Skip to content
This repository has been archived by the owner on Dec 12, 2024. It is now read-only.

Commit

Permalink
Upgrading go version (#722)
Browse files Browse the repository at this point in the history
* Upgrading go version

* Upgrade lint

* Remove v1 of lestrrat-go which had a vuln
  • Loading branch information
andresuribe87 authored Dec 27, 2023
1 parent 8f87d43 commit 653901c
Show file tree
Hide file tree
Showing 12 changed files with 17 additions and 38 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ jobs:
- name: Set up Go
uses: actions/setup-go@v3
with:
go-version: 1.21.4
go-version: 1.21.5
cache: true

- name: Install Mage
Expand All @@ -37,7 +37,7 @@ jobs:
- name: Set up Go
uses: actions/setup-go@v3
with:
go-version: 1.21.4
go-version: 1.21.5
cache: true

- name: Install mage
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/golangci-lint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,14 +20,14 @@ jobs:
- name: Set up Go
uses: actions/setup-go@v3
with:
go-version: 1.21.4
go-version: 1.21.5
cache: true

- name: golangci-lint
uses: golangci/golangci-lint-action@v3
with:
# Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version
version: v1.51
version: v1.55.2

# Optional: working directory, useful for monorepos
# working-directory: somedir
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/integration.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ jobs:
- name: Set up Go
uses: actions/setup-go@v3
with:
go-version: 1.21.4
go-version: 1.21.5
cache: true

- name: Install Mage
Expand Down
4 changes: 2 additions & 2 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ When you're ready you may:

| Requirement | Tested Version | Installation Instructions |
|----------------|----------------|---------------------------------------------------------------------------------------------------|
| Go | 1.21.4 | [go.dev](https://go.dev/doc/install) |
| Go | 1.21.5 | [go.dev](https://go.dev/doc/install) |
| Mage | 1.13.0-6 | [magefile.org](https://magefile.org/) |
| golangci-lint | 1.52.2 | [golangci-lint.run](https://golangci-lint.run/usage/install/#local-installation) |

Expand All @@ -24,7 +24,7 @@ You may verify your `go` installation via the terminal:

```
$> go version
go version go1.21.4 darwin/amd64
go version go1.21.5 darwin/amd64
```

If you do not have go, we recommend installing it by:
Expand Down
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
[![godoc ssi-service](https://img.shields.io/badge/godoc-ssi--service-blue)](https://github.com/TBD54566975/ssi-service)
[![go version 1.21.4](https://img.shields.io/badge/go_version-1.21.4-brightgreen)](https://go.dev/)
[![go version 1.21.5](https://img.shields.io/badge/go_version-1.21.5-brightgreen)](https://go.dev/)
[![license Apache 2](https://img.shields.io/badge/license-Apache%202-black)](https://github.com/TBD54566975/ssi-service/blob/main/LICENSE)
[![issues](https://img.shields.io/github/issues/TBD54566975/ssi-service)](https://github.com/TBD54566975/ssi-service/issues)
![push](https://github.com/TBD54566975/ssi-service/workflows/ssi-service-ci/badge.svg?branch=main&event=push)
Expand Down
2 changes: 1 addition & 1 deletion build/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM golang:1.21.4-alpine
FROM golang:1.21.5-alpine

# Create directory for our app inside the container
WORKDIR /app
Expand Down
2 changes: 0 additions & 2 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,6 @@ require (
github.com/google/tink/go v1.7.0
github.com/google/uuid v1.4.0
github.com/joho/godotenv v1.5.1
github.com/lestrrat-go/jwx v1.2.26
github.com/lestrrat-go/jwx/v2 v2.0.18
github.com/lib/pq v1.10.9
github.com/magefile/mage v1.15.0
Expand Down Expand Up @@ -114,7 +113,6 @@ require (
github.com/kilic/bls12-381 v0.1.1-0.20210503002446-7b7597926c69 // indirect
github.com/klauspost/cpuid/v2 v2.2.5 // indirect
github.com/leodido/go-urn v1.2.4 // indirect
github.com/lestrrat-go/backoff/v2 v2.0.8 // indirect
github.com/lestrrat-go/blackmagic v1.0.2 // indirect
github.com/lestrrat-go/httpcc v1.0.1 // indirect
github.com/lestrrat-go/httprc v1.0.4 // indirect
Expand Down
6 changes: 0 additions & 6 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -337,9 +337,6 @@ github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY=
github.com/leodido/go-urn v1.2.4 h1:XlAE/cm/ms7TE/VMVoduSpNBoyc2dOxHs5MZSwAN63Q=
github.com/leodido/go-urn v1.2.4/go.mod h1:7ZrI8mTSeBSHl/UaRyKQW1qZeMgak41ANeCNaVckg+4=
github.com/lestrrat-go/backoff/v2 v2.0.8 h1:oNb5E5isby2kiro9AgdHLv5N5tint1AnDVVf2E2un5A=
github.com/lestrrat-go/backoff/v2 v2.0.8/go.mod h1:rHP/q/r9aT27n24JQLa7JhSQZCKBBOiM/uP402WwN8Y=
github.com/lestrrat-go/blackmagic v1.0.1/go.mod h1:UrEqBzIR2U6CnzVyUtfM6oZNMt/7O7Vohk2J0OGSAtU=
github.com/lestrrat-go/blackmagic v1.0.2 h1:Cg2gVSc9h7sz9NOByczrbUvLopQmXrfFx//N+AkAr5k=
github.com/lestrrat-go/blackmagic v1.0.2/go.mod h1:UrEqBzIR2U6CnzVyUtfM6oZNMt/7O7Vohk2J0OGSAtU=
github.com/lestrrat-go/httpcc v1.0.1 h1:ydWCStUeJLkpYyjLDHihupbn2tYmZ7m22BGkcvZZrIE=
Expand All @@ -348,8 +345,6 @@ github.com/lestrrat-go/httprc v1.0.4 h1:bAZymwoZQb+Oq8MEbyipag7iSq6YIga8Wj6GOiJG
github.com/lestrrat-go/httprc v1.0.4/go.mod h1:mwwz3JMTPBjHUkkDv/IGJ39aALInZLrhBp0X7KGUZlo=
github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI=
github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4=
github.com/lestrrat-go/jwx v1.2.26 h1:4iFo8FPRZGDYe1t19mQP0zTRqA7n8HnJ5lkIiDvJcB0=
github.com/lestrrat-go/jwx v1.2.26/go.mod h1:MaiCdGbn3/cckbOFSCluJlJMmp9dmZm5hDuIkx8ftpQ=
github.com/lestrrat-go/jwx/v2 v2.0.18 h1:HHZkYS5wWDDyAiNBwztEtDoX07WDhGEdixm8G06R50o=
github.com/lestrrat-go/jwx/v2 v2.0.18/go.mod h1:fAJ+k5eTgKdDqanzCuK6DAt3W7n3cs2/FX7JhQdk83U=
github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I=
Expand Down Expand Up @@ -550,7 +545,6 @@ golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm
golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0=
golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY=
golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
Expand Down
2 changes: 1 addition & 1 deletion internal/keyaccess/jwt.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ import (
"github.com/TBD54566975/ssi-sdk/crypto/jwx"
"github.com/TBD54566975/ssi-sdk/did/resolution"
"github.com/goccy/go-json"
"github.com/lestrrat-go/jwx/jws"
"github.com/lestrrat-go/jwx/v2/jws"
"github.com/pkg/errors"
)

Expand Down
19 changes: 3 additions & 16 deletions internal/util/jwt.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@ package util
import (
"fmt"

"github.com/lestrrat-go/jwx/jws"
"github.com/lestrrat-go/jwx/jwt"
"github.com/lestrrat-go/jwx/v2/jws"
"github.com/lestrrat-go/jwx/v2/jwt"

"github.com/tbd54566975/ssi-service/internal/keyaccess"
)
Expand All @@ -20,22 +20,9 @@ func ParseJWT(token keyaccess.JWT) (*jws.Signature, jwt.Token, error) {
if len(signatures) != 1 {
return nil, nil, fmt.Errorf("expected 1 signature, got %d", len(signatures))
}
parsedJWT, err := jwt.Parse(tokenBytes)
parsedJWT, err := jwt.Parse(tokenBytes, jwt.WithVerify(false))
if err != nil {
return nil, nil, err
}
return signatures[0], parsedJWT, nil
}

func GetKeyIDFromJWT(token keyaccess.JWT) (string, error) {
tokenBytes := []byte(token)
parsedJWS, err := jws.Parse(tokenBytes)
if err != nil {
return "", err
}
signatures := parsedJWS.Signatures()
if len(signatures) != 1 {
return "", fmt.Errorf("expected 1 signature, got %d", len(signatures))
}
return signatures[0].ProtectedHeaders().KeyID(), nil
}
6 changes: 3 additions & 3 deletions pkg/service/manifest/manifest.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ import (
"github.com/TBD54566975/ssi-sdk/credential/manifest"
sdkutil "github.com/TBD54566975/ssi-sdk/util"
"github.com/goccy/go-json"
"github.com/lestrrat-go/jwx/jws"
"github.com/lestrrat-go/jwx/jwt"
"github.com/lestrrat-go/jwx/v2/jws"
"github.com/lestrrat-go/jwx/v2/jwt"

didint "github.com/tbd54566975/ssi-service/internal/did"
"github.com/tbd54566975/ssi-service/internal/keyaccess"
Expand All @@ -29,7 +29,7 @@ func (s Service) verifyManifestJWT(ctx context.Context, token keyaccess.JWT) (*m
}

// parse token
parsed, err := jwt.Parse([]byte(token))
parsed, err := jwt.Parse([]byte(token), jwt.WithVerify(false))
if err != nil {
return nil, sdkutil.LoggingErrorMsg(err, "could not parse JWT")
}
Expand Down
2 changes: 1 addition & 1 deletion pkg/service/presentation/service.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ import (
"github.com/TBD54566975/ssi-sdk/credential/integrity"
"github.com/TBD54566975/ssi-sdk/did/resolution"
sdkutil "github.com/TBD54566975/ssi-sdk/util"
"github.com/lestrrat-go/jwx/jws"
"github.com/lestrrat-go/jwx/v2/jws"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"

Expand Down

0 comments on commit 653901c

Please sign in to comment.