diff options
Diffstat (limited to 'vendor/golang.org/x/oauth2/jws')
-rw-r--r-- | vendor/golang.org/x/oauth2/jws/jws.go | 44 |
1 files changed, 16 insertions, 28 deletions
diff --git a/vendor/golang.org/x/oauth2/jws/jws.go b/vendor/golang.org/x/oauth2/jws/jws.go index 2343443..683d2d2 100644 --- a/vendor/golang.org/x/oauth2/jws/jws.go +++ b/vendor/golang.org/x/oauth2/jws/jws.go @@ -2,8 +2,16 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// Package jws provides encoding and decoding utilities for -// signed JWS messages. +// Package jws provides a partial implementation +// of JSON Web Signature encoding and decoding. +// It exists to support the golang.org/x/oauth2 package. +// +// See RFC 7515. +// +// Deprecated: this package is not intended for public use and might be +// removed in the future. It exists for internal use only. +// Please switch to another JWS package or copy this package into your own +// source tree. package jws // import "golang.org/x/oauth2/jws" import ( @@ -64,7 +72,7 @@ func (c *ClaimSet) encode() (string, error) { } if len(c.PrivateClaims) == 0 { - return base64Encode(b), nil + return base64.RawURLEncoding.EncodeToString(b), nil } // Marshal private claim set and then append it to b. @@ -82,7 +90,7 @@ func (c *ClaimSet) encode() (string, error) { } b[len(b)-1] = ',' // Replace closing curly brace with a comma. b = append(b, prv[1:]...) // Append private claims. - return base64Encode(b), nil + return base64.RawURLEncoding.EncodeToString(b), nil } // Header represents the header for the signed JWS payloads. @@ -102,7 +110,7 @@ func (h *Header) encode() (string, error) { if err != nil { return "", err } - return base64Encode(b), nil + return base64.RawURLEncoding.EncodeToString(b), nil } // Decode decodes a claim set from a JWS payload. @@ -113,7 +121,7 @@ func Decode(payload string) (*ClaimSet, error) { // TODO(jbd): Provide more context about the error. return nil, errors.New("jws: invalid token received") } - decoded, err := base64Decode(s[1]) + decoded, err := base64.RawURLEncoding.DecodeString(s[1]) if err != nil { return nil, err } @@ -140,7 +148,7 @@ func EncodeWithSigner(header *Header, c *ClaimSet, sg Signer) (string, error) { if err != nil { return "", err } - return fmt.Sprintf("%s.%s", ss, base64Encode(sig)), nil + return fmt.Sprintf("%s.%s", ss, base64.RawURLEncoding.EncodeToString(sig)), nil } // Encode encodes a signed JWS with provided header and claim set. @@ -163,7 +171,7 @@ func Verify(token string, key *rsa.PublicKey) error { } signedContent := parts[0] + "." + parts[1] - signatureString, err := base64Decode(parts[2]) + signatureString, err := base64.RawURLEncoding.DecodeString(parts[2]) if err != nil { return err } @@ -172,23 +180,3 @@ func Verify(token string, key *rsa.PublicKey) error { h.Write([]byte(signedContent)) return rsa.VerifyPKCS1v15(key, crypto.SHA256, h.Sum(nil), []byte(signatureString)) } - -// base64Encode returns and Base64url encoded version of the input string with any -// trailing "=" stripped. -func base64Encode(b []byte) string { - return strings.TrimRight(base64.URLEncoding.EncodeToString(b), "=") -} - -// base64Decode decodes the Base64url encoded string -func base64Decode(s string) ([]byte, error) { - // add back missing padding - switch len(s) % 4 { - case 1: - s += "===" - case 2: - s += "==" - case 3: - s += "=" - } - return base64.URLEncoding.DecodeString(s) -} |