From 4eb66ed93b1b57ce9fa7973d28c7288e4a66e84d Mon Sep 17 00:00:00 2001
From: Simon Eisenmann <simon@longsleep.org>
Date: Fri, 15 Oct 2021 11:25:05 +0200
Subject: [PATCH] Migrate dgrijalva/jwt-go to golang-jwt/jwt-go

Reference: https://github.com/dgrijalva/jwt-go/issues/462
---
 bootstrap/bootstrap.go              | 4 ++--
 bootstrap/config.go                 | 2 +-
 bootstrap/utils.go                  | 2 +-
 claims.go                           | 2 +-
 context.go                          | 2 +-
 go.mod                              | 2 +-
 go.sum                              | 2 ++
 identifier/models.go                | 2 +-
 identifier/oauth2.go                | 2 +-
 identifier/user.go                  | 2 +-
 identity/auth.go                    | 2 +-
 identity/authorities/authorities.go | 2 +-
 identity/authorities/oidc.go        | 2 +-
 identity/authrecord.go              | 2 +-
 identity/clients/claims.go          | 2 +-
 identity/clients/models.go          | 2 +-
 identity/clients/registry.go        | 2 +-
 identity/managers/cookie.go         | 2 +-
 identity/managers/dummy.go          | 2 +-
 identity/managers/guest.go          | 2 +-
 identity/user.go                    | 2 +-
 identity/utils.go                   | 2 +-
 oidc/claims.go                      | 2 +-
 oidc/payload/authentication.go      | 2 +-
 oidc/payload/endsession.go          | 2 +-
 oidc/payload/registration.go        | 2 +-
 oidc/payload/request.go             | 2 +-
 oidc/payload/token.go               | 2 +-
 oidc/provider/handlers.go           | 2 +-
 oidc/provider/identity.go           | 2 +-
 oidc/provider/provider.go           | 2 +-
 oidc/provider/session.go            | 2 +-
 oidc/provider/signing.go            | 2 +-
 oidc/provider/tokens.go             | 2 +-
 signing/jwt.go                      | 2 +-
 35 files changed, 37 insertions(+), 35 deletions(-)

diff --git a/bootstrap/bootstrap.go b/bootstrap/bootstrap.go
index 735b818..3576d6e 100644
--- a/bootstrap/bootstrap.go
+++ b/bootstrap/bootstrap.go
@@ -31,7 +31,7 @@ import (
 	"strings"
 	"time"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 	"github.com/sirupsen/logrus"
 	"stash.kopano.io/kgol/rndm"
 
@@ -96,7 +96,7 @@ func (bs *bootstrap) Managers() *managers.Managers {
 func Boot(ctx context.Context, settings *Settings, cfg *config.Config) (Bootstrap, error) {
 	// NOTE(longsleep): Ensure to use same salt length as the hash size.
 	// See https://www.ietf.org/mail-archive/web/jose/current/msg02901.html for
-	// reference and https://github.com/dgrijalva/jwt-go/issues/285 for
+	// reference and https://github.com/golang-jwt/jwt/v4/issues/285 for
 	// the issue in upstream jwt-go.
 	for _, alg := range []string{jwt.SigningMethodPS256.Name, jwt.SigningMethodPS384.Name, jwt.SigningMethodPS512.Name} {
 		sm := jwt.GetSigningMethod(alg)
diff --git a/bootstrap/config.go b/bootstrap/config.go
index cbf75d7..b83b738 100644
--- a/bootstrap/config.go
+++ b/bootstrap/config.go
@@ -22,7 +22,7 @@ import (
 	"crypto/tls"
 	"net/url"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 
 	"github.com/libregraph/lico/config"
 )
diff --git a/bootstrap/utils.go b/bootstrap/utils.go
index b28034e..6d325bf 100644
--- a/bootstrap/utils.go
+++ b/bootstrap/utils.go
@@ -15,7 +15,7 @@ import (
 	"path/filepath"
 	"strings"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 	"github.com/sirupsen/logrus"
 	"gopkg.in/square/go-jose.v2"
 
diff --git a/claims.go b/claims.go
index f357cd1..a62896a 100644
--- a/claims.go
+++ b/claims.go
@@ -20,7 +20,7 @@ package lico
 import (
 	"errors"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 
 	"github.com/libregraph/lico/oidc/payload"
 )
diff --git a/context.go b/context.go
index e92a21e..c1906ac 100644
--- a/context.go
+++ b/context.go
@@ -20,7 +20,7 @@ package lico
 import (
 	"context"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 )
 
 // key is an unexported type for keys defined in this package.
diff --git a/go.mod b/go.mod
index 6e2f3c5..c0d43c5 100644
--- a/go.mod
+++ b/go.mod
@@ -7,10 +7,10 @@ require (
 	github.com/crewjam/httperr v0.2.0
 	github.com/crewjam/saml v0.4.5
 	github.com/deckarep/golang-set v1.7.1
-	github.com/dgrijalva/jwt-go v3.2.0+incompatible
 	github.com/gabriel-vasile/mimetype v1.4.0
 	github.com/ghodss/yaml v1.0.0
 	github.com/go-ldap/ldap/v3 v3.4.1
+	github.com/golang-jwt/jwt/v4 v4.1.0
 	github.com/google/go-querystring v1.1.0
 	github.com/gorilla/mux v1.8.0
 	github.com/gorilla/schema v1.2.0
diff --git a/go.sum b/go.sum
index 6dbd2bc..ca7efcc 100644
--- a/go.sum
+++ b/go.sum
@@ -124,6 +124,8 @@ github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/me
 github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
 github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
 github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
+github.com/golang-jwt/jwt/v4 v4.1.0 h1:XUgk2Ex5veyVFVeLm0xhusUTQybEbexJXrvPNOKkSY0=
+github.com/golang-jwt/jwt/v4 v4.1.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
diff --git a/identifier/models.go b/identifier/models.go
index d87dde8..0521545 100644
--- a/identifier/models.go
+++ b/identifier/models.go
@@ -23,7 +23,7 @@ import (
 	"strings"
 	"time"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 
 	"github.com/libregraph/lico/identifier/meta"
 	"github.com/libregraph/lico/identity/clients"
diff --git a/identifier/oauth2.go b/identifier/oauth2.go
index e7f2aee..9ac8c77 100644
--- a/identifier/oauth2.go
+++ b/identifier/oauth2.go
@@ -25,7 +25,7 @@ import (
 	"strings"
 	"time"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 	"stash.kopano.io/kgol/oidc-go"
 	"stash.kopano.io/kgol/rndm"
 
diff --git a/identifier/user.go b/identifier/user.go
index 76b77ad..16fd002 100644
--- a/identifier/user.go
+++ b/identifier/user.go
@@ -22,7 +22,7 @@ import (
 	"errors"
 	"time"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 
 	konnect "github.com/libregraph/lico"
 	"github.com/libregraph/lico/identifier/backends"
diff --git a/identity/auth.go b/identity/auth.go
index ce8b199..2a5edee 100644
--- a/identity/auth.go
+++ b/identity/auth.go
@@ -20,7 +20,7 @@ package identity
 import (
 	"time"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 
 	"github.com/libregraph/lico/oidc/payload"
 )
diff --git a/identity/authorities/authorities.go b/identity/authorities/authorities.go
index d5b177f..745444a 100644
--- a/identity/authorities/authorities.go
+++ b/identity/authorities/authorities.go
@@ -24,7 +24,7 @@ import (
 	"net/http"
 	"net/url"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 	"stash.kopano.io/kgol/oidc-go"
 )
 
diff --git a/identity/authorities/oidc.go b/identity/authorities/oidc.go
index 25bb091..1766b66 100644
--- a/identity/authorities/oidc.go
+++ b/identity/authorities/oidc.go
@@ -26,7 +26,7 @@ import (
 	"net/url"
 	"sync"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 	"github.com/sirupsen/logrus"
 	"gopkg.in/square/go-jose.v2"
 	"stash.kopano.io/kgol/oidc-go"
diff --git a/identity/authrecord.go b/identity/authrecord.go
index df33b53..b58e124 100644
--- a/identity/authrecord.go
+++ b/identity/authrecord.go
@@ -20,7 +20,7 @@ package identity
 import (
 	"time"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 
 	"github.com/libregraph/lico/oidc/payload"
 )
diff --git a/identity/clients/claims.go b/identity/clients/claims.go
index 2af1b52..d62d0d8 100644
--- a/identity/clients/claims.go
+++ b/identity/clients/claims.go
@@ -18,7 +18,7 @@
 package clients
 
 import (
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 )
 
 // RegistrationClaims are claims used to with dynamic clients.
diff --git a/identity/clients/models.go b/identity/clients/models.go
index eb2ca20..458280b 100644
--- a/identity/clients/models.go
+++ b/identity/clients/models.go
@@ -25,7 +25,7 @@ import (
 	"fmt"
 	"time"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 	"github.com/mendsley/gojwk"
 	"golang.org/x/crypto/blake2b"
 	_ "gopkg.in/yaml.v2" // Make sure we have yaml.
diff --git a/identity/clients/registry.go b/identity/clients/registry.go
index bd28073..fb30f11 100644
--- a/identity/clients/registry.go
+++ b/identity/clients/registry.go
@@ -27,7 +27,7 @@ import (
 	"sync"
 	"time"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 	"github.com/sirupsen/logrus"
 	"gopkg.in/yaml.v2"
 	"stash.kopano.io/kgol/oidc-go"
diff --git a/identity/managers/cookie.go b/identity/managers/cookie.go
index 7a5c5bc..c30f983 100644
--- a/identity/managers/cookie.go
+++ b/identity/managers/cookie.go
@@ -27,7 +27,7 @@ import (
 	"strings"
 	"time"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 	"github.com/gorilla/mux"
 	"github.com/sirupsen/logrus"
 	"stash.kopano.io/kgol/oidc-go"
diff --git a/identity/managers/dummy.go b/identity/managers/dummy.go
index f99c8a7..2e3b824 100644
--- a/identity/managers/dummy.go
+++ b/identity/managers/dummy.go
@@ -23,7 +23,7 @@ import (
 	"net/http"
 	"strings"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 	"github.com/gorilla/mux"
 	"stash.kopano.io/kgol/oidc-go"
 	"stash.kopano.io/kgol/rndm"
diff --git a/identity/managers/guest.go b/identity/managers/guest.go
index fd2c981..0c0f0ab 100644
--- a/identity/managers/guest.go
+++ b/identity/managers/guest.go
@@ -22,7 +22,7 @@ import (
 	"fmt"
 	"net/http"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 	"github.com/gorilla/mux"
 	"github.com/sirupsen/logrus"
 	"stash.kopano.io/kgol/oidc-go"
diff --git a/identity/user.go b/identity/user.go
index 4f5cb92..a75c33c 100644
--- a/identity/user.go
+++ b/identity/user.go
@@ -18,7 +18,7 @@
 package identity
 
 import (
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 )
 
 // User defines a most simple user with an id defined as subject.
diff --git a/identity/utils.go b/identity/utils.go
index 56bc127..07505ca 100644
--- a/identity/utils.go
+++ b/identity/utils.go
@@ -20,7 +20,7 @@ package identity
 import (
 	"fmt"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 	"stash.kopano.io/kgol/oidc-go"
 
 	konnectoidc "github.com/libregraph/lico/oidc"
diff --git a/oidc/claims.go b/oidc/claims.go
index 112600d..cf0980d 100644
--- a/oidc/claims.go
+++ b/oidc/claims.go
@@ -18,7 +18,7 @@
 package oidc
 
 import (
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 )
 
 // IDTokenClaims define the claims found in OIDC ID Tokens.
diff --git a/oidc/payload/authentication.go b/oidc/payload/authentication.go
index 97b4682..c587a21 100644
--- a/oidc/payload/authentication.go
+++ b/oidc/payload/authentication.go
@@ -25,7 +25,7 @@ import (
 	"strings"
 	"time"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 	"stash.kopano.io/kgol/oidc-go"
 
 	konnectoidc "github.com/libregraph/lico/oidc"
diff --git a/oidc/payload/endsession.go b/oidc/payload/endsession.go
index f8a6b05..fc3f4aa 100644
--- a/oidc/payload/endsession.go
+++ b/oidc/payload/endsession.go
@@ -22,7 +22,7 @@ import (
 	"net/http"
 	"net/url"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 	"stash.kopano.io/kgol/oidc-go"
 
 	konnectoidc "github.com/libregraph/lico/oidc"
diff --git a/oidc/payload/registration.go b/oidc/payload/registration.go
index 71d5ddd..a067846 100644
--- a/oidc/payload/registration.go
+++ b/oidc/payload/registration.go
@@ -24,7 +24,7 @@ import (
 	"net/url"
 	"strings"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 	"github.com/mendsley/gojwk"
 	"stash.kopano.io/kgol/oidc-go"
 
diff --git a/oidc/payload/request.go b/oidc/payload/request.go
index 5dcb5e9..de41199 100644
--- a/oidc/payload/request.go
+++ b/oidc/payload/request.go
@@ -20,7 +20,7 @@ package payload
 import (
 	"errors"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 
 	"github.com/libregraph/lico/identity/clients"
 )
diff --git a/oidc/payload/token.go b/oidc/payload/token.go
index 564f9d2..44ab85f 100644
--- a/oidc/payload/token.go
+++ b/oidc/payload/token.go
@@ -24,7 +24,7 @@ import (
 	"net/url"
 	"strings"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 	"stash.kopano.io/kgol/oidc-go"
 
 	konnectoidc "github.com/libregraph/lico/oidc"
diff --git a/oidc/provider/handlers.go b/oidc/provider/handlers.go
index 112e906..6288f2d 100644
--- a/oidc/provider/handlers.go
+++ b/oidc/provider/handlers.go
@@ -23,7 +23,7 @@ import (
 	"net/http"
 	"strings"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 	"github.com/sirupsen/logrus"
 	"gopkg.in/square/go-jose.v2"
 	"stash.kopano.io/kgol/oidc-go"
diff --git a/oidc/provider/identity.go b/oidc/provider/identity.go
index d139767..9648821 100644
--- a/oidc/provider/identity.go
+++ b/oidc/provider/identity.go
@@ -20,7 +20,7 @@ package provider
 import (
 	"errors"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 
 	"github.com/libregraph/lico/identity"
 	"github.com/libregraph/lico/oidc/payload"
diff --git a/oidc/provider/provider.go b/oidc/provider/provider.go
index cceadc6..3e7a53d 100644
--- a/oidc/provider/provider.go
+++ b/oidc/provider/provider.go
@@ -28,7 +28,7 @@ import (
 	"strings"
 	"time"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 	"github.com/rs/cors"
 	"github.com/sirupsen/logrus"
 	"golang.org/x/crypto/ed25519"
diff --git a/oidc/provider/session.go b/oidc/provider/session.go
index 6f42774..cd6f487 100644
--- a/oidc/provider/session.go
+++ b/oidc/provider/session.go
@@ -23,7 +23,7 @@ import (
 	"encoding/gob"
 	"net/http"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 	"stash.kopano.io/kgol/rndm"
 
 	konnect "github.com/libregraph/lico"
diff --git a/oidc/provider/signing.go b/oidc/provider/signing.go
index 9bd4730..0e6b373 100644
--- a/oidc/provider/signing.go
+++ b/oidc/provider/signing.go
@@ -20,7 +20,7 @@ package provider
 import (
 	"crypto"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 )
 
 // A SigningKey bundles a signer with meta data and a signign method.
diff --git a/oidc/provider/tokens.go b/oidc/provider/tokens.go
index 91c0de9..73f988f 100644
--- a/oidc/provider/tokens.go
+++ b/oidc/provider/tokens.go
@@ -22,7 +22,7 @@ import (
 	"fmt"
 	"time"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 	"stash.kopano.io/kgol/oidc-go"
 	"stash.kopano.io/kgol/rndm"
 
diff --git a/signing/jwt.go b/signing/jwt.go
index 43c63ba..3e1fdd7 100644
--- a/signing/jwt.go
+++ b/signing/jwt.go
@@ -22,7 +22,7 @@ import (
 	"crypto/rand"
 	"errors"
 
-	"github.com/dgrijalva/jwt-go"
+	"github.com/golang-jwt/jwt/v4"
 	"golang.org/x/crypto/ed25519"
 )