Backup_Repos/filestash
1
0
Fork 0
mirror of https://github.com/mickael-kerjean/filestash synced 2025-12-06 08:22:24 +01:00
Code Issues Projects Releases Wiki Activity

fix (tmpl): issue with cognito issued jwt token

Browse source 
quote from go jwt lib: "WithPaddingAllowed will enable the codec used
for decoding JWTs to allow padding. Note that the JWS RFC7515 states
that the tokens will utilize a Base64url encoding with no padding.
Unfortunately, some implementations of JWT are producing non-standard
tokens, and thus require support for decoding."

cognito is one of those...
This commit is contained in:
MickaelK 2025-03-13 17:21:04 +11:00
parent 40e9938148
commit d01facd463
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
server/ctrl/tmpl.go
View file

@ -12,7 +12,7 @@ import (
. "github.com/mickael-kerjean/filestash/server/common"
"github.com/golang-jwt/jwt/v4"
"github.com/golang-jwt/jwt/v5"
)
var tmplFuncs = template.FuncMap{
@ -128,10 +128,10 @@ var tmplFuncs = template.FuncMap{
var err error
claims := jwt.MapClaims{}
if len(args) == 1 {
token, _, err = jwt.NewParser().ParseUnverified(stdin, claims)
token, _, err = jwt.NewParser(jwt.WithPaddingAllowed()).ParseUnverified(stdin, claims)
token.Valid = true
} else if len(args) == 2 {
token, err = jwt.ParseWithClaims(stdin, claims, func(token *jwt.Token) (interface{}, error) {
token, err = jwt.NewParser(jwt.WithPaddingAllowed()).ParseWithClaims(stdin, claims, func(token *jwt.Token) (interface{}, error) {
if _, ok := token.Method.(*jwt.SigningMethodHMAC); ok {
return []byte(args[0]), nil
} else if _, ok := token.Method.(*jwt.SigningMethodRSA); ok {