diff options
| author | Wim <wim@42.be> | 2021-10-17 00:47:22 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-10-17 00:47:22 +0200 |
| commit | 4dd8bae5c91fa4aef09d865d8fef1acd84f90925 (patch) | |
| tree | ffad9b242daccaf8c86d1c1fbd59032302bd3be9 /vendor/github.com/golang-jwt/jwt/none.go | |
| parent | 7ae45c42e712bd0e66c101f3f714c05aa1dc2104 (diff) | |
| download | matterbridge-msglm-4dd8bae5c91fa4aef09d865d8fef1acd84f90925.tar.gz matterbridge-msglm-4dd8bae5c91fa4aef09d865d8fef1acd84f90925.tar.bz2 matterbridge-msglm-4dd8bae5c91fa4aef09d865d8fef1acd84f90925.zip | |
Update dependencies (#1610)
* Update dependencies
* Update module to go 1.17
Diffstat (limited to 'vendor/github.com/golang-jwt/jwt/none.go')
| -rw-r--r-- | vendor/github.com/golang-jwt/jwt/none.go | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/vendor/github.com/golang-jwt/jwt/none.go b/vendor/github.com/golang-jwt/jwt/none.go new file mode 100644 index 00000000..f04d189d --- /dev/null +++ b/vendor/github.com/golang-jwt/jwt/none.go @@ -0,0 +1,52 @@ +package jwt + +// Implements the none signing method. This is required by the spec +// but you probably should never use it. +var SigningMethodNone *signingMethodNone + +const UnsafeAllowNoneSignatureType unsafeNoneMagicConstant = "none signing method allowed" + +var NoneSignatureTypeDisallowedError error + +type signingMethodNone struct{} +type unsafeNoneMagicConstant string + +func init() { + SigningMethodNone = &signingMethodNone{} + NoneSignatureTypeDisallowedError = NewValidationError("'none' signature type is not allowed", ValidationErrorSignatureInvalid) + + RegisterSigningMethod(SigningMethodNone.Alg(), func() SigningMethod { + return SigningMethodNone + }) +} + +func (m *signingMethodNone) Alg() string { + return "none" +} + +// Only allow 'none' alg type if UnsafeAllowNoneSignatureType is specified as the key +func (m *signingMethodNone) Verify(signingString, signature string, key interface{}) (err error) { + // Key must be UnsafeAllowNoneSignatureType to prevent accidentally + // accepting 'none' signing method + if _, ok := key.(unsafeNoneMagicConstant); !ok { + return NoneSignatureTypeDisallowedError + } + // If signing method is none, signature must be an empty string + if signature != "" { + return NewValidationError( + "'none' signing method with non-empty signature", + ValidationErrorSignatureInvalid, + ) + } + + // Accept 'none' signing method. + return nil +} + +// Only allow 'none' signing if UnsafeAllowNoneSignatureType is specified as the key +func (m *signingMethodNone) Sign(signingString string, key interface{}) (string, error) { + if _, ok := key.(unsafeNoneMagicConstant); ok { + return "", nil + } + return "", NoneSignatureTypeDisallowedError +} |