diff --git a/cmd/jwt.go b/cmd/jwt.go index 78a26b612..3243fbd5b 100644 --- a/cmd/jwt.go +++ b/cmd/jwt.go @@ -22,8 +22,8 @@ import ( "net/http" "time" - jwtgo "github.com/dgrijalva/jwt-go" - jwtreq "github.com/dgrijalva/jwt-go/request" + jwtgo "github.com/golang-jwt/jwt" + jwtreq "github.com/golang-jwt/jwt/request" "github.com/minio/minio/internal/auth" xjwt "github.com/minio/minio/internal/jwt" "github.com/minio/minio/internal/logger" diff --git a/cmd/jwt_test.go b/cmd/jwt_test.go index beea929d2..b95c429d4 100644 --- a/cmd/jwt_test.go +++ b/cmd/jwt_test.go @@ -22,7 +22,7 @@ import ( "os" "testing" - jwtgo "github.com/dgrijalva/jwt-go" + jwtgo "github.com/golang-jwt/jwt" "github.com/minio/minio/internal/auth" xjwt "github.com/minio/minio/internal/jwt" ) diff --git a/cmd/storage-rest-server.go b/cmd/storage-rest-server.go index cfcf9d25b..872a14a8a 100644 --- a/cmd/storage-rest-server.go +++ b/cmd/storage-rest-server.go @@ -37,7 +37,7 @@ import ( "github.com/tinylib/msgp/msgp" - jwtreq "github.com/dgrijalva/jwt-go/request" + jwtreq "github.com/golang-jwt/jwt/request" "github.com/gorilla/mux" "github.com/minio/minio/internal/config" xhttp "github.com/minio/minio/internal/http" diff --git a/go.mod b/go.mod index 7238d3f10..8f27f4a64 100644 --- a/go.mod +++ b/go.mod @@ -17,7 +17,6 @@ require ( github.com/colinmarc/hdfs/v2 v2.2.0 github.com/coredns/coredns v1.4.0 github.com/dchest/siphash v1.2.1 - github.com/dgrijalva/jwt-go v3.2.0+incompatible github.com/djherbis/atime v1.0.0 github.com/dswarbrick/smart v0.0.0-20190505152634-909a45200d6d github.com/dustin/go-humanize v1.0.0 @@ -27,6 +26,7 @@ require ( github.com/go-ldap/ldap/v3 v3.2.4 github.com/go-openapi/loads v0.20.2 github.com/go-sql-driver/mysql v1.5.0 + github.com/golang-jwt/jwt v3.2.1+incompatible github.com/gomodule/redigo v2.0.0+incompatible github.com/google/uuid v1.1.2 github.com/gorilla/mux v1.8.0 diff --git a/go.sum b/go.sum index 2edec322b..e4c73ef62 100644 --- a/go.sum +++ b/go.sum @@ -533,6 +533,8 @@ github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d/go.mod h1:SlYgWuQ5 github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/golang-jwt/jwt v3.2.1+incompatible h1:73Z+4BJcrTC+KczS6WvTPvRGOp1WmfEP4Q1lOd9Z/+c= +github.com/golang-jwt/jwt v3.2.1+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I= github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b h1:VKtxabqXZkF25pY9ekfRL6a582T4P37/31XEstQ5p58= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= diff --git a/internal/auth/credentials.go b/internal/auth/credentials.go index ba0d28024..fe59353b7 100644 --- a/internal/auth/credentials.go +++ b/internal/auth/credentials.go @@ -28,7 +28,7 @@ import ( "strings" "time" - jwtgo "github.com/dgrijalva/jwt-go" + jwtgo "github.com/golang-jwt/jwt" "github.com/minio/minio/internal/jwt" ) diff --git a/internal/config/dns/operator_dns.go b/internal/config/dns/operator_dns.go index 0dbf802b2..5b5e0f1b7 100644 --- a/internal/config/dns/operator_dns.go +++ b/internal/config/dns/operator_dns.go @@ -31,7 +31,7 @@ import ( "strings" "time" - "github.com/dgrijalva/jwt-go" + "github.com/golang-jwt/jwt" "github.com/minio/minio/internal/config" xhttp "github.com/minio/minio/internal/http" ) diff --git a/internal/config/identity/openid/ecdsa-sha3_contrib.go b/internal/config/identity/openid/ecdsa-sha3_contrib.go index 1a9a367c7..37a02db11 100644 --- a/internal/config/identity/openid/ecdsa-sha3_contrib.go +++ b/internal/config/identity/openid/ecdsa-sha3_contrib.go @@ -18,7 +18,7 @@ package openid import ( "crypto" - "github.com/dgrijalva/jwt-go" + "github.com/golang-jwt/jwt" // Needed for SHA3 to work - See: https://golang.org/src/crypto/crypto.go?s=1034:1288 _ "golang.org/x/crypto/sha3" // There is no SHA-3 FIPS-140 2 compliant implementation diff --git a/internal/config/identity/openid/jwt.go b/internal/config/identity/openid/jwt.go index 84447ae74..b16cd6696 100644 --- a/internal/config/identity/openid/jwt.go +++ b/internal/config/identity/openid/jwt.go @@ -29,7 +29,7 @@ import ( "sync" "time" - jwtgo "github.com/dgrijalva/jwt-go" + jwtgo "github.com/golang-jwt/jwt" "github.com/minio/minio/internal/auth" "github.com/minio/minio/internal/config" "github.com/minio/pkg/env" diff --git a/internal/config/identity/openid/rsa-sha3_contrib.go b/internal/config/identity/openid/rsa-sha3_contrib.go index bba855849..49fee73eb 100644 --- a/internal/config/identity/openid/rsa-sha3_contrib.go +++ b/internal/config/identity/openid/rsa-sha3_contrib.go @@ -19,7 +19,7 @@ package openid import ( "crypto" - "github.com/dgrijalva/jwt-go" + "github.com/golang-jwt/jwt" // Needed for SHA3 to work - See: https://golang.org/src/crypto/crypto.go?s=1034:1288 _ "golang.org/x/crypto/sha3" // There is no SHA-3 FIPS-140 2 compliant implementation diff --git a/internal/jwt/parser.go b/internal/jwt/parser.go index f54335e77..f2807eb7a 100644 --- a/internal/jwt/parser.go +++ b/internal/jwt/parser.go @@ -19,8 +19,8 @@ package jwt // This file is a re-implementation of the original code here with some // additional allocation tweaks reproduced using GODEBUG=allocfreetrace=1 -// original file https://github.com/dgrijalva/jwt-go/blob/master/parser.go -// borrowed under MIT License https://github.com/dgrijalva/jwt-go/blob/master/LICENSE +// original file https://github.com/golang-jwt/jwt/blob/main/parser.go +// borrowed under MIT License https://github.com/golang-jwt/jwt/blob/main/LICENSE import ( "crypto" @@ -31,7 +31,7 @@ import ( "sync" "time" - jwtgo "github.com/dgrijalva/jwt-go" + jwtgo "github.com/golang-jwt/jwt" jsoniter "github.com/json-iterator/go" ) @@ -117,7 +117,7 @@ func (c *StandardClaims) SetAccessKey(accessKey string) { c.AccessKey = accessKey } -// Valid - implements https://godoc.org/github.com/dgrijalva/jwt-go#Claims compatible +// Valid - implements https://godoc.org/github.com/golang-jwt/jwt#Claims compatible // claims interface, additionally validates "accessKey" fields. func (c *StandardClaims) Valid() error { if err := c.StandardClaims.Valid(); err != nil { @@ -162,7 +162,7 @@ func (c *MapClaims) SetAccessKey(accessKey string) { c.MapClaims["accessKey"] = accessKey } -// Valid - implements https://godoc.org/github.com/dgrijalva/jwt-go#Claims compatible +// Valid - implements https://godoc.org/github.com/golang-jwt/jwt#Claims compatible // claims interface, additionally validates "accessKey" fields. func (c *MapClaims) Valid() error { if err := c.MapClaims.Valid(); err != nil { diff --git a/internal/jwt/parser_test.go b/internal/jwt/parser_test.go index be604ce67..5f0fcfdc3 100644 --- a/internal/jwt/parser_test.go +++ b/internal/jwt/parser_test.go @@ -19,15 +19,15 @@ package jwt // This file is a re-implementation of the original code here with some // additional allocation tweaks reproduced using GODEBUG=allocfreetrace=1 -// original file https://github.com/dgrijalva/jwt-go/blob/master/parser.go -// borrowed under MIT License https://github.com/dgrijalva/jwt-go/blob/master/LICENSE +// original file https://github.com/golang-jwt/jwt/blob/main/parser.go +// borrowed under MIT License https://github.com/golang-jwt/jwt/blob/main/LICENSE import ( "fmt" "testing" "time" - "github.com/dgrijalva/jwt-go" + "github.com/golang-jwt/jwt" ) var (