From 653901c099168265a66b1df6593802cda800ac99 Mon Sep 17 00:00:00 2001 From: Andres Uribe Date: Wed, 27 Dec 2023 09:08:10 -0500 Subject: [PATCH] Upgrading go version (#722) * Upgrading go version * Upgrade lint * Remove v1 of lestrrat-go which had a vuln --- .github/workflows/ci.yml | 4 ++-- .github/workflows/golangci-lint.yml | 4 ++-- .github/workflows/integration.yml | 2 +- CONTRIBUTING.md | 4 ++-- README.md | 2 +- build/Dockerfile | 2 +- go.mod | 2 -- go.sum | 6 ------ internal/keyaccess/jwt.go | 2 +- internal/util/jwt.go | 19 +++---------------- pkg/service/manifest/manifest.go | 6 +++--- pkg/service/presentation/service.go | 2 +- 12 files changed, 17 insertions(+), 38 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3837f8039..e6cf3bf44 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -20,7 +20,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v3 with: - go-version: 1.21.4 + go-version: 1.21.5 cache: true - name: Install Mage @@ -37,7 +37,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v3 with: - go-version: 1.21.4 + go-version: 1.21.5 cache: true - name: Install mage diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index 5a22380c0..e9eaef52b 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -20,14 +20,14 @@ jobs: - name: Set up Go uses: actions/setup-go@v3 with: - go-version: 1.21.4 + go-version: 1.21.5 cache: true - name: golangci-lint uses: golangci/golangci-lint-action@v3 with: # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version - version: v1.51 + version: v1.55.2 # Optional: working directory, useful for monorepos # working-directory: somedir diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml index 2ea8baff1..67cbb37df 100644 --- a/.github/workflows/integration.yml +++ b/.github/workflows/integration.yml @@ -20,7 +20,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v3 with: - go-version: 1.21.4 + go-version: 1.21.5 cache: true - name: Install Mage diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index bfe3a35eb..93d30f217 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -12,7 +12,7 @@ When you're ready you may: | Requirement | Tested Version | Installation Instructions | |----------------|----------------|---------------------------------------------------------------------------------------------------| -| Go | 1.21.4 | [go.dev](https://go.dev/doc/install) | +| Go | 1.21.5 | [go.dev](https://go.dev/doc/install) | | Mage | 1.13.0-6 | [magefile.org](https://magefile.org/) | | golangci-lint | 1.52.2 | [golangci-lint.run](https://golangci-lint.run/usage/install/#local-installation) | @@ -24,7 +24,7 @@ You may verify your `go` installation via the terminal: ``` $> go version -go version go1.21.4 darwin/amd64 +go version go1.21.5 darwin/amd64 ``` If you do not have go, we recommend installing it by: diff --git a/README.md b/README.md index 24d6dc453..1335318cb 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ [![godoc ssi-service](https://img.shields.io/badge/godoc-ssi--service-blue)](https://github.com/TBD54566975/ssi-service) -[![go version 1.21.4](https://img.shields.io/badge/go_version-1.21.4-brightgreen)](https://go.dev/) +[![go version 1.21.5](https://img.shields.io/badge/go_version-1.21.5-brightgreen)](https://go.dev/) [![license Apache 2](https://img.shields.io/badge/license-Apache%202-black)](https://github.com/TBD54566975/ssi-service/blob/main/LICENSE) [![issues](https://img.shields.io/github/issues/TBD54566975/ssi-service)](https://github.com/TBD54566975/ssi-service/issues) ![push](https://github.com/TBD54566975/ssi-service/workflows/ssi-service-ci/badge.svg?branch=main&event=push) diff --git a/build/Dockerfile b/build/Dockerfile index 7f884d0db..82e653781 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.21.4-alpine +FROM golang:1.21.5-alpine # Create directory for our app inside the container WORKDIR /app diff --git a/go.mod b/go.mod index 9c6f7be7b..3b611d0f6 100644 --- a/go.mod +++ b/go.mod @@ -21,7 +21,6 @@ require ( github.com/google/tink/go v1.7.0 github.com/google/uuid v1.4.0 github.com/joho/godotenv v1.5.1 - github.com/lestrrat-go/jwx v1.2.26 github.com/lestrrat-go/jwx/v2 v2.0.18 github.com/lib/pq v1.10.9 github.com/magefile/mage v1.15.0 @@ -114,7 +113,6 @@ require ( github.com/kilic/bls12-381 v0.1.1-0.20210503002446-7b7597926c69 // indirect github.com/klauspost/cpuid/v2 v2.2.5 // indirect github.com/leodido/go-urn v1.2.4 // indirect - github.com/lestrrat-go/backoff/v2 v2.0.8 // indirect github.com/lestrrat-go/blackmagic v1.0.2 // indirect github.com/lestrrat-go/httpcc v1.0.1 // indirect github.com/lestrrat-go/httprc v1.0.4 // indirect diff --git a/go.sum b/go.sum index 65f81d011..fccd55848 100644 --- a/go.sum +++ b/go.sum @@ -337,9 +337,6 @@ github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY= github.com/leodido/go-urn v1.2.4 h1:XlAE/cm/ms7TE/VMVoduSpNBoyc2dOxHs5MZSwAN63Q= github.com/leodido/go-urn v1.2.4/go.mod h1:7ZrI8mTSeBSHl/UaRyKQW1qZeMgak41ANeCNaVckg+4= -github.com/lestrrat-go/backoff/v2 v2.0.8 h1:oNb5E5isby2kiro9AgdHLv5N5tint1AnDVVf2E2un5A= -github.com/lestrrat-go/backoff/v2 v2.0.8/go.mod h1:rHP/q/r9aT27n24JQLa7JhSQZCKBBOiM/uP402WwN8Y= -github.com/lestrrat-go/blackmagic v1.0.1/go.mod h1:UrEqBzIR2U6CnzVyUtfM6oZNMt/7O7Vohk2J0OGSAtU= github.com/lestrrat-go/blackmagic v1.0.2 h1:Cg2gVSc9h7sz9NOByczrbUvLopQmXrfFx//N+AkAr5k= github.com/lestrrat-go/blackmagic v1.0.2/go.mod h1:UrEqBzIR2U6CnzVyUtfM6oZNMt/7O7Vohk2J0OGSAtU= github.com/lestrrat-go/httpcc v1.0.1 h1:ydWCStUeJLkpYyjLDHihupbn2tYmZ7m22BGkcvZZrIE= @@ -348,8 +345,6 @@ github.com/lestrrat-go/httprc v1.0.4 h1:bAZymwoZQb+Oq8MEbyipag7iSq6YIga8Wj6GOiJG github.com/lestrrat-go/httprc v1.0.4/go.mod h1:mwwz3JMTPBjHUkkDv/IGJ39aALInZLrhBp0X7KGUZlo= github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI= github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4= -github.com/lestrrat-go/jwx v1.2.26 h1:4iFo8FPRZGDYe1t19mQP0zTRqA7n8HnJ5lkIiDvJcB0= -github.com/lestrrat-go/jwx v1.2.26/go.mod h1:MaiCdGbn3/cckbOFSCluJlJMmp9dmZm5hDuIkx8ftpQ= github.com/lestrrat-go/jwx/v2 v2.0.18 h1:HHZkYS5wWDDyAiNBwztEtDoX07WDhGEdixm8G06R50o= github.com/lestrrat-go/jwx/v2 v2.0.18/go.mod h1:fAJ+k5eTgKdDqanzCuK6DAt3W7n3cs2/FX7JhQdk83U= github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I= @@ -550,7 +545,6 @@ golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0= golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY= golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= diff --git a/internal/keyaccess/jwt.go b/internal/keyaccess/jwt.go index 46c3de46f..2fbb07ac2 100644 --- a/internal/keyaccess/jwt.go +++ b/internal/keyaccess/jwt.go @@ -10,7 +10,7 @@ import ( "github.com/TBD54566975/ssi-sdk/crypto/jwx" "github.com/TBD54566975/ssi-sdk/did/resolution" "github.com/goccy/go-json" - "github.com/lestrrat-go/jwx/jws" + "github.com/lestrrat-go/jwx/v2/jws" "github.com/pkg/errors" ) diff --git a/internal/util/jwt.go b/internal/util/jwt.go index 0480ef944..e3cd2e0eb 100644 --- a/internal/util/jwt.go +++ b/internal/util/jwt.go @@ -3,8 +3,8 @@ package util import ( "fmt" - "github.com/lestrrat-go/jwx/jws" - "github.com/lestrrat-go/jwx/jwt" + "github.com/lestrrat-go/jwx/v2/jws" + "github.com/lestrrat-go/jwx/v2/jwt" "github.com/tbd54566975/ssi-service/internal/keyaccess" ) @@ -20,22 +20,9 @@ func ParseJWT(token keyaccess.JWT) (*jws.Signature, jwt.Token, error) { if len(signatures) != 1 { return nil, nil, fmt.Errorf("expected 1 signature, got %d", len(signatures)) } - parsedJWT, err := jwt.Parse(tokenBytes) + parsedJWT, err := jwt.Parse(tokenBytes, jwt.WithVerify(false)) if err != nil { return nil, nil, err } return signatures[0], parsedJWT, nil } - -func GetKeyIDFromJWT(token keyaccess.JWT) (string, error) { - tokenBytes := []byte(token) - parsedJWS, err := jws.Parse(tokenBytes) - if err != nil { - return "", err - } - signatures := parsedJWS.Signatures() - if len(signatures) != 1 { - return "", fmt.Errorf("expected 1 signature, got %d", len(signatures)) - } - return signatures[0].ProtectedHeaders().KeyID(), nil -} diff --git a/pkg/service/manifest/manifest.go b/pkg/service/manifest/manifest.go index 9c2f39156..47c5e2dbb 100644 --- a/pkg/service/manifest/manifest.go +++ b/pkg/service/manifest/manifest.go @@ -6,8 +6,8 @@ import ( "github.com/TBD54566975/ssi-sdk/credential/manifest" sdkutil "github.com/TBD54566975/ssi-sdk/util" "github.com/goccy/go-json" - "github.com/lestrrat-go/jwx/jws" - "github.com/lestrrat-go/jwx/jwt" + "github.com/lestrrat-go/jwx/v2/jws" + "github.com/lestrrat-go/jwx/v2/jwt" didint "github.com/tbd54566975/ssi-service/internal/did" "github.com/tbd54566975/ssi-service/internal/keyaccess" @@ -29,7 +29,7 @@ func (s Service) verifyManifestJWT(ctx context.Context, token keyaccess.JWT) (*m } // parse token - parsed, err := jwt.Parse([]byte(token)) + parsed, err := jwt.Parse([]byte(token), jwt.WithVerify(false)) if err != nil { return nil, sdkutil.LoggingErrorMsg(err, "could not parse JWT") } diff --git a/pkg/service/presentation/service.go b/pkg/service/presentation/service.go index 6a2b801cd..0af344b5d 100644 --- a/pkg/service/presentation/service.go +++ b/pkg/service/presentation/service.go @@ -8,7 +8,7 @@ import ( "github.com/TBD54566975/ssi-sdk/credential/integrity" "github.com/TBD54566975/ssi-sdk/did/resolution" sdkutil "github.com/TBD54566975/ssi-sdk/util" - "github.com/lestrrat-go/jwx/jws" + "github.com/lestrrat-go/jwx/v2/jws" "github.com/pkg/errors" "github.com/sirupsen/logrus"