Skip to content

security: pin JWT signing algorithm to HS256 to prevent confusion attacks#99

Merged
intel352 merged 1 commit intomainfrom
fix/pin-jwt-signing-algorithm
Feb 23, 2026
Merged

security: pin JWT signing algorithm to HS256 to prevent confusion attacks#99
intel352 merged 1 commit intomainfrom
fix/pin-jwt-signing-algorithm

Conversation

@intel352
Copy link
Contributor

@intel352 intel352 commented Feb 23, 2026

Summary

  • Verified that all JWT validation paths already enforce HS256 via both a type assertion (*jwt.SigningMethodHMAC) and an explicit algorithm check (token.Method.Alg() != jwt.SigningMethodHS256.Alg())
  • Added explicit algorithm confusion tests to module/jwt_auth_test.go covering all three JWT parsing paths in JWTAuthModule: Authenticate(), the /auth/refresh endpoint, and protected endpoints via extractUserFromRequest()
  • The api package (middleware.go, auth_handler.go) already had equivalent algorithm rejection tests

Affected files

  • module/jwt_auth_test.go — 4 new test functions (8 sub-tests) confirming HS384/HS512 tokens are rejected

Test plan

  • TestJWTAuth_Authenticate_RejectsNonHS256Authenticate() rejects HS384 and HS512
  • TestJWTAuth_Authenticate_AcceptsHS256Authenticate() accepts valid HS256 tokens
  • TestJWTAuth_HandleRefresh_RejectsNonHS256/auth/refresh rejects HS384 and HS512
  • TestJWTAuth_ExtractUser_RejectsNonHS256 — protected endpoints reject HS384 and HS512
  • All existing TestJWTAuth_* tests continue to pass
  • go fmt and golangci-lint pass

Closes #95

🤖 Generated with Claude Code

@intel352 @claude
security: add algorithm pinning tests for JWT confusion attacks (closes
0d9ee9c 
#95)

Verified that all JWT validation paths in JWTAuthModule already enforce
HS256 via both type assertion (*jwt.SigningMethodHMAC) and explicit
algorithm check (token.Method.Alg() != jwt.SigningMethodHS256.Alg()).

Added tests to module/jwt_auth_test.go that explicitly confirm tokens
signed with HS384 or HS512 are rejected by:
- Authenticate() — the AuthProvider interface method
- handleRefresh via Handle() — the /auth/refresh endpoint
- extractUserFromRequest via Handle() — all protected endpoints

The api package (middleware.go, auth_handler.go) already had equivalent
algorithm rejection tests in auth_handler_test.go.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Copilot AI review requested due to automatic review settings February 23, 2026 04:23
Copilot AI reviewed Feb 23, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds comprehensive test coverage to verify that JWT algorithm confusion attacks are prevented in the JWTAuthModule. The PR confirms that all JWT validation paths already enforce HS256 algorithm pinning through both type assertions and explicit algorithm checks, and adds tests to ensure this security control continues to work correctly.

Changes:

  • Added 4 new test functions covering all three JWT parsing paths in JWTAuthModule
  • Tests verify that HS384 and HS512 tokens are rejected while HS256 tokens are accepted
  • Complements existing algorithm confusion tests in the api package

@intel352 intel352 merged commit 5212291 into main Feb 23, 2026
16 of 18 checks passed
@intel352 intel352 deleted the fix/pin-jwt-signing-algorithm branch February 23, 2026 05:27
@intel352 intel352 mentioned this pull request Feb 23, 2026
Merged
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Security: Pin JWT signing algorithm to prevent algorithm confusion attacks

2 participants

@intel352