diff --git a/attributes.go b/attributes.go index c35c9ea..b5bda36 100644 --- a/attributes.go +++ b/attributes.go @@ -3,10 +3,6 @@ package bascule -import ( - "github.com/xmidt-org/arrange" -) - type BasicAttributes map[string]interface{} func (a BasicAttributes) Get(key string) (interface{}, bool) { @@ -34,20 +30,22 @@ func GetNestedAttribute(attributes Attributes, keys ...string) (interface{}, boo result = attributes for _, k := range keys { var a Attributes - if result == nil { - return nil, false - } - ok = arrange.TryConvert(result, - func(attr Attributes) { a = attr }, - func(m map[string]interface{}) { a = BasicAttributes(m) }, - ) - if !ok { + switch r := result.(type) { + case BasicAttributes: + a = r + case Attributes: + a = r + case map[string]interface{}: + a = BasicAttributes(r) + default: return nil, false } + result, ok = a.Get(k) if !ok { return nil, false } } + return result, ok } diff --git a/basculechecks/capabilitiesmap.go b/basculechecks/capabilitiesmap.go index 7aebae5..6b6a98c 100644 --- a/basculechecks/capabilitiesmap.go +++ b/basculechecks/capabilitiesmap.go @@ -25,8 +25,8 @@ var ( // JWT match the string meant for that endpoint exactly. A CapabilitiesMap set // up with this will use the default KeyPath. type CapabilitiesMapConfig struct { - Endpoints map[string]string - Default string + Endpoints map[string]string `json:"endpoints" yaml:"endpoints"` + Default string `json:"default" yaml:"default"` } // CapabilitiesMap runs a capability check based on the value of the parsedURL, diff --git a/basculechecks/capabilitiesvalidator.go b/basculechecks/capabilitiesvalidator.go index ec0b76f..46073b9 100644 --- a/basculechecks/capabilitiesvalidator.go +++ b/basculechecks/capabilitiesvalidator.go @@ -61,10 +61,10 @@ type EndpointChecker interface { // CapabilitiesValidator set up with this will use the default KeyPath and an // EndpointRegexCheck. type CapabilitiesValidatorConfig struct { - Type string - Prefix string - AcceptAllMethod string - EndpointBuckets []string + Type string `json:"type" yaml:"type"` + Prefix string `json:"prefix" yaml:"prefix"` + AcceptAllMethod string `json:"acceptAllMethod" yaml:"acceptAllMethod"` + EndpointBuckets []string `json:"endpointBuckets" yaml:"endpointBuckets"` } // CapabilitiesValidator checks the capabilities provided in a diff --git a/basculechecks/provide.go b/basculechecks/provide.go index 6edd1af..52b583f 100644 --- a/basculechecks/provide.go +++ b/basculechecks/provide.go @@ -4,7 +4,6 @@ package basculechecks import ( - "github.com/xmidt-org/arrange" "github.com/xmidt-org/bascule" "go.uber.org/fx" ) @@ -28,10 +27,9 @@ func ProvideMetricValidator(optional bool) fx.Option { // ProvideCapabilitiesMapValidator is an uber fx Provide() function that builds // a MetricValidator that uses a CapabilitiesMap and ConstChecks, using the // configuration found at the key provided. -func ProvideCapabilitiesMapValidator(key string) fx.Option { +func ProvideCapabilitiesMapValidator() fx.Option { return fx.Options( fx.Provide( - arrange.UnmarshalKey(key, CapabilitiesMapConfig{}), NewCapabilitiesMap, ), ProvideMetricValidator(false), @@ -41,10 +39,9 @@ func ProvideCapabilitiesMapValidator(key string) fx.Option { // ProvideRegexCapabilitiesValidator is an uber fx Provide() function that // builds a MetricValidator that uses a CapabilitiesValidator and // RegexEndpointCheck, using the configuration found at the key provided. -func ProvideRegexCapabilitiesValidator(key string) fx.Option { +func ProvideRegexCapabilitiesValidator() fx.Option { return fx.Options( fx.Provide( - arrange.UnmarshalKey(key, CapabilitiesValidatorConfig{}), NewCapabilitiesValidator, ), ProvideMetricValidator(true), diff --git a/basculehttp/basicTokenFactory.go b/basculehttp/basicTokenFactory.go index 106be9d..7093fe9 100644 --- a/basculehttp/basicTokenFactory.go +++ b/basculehttp/basicTokenFactory.go @@ -11,7 +11,6 @@ import ( "fmt" "net/http" - "github.com/xmidt-org/arrange" "github.com/xmidt-org/bascule" "go.uber.org/fx" ) @@ -23,7 +22,7 @@ var ( ) type EncodedBasicKeys struct { - Basic []string + Basic []string `json:"basic" yaml:"basic"` } // EncodedBasicKeysIn contains string representations of the basic auth allowed. @@ -108,10 +107,6 @@ func NewBasicTokenFactoryFromList(encodedBasicAuthKeys []string) (BasicTokenFact // factory. func ProvideBasicTokenFactory(key string) fx.Option { return fx.Provide( - fx.Annotated{ - Name: "encoded_basic_auths", - Target: arrange.UnmarshalKey(key, EncodedBasicKeys{}), - }, fx.Annotated{ Group: "bascule_constructor_options", Target: func(in EncodedBasicKeysIn) (COption, error) { diff --git a/basculehttp/basicTokenFactory_test.go b/basculehttp/basicTokenFactory_test.go index 5af46af..94e61d0 100644 --- a/basculehttp/basicTokenFactory_test.go +++ b/basculehttp/basicTokenFactory_test.go @@ -12,11 +12,10 @@ import ( "strings" "testing" - "github.com/spf13/viper" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "github.com/xmidt-org/arrange" "github.com/xmidt-org/bascule" + "github.com/xmidt-org/sallust" "go.uber.org/fx" ) @@ -131,26 +130,18 @@ func TestProvideBasicTokenFactory(t *testing.T) { Options []COption `group:"bascule_constructor_options"` } - const yaml = ` -good: - basic: ["dXNlcjpwYXNz", "dXNlcjpwYXNz", "dXNlcjpwYXNz"] -bad: - basic: ["AAAAAAAA"] -` - v := viper.New() - v.SetConfigType("yaml") - require.NoError(t, v.ReadConfig(strings.NewReader(yaml))) - tests := []struct { description string key string optionExpected bool + keys EncodedBasicKeys expectedErr error }{ { description: "Success", key: "good", optionExpected: true, + keys: EncodedBasicKeys{Basic: []string{"dXNlcjpwYXNz", "dXNlcjpwYXNz", "dXNlcjpwYXNz"}}, }, { description: "Disabled success", @@ -159,6 +150,7 @@ bad: { description: "Failure", key: "bad", + keys: EncodedBasicKeys{Basic: []string{"AAAAAAAA"}}, expectedErr: errors.New("malformed"), }, } @@ -168,8 +160,19 @@ bad: assert := assert.New(t) require := require.New(t) app := fx.New( - arrange.TestLogger(t), - arrange.ForViper(v), + fx.Provide( + func() (c sallust.Config) { + return sallust.Config{} + }, + + fx.Annotated{ + Name: "encoded_basic_auths", + Target: func() EncodedBasicKeys { + return tc.keys + }, + }, + ), + sallust.WithLogger(), ProvideBasicTokenFactory(tc.key), fx.Invoke( func(in In) { @@ -179,8 +182,8 @@ bad: ) err := app.Err() if tc.expectedErr == nil { - assert.NoError(err) - assert.True(len(result.Options) == 1) + require.NoError(err) + require.True(len(result.Options) == 1) if tc.optionExpected { require.NotNil(result.Options[0]) return diff --git a/basculehttp/bearerTokenFactory.go b/basculehttp/bearerTokenFactory.go index 6305a0b..e37a74d 100644 --- a/basculehttp/bearerTokenFactory.go +++ b/basculehttp/bearerTokenFactory.go @@ -10,7 +10,6 @@ import ( "net/http" "github.com/golang-jwt/jwt" - "github.com/xmidt-org/arrange" "github.com/xmidt-org/bascule" "github.com/xmidt-org/clortho" "github.com/xmidt-org/clortho/clorthofx" @@ -26,17 +25,16 @@ var ( ErrInvalidPrincipal = errors.New("invalid principal") ErrInvalidToken = errors.New("token isn't valid") ErrUnexpectedClaims = errors.New("claims wasn't MapClaims as expected") - - ErrNilResolver = errors.New("resolver cannot be nil") + ErrNilResolver = errors.New("resolver cannot be nil") ) // BearerTokenFactory parses and does basic validation for a JWT token, // converting it into a bascule Token. type BearerTokenFactory struct { fx.In - DefaultKeyID string `name:"default_key_id"` - Resolver clortho.Resolver - Parser bascule.JWTParser `optional:"true"` + DefaultKeyID string `name:"default_key_id" optional:"true"` + Resolver clortho.Resolver `name:"key_resolver" optional:"true"` + Parser bascule.JWTParser `name:"parser" optional:"true"` Leeway bascule.Leeway `name:"jwt_leeway" optional:"true"` } @@ -99,21 +97,24 @@ func (btf BearerTokenFactory) ParseAndValidate(ctx context.Context, _ *http.Requ // ProvideBearerTokenFactory uses the key given to unmarshal configuration // needed to build a bearer token factory. It provides a constructor option // with the bearer token factory. -func ProvideBearerTokenFactory(configKey string, optional bool) fx.Option { +func ProvideBearerTokenFactory(optional bool) fx.Option { return fx.Options( clorthofx.Provide(), fx.Provide( - fx.Annotated{ - Name: "jwt_leeway", - Target: arrange.UnmarshalKey(fmt.Sprintf("%s.leeway", configKey), - bascule.Leeway{}), - }, fx.Annotated{ Group: "bascule_constructor_options", Target: func(f BearerTokenFactory) (COption, error) { if f.Parser == nil { f.Parser = bascule.DefaultJWTParser } + + if f.Resolver == nil { + if optional { + return nil, nil + } + return nil, ErrNilResolver + } + return WithTokenFactory(BearerAuthorization, f), nil }, }, diff --git a/basculehttp/bearerTokenFactory_test.go b/basculehttp/bearerTokenFactory_test.go index 1f0f173..3869eae 100644 --- a/basculehttp/bearerTokenFactory_test.go +++ b/basculehttp/bearerTokenFactory_test.go @@ -6,18 +6,16 @@ package basculehttp import ( "context" "errors" - "fmt" "net/http/httptest" - "strings" "testing" "github.com/golang-jwt/jwt" - "github.com/spf13/viper" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" "github.com/stretchr/testify/require" - "github.com/xmidt-org/arrange" "github.com/xmidt-org/bascule" + "github.com/xmidt-org/clortho" + "github.com/xmidt-org/sallust" "go.uber.org/fx" ) @@ -146,76 +144,82 @@ func TestProvideBearerTokenFactory(t *testing.T) { Options []COption `group:"bascule_constructor_options"` } - const yaml = ` -good: - key: - factory: - uri: "http://test:1111/keys/{keyId}" - purpose: 0 - updateInterval: 604800000000000 -` - v := viper.New() - v.SetConfigType("yaml") - require.NoError(t, v.ReadConfig(strings.NewReader(yaml))) - - tests := []struct { - description string - key string - optional bool - optionExpected bool - expectedErr error - }{ - { - description: "Success", - key: "good", - optional: false, - optionExpected: true, - }, - { - description: "Silent failure", - key: "bad", - optional: true, - }, - } - for _, tc := range tests { - t.Run(tc.description, func(t *testing.T) { - result := In{} - assert := assert.New(t) - require := require.New(t) - app := fx.New( - fx.Provide( - fx.Annotated{ - Name: "default_key_id", - Target: func() string { - return "default" - }, + t.Run("Success", func(t *testing.T) { + result := In{} + require := require.New(t) + app := fx.New( + fx.Provide( + fx.Annotated{ + Name: "default_key_id", + Target: func() string { + return "default" }, - ), - arrange.TestLogger(t), - arrange.ForViper(v), - ProvideBearerTokenFactory(tc.key, tc.optional), - fx.Invoke( - func(in In) { - result = in + }, + fx.Annotated{ + Name: "key_resolver", + Target: func() clortho.Resolver { + r := new(MockResolver) + return r }, - ), - ) - err := app.Err() - if tc.expectedErr == nil { - assert.NoError(err) - assert.True(len(result.Options) == 1) - if tc.optionExpected { - require.NotNil(result.Options[0]) - return - } - return - } - assert.Nil(result.Options) - require.Error(err) - assert.True(strings.Contains(err.Error(), tc.expectedErr.Error()), - fmt.Errorf("error [%v] doesn't contain error [%v]", - err, tc.expectedErr), - ) - }) + }, + fx.Annotated{ + Name: "parser", + Target: func() bascule.JWTParser { + p := new(mockParser) + return p + }, + }, + fx.Annotated{ + Name: "jwt_leeway", + Target: func() bascule.Leeway { + return bascule.Leeway{EXP: 5} + }, + }, + func() (c sallust.Config) { + return sallust.Config{} + }, + ), + sallust.WithLogger(), + ProvideBearerTokenFactory(false), + fx.Invoke( + func(in In) { + result = in + }, + ), + ) + err := app.Err() + require.NoError(err) + require.NotEmpty(result.Options) + require.NotNil(result.Options[0]) + }) +} + +func TestOptionalProvideBearerTokenFactory(t *testing.T) { + type In struct { + fx.In + Options []COption `group:"bascule_constructor_options"` } + + t.Run("Silent failure", func(t *testing.T) { + result := In{} + require := require.New(t) + app := fx.New( + fx.Provide( + func() (c sallust.Config) { + return sallust.Config{} + }, + ), + sallust.WithLogger(), + ProvideBearerTokenFactory(true), + fx.Invoke( + func(in In) { + result = in + }, + ), + ) + err := app.Err() + require.NoError(err) + require.NotEmpty(result.Options) + require.Nil(result.Options[0]) + }) } diff --git a/basculehttp/provide_test.go b/basculehttp/provide_test.go index 24399e4..e7d3f1b 100644 --- a/basculehttp/provide_test.go +++ b/basculehttp/provide_test.go @@ -4,15 +4,15 @@ package basculehttp import ( - "strings" "testing" "github.com/justinas/alice" - "github.com/spf13/viper" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "github.com/xmidt-org/arrange" + "github.com/xmidt-org/bascule" "github.com/xmidt-org/bascule/basculechecks" + "github.com/xmidt-org/clortho" + "github.com/xmidt-org/sallust" "github.com/xmidt-org/touchstone" "go.uber.org/fx" "go.uber.org/fx/fxtest" @@ -22,23 +22,6 @@ import ( func TestProvideBearerMiddleware(t *testing.T) { assert := assert.New(t) require := require.New(t) - - const yaml = ` -bearer: - key: - factory: - uri: "http://test:1111/keys/{keyId}" - purpose: 0 - updateInterval: 604800000000000 -capabilities: - endpoints: - ".*/a/.*": "whatsup" - ".*/b/.*": "nm" - default: "eh" -` - v := viper.New() - v.SetConfigType("yaml") - require.NoError(v.ReadConfig(strings.NewReader(yaml))) l, err := zap.NewDevelopment() require.NoError(err) @@ -51,24 +34,54 @@ capabilities: t, // supplying dependencies - arrange.LoggerFunc(l.Sugar().Infof), fx.Supply(l), - arrange.ForViper(v), touchstone.Provide(), fx.Provide( + func() (c sallust.Config) { + return sallust.Config{} + }, + func() (c basculechecks.CapabilitiesMapConfig) { + return basculechecks.CapabilitiesMapConfig{ + Endpoints: map[string]string{ + ".*/a/.*": "whatsup", + ".*/b/.*": "nm", + }, + Default: "eh", + } + }, fx.Annotated{ Name: "default_key_id", Target: func() string { - return "current" + return "default" + }, + }, + fx.Annotated{ + Name: "key_resolver", + Target: func() clortho.Resolver { + r := new(MockResolver) + return r + }, + }, + fx.Annotated{ + Name: "parser", + Target: func() bascule.JWTParser { + p := new(mockParser) + return p + }, + }, + fx.Annotated{ + Name: "jwt_leeway", + Target: func() bascule.Leeway { + return bascule.Leeway{EXP: 5} }, }, ), // the parts we care about ProvideMetrics(), - ProvideBearerTokenFactory("bearer", false), + ProvideBearerTokenFactory(false), basculechecks.ProvideMetrics(), - basculechecks.ProvideCapabilitiesMapValidator("capabilities"), + basculechecks.ProvideCapabilitiesMapValidator(), ProvideBearerValidator(), ProvideServerChain(), @@ -89,89 +102,54 @@ func TestProvideOptionalMiddleware(t *testing.T) { fx.In AuthChain alice.Chain `name:"auth_chain"` } - basicAuth := ` -basic: ["dXNlcjpwYXNz"] -` - // nolint:gosec - bearerAuth := ` -bearer: - key: - factory: - uri: "http://test:1111/keys/{keyId}" - purpose: 0 - updateInterval: 604800000000000 -` - var yamls = map[string]string{ - "everything included": basicAuth + bearerAuth + ` -capabilities: - type: "enforce" - prefix: "test" - acceptAllMethod: "all" - endpointBuckets: - - "aaaa\\b" - - "bbbn/.*\\b" -`, - "capabilities monitoring": basicAuth + bearerAuth + ` -capabilities: - type: "monitor" - prefix: "test" - acceptAllMethod: "all" - endpointBuckets: - - "aaaa\\b" - - "bbbn/.*\\b" -`, - "no capability check": basicAuth + bearerAuth, - "basic only": basicAuth, - "bearer only": bearerAuth, - "empty config": ``, - } - for desc, yaml := range yamls { - t.Run(desc, func(t *testing.T) { - assert := assert.New(t) - require := require.New(t) + t.Run("no capability check or bearer token factory or basic auth", func(t *testing.T) { + assert := assert.New(t) + require := require.New(t) + l, err := zap.NewDevelopment() + require.NoError(err) - v := viper.New() - v.SetConfigType("yaml") - require.NoError(v.ReadConfig(strings.NewReader(yaml))) - l, err := zap.NewDevelopment() - require.NoError(err) + result := In{} + app := fxtest.New( + t, - result := In{} - app := fxtest.New( - t, - - // supplying dependencies - arrange.LoggerFunc(l.Sugar().Infof), - fx.Supply(l), - arrange.ForViper(v), - touchstone.Provide(), - fx.Provide( - fx.Annotated{ - Name: "default_key_id", - Target: func() string { - return "current" - }, + // supplying dependencies + fx.Supply(l), + touchstone.Provide(), + fx.Provide( + func() (c sallust.Config) { + return sallust.Config{} + }, + fx.Annotated{ + Name: "encoded_basic_auths", + Target: func() EncodedBasicKeys { + return EncodedBasicKeys{Basic: []string{"dXNlcjpwYXNz", "dXNlcjpwYXNz", "dXNlcjpwYXNz"}} }, - ), - // the parts we care about - ProvideMetrics(), - ProvideBasicAuth(""), - ProvideBearerTokenFactory("bearer", true), - basculechecks.ProvideMetrics(), - basculechecks.ProvideRegexCapabilitiesValidator("capabilities"), - ProvideBearerValidator(), - ProvideServerChain(), + }, + func() (c basculechecks.CapabilitiesValidatorConfig) { + return basculechecks.CapabilitiesValidatorConfig{ + Type: "enforce", + EndpointBuckets: []string{"abc", "def", `\M`, "adbecf"}, + } + }, + ), + // the parts we care about + ProvideMetrics(), + ProvideBasicAuth(""), + ProvideBearerTokenFactory(true), + basculechecks.ProvideMetrics(), + basculechecks.ProvideRegexCapabilitiesValidator(), + ProvideBearerValidator(), + ProvideServerChain(), - fx.Invoke( - func(in In) { - result = in - }, - ), - ) - require.NoError(app.Err()) - app.RequireStart() - assert.NotNil(result.AuthChain) - app.RequireStop() - }) - } + fx.Invoke( + func(in In) { + result = in + }, + ), + ) + require.NoError(app.Err()) + app.RequireStart() + assert.NotNil(result.AuthChain) + app.RequireStop() + }) } diff --git a/go.mod b/go.mod index 3c0fd13..8e7ec13 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/xmidt-org/bascule -go 1.19 +go 1.21 require ( github.com/SermoDigital/jose v0.9.2-0.20161205224733-f6df55f235c2 @@ -9,9 +9,7 @@ require ( github.com/justinas/alice v1.2.0 github.com/prometheus/client_golang v1.17.0 github.com/spf13/cast v1.5.1 - github.com/spf13/viper v1.17.0 github.com/stretchr/testify v1.8.4 - github.com/xmidt-org/arrange v0.4.0 github.com/xmidt-org/candlelight v0.0.19 github.com/xmidt-org/clortho v0.0.4 github.com/xmidt-org/sallust v0.2.2 @@ -29,7 +27,6 @@ require ( github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 // indirect - github.com/fsnotify/fsnotify v1.6.0 // indirect github.com/go-kit/log v0.2.1 // indirect github.com/go-logfmt/logfmt v0.6.0 // indirect github.com/go-logr/logr v1.2.4 // indirect @@ -39,7 +36,6 @@ require ( github.com/golang/protobuf v1.5.3 // indirect github.com/google/uuid v1.4.0 // indirect github.com/grpc-ecosystem/grpc-gateway/v2 v2.15.1 // indirect - github.com/hashicorp/hcl v1.0.0 // indirect github.com/influxdata/influxdb1-client v0.0.0-20220302092344-a9ab5670611c // indirect github.com/jtacoma/uritemplates v1.0.0 // indirect github.com/lestrrat-go/blackmagic v1.0.1 // indirect @@ -48,23 +44,14 @@ require ( github.com/lestrrat-go/iter v1.0.2 // indirect github.com/lestrrat-go/jwx/v2 v2.0.11 // indirect github.com/lestrrat-go/option v1.0.1 // indirect - github.com/magiconair/properties v1.8.7 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect - github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/openzipkin/zipkin-go v0.4.2 // indirect - github.com/pelletier/go-toml/v2 v2.1.0 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/prometheus/client_model v0.4.1-0.20230718164431-9a2bf3000d16 // indirect github.com/prometheus/common v0.44.0 // indirect github.com/prometheus/procfs v0.11.1 // indirect - github.com/sagikazarmark/locafero v0.3.0 // indirect - github.com/sagikazarmark/slog-shim v0.1.0 // indirect github.com/segmentio/asm v1.2.0 // indirect - github.com/sourcegraph/conc v0.3.0 // indirect - github.com/spf13/afero v1.10.0 // indirect - github.com/spf13/pflag v1.0.5 // indirect github.com/stretchr/objx v0.5.0 // indirect - github.com/subosito/gotenv v1.6.0 // indirect github.com/ugorji/go/codec v1.2.11 // indirect github.com/xmidt-org/chronon v0.1.1 // indirect github.com/xmidt-org/wrp-go/v3 v3.2.1 // indirect @@ -80,9 +67,9 @@ require ( go.opentelemetry.io/otel/sdk v1.17.0 // indirect go.opentelemetry.io/otel/trace v1.17.0 // indirect go.opentelemetry.io/proto/otlp v0.19.0 // indirect + go.uber.org/atomic v1.11.0 // indirect go.uber.org/dig v1.17.0 // indirect golang.org/x/crypto v0.14.0 // indirect - golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect golang.org/x/net v0.17.0 // indirect golang.org/x/sys v0.13.0 // indirect golang.org/x/text v0.13.0 // indirect @@ -91,7 +78,6 @@ require ( google.golang.org/genproto/googleapis/rpc v0.0.0-20230920204549-e6e6cdab5c13 // indirect google.golang.org/grpc v1.58.3 // indirect google.golang.org/protobuf v1.31.0 // indirect - gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 8d6cb8d..8e36a83 100644 --- a/go.sum +++ b/go.sum @@ -819,7 +819,6 @@ github.com/frankban/quicktest v1.14.4/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7z github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmVXmkdnm1bU= -github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= github.com/getsentry/raven-go v0.2.0/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= @@ -1017,7 +1016,6 @@ github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51 github.com/gorilla/mux v1.6.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= github.com/gorilla/mux v1.7.4/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= -github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= github.com/gorilla/schema v1.0.3-0.20180614150749-e0e4b92809ac/go.mod h1:kgLaKoK1FELgZqMAVxx/5cbj0kT+57qxUrAlIO2eleU= github.com/gorilla/schema v1.2.0/go.mod h1:kgLaKoK1FELgZqMAVxx/5cbj0kT+57qxUrAlIO2eleU= @@ -1110,7 +1108,6 @@ github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= -github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hashicorp/hil v0.0.0-20160711231837-1e86c6b523c5/go.mod h1:KHvg/R2/dPtaePb16oW4qIyzkMxXOL38xjRN64adsts= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= @@ -1257,7 +1254,6 @@ github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czP github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= github.com/magiconair/properties v1.8.6/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= -github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY= github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= @@ -1308,7 +1304,6 @@ github.com/mitchellh/mapstructure v1.3.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RR github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.4.2/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.4.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= -github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/mitchellh/reflectwalk v1.0.1/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= @@ -1383,8 +1378,6 @@ github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCko github.com/pelletier/go-toml/v2 v2.0.1/go.mod h1:r9LEWfGN8R5k0VXJ+0BkIe7MYkRdwZOjgMj2KwnJFUo= github.com/pelletier/go-toml/v2 v2.0.6/go.mod h1:eumQOmlWiOPt5WriQQqoM5y18pDHwha2N+QD+EUNTek= github.com/pelletier/go-toml/v2 v2.0.8/go.mod h1:vuYfssBdrU2XDZ9bYydBu6t+6a6PYNcZljzZR9VXg+4= -github.com/pelletier/go-toml/v2 v2.1.0 h1:FnwAJ4oYMvbT/34k9zzHuZNrhlz48GB3/s6at6/MHO4= -github.com/pelletier/go-toml/v2 v2.1.0/go.mod h1:tJU2Z3ZkXwnxa4DPO899bsyIoywizdUvyaeZurnPPDc= github.com/performancecopilot/speed v3.0.0+incompatible/go.mod h1:/CLtqpZ5gBg1M9iaPbIdPPGyKcA8hKdoy6hAWba7Yac= github.com/performancecopilot/speed/v4 v4.0.0/go.mod h1:qxrSyuDGrTOWfV+uKRFhfxw6h/4HXRGUiZiufxo49BM= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= @@ -1502,10 +1495,6 @@ github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIH github.com/sagikazarmark/crypt v0.6.0/go.mod h1:U8+INwJo3nBv1m6A/8OBXAq7Jnpspk5AxSgDyEQcea8= github.com/sagikazarmark/crypt v0.9.0/go.mod h1:RnH7sEhxfdnPm1z+XMgSLjWTEIjyK4z2dw6+4vHTMuo= github.com/sagikazarmark/crypt v0.10.0/go.mod h1:gwTNHQVoOS3xp9Xvz5LLR+1AauC5M6880z5NWzdhOyQ= -github.com/sagikazarmark/locafero v0.3.0 h1:zT7VEGWC2DTflmccN/5T1etyKvxSxpHsjb9cJvm4SvQ= -github.com/sagikazarmark/locafero v0.3.0/go.mod h1:w+v7UsPNFwzF1cHuOajOOzoq4U7v/ig1mpRjqV+Bu1U= -github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6gto+ugjYE= -github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWRIczQRv+GVI1AkeQ= github.com/samuel/go-zookeeper v0.0.0-20180130194729-c4fab1ac1bec/go.mod h1:gi+0XIa01GRL2eRQVjQkKGqKF3SF9vZR/HnPullcV2E= github.com/samuel/go-zookeeper v0.0.0-20190923202752-2cc03de413da/go.mod h1:gi+0XIa01GRL2eRQVjQkKGqKF3SF9vZR/HnPullcV2E= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= @@ -1529,8 +1518,6 @@ github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9 github.com/softlayer/softlayer-go v0.0.0-20180806151055-260589d94c7d/go.mod h1:Cw4GTlQccdRGSEf6KiMju767x0NEHE0YIVPJSaXjlsw= github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= github.com/sony/gobreaker v0.4.1/go.mod h1:ZKptC7FHNvhBz7dN2LGjPVBz2sZJmc0/PkyDJOjmxWY= -github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9ySo= -github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= @@ -1541,8 +1528,6 @@ github.com/spf13/afero v1.8.2/go.mod h1:CtAatgMJh6bJEIs48Ay/FOnkljP3WeGUG0MC1RfA github.com/spf13/afero v1.9.2/go.mod h1:iUV7ddyEEZPO5gA3zD4fJt6iStLlL+Lg4m2cihcDf8Y= github.com/spf13/afero v1.9.3/go.mod h1:iUV7ddyEEZPO5gA3zD4fJt6iStLlL+Lg4m2cihcDf8Y= github.com/spf13/afero v1.9.5/go.mod h1:UBogFpq8E9Hx+xc5CNTTEpTnuHVmXDwZcZcE1eb/UhQ= -github.com/spf13/afero v1.10.0 h1:EaGW2JJh15aKOejeuJ+wpFSHnbd7GE6Wvp3TsNhb6LY= -github.com/spf13/afero v1.10.0/go.mod h1:UBogFpq8E9Hx+xc5CNTTEpTnuHVmXDwZcZcE1eb/UhQ= github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= @@ -1554,7 +1539,6 @@ github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0 github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE= github.com/spf13/viper v1.6.1/go.mod h1:t3iDnF5Jlj76alVNuyFBk5oUMCvsrkbvZK0WQdfDi5k= @@ -1564,8 +1548,6 @@ github.com/spf13/viper v1.7.1/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5q github.com/spf13/viper v1.12.0/go.mod h1:b6COn30jlNxbm/V2IqWiNWkJ+vZNiMNksliPCiuKtSI= github.com/spf13/viper v1.15.0/go.mod h1:fFcTBJxvhhzSJiZy8n+PeW6t8l+KeT/uTARa0jHOQLA= github.com/spf13/viper v1.16.0/go.mod h1:yg78JgCJcbrQOvV9YLXgkLaZqUidkY9K+Dd1FofRzQg= -github.com/spf13/viper v1.17.0 h1:I5txKw7MJasPL/BrfkbA0Jyo/oELqVmux4pR/UxOMfI= -github.com/spf13/viper v1.17.0/go.mod h1:BmMMMLQXSbcHK6KAOiFLz0l5JHrU89OdIRHvsk0+yVI= github.com/streadway/amqp v0.0.0-20190404075320-75d898a42a94/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw= github.com/streadway/amqp v0.0.0-20190827072141-edfb9018d271/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw= github.com/streadway/amqp v1.0.0/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw= @@ -1598,8 +1580,6 @@ github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXl github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= github.com/subosito/gotenv v1.3.0/go.mod h1:YzJjq/33h7nrwdY+iHMhEOEEbW0ovIz0tB6t6PwAXzs= github.com/subosito/gotenv v1.4.2/go.mod h1:ayKnFf/c6rvx/2iiLrJUk1e6plDbT3edrFNGqEflhK0= -github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8= -github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= github.com/tencentcloud/tencentcloud-sdk-go v3.0.83+incompatible/go.mod h1:0PfYow01SHPMhKY31xa+EFz2RStxIqj6JFAJS+IkCi4= github.com/tent/http-link-go v0.0.0-20130702225549-ac974c61c2f9/go.mod h1:RHkNRtSLfOK7qBTHaeSX1D6BNpI3qw7NTxsmNr4RvN8= github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= @@ -1629,7 +1609,6 @@ github.com/xmidt-org/argus v0.5.0/go.mod h1:8nMg4ywpWCNPgUzwtWhiPAxklrmVsoxwciGJ github.com/xmidt-org/argus v0.9.10/go.mod h1:FBFhBQ07fquAiDT7mMG+X6h0ycerZQJCpqIlQJ+Kjf8= github.com/xmidt-org/arrange v0.1.9/go.mod h1:PRA8iEZ11L93NsEkDP56x1mZyfDcWxzDULgHj56TaEk= github.com/xmidt-org/arrange v0.3.0/go.mod h1:pCHeb93OFA0QnEJ//Mmly7QqUt7y/w3xllK0VQ3Bigo= -github.com/xmidt-org/arrange v0.4.0 h1:DmJJTK58C44B4efyBV78SmMH0mn0G54n3caVn5BopUU= github.com/xmidt-org/arrange v0.4.0/go.mod h1:MA1eKUZYxaSMIKJL3D/iJEMQruiefmhq+s5E9J4UJv0= github.com/xmidt-org/bascule v0.8.0/go.mod h1:dPxlbNT3lCwYAtOq2zbzyzTEKgM+azLSbKKcVmgSHBY= github.com/xmidt-org/bascule v0.8.1/go.mod h1:dPxlbNT3lCwYAtOq2zbzyzTEKgM+azLSbKKcVmgSHBY= @@ -1799,8 +1778,9 @@ go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ= go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= +go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE= +go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= go.uber.org/dig v1.7.0/go.mod h1:z+dSd2TP9Usi48jL8M3v63iSBVkiwtVyMKxMZYYauPg= go.uber.org/dig v1.9.0/go.mod h1:X34SnWGr8Fyla9zQNO2GSO2D+TIuqB14OS8JhYocIyw= go.uber.org/dig v1.10.0/go.mod h1:X34SnWGr8Fyla9zQNO2GSO2D+TIuqB14OS8JhYocIyw= @@ -1905,8 +1885,6 @@ golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EH golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= golang.org/x/exp v0.0.0-20220827204233-334a2380cb91/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE= golang.org/x/exp v0.0.0-20230321023759-10a507213a29/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc= -golang.org/x/exp v0.0.0-20230905200255-921286631fa9 h1:GoHiUyI/Tp2nVkLI2mCxVkOjsbSXD66ic0XW0js0R9g= -golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqRShND87VCbxmc6bL1Yd2oYrm6k= golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= @@ -2665,7 +2643,6 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.66.4/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= gopkg.in/natefinch/lumberjack.v2 v2.2.1 h1:bBRl1b0OH9s/DuPhuXpNl+VtCaJXFZ5/uEFST95x9zc= diff --git a/jws.go b/jws.go index f3072d1..51a9811 100644 --- a/jws.go +++ b/jws.go @@ -37,9 +37,9 @@ type ClaimsWithLeeway struct { // Leeway is the amount of buffer to include with the time, to allow for clock // skew. type Leeway struct { - EXP int64 `json:"expLeeway"` - NBF int64 `json:"nbfLeeway"` - IAT int64 `json:"iatLeeway"` + EXP int64 `json:"expLeeway" yaml:"expLeeway"` + NBF int64 `json:"nbfLeeway" yaml:"nbfLeeway"` + IAT int64 `json:"iatLeeway" yaml:"iatLeeway"` } // Valid implements the jwt.Claims interface, ensuring that the token claism