mirror
/
galene
mirror of https://github.com/jech/galene.git
1
Fork 0
Code
1,271 Commits 18 Branches 31 Tags 12 MiB
Commit Graph

8 Commits

Author SHA1 Message Date
Juliusz Chroboczek d9e956be48 More JWT paranoia. 2024-05-11 22:45:52 +02:00
Juliusz Chroboczek 969354e9e5 Honour the kid field in JWT if present. 2024-05-11 12:29:30 +02:00
Juliusz Chroboczek 3a6d924374 Attempt all keys when validating stateless tokens. 2024-05-09 18:40:50 +02:00
Juliusz Chroboczek 8a94f4a716 Export getStateful, simplify interface. 
We used to return nil, nil if the token didn't exist.
We now return os.ErrNotExist.
 2024-05-01 19:25:26 +02:00
Juliusz Chroboczek b8f7c68338 Return correct error message for invalid tokens. 2024-03-03 15:42:46 +01:00
Juliusz Chroboczek 27e502e63c Upgrade to go-jwt v5. 
A token with no "sub" field is now treated just like one with an
empty "sub".  In addition, all times are treated with a slack of 5s.
 2023-12-10 00:47:17 +01:00
Juliusz Chroboczek 3c0dbf5e9b Reliably return an error from token.Parse. 
We would sometimes return nil cast to an interface with no error,
which would cause the server to crash with a null dereference.
 2023-05-14 21:14:59 +02:00
Juliusz Chroboczek c58064d923 Move token handling into the separate module. 
Tokens are now an interface, and all the token logic is encapsulated
in the token module.
 2023-04-03 22:58:38 +02:00