diff --git a/api_proxy.go b/api_proxy.go index 093f227..3e79c1c 100644 --- a/api_proxy.go +++ b/api_proxy.go @@ -25,7 +25,7 @@ import ( "encoding/json" "fmt" - "github.com/golang-jwt/jwt" + "github.com/golang-jwt/jwt/v4" ) type ProxyClientMessage struct { @@ -127,7 +127,7 @@ func (r *ProxyServerMessage) CloseAfterSend(session Session) bool { // Type "hello" type TokenClaims struct { - jwt.StandardClaims + jwt.RegisteredClaims } type HelloProxyClientMessage struct { diff --git a/go.mod b/go.mod index 41c1b65..21e0cf4 100644 --- a/go.mod +++ b/go.mod @@ -4,7 +4,7 @@ go 1.17 require ( github.com/dlintw/goconf v0.0.0-20120228082610-dcc070983490 - github.com/golang-jwt/jwt v3.2.2+incompatible + github.com/golang-jwt/jwt/v4 v4.4.2 github.com/google/uuid v1.3.0 github.com/gorilla/mux v1.8.0 github.com/gorilla/securecookie v1.1.1 diff --git a/go.sum b/go.sum index 9975b43..ca66882 100644 --- a/go.sum +++ b/go.sum @@ -130,8 +130,8 @@ github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zV github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY= -github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I= +github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQAYs= +github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= diff --git a/mcu_proxy.go b/mcu_proxy.go index f109f60..befac70 100644 --- a/mcu_proxy.go +++ b/mcu_proxy.go @@ -41,7 +41,7 @@ import ( "time" "github.com/dlintw/goconf" - "github.com/golang-jwt/jwt" + "github.com/golang-jwt/jwt/v4" "github.com/gorilla/websocket" clientv3 "go.etcd.io/etcd/client/v3" @@ -951,8 +951,8 @@ func (c *mcuProxyConnection) sendHello() error { msg.Hello.ResumeId = c.sessionId } else { claims := &TokenClaims{ - jwt.StandardClaims{ - IssuedAt: time.Now().Unix(), + jwt.RegisteredClaims{ + IssuedAt: jwt.NewNumericDate(time.Now()), Issuer: c.proxy.tokenId, }, } diff --git a/proxy/proxy_server.go b/proxy/proxy_server.go index 72a2feb..d5de159 100644 --- a/proxy/proxy_server.go +++ b/proxy/proxy_server.go @@ -39,7 +39,7 @@ import ( "time" "github.com/dlintw/goconf" - "github.com/golang-jwt/jwt" + "github.com/golang-jwt/jwt/v4" "github.com/google/uuid" "github.com/gorilla/mux" "github.com/gorilla/securecookie" @@ -890,7 +890,7 @@ func (s *ProxyServer) NewSession(hello *signaling.HelloProxyClientMessage) (*Pro } minIssuedAt := time.Now().Add(-maxTokenAge) - if issuedAt := time.Unix(claims.IssuedAt, 0); issuedAt.Before(minIssuedAt) { + if issuedAt := claims.IssuedAt; issuedAt != nil && issuedAt.Before(minIssuedAt) { statsTokenErrorsTotal.WithLabelValues("expired").Inc() return nil, TokenExpired } diff --git a/proxy/proxy_server_test.go b/proxy/proxy_server_test.go index 70a128f..69c4acc 100644 --- a/proxy/proxy_server_test.go +++ b/proxy/proxy_server_test.go @@ -31,7 +31,7 @@ import ( "time" "github.com/dlintw/goconf" - "github.com/golang-jwt/jwt" + "github.com/golang-jwt/jwt/v4" "github.com/gorilla/mux" signaling "github.com/strukturag/nextcloud-spreed-signaling" ) @@ -96,8 +96,8 @@ func TestTokenInFuture(t *testing.T) { server, key := newProxyServerForTest(t) claims := &signaling.TokenClaims{ - StandardClaims: jwt.StandardClaims{ - IssuedAt: time.Now().Add(time.Hour).Unix(), + RegisteredClaims: jwt.RegisteredClaims{ + IssuedAt: jwt.NewNumericDate(time.Now().Add(time.Hour)), Issuer: TokenIdForTest, }, } diff --git a/proxy/proxy_tokens_etcd.go b/proxy/proxy_tokens_etcd.go index 2779bf1..cbee803 100644 --- a/proxy/proxy_tokens_etcd.go +++ b/proxy/proxy_tokens_etcd.go @@ -31,7 +31,7 @@ import ( "time" "github.com/dlintw/goconf" - "github.com/golang-jwt/jwt" + "github.com/golang-jwt/jwt/v4" signaling "github.com/strukturag/nextcloud-spreed-signaling" ) diff --git a/proxy/proxy_tokens_static.go b/proxy/proxy_tokens_static.go index 8ee7fb8..a7179d4 100644 --- a/proxy/proxy_tokens_static.go +++ b/proxy/proxy_tokens_static.go @@ -29,7 +29,7 @@ import ( "sync/atomic" "github.com/dlintw/goconf" - "github.com/golang-jwt/jwt" + "github.com/golang-jwt/jwt/v4" ) type tokensStatic struct {