4f1c1e4268
Update the indirect dependency to remove the transitional github.com/form3tech-oss/jwt-go
dependency from the dependency graph.
Updates:
- github.com/Azure/go-autorest/autorest v0.11.24: https://github.com/Azure/go-autorest/compare/autorest/v0.11.20...autorest/v0.11.24
- github.com/Azure/go-autorest/autorest/adal v0.9.18: https://github.com/Azure/go-autorest/compare/autorest/adal/v0.9.15...autorest/adal/v0.9.18
- github.com/golang-jwt/jwt v4.2.0: https://github.com/golang-jwt/jwt/compare/v4.0.0...v4.2.0
- golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3: 32db794688...e495a2d5b3
Before this:
go mod graph | grep 'jwt'
github.com/Azure/go-autorest/autorest/adal@v0.9.15 github.com/golang-jwt/jwt/v4@v4.0.0
github.com/Azure/go-autorest/autorest/adal@v0.9.13 github.com/form3tech-oss/jwt-go@v3.2.2+incompatible
After this:
go mod graph | grep 'jwt'
github.com/Azure/go-autorest/autorest@v0.11.24 github.com/golang-jwt/jwt/v4@v4.2.0
github.com/Azure/go-autorest/autorest/adal@v0.9.18 github.com/golang-jwt/jwt/v4@v4.0.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
30 lines
1.2 KiB
Go
30 lines
1.2 KiB
Go
package jwt
|
|
|
|
// ParserOption is used to implement functional-style options that modify the behaviour of the parser. To add
|
|
// new options, just create a function (ideally beginning with With or Without) that returns an anonymous function that
|
|
// takes a *Parser type as input and manipulates its configuration accordingly.
|
|
type ParserOption func(*Parser)
|
|
|
|
// WithValidMethods is an option to supply algorithm methods that the parser will check. Only those methods will be considered valid.
|
|
// It is heavily encouraged to use this option in order to prevent attacks such as https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/.
|
|
func WithValidMethods(methods []string) ParserOption {
|
|
return func(p *Parser) {
|
|
p.ValidMethods = methods
|
|
}
|
|
}
|
|
|
|
// WithJSONNumber is an option to configure the underyling JSON parser with UseNumber
|
|
func WithJSONNumber() ParserOption {
|
|
return func(p *Parser) {
|
|
p.UseJSONNumber = true
|
|
}
|
|
}
|
|
|
|
// WithoutClaimsValidation is an option to disable claims validation. This option should only be used if you exactly know
|
|
// what you are doing.
|
|
func WithoutClaimsValidation() ParserOption {
|
|
return func(p *Parser) {
|
|
p.SkipClaimsValidation = true
|
|
}
|
|
}
|