lestrrat-go / jwx

Compare de7d9bc ... +2 ... 3b7a676

Coverage Reach
jwk/rsa_gen.go jwk/ecdsa_gen.go jwk/okp_gen.go jwk/jwk.go jwk/symmetric_gen.go jwk/refresh.go jwk/set.go jwk/ecdsa.go jwk/rsa.go jwk/okp.go jwk/certchain.go jwk/key_ops.go jwk/symmetric.go jwk/option.go jwk/usage.go jwk/whitelist.go jwk/io.go jwk/es256k.go jwt/openid/token_gen.go jwt/openid/address.go jwt/openid/birthdate.go jwt/openid/builder_gen.go jwt/openid/openid.go jwt/token_gen.go jwt/jwt.go jwt/validate.go jwt/http.go jwt/serialize.go jwt/internal/types/date.go jwt/internal/types/string.go jwt/options.go jwt/builder_gen.go jwt/io.go jwe/internal/keyenc/keyenc.go jwe/internal/aescbc/aescbc.go jwe/internal/cipher/cipher.go jwe/internal/keygen/keygen.go jwe/internal/concatkdf/concatkdf.go jwe/internal/content_crypt/content_crypt.go jwe/headers_gen.go jwe/message.go jwe/jwe.go jwe/decrypt.go jwe/encrypt.go jwe/headers.go jwe/serializer.go jwe/compress.go jwe/options.go jwe/io.go jwe/interface.go jws/jws.go jws/headers_gen.go jws/message.go jws/ecdsa.go jws/rsa.go jws/hmac.go jws/headers.go jws/verifier.go jws/signer.go jws/eddsa.go jws/option.go jws/io.go internal/keyconv/keyconv.go internal/json/json.go internal/json/registry.go internal/json/stdlib.go internal/json/goccy.go internal/ecutil/ecutil.go internal/base64/base64.go internal/pool/pool.go internal/iter/mapiter.go jwa/key_encryption_gen.go jwa/key_type_gen.go jwa/signature_gen.go jwa/content_encryption_gen.go jwa/compression_gen.go jwa/elliptic_gen.go jwa/secp2561k.go x25519/x25519.go format.go cmd/jwx/jwx.go options.go formatkind_string_gen.go

No flags found

Use flags to group coverage reports by test type, project and/or folders.
Then setup custom commit statuses and notifications for each flag.

e.g., #unittest #integration

#production #enterprise

#frontend #backend

Learn more about Codecov Flags here.

Showing 1 of 2 files from the diff.
Other files ignored by Codecov
jwt/jwt_test.go has changed.

@@ -263,29 +263,22 @@
Loading
263 263
	}
264 264
265 265
	if ctx.inferAlgorithm {
266 -
		// Okay, we couldn't deterministically find the single key to use.
267 -
		// fallback to heuristics.
268 -
		for i := 0; i < ks.Len(); i++ {
269 -
			key, _ := ks.Get(i)
270 -
			algs, err := jws.AlgorithmsForKey(key)
271 -
			if err != nil {
272 -
				return nil, _JwsVerifyInvalid, errors.Wrapf(err, `failed to get a list of signature methods for key type %s`, key.KeyType())
273 -
			}
274 -
275 -
			for _, alg := range algs {
276 -
				// bail out if the JWT has a `alg` field, and it doesn't match
277 -
				if tokAlg := headers.Algorithm(); tokAlg != "" {
278 -
					if tokAlg != alg {
279 -
						continue
280 -
					}
281 -
				}
266 +
		// Check whether the JWT headers specify a valid
267 +
		// algorithm, use it if it's compatible.
268 +
		algs, err := jws.AlgorithmsForKey(key)
269 +
		if err != nil {
270 +
			return nil, _JwsVerifyInvalid, errors.Wrapf(err, `failed to get a list of signature methods for key type %s`, key.KeyType())
271 +
		}
282 272
283 -
				// Yippeeeeeee! we found a key that matches both kid and alg!
284 -
				v, state, err := verifyJWSWithParams(ctx, payload, alg, key)
285 -
				if err == nil {
286 -
					return v, state, nil
273 +
		for _, alg := range algs {
274 +
			// bail out if the JWT has a `alg` field, and it doesn't match
275 +
			if tokAlg := headers.Algorithm(); tokAlg != "" {
276 +
				if tokAlg != alg {
277 +
					continue
287 278
				}
288 279
			}
280 +
281 +
			return verifyJWSWithParams(ctx, payload, alg, key)
289 282
		}
290 283
	}
291 284

Learn more Showing 2 files with coverage changes found.

Changes in jwk/ecdsa_gen.go
-1
+1
Loading file...
Changes in jwk/set.go
-1
-1
+2
Loading file...
Files Coverage
internal 80.92%
jwa 100.00%
jwe 64.22%
jwk 0.08% 73.28%
jws 75.99%
jwt -0.04% 74.56%
cmd/jwx/jwx.go 100.00%
format.go 84.62%
formatkind_string_gen.go 100.00%
options.go 66.67%
x25519/x25519.go 82.35%
Project Totals (83 files) 72.75%
Loading