From ac7006ee011918a60b8fddcf28345f21fd8bfbcc Mon Sep 17 00:00:00 2001 From: Arzumify Date: Thu, 3 Oct 2024 17:41:09 +0100 Subject: [PATCH] Fixed the JWT versions being highly outdated Signed-off-by: Arzumify --- .gitignore | 1 + build.sh | 2 +- go.mod | 2 +- go.sum | 4 ++-- main.go | 2 +- services-src/auth/main.go | 9 +++++++-- 6 files changed, 13 insertions(+), 7 deletions(-) diff --git a/.gitignore b/.gitignore index de5b9be..78a8786 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ fulgens databases resources services +services-src/eternity-web diff --git a/build.sh b/build.sh index ba9a75d..8f23769 100755 --- a/build.sh +++ b/build.sh @@ -1,7 +1,7 @@ #!/bin/sh path=$(realpath "$(dirname "$0")") || exit 1 search_dir="$path/services-src" -find "$search_dir" -type f -name "build.sh" | while read -r build_script; do +find -L "$search_dir" -type f -name "build.sh" | while read -r build_script; do echo "Running $build_script..." build_dir=$(dirname "$build_script") (cd "$build_dir" && ./build.sh) || { diff --git a/go.mod b/go.mod index d20a4eb..9dcd098 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/cespare/xxhash/v2 v2.3.0 github.com/go-chi/chi/v5 v5.1.0 github.com/go-playground/validator/v10 v10.22.1 - github.com/golang-jwt/jwt v3.2.2+incompatible + github.com/golang-jwt/jwt/v5 v5.2.1 github.com/google/uuid v1.6.0 github.com/lib/pq v1.10.9 golang.org/x/crypto v0.27.0 diff --git a/go.sum b/go.sum index 8dee198..8096590 100644 --- a/go.sum +++ b/go.sum @@ -18,8 +18,8 @@ github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJn github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY= github.com/go-playground/validator/v10 v10.22.1 h1:40JcKH+bBNGFczGuoBYgX4I6m/i27HYW8P9FDk5PbgA= github.com/go-playground/validator/v10 v10.22.1/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM= -github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY= -github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I= +github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk= +github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/google/pprof v0.0.0-20240409012703-83162a5b38cd h1:gbpYu9NMq8jhDVbvlGkMFWCjLFlqqEZjEmObmhUy6Vo= github.com/google/pprof v0.0.0-20240409012703-83162a5b38cd/go.mod h1:kf6iHlnVGwgKolg33glAes7Yg/8iWP8ukqeldJSO7jw= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= diff --git a/main.go b/main.go index 4826119..1c63a27 100644 --- a/main.go +++ b/main.go @@ -675,7 +675,7 @@ func main() { Configuration: config.Services[serviceInformation.(*library.Service).Name].(map[string]interface{}), Outbox: globalOutbox, Inbox: inbox, - Router: router, + Router: finalRouter, }) } } diff --git a/services-src/auth/main.go b/services-src/auth/main.go index 81d2f06..0d5fa54 100644 --- a/services-src/auth/main.go +++ b/services-src/auth/main.go @@ -31,7 +31,7 @@ import ( // External libraries "github.com/cespare/xxhash/v2" - "github.com/golang-jwt/jwt" + "github.com/golang-jwt/jwt/v5" "github.com/google/uuid" _ "modernc.org/sqlite" ) @@ -146,7 +146,12 @@ func verifyJwt(token string, publicKey ed25519.PublicKey, mem *sql.DB) ([]byte, } // Check if the token expired - if claims.VerifyExpiresAt(time.Now().Unix(), true) == false { + date, err := claims.GetExpirationTime() + if err != nil { + return nil, claims, false + } + + if date.Before(time.Now()) { return nil, claims, false }