...

Source file src/github.com/golang-jwt/jwt/none.go

Documentation: github.com/golang-jwt/jwt 

     1  package jwt
     2  
     3  // Implements the none signing method.  This is required by the spec
     4  // but you probably should never use it.
     5  var SigningMethodNone *signingMethodNone
     6  
     7  const UnsafeAllowNoneSignatureType unsafeNoneMagicConstant = "none signing method allowed"
     8  
     9  var NoneSignatureTypeDisallowedError error
    10  
    11  type signingMethodNone struct{}
    12  type unsafeNoneMagicConstant string
    13  
    14  func init() {
    15  	SigningMethodNone = &signingMethodNone{}
    16  	NoneSignatureTypeDisallowedError = NewValidationError("'none' signature type is not allowed", ValidationErrorSignatureInvalid)
    17  
    18  	RegisterSigningMethod(SigningMethodNone.Alg(), func() SigningMethod {
    19  		return SigningMethodNone
    20  	})
    21  }
    22  
    23  func (m *signingMethodNone) Alg() string {
    24  	return "none"
    25  }
    26  
    27  // Only allow 'none' alg type if UnsafeAllowNoneSignatureType is specified as the key
    28  func (m *signingMethodNone) Verify(signingString, signature string, key interface{}) (err error) {
    29  	// Key must be UnsafeAllowNoneSignatureType to prevent accidentally
    30  	// accepting 'none' signing method
    31  	if _, ok := key.(unsafeNoneMagicConstant); !ok {
    32  		return NoneSignatureTypeDisallowedError
    33  	}
    34  	// If signing method is none, signature must be an empty string
    35  	if signature != "" {
    36  		return NewValidationError(
    37  			"'none' signing method with non-empty signature",
    38  			ValidationErrorSignatureInvalid,
    39  		)
    40  	}
    41  
    42  	// Accept 'none' signing method.
    43  	return nil
    44  }
    45  
    46  // Only allow 'none' signing if UnsafeAllowNoneSignatureType is specified as the key
    47  func (m *signingMethodNone) Sign(signingString string, key interface{}) (string, error) {
    48  	if _, ok := key.(unsafeNoneMagicConstant); ok {
    49  		return "", nil
    50  	}
    51  	return "", NoneSignatureTypeDisallowedError
    52  }
    53  

View as plain text