ "keys": [ {"kty":"EC", diff --git a/examples/jwk_readfile_with_pem_example_test.go b/examples/jwk_readfile_with_pem_example_test.go index 19383fc32..296b491c2 100644 --- a/examples/jwk_readfile_with_pem_example_test.go +++ b/examples/jwk_readfile_with_pem_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwk" ) -func ExampleJWK_ReadFileWithPEM() { +func Example_jwk_readfile_with_pem() { const src = `-----BEGIN CERTIFICATE----- MIIEljCCAn4CCQCTQBoGDvUbQTANBgkqhkiG9w0BAQsFADANMQswCQYDVQQGEwJK UDAeFw0yMTA0MDEwMDE4MjhaFw0yMjA0MDEwMDE4MjhaMA0xCzAJBgNVBAYTAkpQ diff --git a/examples/jwk_struct_field_example_test.go b/examples/jwk_struct_field_example_test.go index 0cfaed19b..2bdbc9081 100644 --- a/examples/jwk_struct_field_example_test.go +++ b/examples/jwk_struct_field_example_test.go @@ -23,7 +23,7 @@ type Proxy struct { Key json.RawMessage `json:"key"` } -func ExampleJWK_StructField() { +func Example_jwk_struct_field() { const src = `{ "key": { "kty":"EC", diff --git a/examples/jwk_whitelist_example_test.go b/examples/jwk_whitelist_example_test.go index 7f595408c..ba075110c 100644 --- a/examples/jwk_whitelist_example_test.go +++ b/examples/jwk_whitelist_example_test.go @@ -12,7 +12,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwk" ) -func ExampleJWK_Whitelist() { +func Example_jwk_whitelist() { srv := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.WriteHeader(http.StatusOK) fmt.Fprintf(w, `{ diff --git a/examples/jws_custom_signer_verifier_example_test.go b/examples/jws_custom_signer_verifier_example_test.go index 2c06f1db5..ee0386897 100644 --- a/examples/jws_custom_signer_verifier_example_test.go +++ b/examples/jws_custom_signer_verifier_example_test.go @@ -44,7 +44,7 @@ func (s CirclEdDSASignerVerifier) Verify(payload []byte, signature []byte, keyif } } -func ExampleJWS_CustomSignerVerifier() { +func Example_jws_custom_signer_verifier() { // This example shows how to register external jws.Signer / jws.Verifier for // a given algorithm. jws.RegisterSigner(jwa.EdDSA(), jws.SignerFactoryFn(NewCirclEdDSASigner)) diff --git a/examples/jws_example_test.go b/examples/jws_example_test.go index 414b1bce0..990a2b7f6 100644 --- a/examples/jws_example_test.go +++ b/examples/jws_example_test.go @@ -9,7 +9,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jws" ) -func ExampleJWS_Message() { +func Example_jws_message() { const payload = `eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ` const encodedSig1 = `cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZmh7AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjbKBYNX4BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHlb1L07Qe7K0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZESc6BfI7noOPqvhJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AXLIhWkWywlVmtVrBp0igcN_IoypGlUPQGe77Rw` const encodedSig2 = "DtEhU3ljbEg8L38VWAfUAqOyKAM6-Xx-F4GawxaepmXFCgfTjDxw5djxLa8ISlSApmWQxfKTUJqPP3-Kg6NU1Q" diff --git a/examples/jws_parse_example_test.go b/examples/jws_parse_example_test.go index a818426a2..86c149f9c 100644 --- a/examples/jws_parse_example_test.go +++ b/examples/jws_parse_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jws" ) -func ExampleJWS_Parse() { +func Example_jws_parse() { const src = `eyJhbGciOiJIUzI1NiJ9.TG9yZW0gaXBzdW0.idbECxA8ZhQbU0ddZmzdRZxQmHjwvw77lT2bwqGgNMo` msg, err := jws.Parse([]byte(src)) diff --git a/examples/jws_readfile_example_test.go b/examples/jws_readfile_example_test.go index 5a79a7dad..63c500878 100644 --- a/examples/jws_readfile_example_test.go +++ b/examples/jws_readfile_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jws" ) -func ExampleJWS_ReadFile() { +func Example_jws_readfile() { const src = `eyJhbGciOiJIUzI1NiJ9.TG9yZW0gaXBzdW0.idbECxA8ZhQbU0ddZmzdRZxQmHjwvw77lT2bwqGgNMo` f, err := os.CreateTemp(``, `jws_readfile-*.jws`) if err != nil { diff --git a/examples/jws_sign_detached_payload_example_test.go b/examples/jws_sign_detached_payload_example_test.go index 3ea69eb18..189841eaf 100644 --- a/examples/jws_sign_detached_payload_example_test.go +++ b/examples/jws_sign_detached_payload_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jws" ) -func ExampleJWS_SignDetachedPayload() { +func Example_jws_sign_detached_payload() { payload := `$.02` key, err := jwk.Import([]byte(`abracadabra`)) diff --git a/examples/jws_sign_example_test.go b/examples/jws_sign_example_test.go index efdfdfeb8..8527ccc3b 100644 --- a/examples/jws_sign_example_test.go +++ b/examples/jws_sign_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jws" ) -func ExampleJWS_Sign() { +func Example_jws_sign() { key, err := jwk.Import([]byte(`abracadabra`)) if err != nil { fmt.Printf("failed to create key: %s\n", err) diff --git a/examples/jws_sign_json_example_test.go b/examples/jws_sign_json_example_test.go index fdf10a86d..9590a8594 100644 --- a/examples/jws_sign_json_example_test.go +++ b/examples/jws_sign_json_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jws" ) -func ExampleJWS_SignJSON() { +func Example_jws_sign_json() { var keys []jwk.Key for i := 0; i < 3; i++ { diff --git a/examples/jws_sign_with_headers_example_test.go b/examples/jws_sign_with_headers_example_test.go index a2db58a48..1c9d4663f 100644 --- a/examples/jws_sign_with_headers_example_test.go +++ b/examples/jws_sign_with_headers_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jws" ) -func ExampleJWS_SignWithHeaders() { +func Example_jws_sign_with_headers() { key, err := jwk.Import([]byte(`abracadabra`)) if err != nil { fmt.Printf("failed to create key: %s\n", err) diff --git a/examples/jws_use_jws_header_test.go b/examples/jws_use_jws_header_test.go index c18e5ebc4..09ad6640f 100644 --- a/examples/jws_use_jws_header_test.go +++ b/examples/jws_use_jws_header_test.go @@ -9,7 +9,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwt" ) -func ExampleJWS_UseJWSHeader() { +func Example_jws_use_jws_header() { key, err := jwk.Import([]byte(`abracadabra`)) if err != nil { fmt.Printf(`failed to create new symmetric key: %s`, err) diff --git a/examples/jws_verify_detached_payload_example_test.go b/examples/jws_verify_detached_payload_example_test.go index 0fd634da7..c469e3087 100644 --- a/examples/jws_verify_detached_payload_example_test.go +++ b/examples/jws_verify_detached_payload_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jws" ) -func ExampleJWS_VerifyDetachedPayload() { +func Example_jws_verify_detached_payload() { serialized := `eyJhbGciOiJIUzI1NiJ9..H14oXKwyvAsl0IbBLjw9tLxNIoYisuIyb_oDV4-30Vk` payload := `$.02` diff --git a/examples/jws_verify_with_key_example_test.go b/examples/jws_verify_with_key_example_test.go index 90165206f..2d4397bc4 100644 --- a/examples/jws_verify_with_key_example_test.go +++ b/examples/jws_verify_with_key_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jws" ) -func ExampleJWS_VerifyWithKey() { +func Example_jws_verify_with_key() { const src = `eyJhbGciOiJIUzI1NiJ9.TG9yZW0gaXBzdW0.EjVtju0uXjSz6QevNgAqN1ESd9aNCP7-tJLifkQ0_C0` key, err := jwk.Import([]byte(`abracadabra`)) diff --git a/examples/jws_verify_with_keyset_example_test.go b/examples/jws_verify_with_keyset_example_test.go index 15395d5ef..66f5a730e 100644 --- a/examples/jws_verify_with_keyset_example_test.go +++ b/examples/jws_verify_with_keyset_example_test.go @@ -10,7 +10,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jws" ) -func ExampleJWS_VerifyWithJWKSet() { +func Example_jws_verify_with_jwk_set() { // Setup payload first... privkey, err := rsa.GenerateKey(rand.Reader, 2048) if err != nil { diff --git a/examples/jwt_builder_example_test.go b/examples/jwt_builder_example_test.go index e83c630ee..cdbb1b51f 100644 --- a/examples/jwt_builder_example_test.go +++ b/examples/jwt_builder_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwt" ) -func ExampleJWT_Builder() { +func Example_jwt_builder() { tok, err := jwt.NewBuilder(). Claim(`claim1`, `value1`). Claim(`claim2`, `value2`). diff --git a/examples/jwt_construct_example_test.go b/examples/jwt_construct_example_test.go index 060a30489..fd445a8af 100644 --- a/examples/jwt_construct_example_test.go +++ b/examples/jwt_construct_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwt" ) -func ExampleJWT_Construct() { +func Example_jwt_construct() { tok := jwt.New() if err := tok.Set(jwt.IssuerKey, `github.com/lestrrat-go/jwx`); err != nil { fmt.Printf("failed to set claim: %s\n", err) diff --git a/examples/jwt_example_test.go b/examples/jwt_example_test.go index ef5dd64f4..811fed01b 100644 --- a/examples/jwt_example_test.go +++ b/examples/jwt_example_test.go @@ -23,7 +23,7 @@ const exampleJWTSignedRSA = `eyJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOj const exampleJWTSignedECDSA = `eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.DtEhU3ljbEg8L38VWAfUAqOyKAM6-Xx-F4GawxaepmXFCgfTjDxw5djxLa8ISlSA` //nolint:govet -func ExampleJWT_ParseWithJWKS() { +func Example_jwt_parse_with_jwks() { privKey, err := rsa.GenerateKey(rand.Reader, 2048) if err != nil { fmt.Printf("failed to generate private key: %s\n", err) @@ -97,8 +97,7 @@ func ExampleJWT_ParseWithJWKS() { } // This example return a signed jwt -func ExampleJWT_Sign_WithImportJWK() { - +func Example_jwt_sign_with_import_jwk() { // your JWK jwkStr := `{ "kty": "RSA", @@ -149,7 +148,7 @@ func ExampleJWT_Sign_WithImportJWK() { // a signed jwt based on jwk } -func ExampleJWT_Sign() { +func Example_jwt_sign() { privKey, err := rsa.GenerateKey(rand.Reader, 2048) if err != nil { fmt.Printf("failed to generate private key: %s\n", err) @@ -192,7 +191,7 @@ func ExampleJWT_Sign() { // } } -func ExampleJWT_Token() { +func Example_jwt_token() { t := jwt.New() t.Set(jwt.SubjectKey, `https://github.com/lestrrat-go/jwx/v3/jwt`) t.Set(jwt.AudienceKey, `Golang Users`) @@ -249,7 +248,7 @@ func ExampleJWT_Token() { // sub -> 'https://github.com/lestrrat-go/jwx/v3/jwt' } -func ExampleJWT_SignToken() { +func Example_jwt_sign_token() { key, err := rsa.GenerateKey(rand.Reader, 2048) if err != nil { log.Printf("failed to generate private key: %s", err) @@ -287,7 +286,7 @@ func ExampleJWT_SignToken() { // OUTPUT: } -func ExampleJWT_OpenIDToken() { +func Example_jwt_openid_token() { t := openid.New() t.Set(jwt.SubjectKey, `https://github.com/lestrrat-go/jwx/v3/jwt`) t.Set(jwt.AudienceKey, `Golang Users`) diff --git a/examples/jwt_flatten_audience_example_test.go b/examples/jwt_flatten_audience_example_test.go index d1fa8edcb..85c82e509 100644 --- a/examples/jwt_flatten_audience_example_test.go +++ b/examples/jwt_flatten_audience_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwt" ) -func ExampleJWT_FlattenAudience() { +func Example_jwt_flatten_Audience() { // Sometimes you need to "flatten" the "aud" claim because of // parsers developed by people who apparently didn't read the RFC. // diff --git a/examples/jwt_get_claims_example_test.go b/examples/jwt_get_claims_example_test.go index f5e040c6f..a786d1655 100644 --- a/examples/jwt_get_claims_example_test.go +++ b/examples/jwt_get_claims_example_test.go @@ -9,7 +9,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwt" ) -func ExampleJWT_GetClaims() { +func Example_jwt_get_claims() { tok, err := jwt.NewBuilder(). IssuedAt(time.Now()). Issuer(`github.com/lestrrat-go/jwx`). diff --git a/examples/jwt_parse_example_test.go b/examples/jwt_parse_example_test.go index f53b6b669..6de149936 100644 --- a/examples/jwt_parse_example_test.go +++ b/examples/jwt_parse_example_test.go @@ -7,7 +7,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwt" ) -func ExampleJWT_Parse() { +func Example_jwt_parse() { tok, err := jwt.Parse(jwtSignedWithHS256, jwt.WithKey(jwa.HS256(), jwkSymmetricKey)) if err != nil { fmt.Printf("%s\n", err) diff --git a/examples/jwt_parse_request_example_test.go b/examples/jwt_parse_request_example_test.go index ea180108d..816d7f89b 100644 --- a/examples/jwt_parse_request_example_test.go +++ b/examples/jwt_parse_request_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwt" ) -func ExampleJWT_ParseRequest_Authorization() { +func Example_jwt_parse_request_authorization() { req, err := http.NewRequest(http.MethodGet, `https://github.com/lestrrat-go/jwx`, nil) if err != nil { fmt.Printf("failed to create request: %s\n", err) diff --git a/examples/jwt_parse_with_jku_example_test.go b/examples/jwt_parse_with_jku_example_test.go index 896f8b812..3137015f7 100644 --- a/examples/jwt_parse_with_jku_example_test.go +++ b/examples/jwt_parse_with_jku_example_test.go @@ -14,7 +14,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwt" ) -func ExampleJWT_ParseWithJKU() { +func Example_jwt_parse_with_jku() { set := jwk.NewSet() var signingKey jwk.Key diff --git a/examples/jwt_parse_with_key_example_test.go b/examples/jwt_parse_with_key_example_test.go index 244639c59..3ef62e26b 100644 --- a/examples/jwt_parse_with_key_example_test.go +++ b/examples/jwt_parse_with_key_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwt" ) -func ExampleJWT_ParseWithKey() { +func Example_jwt_parse_with_key() { const keysrc = `{"kty":"oct","k":"AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow"}` key, err := jwk.ParseKey([]byte(keysrc)) diff --git a/examples/jwt_parse_with_key_provider_example_test.go b/examples/jwt_parse_with_key_provider_example_test.go index c2292fec5..7581cfb5b 100644 --- a/examples/jwt_parse_with_key_provider_example_test.go +++ b/examples/jwt_parse_with_key_provider_example_test.go @@ -12,7 +12,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwt" ) -func ExampleJWT_ParseWithKeyProvider_UseToken() { +func Example_jwt_parse_with_key_provider_use_token() { // This example shows how one might use the information in the JWT to // load different keys. @@ -86,7 +86,7 @@ func ExampleJWT_ParseWithKeyProvider_UseToken() { // } -func ExampleJWT_ParseWithKeyProvider() { +func Example_jwt_parse_with_key_provider() { // Pretend that this is a storage somewhere (maybe a database) that maps // a signature algorithm to a key store := make(map[jwa.KeyAlgorithm]interface{}) diff --git a/examples/jwt_parse_with_keyset_example_test.go b/examples/jwt_parse_with_keyset_example_test.go index ffb19451d..0d7b28848 100644 --- a/examples/jwt_parse_with_keyset_example_test.go +++ b/examples/jwt_parse_with_keyset_example_test.go @@ -10,7 +10,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwt" ) -func ExampleJWT_ParseWithKeySet() { +func Example_jwt_parse_with_key_set() { var serialized []byte var signingKey jwk.Key var keyset jwk.Set diff --git a/examples/jwt_raw_struct_example_test.go b/examples/jwt_raw_struct_example_test.go index 3dfad9c1f..a9b188bdd 100644 --- a/examples/jwt_raw_struct_example_test.go +++ b/examples/jwt_raw_struct_example_test.go @@ -10,7 +10,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwt" ) -func ExampleJWTPlainStruct() { +func Example_jwt_plain_struct() { t1, err := jwt.NewBuilder(). Issuer("https://github.com/lestrrat-go/jwx/v3/examples"). Subject("raw_struct"). diff --git a/examples/jwt_readfile_example_test.go b/examples/jwt_readfile_example_test.go index 94d2fb1e2..9ed4852fb 100644 --- a/examples/jwt_readfile_example_test.go +++ b/examples/jwt_readfile_example_test.go @@ -7,7 +7,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwt" ) -func ExampleJWT_ReadFile() { +func Example_jwt_readfile() { f, err := os.CreateTemp(``, `jwt_readfile-*.jws`) if err != nil { fmt.Printf("failed to create temporary file: %s\n", err) diff --git a/examples/jwt_serialize_json_example_test.go b/examples/jwt_serialize_json_example_test.go index e2af4891a..78aae4616 100644 --- a/examples/jwt_serialize_json_example_test.go +++ b/examples/jwt_serialize_json_example_test.go @@ -9,7 +9,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwt" ) -func ExampleJWT_SerializeJSON() { +func Example_jwt_serialize_json() { tok, err := jwt.NewBuilder(). Issuer(`github.com/lestrrat-go/jwx`). IssuedAt(time.Unix(aLongLongTimeAgo, 0)). diff --git a/examples/jwt_serialize_jwe_jws_example_test.go b/examples/jwt_serialize_jwe_jws_example_test.go index b021494d6..03f4398e7 100644 --- a/examples/jwt_serialize_jwe_jws_example_test.go +++ b/examples/jwt_serialize_jwe_jws_example_test.go @@ -11,7 +11,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwt" ) -func ExampleJWT_SerializeJWEJWS() { +func Example_jwt_serialize_jwe_jws() { tok, err := jwt.NewBuilder(). Issuer(`github.com/lestrrat-go/jwx`). IssuedAt(time.Unix(aLongLongTimeAgo, 0)). diff --git a/examples/jwt_serialize_jws_example_test.go b/examples/jwt_serialize_jws_example_test.go index b3b8d0f6e..5f0d73fe8 100644 --- a/examples/jwt_serialize_jws_example_test.go +++ b/examples/jwt_serialize_jws_example_test.go @@ -9,7 +9,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwt" ) -func ExampleJWT_SerializeJWS() { +func Example_jwt_serialize_jws() { tok, err := jwt.NewBuilder(). Issuer(`github.com/lestrrat-go/jwx`). IssuedAt(time.Unix(aLongLongTimeAgo, 0)). diff --git a/examples/jwt_validate_detect_error_type_example_test.go b/examples/jwt_validate_detect_error_type_example_test.go index 33264b88b..7bf68a616 100644 --- a/examples/jwt_validate_detect_error_type_example_test.go +++ b/examples/jwt_validate_detect_error_type_example_test.go @@ -9,7 +9,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwt" ) -func ExampleJWT_ValidateDetectErrorType() { +func Example_jwt_validate_detect_error_type() { tok, err := jwt.NewBuilder(). Issuer(`github.com/lestrrat-go/jwx`). Expiration(time.Now().Add(-1 * time.Hour)). diff --git a/examples/jwt_validate_example_test.go b/examples/jwt_validate_example_test.go index 38e12b864..b60f666b5 100644 --- a/examples/jwt_validate_example_test.go +++ b/examples/jwt_validate_example_test.go @@ -8,7 +8,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwt" ) -func ExampleJWT_Validate() { +func Example_jwt_validate() { tok, err := jwt.NewBuilder(). Issuer(`github.com/lestrrat-go/jwx`). Expiration(time.Now().Add(-1 * time.Hour)). diff --git a/examples/jwt_validate_issuer_example_test.go b/examples/jwt_validate_issuer_example_test.go index 213aeae83..fa408a436 100644 --- a/examples/jwt_validate_issuer_example_test.go +++ b/examples/jwt_validate_issuer_example_test.go @@ -7,7 +7,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwt" ) -func ExampleJWT_ValidateIssuer() { +func Example_jwt_validate_issuer() { tok, err := jwt.NewBuilder(). Issuer(`github.com/lestrrat-go/jwx`). Expiration(time.Now().Add(time.Hour)). diff --git a/examples/jwt_validate_validator_example_test.go b/examples/jwt_validate_validator_example_test.go index 013a6b6de..96225b12e 100644 --- a/examples/jwt_validate_validator_example_test.go +++ b/examples/jwt_validate_validator_example_test.go @@ -9,7 +9,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwt" ) -func ExampleJWT_ValidateValidator() { +func Example_jwt_validate_validator() { validator := jwt.ValidatorFunc(func(_ context.Context, t jwt.Token) error { iat, ok := t.IssuedAt() if !ok { diff --git a/examples/jwx_readme_example_test.go b/examples/jwx_readme_example_test.go index 09f78acb9..264d1ad36 100644 --- a/examples/jwx_readme_example_test.go +++ b/examples/jwx_readme_example_test.go @@ -13,7 +13,7 @@ import ( "github.com/lestrrat-go/jwx/v3/jwt" ) -func ExampleJWX() { +func Example() { // Parse, serialize, slice and dice JWKs! privkey, err := jwk.ParseKey(jsonRSAPrivateKey) if err != nil { diff --git a/examples/jwx_register_ec_and_key_example_test.go b/examples/jwx_register_ec_and_key_example_test.go index 2631bcbe4..ed763a01e 100644 --- a/examples/jwx_register_ec_and_key_example_test.go +++ b/examples/jwx_register_ec_and_key_example_test.go @@ -89,7 +89,7 @@ func convertJWKToShangMiSm2(key jwk.Key, hint interface{}) (interface{}, error) // End setup -func ExampleShangMiSm2() { +func Example_shang_mi_sm2() { shangmi2pk, _ := sm2.GenerateKey(rand.Reader) // Create a jwk.Key from ShangMi SM2 private key diff --git a/jwk/fetch.go b/jwk/fetch.go index ded42bdb8..e01bf6ac1 100644 --- a/jwk/fetch.go +++ b/jwk/fetch.go @@ -68,6 +68,7 @@ func (f *CachedFetcher) Fetch(ctx context.Context, u string, _ ...FetchOption) ( // jwk.Set objects asynchronously. func Fetch(ctx context.Context, u string, options ...FetchOption) (Set, error) { var parseOptions []ParseOption + //nolint:revive // I want to keep the type of `wl` as `Whitelist` instead of `InsecureWhitelist` var wl Whitelist = InsecureWhitelist{} var client HTTPClient = http.DefaultClient for _, option := range options { diff --git a/jwk/jwk_test.go b/jwk/jwk_test.go index 318fc827d..c5bd0c117 100644 --- a/jwk/jwk_test.go +++ b/jwk/jwk_test.go @@ -31,7 +31,6 @@ import ( "github.com/lestrrat-go/jwx/v3/jwa" "github.com/lestrrat-go/jwx/v3/jwk" ourecdsa "github.com/lestrrat-go/jwx/v3/jwk/ecdsa" - "github.com/lestrrat-go/jwx/v3/jws" "github.com/stretchr/testify/require" ) @@ -1838,6 +1837,13 @@ func TestGH567(t *testing.T) { }) } +// This test existed to test if we can handle it when the user nukes +// the private keys' precomputed values. But as of go1.24 the values +// are validated by the crypto/rsa package, so we just let crypto/rsa +// Do The Right Thing, and not deal with it. This test is commented out +// for the time being; we should remove it once we no longer support +// any of the Go versions that _dont_ validate these values. +/* func TestGH664(t *testing.T) { privkey, err := jwxtest.GenerateRsaKey() require.NoError(t, err, `jwxtext.GenerateRsaKey() should succeed`) @@ -1875,6 +1881,7 @@ func TestGH664(t *testing.T) { }) } } +*/ func TestGH730(t *testing.T) { key, err := jwk.Import([]byte(`abracadabra`)) diff --git a/jws/jws_test.go b/jws/jws_test.go index 89d53b5b1..cc0784793 100644 --- a/jws/jws_test.go +++ b/jws/jws_test.go @@ -1724,7 +1724,15 @@ func TestGH840(t *testing.T) { Build() require.NoError(t, err, `jwt.NewBuilder should succeed`) + // As of go1.24.0, generating a signature with a private key that has + // X/Y that's not on the curve will fail, but all go < 1.24 will succeed. + // Instead of checking the version, we'll just check if the operation fails, + // and if it does we won't run the check for jwt.Parse signed, err := jwt.Sign(tok, jwt.WithKey(jwa.ES256(), privkey)) + if err != nil { + require.Error(t, err, `jwt.Sign should fail`) + return + } require.NoError(t, err, `jwt.Sign should succeed`) _, err = jwt.Parse(signed, jwt.WithKey(jwa.ES256(), pubkey))