Skip to content

Commit

Permalink
chore: bump deps
Browse files Browse the repository at this point in the history
  • Loading branch information
@dunglas
dunglas committed Mar 18, 2024
1 parent 0bddcae commit ef1cd4c
Show file tree
Hide file tree
Showing 10 changed files with 162 additions and 114 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ jobs:
test:
strategy:
matrix:
go: [ '1.20', '1.21', '1.22' ]
go: [ '1.21', '1.22' ]
fail-fast: false
name: Test
runs-on: ubuntu-latest
Expand Down
2 changes: 1 addition & 1 deletion authorization.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ import (
"net/http"
"net/url"

"github.com/golang-jwt/jwt/v4"
"github.com/golang-jwt/jwt/v5"
"go.uber.org/zap"
)

Expand Down
27 changes: 13 additions & 14 deletions authorization_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ import (
"net/http"
"testing"

"github.com/golang-jwt/jwt/v4"
"github.com/golang-jwt/jwt/v5"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
Expand Down Expand Up @@ -117,7 +117,7 @@ func TestAuthorizeAuthorizationHeaderInvalidAlg(t *testing.T) {
r.Header.Add("Authorization", bearerPrefix+createDummyNoneSignedJWT())

claims, err := authorize(r, &jwtConfig{[]byte{}, jwt.SigningMethodHS256}, []string{}, defaultCookieName)
require.EqualError(t, err, "unable to parse JWT: 'none' signature type is not allowed")
require.EqualError(t, err, "unable to parse JWT: token signature is invalid: token is unverifiable: 'none' signature type is not allowed")
require.Nil(t, claims)
}

Expand All @@ -126,7 +126,7 @@ func TestAuthorizeAuthorizationHeaderInvalidKey(t *testing.T) {
r.Header.Add("Authorization", bearerPrefix+validEmptyHeader)

claims, err := authorize(r, &jwtConfig{[]byte{}, jwt.SigningMethodHS256}, []string{}, defaultCookieName)
require.EqualError(t, err, "unable to parse JWT: signature is invalid")
require.EqualError(t, err, "unable to parse JWT: token signature is invalid: signature is invalid")
require.Nil(t, claims)
}

Expand All @@ -135,7 +135,7 @@ func TestAuthorizeAuthorizationHeaderInvalidKeyRsa(t *testing.T) {
r.Header.Add("Authorization", bearerPrefix+validEmptyHeaderRsa)

claims, err := authorize(r, &jwtConfig{[]byte{}, jwt.SigningMethodRS256}, []string{}, defaultCookieName)
require.EqualError(t, err, "unable to parse JWT: unable to parse RSA public key: invalid key: Key must be a PEM encoded PKCS1 or PKCS8 key")
require.EqualError(t, err, "unable to parse JWT: token is unverifiable: error while executing keyfunc: unable to parse RSA public key: invalid key: Key must be a PEM encoded PKCS1 or PKCS8 key")
require.Nil(t, claims)
}

Expand Down Expand Up @@ -204,7 +204,7 @@ func TestAuthorizeAuthorizationHeaderWrongAlgorithm(t *testing.T) {
r.Header.Add("Authorization", bearerPrefix+validFullHeaderRsa)

claims, err := authorize(r, &jwtConfig{[]byte(publicKeyRsa), nil}, []string{}, defaultCookieName)
require.EqualError(t, err, "unable to parse JWT: <nil>: unexpected signing method")
require.EqualError(t, err, "unable to parse JWT: token is unverifiable: error while executing keyfunc: <nil>: unexpected signing method")
assert.Nil(t, claims)
}

Expand All @@ -226,7 +226,7 @@ func TestAuthorizeAuthorizationQueryInvalidAlg(t *testing.T) {
r.URL.RawQuery = query.Encode()

claims, err := authorize(r, &jwtConfig{[]byte{}, jwt.SigningMethodHS256}, []string{}, defaultCookieName)
require.EqualError(t, err, "unable to parse JWT: 'none' signature type is not allowed")
require.EqualError(t, err, "unable to parse JWT: token signature is invalid: token is unverifiable: 'none' signature type is not allowed")
require.Nil(t, claims)
}

Expand All @@ -237,7 +237,7 @@ func TestAuthorizeAuthorizationQueryInvalidKey(t *testing.T) {
r.URL.RawQuery = query.Encode()

claims, err := authorize(r, &jwtConfig{[]byte{}, jwt.SigningMethodHS256}, []string{}, defaultCookieName)
require.EqualError(t, err, "unable to parse JWT: signature is invalid")
require.EqualError(t, err, "unable to parse JWT: token signature is invalid: signature is invalid")
require.Nil(t, claims)
}

Expand All @@ -248,7 +248,7 @@ func TestAuthorizeAuthorizationQueryInvalidKeyRsa(t *testing.T) {
r.URL.RawQuery = query.Encode()

claims, err := authorize(r, &jwtConfig{[]byte{}, jwt.SigningMethodRS256}, []string{}, defaultCookieName)
require.EqualError(t, err, "unable to parse JWT: unable to parse RSA public key: invalid key: Key must be a PEM encoded PKCS1 or PKCS8 key")
require.EqualError(t, err, "unable to parse JWT: token is unverifiable: error while executing keyfunc: unable to parse RSA public key: invalid key: Key must be a PEM encoded PKCS1 or PKCS8 key")
require.Nil(t, claims)
}

Expand Down Expand Up @@ -331,7 +331,7 @@ func TestAuthorizeAuthorizationQueryWrongAlgorithm(t *testing.T) {
r.URL.RawQuery = query.Encode()

claims, err := authorize(r, &jwtConfig{[]byte(publicKeyRsa), nil}, []string{}, defaultCookieName)
require.EqualError(t, err, "unable to parse JWT: <nil>: unexpected signing method")
require.EqualError(t, err, "unable to parse JWT: token is unverifiable: error while executing keyfunc: <nil>: unexpected signing method")
require.Nil(t, claims)
}

Expand All @@ -340,7 +340,7 @@ func TestAuthorizeCookieInvalidAlg(t *testing.T) {
r.AddCookie(&http.Cookie{Name: defaultCookieName, Value: createDummyNoneSignedJWT()})

claims, err := authorize(r, &jwtConfig{[]byte{}, jwt.SigningMethodHS256}, []string{}, defaultCookieName)
require.EqualError(t, err, "unable to parse JWT: 'none' signature type is not allowed")
require.EqualError(t, err, "unable to parse JWT: token signature is invalid: token is unverifiable: 'none' signature type is not allowed")
require.Nil(t, claims)
}

Expand All @@ -349,7 +349,7 @@ func TestAuthorizeCookieInvalidKey(t *testing.T) {
r.AddCookie(&http.Cookie{Name: defaultCookieName, Value: validEmptyHeader})

claims, err := authorize(r, &jwtConfig{[]byte{}, jwt.SigningMethodHS256}, []string{}, defaultCookieName)
require.EqualError(t, err, "unable to parse JWT: signature is invalid")
require.EqualError(t, err, "unable to parse JWT: token signature is invalid: signature is invalid")
require.Nil(t, claims)
}

Expand All @@ -358,7 +358,7 @@ func TestAuthorizeCookieEmptyKeyRsa(t *testing.T) {
r.AddCookie(&http.Cookie{Name: defaultCookieName, Value: validEmptyHeaderRsa})

claims, err := authorize(r, &jwtConfig{[]byte{}, jwt.SigningMethodRS256}, []string{}, defaultCookieName)
require.EqualError(t, err, "unable to parse JWT: unable to parse RSA public key: invalid key: Key must be a PEM encoded PKCS1 or PKCS8 key")
require.EqualError(t, err, "unable to parse JWT: token is unverifiable: error while executing keyfunc: unable to parse RSA public key: invalid key: Key must be a PEM encoded PKCS1 or PKCS8 key")
require.Nil(t, claims)
}

Expand All @@ -367,9 +367,8 @@ func TestAuthorizeCookieInvalidKeyRsa(t *testing.T) {
r.AddCookie(&http.Cookie{Name: defaultCookieName, Value: validEmptyHeaderRsa})

claims, err := authorize(r, &jwtConfig{[]byte(privateKeyRsa), jwt.SigningMethodRS256}, []string{}, defaultCookieName)
require.Error(t, err)
require.Nil(t, claims)
assert.Contains(t, err.Error(), "unable to parse JWT: unable to parse RSA public key") // The error message changed in Go 1.17
require.EqualError(t, err, "unable to parse JWT: token is unverifiable: error while executing keyfunc: unable to parse RSA public key: asn1: structure error: integer too large")
}

func TestAuthorizeCookieNoContent(t *testing.T) {
Expand Down
38 changes: 20 additions & 18 deletions caddy/go.mod
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
module github.com/dunglas/mercure/caddy

go 1.20
go 1.21

toolchain go1.22.0

retract (
v0.14.7 // CI problem
Expand All @@ -12,10 +14,10 @@ replace github.com/dunglas/mercure => ../
require (
github.com/caddyserver/caddy/v2 v2.7.6
github.com/dunglas/mercure v0.15.9
github.com/prometheus/client_golang v1.18.0
github.com/stretchr/testify v1.8.4
github.com/prometheus/client_golang v1.19.0
github.com/stretchr/testify v1.9.0
go.uber.org/automaxprocs v1.5.3
go.uber.org/zap v1.26.0
go.uber.org/zap v1.27.0
)

require (
Expand All @@ -33,7 +35,7 @@ require (
github.com/Masterminds/sprig/v3 v3.2.3 // indirect
github.com/MauriceGit/skiplist v0.0.0-20211105230623-77f5c8d3e145 // indirect
github.com/Microsoft/go-winio v0.6.1 // indirect
github.com/RoaringBitmap/roaring v1.7.0 // indirect
github.com/RoaringBitmap/roaring v1.9.0 // indirect
github.com/alecthomas/chroma/v2 v2.9.1 // indirect
github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230305170008-8188dc5388df // indirect
github.com/aryann/difflib v0.0.0-20210328193216-ff5ff6dc229b // indirect
Expand Down Expand Up @@ -64,7 +66,7 @@ require (
github.com/go-sql-driver/mysql v1.7.1 // indirect
github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
github.com/gofrs/uuid v4.4.0+incompatible // indirect
github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
github.com/golang/glog v1.2.0 // indirect
github.com/golang/protobuf v1.5.3 // indirect
github.com/golang/snappy v0.0.4 // indirect
Expand Down Expand Up @@ -111,9 +113,9 @@ require (
github.com/pelletier/go-toml/v2 v2.1.1 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
github.com/prometheus/client_model v0.5.0 // indirect
github.com/prometheus/common v0.46.0 // indirect
github.com/prometheus/procfs v0.12.0 // indirect
github.com/prometheus/client_model v0.6.0 // indirect
github.com/prometheus/common v0.50.0 // indirect
github.com/prometheus/procfs v0.13.0 // indirect
github.com/quic-go/qpack v0.4.0 // indirect
github.com/quic-go/qtls-go1-20 v0.4.1 // indirect
github.com/quic-go/quic-go v0.40.1 // indirect
Expand Down Expand Up @@ -144,7 +146,7 @@ require (
github.com/yuin/goldmark v1.5.6 // indirect
github.com/yuin/goldmark-highlighting/v2 v2.0.0-20230729083705-37449abec8cc // indirect
github.com/zeebo/blake3 v0.2.3 // indirect
go.etcd.io/bbolt v1.3.8 // indirect
go.etcd.io/bbolt v1.3.9 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1 // indirect
go.opentelemetry.io/contrib/propagators/autoprop v0.42.0 // indirect
go.opentelemetry.io/contrib/propagators/aws v1.17.0 // indirect
Expand All @@ -163,19 +165,19 @@ require (
go.step.sm/linkedca v0.20.1 // indirect
go.uber.org/mock v0.4.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
golang.org/x/crypto v0.18.0 // indirect
golang.org/x/exp v0.0.0-20240119083558-1b970713d09a // indirect
golang.org/x/mod v0.14.0 // indirect
golang.org/x/net v0.20.0 // indirect
golang.org/x/crypto v0.21.0 // indirect
golang.org/x/exp v0.0.0-20240314144324-c7f7c6466f7f // indirect
golang.org/x/mod v0.15.0 // indirect
golang.org/x/net v0.22.0 // indirect
golang.org/x/sync v0.6.0 // indirect
golang.org/x/sys v0.16.0 // indirect
golang.org/x/term v0.16.0 // indirect
golang.org/x/sys v0.18.0 // indirect
golang.org/x/term v0.18.0 // indirect
golang.org/x/text v0.14.0 // indirect
golang.org/x/tools v0.17.0 // indirect
golang.org/x/tools v0.18.0 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20240123012728-ef4313101c80 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20240123012728-ef4313101c80 // indirect
google.golang.org/grpc v1.61.0 // indirect
google.golang.org/protobuf v1.32.0 // indirect
google.golang.org/protobuf v1.33.0 // indirect
gopkg.in/ini.v1 v1.67.0 // indirect
gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect
gopkg.in/square/go-jose.v2 v2.6.0 // indirect
Expand Down
Loading

0 comments on commit ef1cd4c

Please sign in to comment.