We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
CasaOS
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Update jwt (#1025)

link 2 years ago
parent
aae1802191
commit
705bf1facb
4 changed files with 41 additions and 29 deletions
Split View Show Diff Stats
  1. 8 8
      go.mod
  2. 17 16
      go.sum
  3. 7 1
      route/v1.go
  4. 9 4
      route/v2.go

+ 8 - 8
go.mod
View File 

@@ -4,7 +4,7 @@ go 1.20
 
 
 require (
 
 	github.com/Curtis-Milo/nat-type-identifier-go v0.0.0-20220215191915-18d42168c63d
 
-	github.com/IceWhaleTech/CasaOS-Common v0.4.3
 
+	github.com/IceWhaleTech/CasaOS-Common v0.4.4-alpha4
 
 	github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf
 
 	github.com/deckarep/golang-set/v2 v2.3.0
 
 	github.com/deepmap/oapi-codegen v1.12.4
 
@@ -41,10 +41,10 @@ require (
 
 	github.com/tidwall/gjson v1.14.4
 
 	go.uber.org/goleak v1.2.1
 
 	go.uber.org/zap v1.24.0
 
-	golang.org/x/crypto v0.7.0
 
+	golang.org/x/crypto v0.8.0
 
 	golang.org/x/oauth2 v0.6.0
 
 	golang.org/x/sync v0.1.0
 
-	golang.org/x/sys v0.6.0
 
+	golang.org/x/sys v0.7.0
 
 	gorm.io/gorm v1.24.6
 
 	gotest.tools v2.2.0+incompatible
 
 )
 
@@ -87,12 +87,12 @@ require (
 
 	github.com/jinzhu/inflection v1.0.0 // indirect
 
 	github.com/jinzhu/now v1.1.5 // indirect
 
 	github.com/josharian/intern v1.0.0 // indirect
 
-	github.com/klauspost/compress v1.16.3 // indirect
 
+	github.com/klauspost/compress v1.16.5 // indirect
 
 	github.com/klauspost/cpuid/v2 v2.2.4 // indirect
 
 	github.com/klauspost/pgzip v1.2.5 // indirect
 
 	github.com/kr/pretty v0.3.1 // indirect
 
 	github.com/labstack/gommon v0.4.0 // indirect
 
-	github.com/leodido/go-urn v1.2.2 // indirect
 
+	github.com/leodido/go-urn v1.2.3 // indirect
 
 	github.com/lufia/plan9stats v0.0.0-20230110061619-bbe2e5e100de // indirect
 
 	github.com/mailru/easyjson v0.7.7 // indirect
 
 	github.com/mattn/go-colorable v0.1.13 // indirect
 
@@ -119,12 +119,12 @@ require (
 
 	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect
 
 	github.com/yusufpapurcu/wmi v1.2.2 // indirect
 
 	go.uber.org/atomic v1.10.0 // indirect
 
-	go.uber.org/multierr v1.10.0 // indirect
 
+	go.uber.org/multierr v1.11.0 // indirect
 
 	golang.org/x/arch v0.3.0 // indirect
 
 	golang.org/x/exp v0.0.0-20220303212507-bbda1eaf7a17 // indirect
 
 	golang.org/x/image v0.6.0 // indirect
 
-	golang.org/x/net v0.8.0 // indirect
 
-	golang.org/x/text v0.8.0 // indirect
 
+	golang.org/x/net v0.9.0 // indirect
 
+	golang.org/x/text v0.9.0 // indirect
 
 	golang.org/x/time v0.3.0 // indirect
 
 	google.golang.org/appengine v1.6.7 // indirect
 
 	google.golang.org/protobuf v1.30.0 // indirect

+ 17 - 16
go.sum
View File 

@@ -1,7 +1,7 @@
 
 github.com/Curtis-Milo/nat-type-identifier-go v0.0.0-20220215191915-18d42168c63d h1:62lEBImTxZ83pgzywgDNIrPPuQ+j4ep9QjqrWBn1hrU=
 
 github.com/Curtis-Milo/nat-type-identifier-go v0.0.0-20220215191915-18d42168c63d/go.mod h1:lW9x+yEjqKdPbE3+cf2fGPJXCw/hChX3Omi9QHTLFsQ=
 
-github.com/IceWhaleTech/CasaOS-Common v0.4.3 h1:sYsWYhP5EyksH6D0BDv8secIRGAKUZZDTIKqACdFZQ4=
 
-github.com/IceWhaleTech/CasaOS-Common v0.4.3/go.mod h1:zLzM1RhoBRDdW7DFlEoPq18OhbJYsvc8yFodW0bm/QI=
 
+github.com/IceWhaleTech/CasaOS-Common v0.4.4-alpha4 h1:KIMQL8fumAczZEsd7uC7n2NUzBYUC4DntRc8usSxGq8=
 
+github.com/IceWhaleTech/CasaOS-Common v0.4.4-alpha4/go.mod h1:2IuYyy5qW1BE6jqC6M+tOU+WtUec1K565rLATBJ9p/0=
 
 github.com/RaveNoX/go-jsoncommentstrip v1.0.0/go.mod h1:78ihd09MekBnJnxpICcwzCMzGrKSKYe4AqU6PDYYpjk=
 
 github.com/andybalholm/brotli v1.0.1/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y=
 
 github.com/andybalholm/brotli v1.0.5 h1:8uQZIdzKmjc/iuPu7O2ioW48L81FgatrcpfFmiq/cCs=
 
@@ -169,8 +169,8 @@ github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHm
 
 github.com/juju/gnuflag v0.0.0-20171113085948-2ce1bb71843d/go.mod h1:2PavIy+JPciBPrBUjwbNvtwB6RQlve+hkpll6QSNmOE=
 
 github.com/klauspost/compress v1.4.1/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A=
 
 github.com/klauspost/compress v1.11.4/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
 
-github.com/klauspost/compress v1.16.3 h1:XuJt9zzcnaz6a16/OU53ZjWp/v7/42WcR5t2a0PcNQY=
 
-github.com/klauspost/compress v1.16.3/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE=
 
+github.com/klauspost/compress v1.16.5 h1:IFV2oUNUzZaz+XyusxpLzpzS8Pt5rh0Z16For/djlyI=
 
+github.com/klauspost/compress v1.16.5/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE=
 
 github.com/klauspost/cpuid v1.2.0/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek=
 
 github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
 
 github.com/klauspost/cpuid/v2 v2.2.4 h1:acbojRNwl3o09bUq+yDCtZFc1aiwaAAxtcn8YkZXnvk=
 
@@ -191,8 +191,8 @@ github.com/labstack/echo/v4 v4.10.2/go.mod h1:OEyqf2//K1DFdE57vw2DRgWY0M7s65IVQO
 
 github.com/labstack/gommon v0.4.0 h1:y7cvthEAEbU0yHOf4axH8ZG2NH8knB9iNSoTO8dyIk8=
 
 github.com/labstack/gommon v0.4.0/go.mod h1:uW6kP17uPlLJsD3ijUYn3/M5bAxtlZhMI6m3MFxTMTM=
 
 github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY=
 
-github.com/leodido/go-urn v1.2.2 h1:7z68G0FCGvDk646jz1AelTYNYWrTNm0bEcFAo147wt4=
 
-github.com/leodido/go-urn v1.2.2/go.mod h1:kUaIbLZWttglzwNuG0pgsh5vuV6u2YcGBYz1hIPjtOQ=
 
+github.com/leodido/go-urn v1.2.3 h1:6BE2vPT0lqoz3fmOesHZiaiFh7889ssCo2GMvLCfiuA=
 
+github.com/leodido/go-urn v1.2.3/go.mod h1:7ZrI8mTSeBSHl/UaRyKQW1qZeMgak41ANeCNaVckg+4=
 
 github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0/go.mod h1:zJYVVT2jmtg6P3p1VtQj7WsuWi/y4VnjVBn7F8KPB3I=
 
 github.com/lufia/plan9stats v0.0.0-20230110061619-bbe2e5e100de h1:V53FWzU6KAZVi1tPp5UIsMoUWJ2/PNwYIDXnu7QuBCE=
 
 github.com/lufia/plan9stats v0.0.0-20230110061619-bbe2e5e100de/go.mod h1:JKx41uQRwqlTZabZc+kILPrO/3jlKnQ2Z8b7YiVw5cE=
 
@@ -254,7 +254,6 @@ github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTE
 
 github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE=
 
 github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8=
 
 github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
 
-github.com/rwtodd/Go.Sed v0.0.0-20210816025313-55464686f9ef/go.mod h1:8AEUvGVi2uQ5b24BIhcr0GCcpd/RNAFWaN2CJFrWIIQ=
 
 github.com/samber/lo v1.38.1 h1:j2XEAqXKb09Am4ebOg31SpvzUTTs6EN3VfgeLUhPdXM=
 
 github.com/samber/lo v1.38.1/go.mod h1:+m/ZKRl6ClXCE2Lgf3MsQlWfh4bn1bz6CXEOxnEXnEA=
 
 github.com/satori/go.uuid v1.2.0 h1:0uYX9dsZ2yD7q2RtLRtPSdGDWzjeM3TbMJP9utgA0ww=
 
@@ -312,8 +311,8 @@ go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ=
 
 go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
 
 go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A=
 
 go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4=
 
-go.uber.org/multierr v1.10.0 h1:S0h4aNzvfcFsC3dRF1jLoaov7oRaKqRGC/pUEJ2yvPQ=
 
-go.uber.org/multierr v1.10.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
 
+go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
 
+go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
 
 go.uber.org/zap v1.24.0 h1:FiJd5l1UOLj0wCgbSE0rwwXHzEdAZS6hiiSnxJN/D60=
 
 go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg=
 
 golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
 
@@ -324,8 +323,8 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U
 
 golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 
 golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 
-golang.org/x/crypto v0.7.0 h1:AvwMYaRytfdeVt3u6mLaxYtErKYjxA2OXjJ1HHq6t3A=
 
-golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
 
+golang.org/x/crypto v0.8.0 h1:pd9TJtTueMTVQXzk8E2XESSMQDj/U7OUu0PqJqPXQjQ=
 
+golang.org/x/crypto v0.8.0/go.mod h1:mRqEX+O9/h5TFCrQhkgjo2yKi0yYA+9ecGkdQoHrywE=
 
 golang.org/x/exp v0.0.0-20220303212507-bbda1eaf7a17 h1:3MTrJm4PyNL9NBqvYDSj3DHl46qQakyfqfWo4jgfaEM=
 
 golang.org/x/exp v0.0.0-20220303212507-bbda1eaf7a17/go.mod h1:lgLbSvA5ygNOMpwM/9anMpWVlVJ7Z+cHWq/eFuinpGE=
 
 golang.org/x/image v0.0.0-20191009234506-e7c1f5e7dbb8/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
 
@@ -348,8 +347,8 @@ golang.org/x/net v0.0.0-20211029224645-99673261e6eb/go.mod h1:9nx3DQGgdP8bBQD5qx
 
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
 
 golang.org/x/net v0.0.0-20221002022538-bcab6841153b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk=
 
 golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 
-golang.org/x/net v0.8.0 h1:Zrh2ngAOFYneWTAIAPethzeaQLuHwhuBkuV6ZiRnUaQ=
 
-golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
 
+golang.org/x/net v0.9.0 h1:aWJ/m6xSmxWBx+V0XRHTlrYrPG56jKsLdTFmsSsCzOM=
 
+golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns=
 
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 
 golang.org/x/oauth2 v0.6.0 h1:Lh8GPgSKBfWSwFvtuWOfeI3aAAnbXTSutYxJiOJFgIw=
 
 golang.org/x/oauth2 v0.6.0/go.mod h1:ycmewcwgD4Rpr3eZJLSB4Kyyljb3qDh40vJ8STE5HKw=
 
@@ -382,20 +381,22 @@ golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBc
 
 golang.org/x/sys v0.0.0-20220928140112-f11e5e49a4ec/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 
 golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 
-golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ=
 
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 
+golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU=
 
+golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 
-golang.org/x/term v0.6.0 h1:clScbb1cHjoCkyRbWwBEUZ5H/tIFu5TAXIqaZD0Gcjw=
 
+golang.org/x/term v0.7.0 h1:BEvjmm5fURWqcfbSKTdpkDXYBrUS1c0m8agp14W48vQ=
 
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 
 golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 
-golang.org/x/text v0.8.0 h1:57P1ETyNKtuIjB4SRd15iJxuhj8Gc416Y78H3qgMh68=
 
 golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
 
+golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE=
 
+golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
 
 golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4=
 
 golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=

+ 7 - 1
route/v1.go
View File 

@@ -1,8 +1,10 @@
 
 package route
 
 
 import (
 
+	"crypto/ecdsa"
 
 	"os"
 
 
+	"github.com/IceWhaleTech/CasaOS-Common/external"
 
 	"github.com/IceWhaleTech/CasaOS-Common/middleware"
 
 	"github.com/IceWhaleTech/CasaOS-Common/utils/jwt"
 
 	"github.com/IceWhaleTech/CasaOS/pkg/config"
 
@@ -39,7 +41,11 @@ func InitV1Router() *gin.Engine {
 
 	r.GET("/v1/recover/:type", v1.GetRecoverStorage)
 
 	v1Group := r.Group("/v1")
 
 
-	v1Group.Use(jwt.ExceptLocalhost())
 
+	v1Group.Use(jwt.JWT(
 
+		func() (*ecdsa.PublicKey, error) {
 
+			return external.GetPublicKey(config.CommonInfo.RuntimePath)
 
+		},
 
+	))
 
 	{
 
 
 		v1SysGroup := v1Group.Group("/sys")

+ 9 - 4
route/v2.go
View File 

@@ -1,6 +1,7 @@
 
 package route
 
 
 import (
 
+	"crypto/ecdsa"
 
 	"log"
 
 	"net/http"
 
 	"net/url"
 
@@ -10,9 +11,10 @@ import (
 
 	"strings"
 
 
 	"github.com/IceWhaleTech/CasaOS/codegen"
 
+	"github.com/IceWhaleTech/CasaOS/pkg/config"
 
 	"github.com/IceWhaleTech/CasaOS/pkg/utils/file"
 
 
-	"github.com/IceWhaleTech/CasaOS-Common/utils/common_err"
 
+	"github.com/IceWhaleTech/CasaOS-Common/external"
 
 	"github.com/IceWhaleTech/CasaOS-Common/utils/jwt"
 
 	v2Route "github.com/IceWhaleTech/CasaOS/route/v2"
 
 	"github.com/deepmap/oapi-codegen/pkg/middleware"
 
@@ -74,11 +76,14 @@ func InitV2Router() http.Handler {
 
 			// return true
 
 		},
 
 		ParseTokenFunc: func(token string, c echo.Context) (interface{}, error) {
 
-			claims, code := jwt.Validate(token) // TODO - needs JWT validation
 
-			if code != common_err.SUCCESS {
 
+			// claims, code := jwt.Validate(token) // TODO - needs JWT validation
 
+			// if code != common_err.SUCCESS {
 
+			// 	return nil, echo.ErrUnauthorized
 
+			// }
 
+			valid, claims, err := jwt.Validate(token, func() (*ecdsa.PublicKey, error) { return external.GetPublicKey(config.CommonInfo.RuntimePath) })
 
+			if err != nil || !valid {
 
 				return nil, echo.ErrUnauthorized
 
 			}
 
-
 
 			c.Request().Header.Set("user_id", strconv.Itoa(claims.ID))
 
 
 			return claims, nil

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5