TestNew_hmac, TestNew_rsa

Author: CarsonSlovoka

parser/parser.go

@@ -171,7 +171,7 @@ func (p *Parser) parseHeader(headerStr string) (map[string]any, error) {
 		return nil, fmt.Errorf("failed to parse header: %w %w", err, jwt.ErrTokenMalformed)
 	}
 	if header["typ"] != "JWT" {
-		return nil, fmt.Errorf("invalid token type: %s %w", header["typ"], jwt.ErrTokenMalformed)
+		return nil, fmt.Errorf("invalid token type: %v %w", header["typ"], jwt.ErrTokenMalformed)
 	}
 	algName, ok := header["alg"]
 	if !ok {

rsa.go

@@ -58,11 +58,11 @@ func (m *SigningMethodRSA) Verify(
 	hasher := m.Hash.New()
 	hasher.Write(signingBytes)
 
-	if rsa.VerifyPKCS1v15(
+	if err = rsa.VerifyPKCS1v15(
 		publicKey,
 		m.Hash, hasher.Sum(nil),
 		signature, // 計算出來的雜湊值+公鑰+之前的簽名，可以知道是否同源
-	) != nil {
+	); err != nil {
 		return fmt.Errorf("%w %w", err, ErrSignatureInvalid)
 	}
 	return nil

token_test.go

@@ -8,9 +8,44 @@ import (
 	"encoding/base64"
 	"github.com/CarsonSlovoka/go-jwt"
 	"github.com/CarsonSlovoka/go-jwt/parser"
+	"github.com/CarsonSlovoka/go-jwt/validator"
 	"testing"
 )
 
+func TestNew_hmac(t *testing.T) {
+	token := jwt.NewWithClaims(
+		jwt.SigningMethodHMAC256,
+
+		// 指定所有你想要的Claims
+		// 如果要擴展可以用MapClaims或者自定義struct把RegisteredClaims加入，可以參考:
+		// https://github.com/CarsonSlovoka/jwt/blob/5ff3ea21d7624f73baf3f2cd7c89ba5p a4129dedb/validator/validator_test.go#L11-L37
+		jwt.RegisteredClaims{
+			Issuer: "c.example.com",
+		},
+	)
+	// token.Header["xx"] = "" // 如果有需要自定義Header可以後補上
+	privateKey := []byte("key")
+	bsSignature, err := token.SignedBytes(privateKey)
+	if err != nil {
+		t.Fatal(err)
+	}
+	p := parser.New(func(v *validator.Validator) {
+		v.ExpectedIssuer = "c.example.com"
+		v.VerifyIat = true
+	})
+	vdFunc, err := p.Parse(string(bsSignature), func(method string) (jwt.ISigningMethod, error) {
+		return jwt.SigningMethodHMAC256, nil
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err = vdFunc(nil, nil, func(token *jwt.Token) (key any, err error) {
+		return privateKey, nil
+	}); err != nil {
+		t.Fatal(err)
+	}
+}
+
 func TestToken_SignedBytes_hmac(t *testing.T) {
 	token := jwt.NewWithClaims(jwt.SigningMethodHMAC256, jwt.MapClaims{})
 	privateKey := []byte("helloWorld")
@@ -61,6 +96,29 @@ func TestToken_SignedBytes_rsa(t *testing.T) {
 	}
 }
 
+func TestNew_rsa(t *testing.T) {
+	rsaKey, _ := rsa.GenerateKey(rand.Reader, 2048)
+	token := jwt.New(jwt.SigningMethodRSA256)
+	bsSignature, err := token.SignedBytes(rsaKey)
+	if err != nil {
+		t.Fatal(err)
+	}
+	vdFunc, err := parser.New().Parse(
+		string(bsSignature),
+		func(method string) (jwt.ISigningMethod, error) {
+			return jwt.SigningMethodRSA256, nil
+		},
+	)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err = vdFunc(nil, nil, func(token *jwt.Token) (key any, err error) {
+		return &rsaKey.PublicKey, nil
+	}); err != nil {
+		t.Fatal(err)
+	}
+}
+
 func TestNew_ed25519(t *testing.T) {
 	token := jwt.New(&jwt.SigningMethodED25519{})
 	publicKey, privateKey, _ := ed25519.GenerateKey(rand.Reader)