1f349/mjwt
4
0
Fork 0
mirror of https://github.com/1f349/mjwt.git synced 2024-11-09 22:22:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Pedantic: Remove defensive programming on receivers.

Browse Source
This commit is contained in:
Captain ALM 2024-06-09 21:31:01 +01:00
parent 3201964fec
commit 690b9f9512
Signed by: alfred
GPG Key ID: 4E4ADD02609997B1
3 changed files with 2 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
key_store.go
View File

@ -107,7 +107,7 @@ func ExportKeyStore(ks KeyStore, directory, keyPrvExt, keyPubExt string) error {
// SetKey adds a new rsa.PrivateKey with the specified kID to the KeyStore. // SetKey adds a new rsa.PrivateKey with the specified kID to the KeyStore.
func (d *defaultMJwtKeyStore) SetKey(kID string, prvKey *rsa.PrivateKey) { func (d *defaultMJwtKeyStore) SetKey(kID string, prvKey *rsa.PrivateKey) {
if d == nil || prvKey == nil { if prvKey == nil {
return return
} }
d.rwLocker.Lock() d.rwLocker.Lock()
@ -119,7 +119,7 @@ func (d *defaultMJwtKeyStore) SetKey(kID string, prvKey *rsa.PrivateKey) {
// SetKeyPublic adds a new rsa.PublicKey with the specified kID to the KeyStore. // SetKeyPublic adds a new rsa.PublicKey with the specified kID to the KeyStore.
func (d *defaultMJwtKeyStore) SetKeyPublic(kID string, pubKey *rsa.PublicKey) { func (d *defaultMJwtKeyStore) SetKeyPublic(kID string, pubKey *rsa.PublicKey) {
if d == nil || pubKey == nil { if pubKey == nil {
return return
} }
d.rwLocker.Lock() d.rwLocker.Lock()
@ -134,9 +134,6 @@ func (d *defaultMJwtKeyStore) SetKeyPublic(kID string, pubKey *rsa.PublicKey) {
// RemoveKey removes a specified kID from the KeyStore. // RemoveKey removes a specified kID from the KeyStore.
func (d *defaultMJwtKeyStore) RemoveKey(kID string) { func (d *defaultMJwtKeyStore) RemoveKey(kID string) {
if d == nil {
return
}
d.rwLocker.Lock() d.rwLocker.Lock()
defer d.rwLocker.Unlock() defer d.rwLocker.Unlock()
delete(d.store, kID) delete(d.store, kID)
@ -146,9 +143,6 @@ func (d *defaultMJwtKeyStore) RemoveKey(kID string) {
// ListKeys lists the kIDs of all the keys in the KeyStore. // ListKeys lists the kIDs of all the keys in the KeyStore.
func (d *defaultMJwtKeyStore) ListKeys() []string { func (d *defaultMJwtKeyStore) ListKeys() []string {
if d == nil {
return nil
}
d.rwLocker.RLock() d.rwLocker.RLock()
defer d.rwLocker.RUnlock() defer d.rwLocker.RUnlock()
lKeys := make([]string, len(d.store)) lKeys := make([]string, len(d.store))
@ -162,9 +156,6 @@ func (d *defaultMJwtKeyStore) ListKeys() []string {
// GetKey gets the rsa.PrivateKey given the kID in the KeyStore or null if not found. // GetKey gets the rsa.PrivateKey given the kID in the KeyStore or null if not found.
func (d *defaultMJwtKeyStore) GetKey(kID string) *rsa.PrivateKey { func (d *defaultMJwtKeyStore) GetKey(kID string) *rsa.PrivateKey {
if d == nil {
return nil
}
d.rwLocker.RLock() d.rwLocker.RLock()
defer d.rwLocker.RUnlock() defer d.rwLocker.RUnlock()
kPrv, ok := d.store[kID] kPrv, ok := d.store[kID]
@ -176,9 +167,6 @@ func (d *defaultMJwtKeyStore) GetKey(kID string) *rsa.PrivateKey {
// GetKeyPublic gets the rsa.PublicKey given the kID in the KeyStore or null if not found. // GetKeyPublic gets the rsa.PublicKey given the kID in the KeyStore or null if not found.
func (d *defaultMJwtKeyStore) GetKeyPublic(kID string) *rsa.PublicKey { func (d *defaultMJwtKeyStore) GetKeyPublic(kID string) *rsa.PublicKey {
if d == nil {
return nil
}
d.rwLocker.RLock() d.rwLocker.RLock()
defer d.rwLocker.RUnlock() defer d.rwLocker.RUnlock()
kPub, ok := d.storePub[kID] kPub, ok := d.storePub[kID]
@ -190,9 +178,6 @@ func (d *defaultMJwtKeyStore) GetKeyPublic(kID string) *rsa.PublicKey {
// ClearKeys removes all the stored keys in the KeyStore. // ClearKeys removes all the stored keys in the KeyStore.
func (d *defaultMJwtKeyStore) ClearKeys() { func (d *defaultMJwtKeyStore) ClearKeys() {
if d == nil {
return
}
d.rwLocker.Lock() d.rwLocker.Lock()
defer d.rwLocker.Unlock() defer d.rwLocker.Unlock()
clear(d.store) clear(d.store)

34
signer.go
View File

@ -12,7 +12,6 @@ import (
) )
var ErrNoPrivateKeyFound = errors.New("no private key found") var ErrNoPrivateKeyFound = errors.New("no private key found")
var ErrSignerNil = errors.New("signer nil")
// defaultMJwtSigner implements Signer and uses an rsa.PrivateKey and issuer name // defaultMJwtSigner implements Signer and uses an rsa.PrivateKey and issuer name
// to generate MJWT tokens // to generate MJWT tokens
@ -95,26 +94,17 @@ func NewMJwtSignerFromFileAndDirectory(issuer, file, directory, prvExt, pubExt s
// Issuer returns the name of the issuer // Issuer returns the name of the issuer
func (d *defaultMJwtSigner) Issuer() string { func (d *defaultMJwtSigner) Issuer() string {
if d == nil {
return ""
}
return d.issuer return d.issuer
} }
// GenerateJwt generates and returns a JWT string using the sub, id, duration and claims; uses the default key // GenerateJwt generates and returns a JWT string using the sub, id, duration and claims; uses the default key
func (d *defaultMJwtSigner) GenerateJwt(sub, id string, aud jwt.ClaimStrings, dur time.Duration, claims Claims) (string, error) { func (d *defaultMJwtSigner) GenerateJwt(sub, id string, aud jwt.ClaimStrings, dur time.Duration, claims Claims) (string, error) {
if d == nil {
return "", ErrSignerNil
}
return d.SignJwt(wrapClaims[Claims](d, sub, id, aud, dur, claims)) return d.SignJwt(wrapClaims[Claims](d, sub, id, aud, dur, claims))
} }
// SignJwt signs a jwt.Claims compatible struct, this is used internally by // SignJwt signs a jwt.Claims compatible struct, this is used internally by
// GenerateJwt but is available for signing custom structs; uses the default key // GenerateJwt but is available for signing custom structs; uses the default key
func (d *defaultMJwtSigner) SignJwt(wrapped jwt.Claims) (string, error) { func (d *defaultMJwtSigner) SignJwt(wrapped jwt.Claims) (string, error) {
if d == nil {
return "", ErrSignerNil
}
if d.key == nil { if d.key == nil {
return "", ErrNoPrivateKeyFound return "", ErrNoPrivateKeyFound
} }
@ -124,18 +114,12 @@ func (d *defaultMJwtSigner) SignJwt(wrapped jwt.Claims) (string, error) {
// GenerateJwtWithKID generates and returns a JWT string using the sub, id, duration and claims; this gets signed with the specified kID // GenerateJwtWithKID generates and returns a JWT string using the sub, id, duration and claims; this gets signed with the specified kID
func (d *defaultMJwtSigner) GenerateJwtWithKID(sub, id string, aud jwt.ClaimStrings, dur time.Duration, claims Claims, kID string) (string, error) { func (d *defaultMJwtSigner) GenerateJwtWithKID(sub, id string, aud jwt.ClaimStrings, dur time.Duration, claims Claims, kID string) (string, error) {
if d == nil {
return "", ErrSignerNil
}
return d.SignJwtWithKID(wrapClaims[Claims](d, sub, id, aud, dur, claims), kID) return d.SignJwtWithKID(wrapClaims[Claims](d, sub, id, aud, dur, claims), kID)
} }
// SignJwtWithKID signs a jwt.Claims compatible struct, this is used internally by // SignJwtWithKID signs a jwt.Claims compatible struct, this is used internally by
// GenerateJwt but is available for signing custom structs; this gets signed with the specified kID // GenerateJwt but is available for signing custom structs; this gets signed with the specified kID
func (d *defaultMJwtSigner) SignJwtWithKID(wrapped jwt.Claims, kID string) (string, error) { func (d *defaultMJwtSigner) SignJwtWithKID(wrapped jwt.Claims, kID string) (string, error) {
if d == nil {
return "", ErrSignerNil
}
pKey := d.verify.GetKeyStore().GetKey(kID) pKey := d.verify.GetKeyStore().GetKey(kID)
if pKey == nil { if pKey == nil {
return "", ErrNoPrivateKeyFound return "", ErrNoPrivateKeyFound
@ -147,43 +131,25 @@ func (d *defaultMJwtSigner) SignJwtWithKID(wrapped jwt.Claims, kID string) (stri
// VerifyJwt validates and parses MJWT tokens see defaultMJwtVerifier.VerifyJwt() // VerifyJwt validates and parses MJWT tokens see defaultMJwtVerifier.VerifyJwt()
func (d *defaultMJwtSigner) VerifyJwt(token string, claims baseTypeClaim) (*jwt.Token, error) { func (d *defaultMJwtSigner) VerifyJwt(token string, claims baseTypeClaim) (*jwt.Token, error) {
if d == nil {
return nil, ErrSignerNil
}
return d.verify.VerifyJwt(token, claims) return d.verify.VerifyJwt(token, claims)
} }
func (d *defaultMJwtSigner) PrivateKey() *rsa.PrivateKey { func (d *defaultMJwtSigner) PrivateKey() *rsa.PrivateKey {
if d == nil {
return nil
}
return d.key return d.key
} }
func (d *defaultMJwtSigner) PublicKey() *rsa.PublicKey { func (d *defaultMJwtSigner) PublicKey() *rsa.PublicKey {
if d == nil {
return nil
}
return d.verify.pub return d.verify.pub
} }
func (d *defaultMJwtSigner) PublicKeyOf(kID string) *rsa.PublicKey { func (d *defaultMJwtSigner) PublicKeyOf(kID string) *rsa.PublicKey {
if d == nil {
return nil
}
return d.verify.kStore.GetKeyPublic(kID) return d.verify.kStore.GetKeyPublic(kID)
} }
func (d *defaultMJwtSigner) GetKeyStore() KeyStore { func (d *defaultMJwtSigner) GetKeyStore() KeyStore {
if d == nil {
return nil
}
return d.verify.GetKeyStore() return d.verify.GetKeyStore()
} }
func (d *defaultMJwtSigner) PrivateKeyOf(kID string) *rsa.PrivateKey { func (d *defaultMJwtSigner) PrivateKeyOf(kID string) *rsa.PrivateKey {
if d == nil {
return nil
}
return d.verify.kStore.GetKey(kID) return d.verify.kStore.GetKey(kID)
} }

13
verifier.go
View File

@ -9,7 +9,6 @@ import (
var ErrNoPublicKeyFound = errors.New("no public key found") var ErrNoPublicKeyFound = errors.New("no public key found")
var ErrKIDInvalid = errors.New("kid invalid") var ErrKIDInvalid = errors.New("kid invalid")
var ErrVerifierNil = errors.New("verifier nil")
// defaultMJwtVerifier implements Verifier and uses a rsa.PublicKey to validate // defaultMJwtVerifier implements Verifier and uses a rsa.PublicKey to validate
// MJWT tokens // MJWT tokens
@ -71,9 +70,6 @@ func NewMJwtVerifierFromFileAndDirectory(file, directory, prvExt, pubExt string)
// VerifyJwt validates and parses MJWT tokens and returns the claims // VerifyJwt validates and parses MJWT tokens and returns the claims
func (d *defaultMJwtVerifier) VerifyJwt(token string, claims baseTypeClaim) (*jwt.Token, error) { func (d *defaultMJwtVerifier) VerifyJwt(token string, claims baseTypeClaim) (*jwt.Token, error) {
if d == nil {
return nil, ErrVerifierNil
}
withClaims, err := jwt.ParseWithClaims(token, claims, func(token *jwt.Token) (interface{}, error) { withClaims, err := jwt.ParseWithClaims(token, claims, func(token *jwt.Token) (interface{}, error) {
kIDI, exs := token.Header["kid"] kIDI, exs := token.Header["kid"]
if exs { if exs {
@ -100,22 +96,13 @@ func (d *defaultMJwtVerifier) VerifyJwt(token string, claims baseTypeClaim) (*jw
} }
func (d *defaultMJwtVerifier) PublicKey() *rsa.PublicKey { func (d *defaultMJwtVerifier) PublicKey() *rsa.PublicKey {
if d == nil {
return nil
}
return d.pub return d.pub
} }
func (d *defaultMJwtVerifier) PublicKeyOf(kID string) *rsa.PublicKey { func (d *defaultMJwtVerifier) PublicKeyOf(kID string) *rsa.PublicKey {
if d == nil {
return nil
}
return d.kStore.GetKeyPublic(kID) return d.kStore.GetKeyPublic(kID)
} }
func (d *defaultMJwtVerifier) GetKeyStore() KeyStore { func (d *defaultMJwtVerifier) GetKeyStore() KeyStore {
if d == nil {
return nil
}
return d.kStore return d.kStore
} }