1565757771

Committed 29 Nov 2024 07:56AM UTC coverage: 87.019%. Remained the same

Build # 1565757771

Build Type

push

gitlab-ci

Committed by

web-flow

Commit Message

Merge pull request #434 from alfrunes/1.22.x

chore(deps): Upgrade golang to latest

Run Details

2869 of 3297 relevant lines covered (87.02%)

131.0 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

92.86

/jwt/token.go

// Copyright 2023 Northern.tech AS
//
//        Licensed under the Apache License, Version 2.0 (the "License");
//        you may not use this file except in compliance with the License.
//        You may obtain a copy of the License at
//
//            http://www.apache.org/licenses/LICENSE-2.0
//
//        Unless required by applicable law or agreed to in writing, software
//        distributed under the License is distributed on an "AS IS" BASIS,
//        WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
//        See the License for the specific language governing permissions and
//        limitations under the License.
package jwt

import (
        "time"

        "github.com/pkg/errors"
)

// SignFunc will sign and encode token.
type SignFunc func(token *Token) (string, error)

// UnpackFunc will decode token
type UnpackFunc func(s string) (*Token, error)

// Token wrapper
type Token struct {
        Claims `bson:"inline"`
        // LastUsed is the token last usage timestamp.
        LastUsed *time.Time `json:"last_used,omitempty" bson:"last_used,omitempty"`
        // TokenName holds the name of the token
        TokenName *string `json:"name,omitempty" bson:"name,omitempty"`
        // KeyId is the field that corresponds to "kid" in the JWT Header, we use it
        // to identify the key which was used to sign the token. It allows the private key rotation
        // as long as you keep the private keys we can use the new ones (the highest id)
        // to issue new tokens, while verify the old tokens with the keys used to issue them
        KeyId int `json:"key_id,omitempty" bson:"key_id,omitempty"`
}

// MarshalJWT marshals Token into JWT comaptible format. `sign` provides means
// for generating a signed JWT token.
func (t *Token) MarshalJWT(sign SignFunc) ([]byte, error) {
        if sign == nil {
                panic("no signature helper")
        }

        signed, err := sign(t)
        if err != nil {
                return nil, errors.Wrapf(err, "failed to sign token")
        }
        return []byte(signed), nil
}

// UnmarshalJWT unmarshals raw JWT data into Token. UnpackFunc does the
// actual heavy-lifting of parsing and deserializing base64'ed JWT. Returns an
// error if `unpack` failed, however if `unpack` returns a token `t` will be
// updated as well (may happen if token is valid wrt. to structure & signature,
// but expired).
func (t *Token) UnmarshalJWT(raw []byte, unpack UnpackFunc) error {
        tok, err := unpack(string(raw))
        if tok != nil {
                *t = *tok
        }
        return err
}

1	// Copyright 2023 Northern.tech AS
2	//
3	// Licensed under the Apache License, Version 2.0 (the "License");
4	// you may not use this file except in compliance with the License.
5	// You may obtain a copy of the License at
6	//
7	// http://www.apache.org/licenses/LICENSE-2.0
8	//
9	// Unless required by applicable law or agreed to in writing, software
10	// distributed under the License is distributed on an "AS IS" BASIS,
11	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12	// See the License for the specific language governing permissions and
13	// limitations under the License.
14	package jwt
15
16	import (
17	"time"
18
19	"github.com/pkg/errors"
20	)
21
22	// SignFunc will sign and encode token.
23	type SignFunc func(token *Token) (string, error)
24
25	// UnpackFunc will decode token
26	type UnpackFunc func(s string) (*Token, error)
27
28	// Token wrapper
29	type Token struct {
30	Claims `bson:"inline"`
31	// LastUsed is the token last usage timestamp.
32	LastUsed *time.Time `json:"last_used,omitempty" bson:"last_used,omitempty"`
33	// TokenName holds the name of the token
34	TokenName *string `json:"name,omitempty" bson:"name,omitempty"`
35	// KeyId is the field that corresponds to "kid" in the JWT Header, we use it
36	// to identify the key which was used to sign the token. It allows the private key rotation
37	// as long as you keep the private keys we can use the new ones (the highest id)
38	// to issue new tokens, while verify the old tokens with the keys used to issue them
39	KeyId int `json:"key_id,omitempty" bson:"key_id,omitempty"`
40	}
41
42	// MarshalJWT marshals Token into JWT comaptible format. `sign` provides means
43	// for generating a signed JWT token.
44	func (t *Token) MarshalJWT(sign SignFunc) ([]byte, error) {	2✔
45	if sign == nil {	2✔
46	panic("no signature helper")	×
47	}
48
49	signed, err := sign(t)	2✔
50	if err != nil {	3✔
51	return nil, errors.Wrapf(err, "failed to sign token")	1✔
52	}	1✔
53	return []byte(signed), nil	1✔
54	}
55
56	// UnmarshalJWT unmarshals raw JWT data into Token. UnpackFunc does the
57	// actual heavy-lifting of parsing and deserializing base64'ed JWT. Returns an
58	// error if `unpack` failed, however if `unpack` returns a token `t` will be
59	// updated as well (may happen if token is valid wrt. to structure & signature,
60	// but expired).
61	func (t *Token) UnmarshalJWT(raw []byte, unpack UnpackFunc) error {	3✔
62	tok, err := unpack(string(raw))	3✔
63	if tok != nil {	5✔
64	t = tok	2✔
65	}	2✔
66	return err	3✔
67	}

mendersoftware / useradm / 1565757771

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous