Upgrading go version (#722)

* Upgrading go version * Upgrade lint * Remove v1 of lestrrat-go which had a vuln
TBD54566975 · Dec 27, 2023 · 653901c · 653901c
1 parent 8f87d43
commit 653901c
Show file tree

Hide file tree

Showing 12 changed files with 17 additions and 38 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -20,7 +20,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v3
         with:
-          go-version: 1.21.4
+          go-version: 1.21.5
           cache: true
 
       - name: Install Mage
@@ -37,7 +37,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@v3
       with:
-        go-version: 1.21.4
+        go-version: 1.21.5
         cache: true
 
     - name: Install mage

diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml
@@ -20,14 +20,14 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v3
         with:
-          go-version: 1.21.4
+          go-version: 1.21.5
           cache: true
 
       - name: golangci-lint
         uses: golangci/golangci-lint-action@v3
         with:
           # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version
-          version: v1.51
+          version: v1.55.2
 
           # Optional: working directory, useful for monorepos
           # working-directory: somedir

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
@@ -20,7 +20,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@v3
       with:
-        go-version: 1.21.4
+        go-version: 1.21.5
         cache: true
 
     - name: Install Mage

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -12,7 +12,7 @@ When you're ready you may:
 
 | Requirement    | Tested Version | Installation Instructions                                                                         |
 |----------------|----------------|---------------------------------------------------------------------------------------------------|
-| Go             | 1.21.4         | [go.dev](https://go.dev/doc/install)                                                              |
+| Go             | 1.21.5         | [go.dev](https://go.dev/doc/install)                                                              |
 | Mage           | 1.13.0-6       | [magefile.org](https://magefile.org/)                                                             |
 | golangci-lint  | 1.52.2         | [golangci-lint.run](https://golangci-lint.run/usage/install/#local-installation)                  |
 
@@ -24,7 +24,7 @@ You may verify your `go` installation via the terminal:
 
 ```
 $> go version
-go version go1.21.4 darwin/amd64
+go version go1.21.5 darwin/amd64
 ```
 
 If you do not have go, we recommend installing it by:

diff --git a/README.md b/README.md
@@ -1,5 +1,5 @@
 [![godoc ssi-service](https://img.shields.io/badge/godoc-ssi--service-blue)](https://github.com/TBD54566975/ssi-service)
-[![go version 1.21.4](https://img.shields.io/badge/go_version-1.21.4-brightgreen)](https://go.dev/)
+[![go version 1.21.5](https://img.shields.io/badge/go_version-1.21.5-brightgreen)](https://go.dev/)
 [![license Apache 2](https://img.shields.io/badge/license-Apache%202-black)](https://github.com/TBD54566975/ssi-service/blob/main/LICENSE)
 [![issues](https://img.shields.io/github/issues/TBD54566975/ssi-service)](https://github.com/TBD54566975/ssi-service/issues)
 ![push](https://github.com/TBD54566975/ssi-service/workflows/ssi-service-ci/badge.svg?branch=main&event=push)

diff --git a/build/Dockerfile b/build/Dockerfile
@@ -1,4 +1,4 @@
-FROM golang:1.21.4-alpine
+FROM golang:1.21.5-alpine
 
 # Create directory for our app inside the container
 WORKDIR /app

diff --git a/go.mod b/go.mod
@@ -21,7 +21,6 @@ require (
 	github.com/google/tink/go v1.7.0
 	github.com/google/uuid v1.4.0
 	github.com/joho/godotenv v1.5.1
-	github.com/lestrrat-go/jwx v1.2.26
 	github.com/lestrrat-go/jwx/v2 v2.0.18
 	github.com/lib/pq v1.10.9
 	github.com/magefile/mage v1.15.0
@@ -114,7 +113,6 @@ require (
 	github.com/kilic/bls12-381 v0.1.1-0.20210503002446-7b7597926c69 // indirect
 	github.com/klauspost/cpuid/v2 v2.2.5 // indirect
 	github.com/leodido/go-urn v1.2.4 // indirect
-	github.com/lestrrat-go/backoff/v2 v2.0.8 // indirect
 	github.com/lestrrat-go/blackmagic v1.0.2 // indirect
 	github.com/lestrrat-go/httpcc v1.0.1 // indirect
 	github.com/lestrrat-go/httprc v1.0.4 // indirect

diff --git a/go.sum b/go.sum
@@ -337,9 +337,6 @@ github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY=
 github.com/leodido/go-urn v1.2.4 h1:XlAE/cm/ms7TE/VMVoduSpNBoyc2dOxHs5MZSwAN63Q=
 github.com/leodido/go-urn v1.2.4/go.mod h1:7ZrI8mTSeBSHl/UaRyKQW1qZeMgak41ANeCNaVckg+4=
-github.com/lestrrat-go/backoff/v2 v2.0.8 h1:oNb5E5isby2kiro9AgdHLv5N5tint1AnDVVf2E2un5A=
-github.com/lestrrat-go/backoff/v2 v2.0.8/go.mod h1:rHP/q/r9aT27n24JQLa7JhSQZCKBBOiM/uP402WwN8Y=
-github.com/lestrrat-go/blackmagic v1.0.1/go.mod h1:UrEqBzIR2U6CnzVyUtfM6oZNMt/7O7Vohk2J0OGSAtU=
 github.com/lestrrat-go/blackmagic v1.0.2 h1:Cg2gVSc9h7sz9NOByczrbUvLopQmXrfFx//N+AkAr5k=
 github.com/lestrrat-go/blackmagic v1.0.2/go.mod h1:UrEqBzIR2U6CnzVyUtfM6oZNMt/7O7Vohk2J0OGSAtU=
 github.com/lestrrat-go/httpcc v1.0.1 h1:ydWCStUeJLkpYyjLDHihupbn2tYmZ7m22BGkcvZZrIE=
@@ -348,8 +345,6 @@ github.com/lestrrat-go/httprc v1.0.4 h1:bAZymwoZQb+Oq8MEbyipag7iSq6YIga8Wj6GOiJG
 github.com/lestrrat-go/httprc v1.0.4/go.mod h1:mwwz3JMTPBjHUkkDv/IGJ39aALInZLrhBp0X7KGUZlo=
 github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI=
 github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4=
-github.com/lestrrat-go/jwx v1.2.26 h1:4iFo8FPRZGDYe1t19mQP0zTRqA7n8HnJ5lkIiDvJcB0=
-github.com/lestrrat-go/jwx v1.2.26/go.mod h1:MaiCdGbn3/cckbOFSCluJlJMmp9dmZm5hDuIkx8ftpQ=
 github.com/lestrrat-go/jwx/v2 v2.0.18 h1:HHZkYS5wWDDyAiNBwztEtDoX07WDhGEdixm8G06R50o=
 github.com/lestrrat-go/jwx/v2 v2.0.18/go.mod h1:fAJ+k5eTgKdDqanzCuK6DAt3W7n3cs2/FX7JhQdk83U=
 github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I=
@@ -550,7 +545,6 @@ golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm
 golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
-golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0=
 golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY=
 golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=

diff --git a/internal/keyaccess/jwt.go b/internal/keyaccess/jwt.go
@@ -10,7 +10,7 @@ import (
 	"github.com/TBD54566975/ssi-sdk/crypto/jwx"
 	"github.com/TBD54566975/ssi-sdk/did/resolution"
 	"github.com/goccy/go-json"
-	"github.com/lestrrat-go/jwx/jws"
+	"github.com/lestrrat-go/jwx/v2/jws"
 	"github.com/pkg/errors"
 )
 

diff --git a/internal/util/jwt.go b/internal/util/jwt.go
@@ -3,8 +3,8 @@ package util
 import (
 	"fmt"
 
-	"github.com/lestrrat-go/jwx/jws"
-	"github.com/lestrrat-go/jwx/jwt"
+	"github.com/lestrrat-go/jwx/v2/jws"
+	"github.com/lestrrat-go/jwx/v2/jwt"
 
 	"github.com/tbd54566975/ssi-service/internal/keyaccess"
 )
@@ -20,22 +20,9 @@ func ParseJWT(token keyaccess.JWT) (*jws.Signature, jwt.Token, error) {
 	if len(signatures) != 1 {
 		return nil, nil, fmt.Errorf("expected 1 signature, got %d", len(signatures))
 	}
-	parsedJWT, err := jwt.Parse(tokenBytes)
+	parsedJWT, err := jwt.Parse(tokenBytes, jwt.WithVerify(false))
 	if err != nil {
 		return nil, nil, err
 	}
 	return signatures[0], parsedJWT, nil
 }
-
-func GetKeyIDFromJWT(token keyaccess.JWT) (string, error) {
-	tokenBytes := []byte(token)
-	parsedJWS, err := jws.Parse(tokenBytes)
-	if err != nil {
-		return "", err
-	}
-	signatures := parsedJWS.Signatures()
-	if len(signatures) != 1 {
-		return "", fmt.Errorf("expected 1 signature, got %d", len(signatures))
-	}
-	return signatures[0].ProtectedHeaders().KeyID(), nil
-}
diff --git a/pkg/service/manifest/manifest.go b/pkg/service/manifest/manifest.go
@@ -6,8 +6,8 @@ import (
 	"github.com/TBD54566975/ssi-sdk/credential/manifest"
 	sdkutil "github.com/TBD54566975/ssi-sdk/util"
 	"github.com/goccy/go-json"
-	"github.com/lestrrat-go/jwx/jws"
-	"github.com/lestrrat-go/jwx/jwt"
+	"github.com/lestrrat-go/jwx/v2/jws"
+	"github.com/lestrrat-go/jwx/v2/jwt"
 
 	didint "github.com/tbd54566975/ssi-service/internal/did"
 	"github.com/tbd54566975/ssi-service/internal/keyaccess"
@@ -29,7 +29,7 @@ func (s Service) verifyManifestJWT(ctx context.Context, token keyaccess.JWT) (*m
 	}
 
 	// parse token
-	parsed, err := jwt.Parse([]byte(token))
+	parsed, err := jwt.Parse([]byte(token), jwt.WithVerify(false))
 	if err != nil {
 		return nil, sdkutil.LoggingErrorMsg(err, "could not parse JWT")
 	}

diff --git a/pkg/service/presentation/service.go b/pkg/service/presentation/service.go
@@ -8,7 +8,7 @@ import (
 	"github.com/TBD54566975/ssi-sdk/credential/integrity"
 	"github.com/TBD54566975/ssi-sdk/did/resolution"
 	sdkutil "github.com/TBD54566975/ssi-sdk/util"
-	"github.com/lestrrat-go/jwx/jws"
+	"github.com/lestrrat-go/jwx/v2/jws"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"