From 6d942c7d3080ffbd1b33a88d7329ec474fff0a04 Mon Sep 17 00:00:00 2001 From: Gani Georgiev Date: Fri, 29 Dec 2023 21:25:32 +0200 Subject: [PATCH] docs fixes commits from develop --- daos/admin.go | 4 ++-- daos/record.go | 4 ++-- forms/apple_client_secret_create.go | 4 ++-- tools/security/jwt.go | 8 ++++---- tools/security/jwt_test.go | 20 ++++++++++---------- 5 files changed, 20 insertions(+), 20 deletions(-) diff --git a/daos/admin.go b/daos/admin.go index 9695273c..9e941fa4 100644 --- a/daos/admin.go +++ b/daos/admin.go @@ -46,9 +46,9 @@ func (dao *Dao) FindAdminByEmail(email string) (*models.Admin, error) { return model, nil } -// FindAdminByToken finds the admin associated with the provided JWT token. +// FindAdminByToken finds the admin associated with the provided JWT. // -// Returns an error if the JWT token is invalid or expired. +// Returns an error if the JWT is invalid or expired. func (dao *Dao) FindAdminByToken(token string, baseTokenKey string) (*models.Admin, error) { // @todo consider caching the unverified claims unverifiedClaims, err := security.ParseUnverifiedJWT(token) diff --git a/daos/record.go b/daos/record.go index 4f4a67b8..9b6b55df 100644 --- a/daos/record.go +++ b/daos/record.go @@ -409,9 +409,9 @@ func (dao *Dao) IsRecordValueUnique( return query.Row(&exists) == nil && !exists } -// FindAuthRecordByToken finds the auth record associated with the provided JWT token. +// FindAuthRecordByToken finds the auth record associated with the provided JWT. // -// Returns an error if the JWT token is invalid, expired or not associated to an auth collection record. +// Returns an error if the JWT is invalid, expired or not associated to an auth collection record. func (dao *Dao) FindAuthRecordByToken(token string, baseTokenKey string) (*models.Record, error) { unverifiedClaims, err := security.ParseUnverifiedJWT(token) if err != nil { diff --git a/forms/apple_client_secret_create.go b/forms/apple_client_secret_create.go index fe604126..72a47e95 100644 --- a/forms/apple_client_secret_create.go +++ b/forms/apple_client_secret_create.go @@ -12,7 +12,7 @@ import ( var privateKeyRegex = regexp.MustCompile(`(?m)-----BEGIN PRIVATE KEY----[\s\S]+-----END PRIVATE KEY-----`) -// AppleClientSecretCreate is a [models.Admin] upsert (create/update) form. +// AppleClientSecretCreate is a form struct to generate a new Apple Client Secret. // // Reference: https://developer.apple.com/documentation/sign_in_with_apple/generate_and_validate_tokens type AppleClientSecretCreate struct { @@ -33,7 +33,7 @@ type AppleClientSecretCreate struct { // Usually wrapped within -----BEGIN PRIVATE KEY----- X -----END PRIVATE KEY-----. PrivateKey string `form:"privateKey" json:"privateKey"` - // Duration specifies how long the generated JWT token should be considered valid. + // Duration specifies how long the generated JWT should be considered valid. // The specified value must be in seconds and max 15777000 (~6months). Duration int `form:"duration" json:"duration"` } diff --git a/tools/security/jwt.go b/tools/security/jwt.go index b26814f3..83c818db 100644 --- a/tools/security/jwt.go +++ b/tools/security/jwt.go @@ -7,7 +7,7 @@ import ( "github.com/golang-jwt/jwt/v4" ) -// ParseUnverifiedJWT parses JWT token and returns its claims +// ParseUnverifiedJWT parses JWT and returns its claims // but DOES NOT verify the signature. // // It verifies only the exp, iat and nbf claims. @@ -24,7 +24,7 @@ func ParseUnverifiedJWT(token string) (jwt.MapClaims, error) { return claims, err } -// ParseJWT verifies and parses JWT token and returns its claims. +// ParseJWT verifies and parses JWT and returns its claims. func ParseJWT(token string, verificationKey string) (jwt.MapClaims, error) { parser := jwt.NewParser(jwt.WithValidMethods([]string{"HS256"})) @@ -42,7 +42,7 @@ func ParseJWT(token string, verificationKey string) (jwt.MapClaims, error) { return nil, errors.New("Unable to parse token.") } -// NewJWT generates and returns new HS256 signed JWT token. +// NewJWT generates and returns new HS256 signed JWT. func NewJWT(payload jwt.MapClaims, signingKey string, secondsDuration int64) (string, error) { seconds := time.Duration(secondsDuration) * time.Second @@ -60,7 +60,7 @@ func NewJWT(payload jwt.MapClaims, signingKey string, secondsDuration int64) (st // Deprecated: // Consider replacing with NewJWT(). // -// NewToken is a legacy alias for NewJWT that generates a HS256 signed JWT token. +// NewToken is a legacy alias for NewJWT that generates a HS256 signed JWT. func NewToken(payload jwt.MapClaims, signingKey string, secondsDuration int64) (string, error) { return NewJWT(payload, signingKey, secondsDuration) } diff --git a/tools/security/jwt_test.go b/tools/security/jwt_test.go index c979a4f9..785862ac 100644 --- a/tools/security/jwt_test.go +++ b/tools/security/jwt_test.go @@ -8,7 +8,7 @@ import ( ) func TestParseUnverifiedJWT(t *testing.T) { - // invalid formatted JWT token + // invalid formatted JWT result1, err1 := security.ParseUnverifiedJWT("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoidGVzdCJ9") if err1 == nil { t.Error("Expected error got nil") @@ -17,7 +17,7 @@ func TestParseUnverifiedJWT(t *testing.T) { t.Error("Expected no parsed claims, got", result1) } - // properly formatted JWT token with INVALID claims + // properly formatted JWT with INVALID claims // {"name": "test", "exp": 1516239022} result2, err2 := security.ParseUnverifiedJWT("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoidGVzdCIsImV4cCI6MTUxNjIzOTAyMn0.xYHirwESfSEW3Cq2BL47CEASvD_p_ps3QCA54XtNktU") if err2 == nil { @@ -27,7 +27,7 @@ func TestParseUnverifiedJWT(t *testing.T) { t.Errorf("Expected to have 2 claims, got %v", result2) } - // properly formatted JWT token with VALID claims + // properly formatted JWT with VALID claims // {"name": "test"} result3, err3 := security.ParseUnverifiedJWT("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoidGVzdCJ9.ml0QsTms3K9wMygTu41ZhKlTyjmW9zHQtoS8FUsCCjU") if err3 != nil { @@ -45,14 +45,14 @@ func TestParseJWT(t *testing.T) { expectError bool expectClaims jwt.MapClaims }{ - // invalid formatted JWT token + // invalid formatted JWT { "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoidGVzdCJ9", "test", true, nil, }, - // properly formatted JWT token with INVALID claims and INVALID secret + // properly formatted JWT with INVALID claims and INVALID secret // {"name": "test", "exp": 1516239022} { "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoidGVzdCIsImV4cCI6MTUxNjIzOTAyMn0.xYHirwESfSEW3Cq2BL47CEASvD_p_ps3QCA54XtNktU", @@ -60,7 +60,7 @@ func TestParseJWT(t *testing.T) { true, nil, }, - // properly formatted JWT token with INVALID claims and VALID secret + // properly formatted JWT with INVALID claims and VALID secret // {"name": "test", "exp": 1516239022} { "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoidGVzdCIsImV4cCI6MTUxNjIzOTAyMn0.xYHirwESfSEW3Cq2BL47CEASvD_p_ps3QCA54XtNktU", @@ -68,7 +68,7 @@ func TestParseJWT(t *testing.T) { true, nil, }, - // properly formatted JWT token with VALID claims and INVALID secret + // properly formatted JWT with VALID claims and INVALID secret // {"name": "test", "exp": 1898636137} { "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoidGVzdCIsImV4cCI6MTg5ODYzNjEzN30.gqRkHjpK5s1PxxBn9qPaWEWxTbpc1PPSD-an83TsXRY", @@ -76,7 +76,7 @@ func TestParseJWT(t *testing.T) { true, nil, }, - // properly formatted EXPIRED JWT token with VALID secret + // properly formatted EXPIRED JWT with VALID secret // {"name": "test", "exp": 1652097610} { "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjoidGVzdCIsImV4cCI6OTU3ODczMzc0fQ.0oUUKUnsQHs4nZO1pnxQHahKtcHspHu4_AplN2sGC4A", @@ -84,7 +84,7 @@ func TestParseJWT(t *testing.T) { true, nil, }, - // properly formatted JWT token with VALID claims and VALID secret + // properly formatted JWT with VALID claims and VALID secret // {"name": "test", "exp": 1898636137} { "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoidGVzdCIsImV4cCI6MTg5ODYzNjEzN30.gqRkHjpK5s1PxxBn9qPaWEWxTbpc1PPSD-an83TsXRY", @@ -92,7 +92,7 @@ func TestParseJWT(t *testing.T) { false, jwt.MapClaims{"name": "test", "exp": 1898636137.0}, }, - // properly formatted JWT token with VALID claims (without exp) and VALID secret + // properly formatted JWT with VALID claims (without exp) and VALID secret // {"name": "test"} { "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoidGVzdCJ9.ml0QsTms3K9wMygTu41ZhKlTyjmW9zHQtoS8FUsCCjU",