From 7e2c22f99b304236bb1bf204e9bd9e73e65d41db Mon Sep 17 00:00:00 2001 From: Livio Amstutz Date: Thu, 6 Feb 2020 07:24:28 +0100 Subject: [PATCH] fix: make checkKey public --- pkg/rp/jwks.go | 14 ++------------ pkg/rp/jws.go | 15 +++++++++++++++ 2 files changed, 17 insertions(+), 12 deletions(-) create mode 100644 pkg/rp/jws.go diff --git a/pkg/rp/jwks.go b/pkg/rp/jwks.go index 45ab9f4..97b1e6f 100644 --- a/pkg/rp/jwks.go +++ b/pkg/rp/jwks.go @@ -74,7 +74,7 @@ func (r *remoteKeySet) VerifySignature(ctx context.Context, jws *jose.JSONWebSig } keys := r.keysFromCache() - payload, err, ok := checkKey(keyID, keys, jws) + payload, err, ok := CheckKey(keyID, keys, jws) if ok { return payload, err } @@ -84,7 +84,7 @@ func (r *remoteKeySet) VerifySignature(ctx context.Context, jws *jose.JSONWebSig return nil, fmt.Errorf("fetching keys %v", err) } - payload, err, ok = checkKey(keyID, keys, jws) + payload, err, ok = CheckKey(keyID, keys, jws) if !ok { return nil, errors.New("invalid kid") } @@ -154,13 +154,3 @@ func (r *remoteKeySet) fetchRemoteKeys(ctx context.Context) ([]jose.JSONWebKey, return keySet.Keys, nil } - -func checkKey(keyID string, keys []jose.JSONWebKey, jws *jose.JSONWebSignature) ([]byte, error, bool) { - for _, key := range keys { - if keyID == "" || key.KeyID == keyID { - payload, err := jws.Verify(&key) - return payload, err, true - } - } - return nil, nil, false -} diff --git a/pkg/rp/jws.go b/pkg/rp/jws.go new file mode 100644 index 0000000..20ab896 --- /dev/null +++ b/pkg/rp/jws.go @@ -0,0 +1,15 @@ +package rp + +import ( + "gopkg.in/square/go-jose.v2" +) + +func CheckKey(keyID string, keys []jose.JSONWebKey, jws *jose.JSONWebSignature) ([]byte, error, bool) { + for _, key := range keys { + if keyID == "" || key.KeyID == keyID { + payload, err := jws.Verify(&key) + return payload, err, true + } + } + return nil, nil, false +}