Removing dependency on jwt

Signed-off-by: Matthias Hanel <mh@synadia.com>
nats-io · Jun 1, 2020 · c5ec9b7 · c5ec9b7
1 parent b79aa03
commit c5ec9b7
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 119 deletions.
diff --git a/go.mod b/go.mod
@@ -4,9 +4,8 @@ go 1.14
 
 require (
 	github.com/golang/protobuf v1.4.2
-	github.com/nats-io/jwt/v2 v2.0.0-20200526202838-090bfbeb35a2
-	github.com/nats-io/nats-server/v2 v2.1.8-0.20200526215132-2343c43528f1
-	github.com/nats-io/nkeys v0.1.4
+	github.com/nats-io/nats-server/v2 v2.1.7
+	github.com/nats-io/nkeys v0.2.0
 	github.com/nats-io/nuid v1.0.1
 	google.golang.org/protobuf v1.23.0
 )
diff --git a/go.sum b/go.sum
@@ -1,6 +1,3 @@
-github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
-github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
 github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
 github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
@@ -12,44 +9,27 @@ github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMyw
 github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.4.0 h1:xsAVV57WRhGj6kEIi8ReJzQlHHqcBYCElAvkovg3B/4=
 github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/minio/highwayhash v1.0.0 h1:iMSDhgUILCr0TNm8LWlSjF8N0ZIj2qbO8WHp6Q/J2BA=
-github.com/minio/highwayhash v1.0.0/go.mod h1:xQboMTeM9nY9v/LlAOxFctujiv5+Aq2hR5dxBpaMbdc=
-github.com/nats-io/jwt v0.3.0/go.mod h1:fRYCDE99xlTsqUzISS1Bi75UBJ6ljOJQOAAu5VglpSg=
+github.com/nats-io/jwt v0.3.2 h1:+RB5hMpXUUA2dfxuhBTEkMOrYmM+gKIZYS1KjSostMI=
 github.com/nats-io/jwt v0.3.2/go.mod h1:/euKqTS1ZD+zzjYrY7pseZrTtWQSjujC7xjPc8wL6eU=
-github.com/nats-io/jwt v0.3.3-0.20200521183222-e0469408130c h1:t6et6b/4MPZHxP0gtyczC7FeWi0anKl5djK6XdZj2xw=
-github.com/nats-io/jwt v0.3.3-0.20200521183222-e0469408130c/go.mod h1:93OoI9cfJ13Q42aaXp9Ii1H9kXBFdzcC3skMgDTebj4=
-github.com/nats-io/jwt/v2 v2.0.0-20200221225433-79b67ebebe7a/go.mod h1:dSGoi+iL72DccF6Ix1HLrYZgn4LqcWKG4f9vpKpKEx4=
-github.com/nats-io/jwt/v2 v2.0.0-20200521183222-e0469408130c/go.mod h1:W1oHivuMaErpZ6JtZff/QmEhTA4rM+5vYk1i3YOVAII=
-github.com/nats-io/jwt/v2 v2.0.0-20200526202838-090bfbeb35a2 h1:MtqdtYTq+O7rBr1j1rc6wtl5WvZfuykhTY7odDxolXQ=
-github.com/nats-io/jwt/v2 v2.0.0-20200526202838-090bfbeb35a2/go.mod h1:4VtoS5xP422GIUkO52eEkVw3kiED3zz5b3fWXGLZZYs=
-github.com/nats-io/nats-server/v2 v2.1.5-0.20200221230318-37acb108c763/go.mod h1:SIo4XyLCGlpzzVj5gK6J1WeLcyzcdSoPFnCRw5cI55I=
-github.com/nats-io/nats-server/v2 v2.1.8-0.20200526215132-2343c43528f1 h1:YAyagOhoFB+kZfYD8iUY/XMHyabWMKGSaIz5IqVhPYw=
-github.com/nats-io/nats-server/v2 v2.1.8-0.20200526215132-2343c43528f1/go.mod h1:Pu1DgbCrNWMFf7Ub+JAe5s54iJbGjqN1u9rnQxKqcxs=
-github.com/nats-io/nats.go v1.9.1/go.mod h1:ZjDU1L/7fJ09jvUSRVBR2e7+RnLiiIQyqyzEE/Zbp4w=
-github.com/nats-io/nats.go v1.10.1-0.20200521221723-55b1d59dca23/go.mod h1:70Lot3KrV9qXjurDm6YrgfmtAeD3s8IbuaTv3sVy+0E=
-github.com/nats-io/nkeys v0.1.0/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w=
+github.com/nats-io/nats-server/v2 v2.1.7 h1:jCoQwDvRYJy3OpOTHeYfvIPLP46BMeDmH7XEJg/r42I=
+github.com/nats-io/nats-server/v2 v2.1.7/go.mod h1:rbRrRE/Iv93O/rUvZ9dh4NfT0Cm9HWjW/BqOWLGgYiE=
+github.com/nats-io/nats.go v1.10.0/go.mod h1:AjGArbfyR50+afOUotNX2Xs5SYHf+CoOa5HH1eEl2HE=
 github.com/nats-io/nkeys v0.1.3/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w=
 github.com/nats-io/nkeys v0.1.4 h1:aEsHIssIk6ETN5m2/MD8Y4B2X7FfXrBAUdkyRvbVYzA=
 github.com/nats-io/nkeys v0.1.4/go.mod h1:XdZpAbhgyyODYqjTawOnIOI7VlbKSarI9Gfy1tqEu/s=
+github.com/nats-io/nkeys v0.2.0 h1:WXKF7diOaPU9cJdLD7nuzwasQy9vT1tBqzXZZf3AMJM=
+github.com/nats-io/nkeys v0.2.0/go.mod h1:XdZpAbhgyyODYqjTawOnIOI7VlbKSarI9Gfy1tqEu/s=
 github.com/nats-io/nuid v1.0.1 h1:5iA8DT8V7q8WK2EScv2padNa/rTESc1KdnPw4TC2paw=
 github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c=
-github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
-github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
-github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4=
-github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59 h1:3zb4D3T4G8jdExgVU/95+vQXfpEPiMdCaZgmGVxjNHM=
 golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/sys v0.0.0-20190130150945-aca44879d564/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e h1:D5TXcfTk7xF7hvieo4QErS3qqCB4teTffacDWr7CI+0=
 golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7 h1:HmbHVPwrPEKPGLAcHSrMe6+hqSUlvZU0rab6x5EXfGU=
-golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -58,9 +38,6 @@ google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ
 google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
 google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
 google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
+google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
 google.golang.org/protobuf v1.23.0 h1:4MY060fB1DLGMB/7MBTLnwQUY6+F09GEiz6SsrNqyzM=
 google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
-gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
-gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
diff --git a/nats.go b/nats.go
@@ -37,7 +37,6 @@ import (
 	"sync/atomic"
 	"time"
 
-	"github.com/nats-io/jwt/v2"
 	"github.com/nats-io/nats.go/util"
 	"github.com/nats-io/nkeys"
 	"github.com/nats-io/nuid"
@@ -4186,7 +4185,7 @@ func userFromFile(userFile string) (string, error) {
 		return _EMPTY_, fmt.Errorf("nats: %v", err)
 	}
 	defer wipeSlice(contents)
-	return jwt.ParseDecoratedJWT(contents)
+	return nkeys.ParseDecoratedJWT(contents)
 }
 
 func homeDir() (string, error) {
@@ -4235,7 +4234,7 @@ func nkeyPairFromSeedFile(seedFile string) (nkeys.KeyPair, error) {
 		return nil, fmt.Errorf("nats: %v", err)
 	}
 	defer wipeSlice(contents)
-	return jwt.ParseDecoratedNKey(contents)
+	return nkeys.ParseDecoratedNKey(contents)
 }
 
 // Sign authentication challenges from the server.

diff --git a/nats_test.go b/nats_test.go
@@ -36,7 +36,6 @@ import (
 	"testing"
 	"time"
 
-	"github.com/nats-io/jwt/v2"
 	"github.com/nats-io/nats-server/v2/server"
 	natsserver "github.com/nats-io/nats-server/v2/test"
 	"github.com/nats-io/nkeys"
@@ -1437,13 +1436,6 @@ func TestUserCredentialsChainedFile(t *testing.T) {
 	nc.Close()
 }
 
-func createNewUserKeys() (string, []byte) {
-	kp, _ := nkeys.CreateUser()
-	pub, _ := kp.PublicKey()
-	priv, _ := kp.Seed()
-	return pub, priv
-}
-
 func TestExpiredUserCredentials(t *testing.T) {
 	// The goal of this test was to check how a client with an expiring JWT
 	// behaves. It should receive an async -ERR indicating that the auth
@@ -1559,80 +1551,6 @@ func TestExpiredUserCredentials(t *testing.T) {
 	wg.Wait()
 }
 
-func TestExpiredUserCredentialsRenewal(t *testing.T) {
-	if server.VERSION[0] == '1' {
-		t.Skip()
-	}
-	ts := runTrustServer()
-	defer ts.Shutdown()
-
-	// Create user credentials that will expire in a short timeframe.
-	pub, priv := createNewUserKeys()
-	nuc := jwt.NewUserClaims(pub)
-	nuc.Expires = time.Now().Add(time.Second).Unix()
-	akp, _ := nkeys.FromSeed(aSeed)
-	ujwt, err := nuc.Encode(akp)
-	if err != nil {
-		t.Fatalf("Error encoding user jwt: %v", err)
-	}
-	creds, err := jwt.FormatUserConfig(ujwt, priv)
-	if err != nil {
-		t.Fatalf("Error encoding credentials: %v", err)
-	}
-	chainedFile := createTmpFile(t, creds)
-	defer os.Remove(chainedFile)
-
-	rch := make(chan bool)
-
-	url := fmt.Sprintf("nats://127.0.0.1:%d", TEST_PORT)
-	nc, err := Connect(url,
-		UserCredentials(chainedFile),
-		ReconnectWait(25*time.Millisecond),
-		ReconnectJitter(0, 0),
-		MaxReconnects(2),
-		ReconnectHandler(func(nc *Conn) {
-			rch <- true
-		}),
-	)
-	if err != nil {
-		t.Fatalf("Expected to connect, got %v", err)
-	}
-	defer nc.Close()
-
-	// Place new credentials underneath.
-	nuc.Expires = time.Now().Add(30 * time.Second).Unix()
-	ujwt, err = nuc.Encode(akp)
-	if err != nil {
-		t.Fatalf("Error encoding user jwt: %v", err)
-	}
-	creds, err = jwt.FormatUserConfig(ujwt, priv)
-	if err != nil {
-		t.Fatalf("Error encoding credentials: %v", err)
-	}
-	if err := ioutil.WriteFile(chainedFile, creds, 0666); err != nil {
-		t.Fatalf("Error writing conf file: %v", err)
-	}
-
-	// Make sure we get disconnected and reconnected first.
-	if err := WaitTime(rch, 2*time.Second); err != nil {
-		t.Fatal("Should have reconnected.")
-	}
-
-	// We should not have been closed.
-	if nc.IsClosed() {
-		t.Fatal("Got disconnected when we should have reconnected.")
-	}
-
-	// Check that we clear the lastErr that can cause the disconnect.
-	// Our reconnect CB will happen before the clear. So check after a bit.
-	time.Sleep(50 * time.Millisecond)
-	nc.mu.Lock()
-	defer nc.mu.Unlock()
-	if nc.current.lastErr != nil {
-		t.Fatalf("Expected lastErr to be cleared, got %q", nc.current.lastErr)
-	}
-}
-
 // If we are using TLS and have multiple servers we try to match the IP
 // from a discovered server with the expected hostname for certs without IP
 // designations. In certain cases where there is a not authorized error and