Browse Source

change from deprecated jwt.StandardClaims to new jwt.RegisteredClaims

pull/4778/head
chrislu 1 year ago
parent
commit
c49caff5a1
  1. 12
      weed/security/jwt.go

12
weed/security/jwt.go

@ -17,14 +17,14 @@ type SigningKey []byte
// restricting the access this JWT allows to only a single file. // restricting the access this JWT allows to only a single file.
type SeaweedFileIdClaims struct { type SeaweedFileIdClaims struct {
Fid string `json:"fid"` Fid string `json:"fid"`
jwt.StandardClaims
jwt.RegisteredClaims
} }
// SeaweedFilerClaims is created e.g. by S3 proxy server and consumed by Filer server. // SeaweedFilerClaims is created e.g. by S3 proxy server and consumed by Filer server.
// Right now, it only contains the standard claims; but this might be extended later // Right now, it only contains the standard claims; but this might be extended later
// for more fine-grained permissions. // for more fine-grained permissions.
type SeaweedFilerClaims struct { type SeaweedFilerClaims struct {
jwt.StandardClaims
jwt.RegisteredClaims
} }
func GenJwtForVolumeServer(signingKey SigningKey, expiresAfterSec int, fileId string) EncodedJwt { func GenJwtForVolumeServer(signingKey SigningKey, expiresAfterSec int, fileId string) EncodedJwt {
@ -34,10 +34,10 @@ func GenJwtForVolumeServer(signingKey SigningKey, expiresAfterSec int, fileId st
claims := SeaweedFileIdClaims{ claims := SeaweedFileIdClaims{
fileId, fileId,
jwt.StandardClaims{},
jwt.RegisteredClaims{},
} }
if expiresAfterSec > 0 { if expiresAfterSec > 0 {
claims.ExpiresAt = time.Now().Add(time.Second * time.Duration(expiresAfterSec)).Unix()
claims.ExpiresAt = jwt.NewNumericDate(time.Now().Add(time.Second * time.Duration(expiresAfterSec)))
} }
t := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) t := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
encoded, e := t.SignedString([]byte(signingKey)) encoded, e := t.SignedString([]byte(signingKey))
@ -56,10 +56,10 @@ func GenJwtForFilerServer(signingKey SigningKey, expiresAfterSec int) EncodedJwt
} }
claims := SeaweedFilerClaims{ claims := SeaweedFilerClaims{
jwt.StandardClaims{},
jwt.RegisteredClaims{},
} }
if expiresAfterSec > 0 { if expiresAfterSec > 0 {
claims.ExpiresAt = time.Now().Add(time.Second * time.Duration(expiresAfterSec)).Unix()
claims.ExpiresAt = jwt.NewNumericDate(time.Now().Add(time.Second * time.Duration(expiresAfterSec)))
} }
t := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) t := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
encoded, e := t.SignedString([]byte(signingKey)) encoded, e := t.SignedString([]byte(signingKey))

Loading…
Cancel
Save