From 4cb88a8476b61ada3b7600dd45dd276a02177c05 Mon Sep 17 00:00:00 2001 From: Aidan Woods Date: Sat, 17 Jun 2023 10:21:34 +0100 Subject: [PATCH 1/3] No longer force unwrap footer result --- parser.go | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/parser.go b/parser.go index 7970266..96ee6e1 100644 --- a/parser.go +++ b/parser.go @@ -96,11 +96,13 @@ func (p Parser) ParseV4Public(key V4AsymmetricPublicKey, tainted string, implici // UnsafeParseFooter returns the footer of a Paseto message. Beware that this // footer is not cryptographically verified at this stage, nor are any claims // validated. -func (p Parser) UnsafeParseFooter(protocol Protocol, tainted string) ([]byte, error) { - return t.Chain[[]byte]( +func (p Parser) UnsafeParseFooter(protocol Protocol, tainted string) (footer []byte, err error) { + err = t.Chain[[]byte]( newMessage(protocol, tainted)). Map(message.unsafeFooter). - UnwrappedResults() + Ok(&footer) + + return footer, err } // SetRules will overwrite any currently set rules with those specified. From d965bc04f91b9df53e3695a94ad87380c42acd7a Mon Sep 17 00:00:00 2001 From: Aidan Woods Date: Sat, 17 Jun 2023 10:38:37 +0100 Subject: [PATCH 2/3] Add test to prevent regression --- parser_test.go | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 parser_test.go diff --git a/parser_test.go b/parser_test.go new file mode 100644 index 0000000..ce0b280 --- /dev/null +++ b/parser_test.go @@ -0,0 +1,17 @@ +package paseto_test + +import ( + "testing" + + "aidanwoods.dev/go-paseto" + "github.com/stretchr/testify/require" +) + +func TestUnwrapEmptyFooter(t *testing.T) { + token := "v4.local.aGVsbG8gd29ybGQgaGVsbG8gd29ybGQgaGVsbG8gd29ybGQgaGVsbG8gd29ybGQgaGVsbG8gd29ybGQgaGVsbG8gd29ybGQ." + + parser := paseto.NewParser() + footer, err := parser.UnsafeParseFooter(paseto.V4Local, token) + require.NoError(t, err) + require.Empty(t, footer) +} From bd16e3ea7c656640c2aba0ec36bad63068ea9299 Mon Sep 17 00:00:00 2001 From: Aidan Woods Date: Sat, 17 Jun 2023 10:38:55 +0100 Subject: [PATCH 3/3] Use new safer ResultsMappingEmpty --- go.mod | 2 +- go.sum | 4 ++-- parser.go | 8 +++----- 3 files changed, 6 insertions(+), 8 deletions(-) diff --git a/go.mod b/go.mod index fcb20a0..6c3e2f9 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module aidanwoods.dev/go-paseto go 1.18 require ( - aidanwoods.dev/go-result v0.0.0-20230310133209-26c34aabd0c7 + aidanwoods.dev/go-result v0.0.0-20230617093509-2c57d7732f54 github.com/stretchr/testify v1.7.0 golang.org/x/crypto v0.7.0 ) diff --git a/go.sum b/go.sum index 0ccafc6..45ca18c 100644 --- a/go.sum +++ b/go.sum @@ -1,5 +1,5 @@ -aidanwoods.dev/go-result v0.0.0-20230310133209-26c34aabd0c7 h1:bVUDSxup1h+a2DenqxeTWRschTdSMmo1Cy5/LxnzCtc= -aidanwoods.dev/go-result v0.0.0-20230310133209-26c34aabd0c7/go.mod h1:yridkWghM7AXSFA6wzx0IbsurIm1Lhuro3rYef8FBHM= +aidanwoods.dev/go-result v0.0.0-20230617093509-2c57d7732f54 h1:D4xKM5zeP8OHMy8il4nwMssVBr9k3fM3iKeGH0lNIgw= +aidanwoods.dev/go-result v0.0.0-20230617093509-2c57d7732f54/go.mod h1:yridkWghM7AXSFA6wzx0IbsurIm1Lhuro3rYef8FBHM= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= diff --git a/parser.go b/parser.go index 96ee6e1..ca74d65 100644 --- a/parser.go +++ b/parser.go @@ -96,13 +96,11 @@ func (p Parser) ParseV4Public(key V4AsymmetricPublicKey, tainted string, implici // UnsafeParseFooter returns the footer of a Paseto message. Beware that this // footer is not cryptographically verified at this stage, nor are any claims // validated. -func (p Parser) UnsafeParseFooter(protocol Protocol, tainted string) (footer []byte, err error) { - err = t.Chain[[]byte]( +func (p Parser) UnsafeParseFooter(protocol Protocol, tainted string) ([]byte, error) { + return t.Chain[[]byte]( newMessage(protocol, tainted)). Map(message.unsafeFooter). - Ok(&footer) - - return footer, err + ResultsMappingEmpty() } // SetRules will overwrite any currently set rules with those specified.