mirror of
https://github.com/1f349/mjwt.git
synced 2024-12-22 07:24:05 +00:00
Pedantic: Remove defensive programming on receivers.
This commit is contained in:
parent
3201964fec
commit
690b9f9512
19
key_store.go
19
key_store.go
@ -107,7 +107,7 @@ func ExportKeyStore(ks KeyStore, directory, keyPrvExt, keyPubExt string) error {
|
||||
|
||||
// SetKey adds a new rsa.PrivateKey with the specified kID to the KeyStore.
|
||||
func (d *defaultMJwtKeyStore) SetKey(kID string, prvKey *rsa.PrivateKey) {
|
||||
if d == nil || prvKey == nil {
|
||||
if prvKey == nil {
|
||||
return
|
||||
}
|
||||
d.rwLocker.Lock()
|
||||
@ -119,7 +119,7 @@ func (d *defaultMJwtKeyStore) SetKey(kID string, prvKey *rsa.PrivateKey) {
|
||||
|
||||
// SetKeyPublic adds a new rsa.PublicKey with the specified kID to the KeyStore.
|
||||
func (d *defaultMJwtKeyStore) SetKeyPublic(kID string, pubKey *rsa.PublicKey) {
|
||||
if d == nil || pubKey == nil {
|
||||
if pubKey == nil {
|
||||
return
|
||||
}
|
||||
d.rwLocker.Lock()
|
||||
@ -134,9 +134,6 @@ func (d *defaultMJwtKeyStore) SetKeyPublic(kID string, pubKey *rsa.PublicKey) {
|
||||
|
||||
// RemoveKey removes a specified kID from the KeyStore.
|
||||
func (d *defaultMJwtKeyStore) RemoveKey(kID string) {
|
||||
if d == nil {
|
||||
return
|
||||
}
|
||||
d.rwLocker.Lock()
|
||||
defer d.rwLocker.Unlock()
|
||||
delete(d.store, kID)
|
||||
@ -146,9 +143,6 @@ func (d *defaultMJwtKeyStore) RemoveKey(kID string) {
|
||||
|
||||
// ListKeys lists the kIDs of all the keys in the KeyStore.
|
||||
func (d *defaultMJwtKeyStore) ListKeys() []string {
|
||||
if d == nil {
|
||||
return nil
|
||||
}
|
||||
d.rwLocker.RLock()
|
||||
defer d.rwLocker.RUnlock()
|
||||
lKeys := make([]string, len(d.store))
|
||||
@ -162,9 +156,6 @@ func (d *defaultMJwtKeyStore) ListKeys() []string {
|
||||
|
||||
// GetKey gets the rsa.PrivateKey given the kID in the KeyStore or null if not found.
|
||||
func (d *defaultMJwtKeyStore) GetKey(kID string) *rsa.PrivateKey {
|
||||
if d == nil {
|
||||
return nil
|
||||
}
|
||||
d.rwLocker.RLock()
|
||||
defer d.rwLocker.RUnlock()
|
||||
kPrv, ok := d.store[kID]
|
||||
@ -176,9 +167,6 @@ func (d *defaultMJwtKeyStore) GetKey(kID string) *rsa.PrivateKey {
|
||||
|
||||
// GetKeyPublic gets the rsa.PublicKey given the kID in the KeyStore or null if not found.
|
||||
func (d *defaultMJwtKeyStore) GetKeyPublic(kID string) *rsa.PublicKey {
|
||||
if d == nil {
|
||||
return nil
|
||||
}
|
||||
d.rwLocker.RLock()
|
||||
defer d.rwLocker.RUnlock()
|
||||
kPub, ok := d.storePub[kID]
|
||||
@ -190,9 +178,6 @@ func (d *defaultMJwtKeyStore) GetKeyPublic(kID string) *rsa.PublicKey {
|
||||
|
||||
// ClearKeys removes all the stored keys in the KeyStore.
|
||||
func (d *defaultMJwtKeyStore) ClearKeys() {
|
||||
if d == nil {
|
||||
return
|
||||
}
|
||||
d.rwLocker.Lock()
|
||||
defer d.rwLocker.Unlock()
|
||||
clear(d.store)
|
||||
|
34
signer.go
34
signer.go
@ -12,7 +12,6 @@ import (
|
||||
)
|
||||
|
||||
var ErrNoPrivateKeyFound = errors.New("no private key found")
|
||||
var ErrSignerNil = errors.New("signer nil")
|
||||
|
||||
// defaultMJwtSigner implements Signer and uses an rsa.PrivateKey and issuer name
|
||||
// to generate MJWT tokens
|
||||
@ -95,26 +94,17 @@ func NewMJwtSignerFromFileAndDirectory(issuer, file, directory, prvExt, pubExt s
|
||||
|
||||
// Issuer returns the name of the issuer
|
||||
func (d *defaultMJwtSigner) Issuer() string {
|
||||
if d == nil {
|
||||
return ""
|
||||
}
|
||||
return d.issuer
|
||||
}
|
||||
|
||||
// GenerateJwt generates and returns a JWT string using the sub, id, duration and claims; uses the default key
|
||||
func (d *defaultMJwtSigner) GenerateJwt(sub, id string, aud jwt.ClaimStrings, dur time.Duration, claims Claims) (string, error) {
|
||||
if d == nil {
|
||||
return "", ErrSignerNil
|
||||
}
|
||||
return d.SignJwt(wrapClaims[Claims](d, sub, id, aud, dur, claims))
|
||||
}
|
||||
|
||||
// SignJwt signs a jwt.Claims compatible struct, this is used internally by
|
||||
// GenerateJwt but is available for signing custom structs; uses the default key
|
||||
func (d *defaultMJwtSigner) SignJwt(wrapped jwt.Claims) (string, error) {
|
||||
if d == nil {
|
||||
return "", ErrSignerNil
|
||||
}
|
||||
if d.key == nil {
|
||||
return "", ErrNoPrivateKeyFound
|
||||
}
|
||||
@ -124,18 +114,12 @@ func (d *defaultMJwtSigner) SignJwt(wrapped jwt.Claims) (string, error) {
|
||||
|
||||
// GenerateJwtWithKID generates and returns a JWT string using the sub, id, duration and claims; this gets signed with the specified kID
|
||||
func (d *defaultMJwtSigner) GenerateJwtWithKID(sub, id string, aud jwt.ClaimStrings, dur time.Duration, claims Claims, kID string) (string, error) {
|
||||
if d == nil {
|
||||
return "", ErrSignerNil
|
||||
}
|
||||
return d.SignJwtWithKID(wrapClaims[Claims](d, sub, id, aud, dur, claims), kID)
|
||||
}
|
||||
|
||||
// SignJwtWithKID signs a jwt.Claims compatible struct, this is used internally by
|
||||
// GenerateJwt but is available for signing custom structs; this gets signed with the specified kID
|
||||
func (d *defaultMJwtSigner) SignJwtWithKID(wrapped jwt.Claims, kID string) (string, error) {
|
||||
if d == nil {
|
||||
return "", ErrSignerNil
|
||||
}
|
||||
pKey := d.verify.GetKeyStore().GetKey(kID)
|
||||
if pKey == nil {
|
||||
return "", ErrNoPrivateKeyFound
|
||||
@ -147,43 +131,25 @@ func (d *defaultMJwtSigner) SignJwtWithKID(wrapped jwt.Claims, kID string) (stri
|
||||
|
||||
// VerifyJwt validates and parses MJWT tokens see defaultMJwtVerifier.VerifyJwt()
|
||||
func (d *defaultMJwtSigner) VerifyJwt(token string, claims baseTypeClaim) (*jwt.Token, error) {
|
||||
if d == nil {
|
||||
return nil, ErrSignerNil
|
||||
}
|
||||
return d.verify.VerifyJwt(token, claims)
|
||||
}
|
||||
|
||||
func (d *defaultMJwtSigner) PrivateKey() *rsa.PrivateKey {
|
||||
if d == nil {
|
||||
return nil
|
||||
}
|
||||
return d.key
|
||||
}
|
||||
func (d *defaultMJwtSigner) PublicKey() *rsa.PublicKey {
|
||||
if d == nil {
|
||||
return nil
|
||||
}
|
||||
return d.verify.pub
|
||||
}
|
||||
|
||||
func (d *defaultMJwtSigner) PublicKeyOf(kID string) *rsa.PublicKey {
|
||||
if d == nil {
|
||||
return nil
|
||||
}
|
||||
return d.verify.kStore.GetKeyPublic(kID)
|
||||
}
|
||||
|
||||
func (d *defaultMJwtSigner) GetKeyStore() KeyStore {
|
||||
if d == nil {
|
||||
return nil
|
||||
}
|
||||
return d.verify.GetKeyStore()
|
||||
}
|
||||
|
||||
func (d *defaultMJwtSigner) PrivateKeyOf(kID string) *rsa.PrivateKey {
|
||||
if d == nil {
|
||||
return nil
|
||||
}
|
||||
return d.verify.kStore.GetKey(kID)
|
||||
}
|
||||
|
||||
|
13
verifier.go
13
verifier.go
@ -9,7 +9,6 @@ import (
|
||||
|
||||
var ErrNoPublicKeyFound = errors.New("no public key found")
|
||||
var ErrKIDInvalid = errors.New("kid invalid")
|
||||
var ErrVerifierNil = errors.New("verifier nil")
|
||||
|
||||
// defaultMJwtVerifier implements Verifier and uses a rsa.PublicKey to validate
|
||||
// MJWT tokens
|
||||
@ -71,9 +70,6 @@ func NewMJwtVerifierFromFileAndDirectory(file, directory, prvExt, pubExt string)
|
||||
|
||||
// VerifyJwt validates and parses MJWT tokens and returns the claims
|
||||
func (d *defaultMJwtVerifier) VerifyJwt(token string, claims baseTypeClaim) (*jwt.Token, error) {
|
||||
if d == nil {
|
||||
return nil, ErrVerifierNil
|
||||
}
|
||||
withClaims, err := jwt.ParseWithClaims(token, claims, func(token *jwt.Token) (interface{}, error) {
|
||||
kIDI, exs := token.Header["kid"]
|
||||
if exs {
|
||||
@ -100,22 +96,13 @@ func (d *defaultMJwtVerifier) VerifyJwt(token string, claims baseTypeClaim) (*jw
|
||||
}
|
||||
|
||||
func (d *defaultMJwtVerifier) PublicKey() *rsa.PublicKey {
|
||||
if d == nil {
|
||||
return nil
|
||||
}
|
||||
return d.pub
|
||||
}
|
||||
|
||||
func (d *defaultMJwtVerifier) PublicKeyOf(kID string) *rsa.PublicKey {
|
||||
if d == nil {
|
||||
return nil
|
||||
}
|
||||
return d.kStore.GetKeyPublic(kID)
|
||||
}
|
||||
|
||||
func (d *defaultMJwtVerifier) GetKeyStore() KeyStore {
|
||||
if d == nil {
|
||||
return nil
|
||||
}
|
||||
return d.kStore
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user