Implements initial validations of token claims. The included
validations are:
* validation of token issuer
* validation of token audience
* validation that a subject is set
* validation that a token is not expired
These fields are only used to constrain deserialisation to the
supported values, but have no further effect.
`rustc` throws warnings about them not being used, which this commit
disables.
Implements the logic for validating a token signature and returning
its decoded headers and claims.
This does not yet apply claim validations, as those have not been
specified yet.
Introduces a new struct type which contains the token's headers and
claims as JSON values. This is constructed by validating a token and
allows library users to deal with the deserialised values as they
please.
There are multiple points in the code where a token part needs to be
deserialised (i.e. first base64-decoded, then JSON-deserialised). This
is extracted to a helper function in this commit.
Introduces the internal function for validating JWT signatures. The
process is relatively straightforward:
1. Create an OpenSSL signature verifier using the public key from the
JWK.
2. Split the JWT into the data (header + claims) and signature parts.
3. Validate the data against the signature using the verifier from (1)
OpenSSL "cleanly" returns a boolean in case of an invalid signature,
but an otherwise successful operation.
This is represented differently in the returned error variant, with an
invalid signature being represented as `InvalidSignature`, and other
errors as the `OpenSSL` error variant which wraps the underlying
OpenSSL issue.
Successful validation returns an empty `Ok` result.
This makes the library slightly more "rusty". Instead of returning a
validation result which also represents potential success, use an enum
representing the error variants and the standard library's
`Result`-type to represent success/failure.
Apparently the wifi card likes to act up occasionally (this is new?)
and can't see the 5Ghz network anymore.
This adds the 2.4Ghz network as a fallback in those cases.
Updates the following dependencies to latest:
* Masterminds/semver
* Masterminds/sprig
* ghodss/yaml
* satori/go.uuid -> google/uuid
* huandu/xstrings
* imdario/mergo
* crypto
* alecthomas/kingpin.v2
* yaml.v2
As usual Go libraries are YOLO-versioned, so who knows what changed
here. I'll be going through `sprig` at least to add that to the
changelog.
This relates to #152.
These changes overrides the `default` function provided by sprig with
an alternative to retrieve variable values from variables that might
not have been declared at all.
Referencing a variable in a template that is not declared, will lead
to the underlying templating functionality raising an error, causing
kontemplate to exit.
The override alternative to `default` accepts a second string argument
with the variable name. If the variable in question has not been
declared the first argument's value would be returned, just as the
original `default` function does.
