Stack Overflow
Stack Overflow

Questions tagged [jwt-go]

59 questions
4
votes
3 answers

How to verify JWS transaction of app store server api in Go

Recently, one new API Look Up Order ID was added into app store server API. And the JWSTransaction of this API response signed by the App Store, in JSON Web Signature format. We want to verify it with go. What we have tried The jwt-go is used and…
zangw
  • 43,869
  • 19
  • 177
  • 214
4
votes
1 answer

How to check roles claim (array of values) of a JWT for a certain value?

I am using Golang and the Gin framework to get claims from a JWT sent from a client. But I can't compare the extracted roles with a string. When I try to get the value, it returns [test-app] but actually I want the value as "test-app" token, _, err…
Neung K
  • 43
  • 1
  • 3
3
votes
1 answer

How to parse a JWT token with RSA in jwt-go ParseWithClaims?

I have developed the following method, which should enable token-based authentication (jwt). An asynchronous process should be used to generate the token. The source code seems to work up to and including the generation of the signed token. I…
Markus Bach
  • 763
  • 1
  • 8
  • 24
3
votes
1 answer

Problem when parsing RS256 Public key with dgrijalva/jwt-go golang package

I have a pair of keys that I have generated with: ssh-keygen -t rsa -P "" -b 2048 -m PEM -f jwtRS256.key ssh-keygen -e -m PEM -f jwtRS256.key > jwtRS256.key.pub Now I'm trying to parse them with jwt.ParseRSAPrivateKeyFromPEM and…
Pavel
  • 117
  • 1
  • 7
3
votes
3 answers

Problem with generating jwt token RS256 with dgrijalva/jwt-go package

Why I allways get the "key is invalid" error in the simple code bellow. I already tried to use different private keys with the same result. Please help me cause I have no more ideas what i am doing wrong. package main import ( "fmt" "log" …
Pavel
  • 117
  • 1
  • 7
3
votes
2 answers

Using jwt-go Library - key is of invalid type

I am trying to generate the token as mention in the code but it's giving me error on this line though i am using tokenString, err := token.SignedString(mySigningKey) as key is of invalid type Any suggestions to solve this problem? Thanks package…
Robs
  • 33
  • 1
  • 4
3
votes
2 answers

How to access JWT sub-claims using Go?

I need to retrieve the values of sub-claims from a JWT in Go. I have (legacy) JWTs I need to parse in go, which contain a custom claim "data" which holds an Json-Object consisting of some fields (userid, username), so { [...standard claims]...,…
kiteflight
  • 120
  • 1
  • 13
3
votes
1 answer

Decode JWT without validation and find scope

I need to decode my JWT token and check if the scope is a "Doctor". I know very little about GO, but I just need to write a tiny snippet in my application to extend an existing application so it needs to be written in GO. This was my attempt at…
jor2
  • 460
  • 2
  • 5
  • 21
3
votes
2 answers

JWT key is invalid

I am following this example https://www.youtube.com/watch?v=eVlxuST7dCA to make a jwt auth. When I run the code below I get "Key is invalid" error. When I try printing tokenString it is empty. The GitHub to this sample is…
amanda45
  • 535
  • 10
  • 29
3
votes
1 answer

Building Go app with "vendor" directory on Jenkins with Docker

I'm trying to set up a Jenkins Pipeline to build and deploy my first Go project using a Jenkinsfile and docker.image().inside . I can't figure out how to get go to pick up the dependencies in the vendor/ directory. When I run the build, I get a…
Nicholas Albion
  • 3,096
  • 7
  • 33
  • 56
2
votes
2 answers

How to bypass cve-2020-26160 vulnerability in dgrijalva/jwt-go?

Container Security state does not pass in Gitlab pipeline because of one high level vulnerability. This vulnerability is jwt-go and it's installed version is v3.2.0+incompatible. The error title like this: jwt-go: access restriction bypass…
desdemona
  • 449
  • 1
  • 4
  • 10
2
votes
2 answers

ItunesConnectApi JWT

I'm trying to use App Store Connect API. According to the docs, first I'm trying to generate JWT token. Here's the code in golang: package main import ( "fmt" "io/ioutil" "log" "time" …
Cawa
  • 1,269
  • 3
  • 25
  • 44
2
votes
2 answers

When create JWT token inside loop getting same token in jwt-go

I am creating jwt tokens using jwt-go library. Later wrote a script to load test. I have noticed when I send the many concurrent request getting same token. To check more about this I created token inside for loop and result is same. The library…
isaman kumara
  • 131
  • 9
2
votes
0 answers

(Golang) jwt RS512 verify

We currently implement a scenario where generate a token in node.js javascript with jwt . We use RS512 with certificates for token generation. The token has an expiration limit. Sign and verify work perfect if we use the node.js implementation only.…
Belarophon01
  • 31
  • 4
2
votes
1 answer

User aware action in goa

I am making a web server with goa (Cannot create a stack overflow tag for it, not enough reputation). I cannot find a way to get user context inside a controller method. I use JWT auth that is supported by basic auth. I have a JWT secure action that…
vvwccgz4lh
  • 86
  • 9
1
2
3 4