diff --git a/go.mod b/go.mod index 262f1037..ce341335 100644 --- a/go.mod +++ b/go.mod @@ -14,7 +14,7 @@ require ( github.com/fasthttp/session/v2 v2.4.3 github.com/go-ldap/ldap/v3 v3.4.1 github.com/go-sql-driver/mysql v1.6.0 - github.com/golang-jwt/jwt/v4 v4.0.0 + github.com/golang-jwt/jwt/v4 v4.1.0 github.com/golang/mock v1.6.0 github.com/google/uuid v1.3.0 github.com/jackc/pgx/v4 v4.13.0 diff --git a/go.sum b/go.sum index f9a62c54..7891b54a 100644 --- a/go.sum +++ b/go.sum @@ -575,8 +575,8 @@ github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7a github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang-jwt/jwt/v4 v4.0.0 h1:RAqyYixv1p7uEnocuy8P1nru5wprCh/MH2BIlW5z5/o= -github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= +github.com/golang-jwt/jwt/v4 v4.1.0 h1:XUgk2Ex5veyVFVeLm0xhusUTQybEbexJXrvPNOKkSY0= +github.com/golang-jwt/jwt/v4 v4.1.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k= github.com/golang/gddo v0.0.0-20180828051604-96d2a289f41e/go.mod h1:xEhNfoBDX1hzLm2Nf80qUvZ2sVwoMZ8d6IE2SrsQfh4= github.com/golang/gddo v0.0.0-20190904175337-72a348e765d2/go.mod h1:xEhNfoBDX1hzLm2Nf80qUvZ2sVwoMZ8d6IE2SrsQfh4= diff --git a/internal/handlers/handler_register_u2f_step1_test.go b/internal/handlers/handler_register_u2f_step1_test.go index 28d89c56..b779d31c 100644 --- a/internal/handlers/handler_register_u2f_step1_test.go +++ b/internal/handlers/handler_register_u2f_step1_test.go @@ -36,9 +36,11 @@ func (s *HandlerRegisterU2FStep1Suite) TearDownTest() { func createToken(secret string, username string, action string, expiresAt time.Time) string { claims := &middlewares.IdentityVerificationClaim{ - StandardClaims: jwt.StandardClaims{ - ExpiresAt: expiresAt.Unix(), - Issuer: "Authelia", + RegisteredClaims: jwt.RegisteredClaims{ + ExpiresAt: &jwt.NumericDate{ + Time: expiresAt, + }, + Issuer: "Authelia", }, Action: action, Username: username, diff --git a/internal/middlewares/identity_verification.go b/internal/middlewares/identity_verification.go index c856ee02..47fa6eca 100644 --- a/internal/middlewares/identity_verification.go +++ b/internal/middlewares/identity_verification.go @@ -30,12 +30,14 @@ func IdentityVerificationStart(args IdentityVerificationStartArgs) RequestHandle // Create the claim with the action to sign it. claims := &IdentityVerificationClaim{ - jwt.StandardClaims{ - ExpiresAt: time.Now().Add(5 * time.Minute).Unix(), - Issuer: jwtIssuer, + RegisteredClaims: jwt.RegisteredClaims{ + ExpiresAt: &jwt.NumericDate{ + Time: time.Now().Add(5 * time.Minute), + }, + Issuer: jwtIssuer, }, - args.ActionClaim, - identity.Username, + Action: args.ActionClaim, + Username: identity.Username, } token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) ss, err := token.SignedString([]byte(ctx.Configuration.JWTSecret)) diff --git a/internal/middlewares/identity_verification_test.go b/internal/middlewares/identity_verification_test.go index 0be80afc..395657f4 100644 --- a/internal/middlewares/identity_verification_test.go +++ b/internal/middlewares/identity_verification_test.go @@ -166,12 +166,14 @@ func (s *IdentityVerificationFinishProcess) TearDownTest() { func createToken(secret string, username string, action string, expiresAt time.Time) string { claims := &middlewares.IdentityVerificationClaim{ - jwt.StandardClaims{ - ExpiresAt: expiresAt.Unix(), - Issuer: "Authelia", + RegisteredClaims: jwt.RegisteredClaims{ + ExpiresAt: &jwt.NumericDate{ + Time: expiresAt, + }, + Issuer: "Authelia", }, - action, - username, + Action: action, + Username: username, } token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) ss, _ := token.SignedString([]byte(secret)) diff --git a/internal/middlewares/types.go b/internal/middlewares/types.go index a02d2cd7..b797f4f8 100644 --- a/internal/middlewares/types.go +++ b/internal/middlewares/types.go @@ -88,7 +88,7 @@ type IdentityVerificationFinishArgs struct { // IdentityVerificationClaim custom claim for specifying the action claim. // The action can be to register a TOTP device, a U2F device or reset one's password. type IdentityVerificationClaim struct { - jwt.StandardClaims + jwt.RegisteredClaims // The action this token has been crafted for. Action string `json:"action"`