chronograf/oauth2
dependabot[bot] 4e845ab034
chore(deps): bump github.com/golang-jwt/jwt/v4 from 4.0.0 to 4.5.1 (#6113)
* chore(deps): bump github.com/golang-jwt/jwt/v4 from 4.0.0 to 4.5.1

Bumps [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt) from 4.0.0 to 4.5.1.
- [Release notes](https://github.com/golang-jwt/jwt/releases)
- [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md)
- [Commits](https://github.com/golang-jwt/jwt/compare/v4.0.0...v4.5.1)

---
updated-dependencies:
- dependency-name: github.com/golang-jwt/jwt/v4
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix(tests): `jwt` library change behaviour about ExpiresAt - when indicate presents = invalid

This is correct behaviour as it is in alignment with specification.

For more info see:

- https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.4
- https://github.com/golang-jwt/jwt/releases/tag/v4.1.0
- https://github.com/golang-jwt/jwt/pull/86

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jakub Bednar <jakub.bednar@gmail.com>
2024-11-20 05:59:38 +01:00
..
auth0.go merged upstream, updated comments, added GroupFromClaims() 2018-02-20 09:47:42 +01:00
auth0_test.go Add test coverage for Auth0 organizations 2017-06-28 16:29:52 -04:00
code_exchange.go feat(oauth): add stateless PKCE CodeExchange impl 2021-03-27 10:11:02 +01:00
code_exchange_test.go feat(oauth): add possibility to specify OAuthLogoutEndpoint for logout from OAuth Identity provider (#6073) 2024-02-02 10:12:44 +01:00
cookies.go feat(session): make session inactivity duration configurable 2020-09-28 18:50:50 +02:00
cookies_test.go fix(security): upgrade jwt to resolve CVE-2020-26160 2021-09-03 13:35:33 +02:00
doc.go chore: linting 2023-02-28 13:22:32 -05:00
generic.go fix(security): upgrade jwt to resolve CVE-2020-26160 2021-09-03 13:35:33 +02:00
generic_test.go feat(oauth): test bitbucket group retrieval 2020-12-17 07:40:24 +01:00
github.go feat(oauth/github): allow to specify URL for github enterprise 2021-03-29 21:02:34 +02:00
github_test.go Fix the github oauth2 implementation with multiple emails 2018-04-11 13:27:15 -05:00
google.go fix: extend jwt expiration time to match cookie 2020-04-21 15:31:58 -06:00
google_test.go Add new auth duration CLI option; add client heartbeat; fix logout (#1119) 2017-04-06 11:40:57 -07:00
heroku.go Log error if Heroku API req responds with non-200-range code 2018-03-02 17:16:03 -06:00
heroku_test.go Add new auth duration CLI option; add client heartbeat; fix logout (#1119) 2017-04-06 11:40:57 -07:00
jwt.go Update jwx to v2 2022-05-10 09:43:19 +09:00
jwt_test.go chore(deps): bump github.com/golang-jwt/jwt/v4 from 4.0.0 to 4.5.1 (#6113) 2024-11-20 05:59:38 +01:00
mux.go feat(oauth): add possibility to specify OAuthLogoutEndpoint for logout from OAuth Identity provider (#6073) 2024-02-02 10:12:44 +01:00
mux_test.go feat(oauth): add possibility to specify OAuthLogoutEndpoint for logout from OAuth Identity provider (#6073) 2024-02-02 10:12:44 +01:00
oauth2.go fix(security): upgrade jwt to resolve CVE-2020-26160 2021-09-03 13:35:33 +02:00
oauth2_test.go fix(security): upgrade jwt to resolve CVE-2020-26160 2021-09-03 13:35:33 +02:00
time.go Update JWT to use Extended rather than Extend 2017-04-17 10:57:33 -05:00