github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5cfc39ef5e
kubernetes/vendor/github.com/form3tech-oss/jwt-go/map_claims.go
Jordan Liggitt 5cfc39ef5e Update protobuf,grpc,etcd dependencies 
1. Updated etcd/protobuf/grpc dependencies:

echo "
hack/pin-dependency.sh github.com/golang/protobuf latest
hack/pin-dependency.sh google.golang.org/protobuf latest
hack/pin-dependency.sh go.etcd.io/etcd/api/v3 v3.5.0-rc.0
hack/pin-dependency.sh go.etcd.io/etcd/client/v3 v3.5.0-rc.0
hack/pin-dependency.sh go.etcd.io/etcd/client/pkg/v3 v3.5.0-rc.0
hack/pin-dependency.sh go.etcd.io/etcd/pkg/v3 v3.5.0-rc.0
hack/pin-dependency.sh go.etcd.io/etcd/server/v3 v3.5.0-rc.0
hack/pin-dependency.sh go.etcd.io/etcd/tests/v3 v3.5.0-rc.0
hack/pin-dependency.sh google.golang.org/grpc latest
" | bash

2. Linted transitive dependencies until versions are clean:

hack/lint-dependencies.sh  | grep "  hack/pin-dependency.sh" | bash

3. Linted dependencies until dropped versions are clean:

hack/lint-dependencies.sh  | grep "dropreplace" | bash

4. Updated vendor and internal modules:

hack/update-vendor.sh
hack/update-internal-modules.sh

Repeated steps 2-4 until clean
2021-06-15 10:06:09 -04:00

111 lines
2.8 KiB
Go
Raw Blame History

package jwt
import (
"encoding/json"
"errors"
// "fmt"
)
// Claims type that uses the map[string]interface{} for JSON decoding
// This is the default claims type if you don't supply one
type MapClaims map[string]interface{}
// Compares the aud claim against cmp.
// If required is false, this method will return true if the value matches or is unset
func (m MapClaims) VerifyAudience(cmp string, req bool) bool {
var aud []string
switch v := m["aud"].(type) {
case []string:
aud = v
case []interface{}:
for _, a := range v {
vs, ok := a.(string)
if !ok {
return false
}
aud = append(aud, vs)
}
case string:
aud = append(aud, v)
default:
return false
}
return verifyAud(aud, cmp, req)
}
// Compares the exp claim against cmp.
// If required is false, this method will return true if the value matches or is unset
func (m MapClaims) VerifyExpiresAt(cmp int64, req bool) bool {
switch exp := m["exp"].(type) {
case float64:
return verifyExp(int64(exp), cmp, req)
case json.Number:
v, _ := exp.Int64()
return verifyExp(v, cmp, req)
}
return req == false
}
// Compares the iat claim against cmp.
// If required is false, this method will return true if the value matches or is unset
func (m MapClaims) VerifyIssuedAt(cmp int64, req bool) bool {
switch iat := m["iat"].(type) {
case float64:
return verifyIat(int64(iat), cmp, req)
case json.Number:
v, _ := iat.Int64()
return verifyIat(v, cmp, req)
}
return req == false
}
// Compares the iss claim against cmp.
// If required is false, this method will return true if the value matches or is unset
func (m MapClaims) VerifyIssuer(cmp string, req bool) bool {
iss, _ := m["iss"].(string)
return verifyIss(iss, cmp, req)
}
// Compares the nbf claim against cmp.
// If required is false, this method will return true if the value matches or is unset
func (m MapClaims) VerifyNotBefore(cmp int64, req bool) bool {
switch nbf := m["nbf"].(type) {
case float64:
return verifyNbf(int64(nbf), cmp, req)
case json.Number:
v, _ := nbf.Int64()
return verifyNbf(v, cmp, req)
}
return req == false
}
// Validates time based claims "exp, iat, nbf".
// There is no accounting for clock skew.
// As well, if any of the above claims are not in the token, it will still
// be considered a valid claim.
func (m MapClaims) Valid() error {
vErr := new(ValidationError)
now := TimeFunc().Unix()
if m.VerifyExpiresAt(now, false) == false {
vErr.Inner = errors.New("Token is expired")
vErr.Errors |= ValidationErrorExpired
}
if m.VerifyIssuedAt(now, false) == false {
vErr.Inner = errors.New("Token used before issued")
vErr.Errors |= ValidationErrorIssuedAt
}
if m.VerifyNotBefore(now, false) == false {
vErr.Inner = errors.New("Token is not valid yet")
vErr.Errors |= ValidationErrorNotValidYet
}
if vErr.valid() {
return nil
}
return vErr
}
Reference in New Issue View Git Blame Copy Permalink