| Age | Commit message (Collapse) | Author |
|---|
|
Unpacking v4 public protocol on parent package seems wrong.
Only v4 package should know how to unpack it regarding the available
fields in the Message.
|
|
|
|
Previously, we use time.Time to store the value for ExpiredAt, NotBefore,
and IssuedAt.
Even thought this is allowed (see RFC 7519 section 2, NumericDate) but
it is not a standard practices.
This changes them to store Unix epoch with int64.
|
|
The [v2/PublicToken] has been moved and renamed as [paseto.Message].
The Data field in the Message is removed since its duplicate with
[Payload.Data].
The [v2/JSONToken] has been moved and renamed as [paseto.Payload].
In the [Payload.Validate] method, we remove the validation for IssuedAt
field, since its usage is to store the time the token is created.
The Data field type in the Payload changes from string to any.
The [v2/JSONFooter] has been moved and renamed as [paseto.Footer].
The type of Data field in Footer changes from map[string]any to any.
The KID field in the Footer has been renamed to PeerID along with its
json identifer.
The [v2/Key] has been moved and renamed as [paseto.Peer].
|
|
There are new versions of paseto standard: version 3 and version 4.
To minimize conflicts in the future, we move the old implementation of
paseto v2 to sub directory "v2" with package name "pasetov2".
The paseto package now left with common functions, like creating
pre-authentication encoding (PAE).
|
|
Go 1.22 now support for-range on numeric value.
|
|
HTTP request now implicitly create request with context.
Any false positive related to not closing HTTP response body has been
annotated with "nolint:bodyclose".
In the example code, use consistent "// Output:" comment format, by
prefixing with single space.
Any comment on code now also prefixing with single space.
An error returned without variables now use [errors.New] instead of
[fmt.Errorf].
Any error returned using [fmt.Errorf] now wrapped using "%w" instead of
"%s".
Also, replace error checking using [errors.Is] or [errors.As], instead
of using equal/not-equal operator.
Any statement like "x = x OP y" now replaced with "x OP= y".
Also, swap statement is simplified using "x, y = y, x".
Any switch statement with single case now replaced with if-condition.
Any call to defer on function or program that call [os.Exit], now
replaced by calling the deferred function directly.
Any if-else condition now replaced with switch statement, if possible.
|
|
|
|
|
|
The le64() return the string representation of uint64 in little endian,
which is basically binary.Write with parameter output buffer,
LittleEndian, and input value.
|
|
Remove unused constant "dateTimeLayout", check for error in call to
AddPeer method in test and example, and suppress govet warning on
le64().
|
|
The spec said that the input is 64bit unsigned integer, but the PHP
implementation does not match with the generated string.
Since the input "n" will not greater than 3 and it bitmasked with 255,
therefore the input should be byte instead of int64.
|
|
* The Issuer field must equal to peer.ID
* The Audience field must equal to our.ID,
* If peer.AllowedSubjects is not empty, the Subject value must be in
one of them,
* The current time must be after IssuedAt field,
* The current time must after NotBefore "nbf" field,
* The current time must before ExpiredAt field.
|
|
Package paseto provide the opionated implementation of
Platform-Agnostic SEcurity TOkens (PASETOs) as defined in draft of
RFC 01 [1].
This implementation only support PASETO Protocol v2.
This library focus on how to sign and verify data, everything else is
handled and filled automatically.
[1] https://github.com/paragonie/paseto/blob/master/docs/RFC/draft-paragon-paseto-rfc-01.txt
|
