Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow for user provided context.Context in parsing #118

Merged
merged 2 commits into from
Mar 25, 2024

Conversation

MicahParks
Copy link
Owner

@MicahParks MicahParks commented Mar 25, 2024

The purpose of this pull request is to allow for a user-provided context.Context in JWT parsing so goroutines do not last longer than desired when waiting for remote JWK Set resources to refresh.

This should have been included in the /v3 release.

@MicahParks MicahParks merged commit a6bfa43 into master Mar 25, 2024
@MicahParks MicahParks deleted the ctx-during-parse branch March 25, 2024 13:17
renovate bot referenced this pull request in nobl9/nobl9-go Mar 26, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [github.com/MicahParks/jwkset](https://togithub.com/MicahParks/jwkset)
| `v0.5.16` -> `v0.5.17` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fMicahParks%2fjwkset/v0.5.17?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fMicahParks%2fjwkset/v0.5.17?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fMicahParks%2fjwkset/v0.5.16/v0.5.17?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fMicahParks%2fjwkset/v0.5.16/v0.5.17?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
|
[github.com/MicahParks/keyfunc/v3](https://togithub.com/MicahParks/keyfunc)
| `v3.2.9` -> `v3.3.2` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fMicahParks%2fkeyfunc%2fv3/v3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fMicahParks%2fkeyfunc%2fv3/v3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fMicahParks%2fkeyfunc%2fv3/v3.2.9/v3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fMicahParks%2fkeyfunc%2fv3/v3.2.9/v3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [github.com/aws/aws-sdk-go](https://togithub.com/aws/aws-sdk-go) |
`v1.51.6` -> `v1.51.7` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2faws%2faws-sdk-go/v1.51.7?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2faws%2faws-sdk-go/v1.51.7?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2faws%2faws-sdk-go/v1.51.6/v1.51.7?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2faws%2faws-sdk-go/v1.51.6/v1.51.7?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>MicahParks/jwkset (github.com/MicahParks/jwkset)</summary>

###
[`v0.5.17`](https://togithub.com/MicahParks/jwkset/compare/v0.5.16...v0.5.17)

[Compare
Source](https://togithub.com/MicahParks/jwkset/compare/v0.5.16...v0.5.17)

</details>

<details>
<summary>MicahParks/keyfunc (github.com/MicahParks/keyfunc/v3)</summary>

###
[`v3.3.2`](https://togithub.com/MicahParks/keyfunc/releases/tag/v3.3.2):
Allow for user provided ctx during parse

[Compare
Source](https://togithub.com/MicahParks/keyfunc/compare/v3.3.1...v3.3.2)

The purpose of this release is to add a new method, `.KeyfuncCtx`.

This new method accepts a `context.Context`, then returns a
`jwt.Keyfunc`. This user provided `context.Context` is used during JWK
lookup in the `github.com/MicahParks/jwkset` package when parsing JWTs.
Passing a request scoped context allows the JWT parsing and JWK
retrieval to cancel according to the given `context.Context` behavior
instead of the default `context.Context`, which was provided at
`keyfunc.Keyfunc` initialization.

In practice, this is used to prevent situations where many JWTs with
`kid` not in a remote JWK Set are attempting to be parsed over a long
period of time.

Relevant issues:

-
[https://github.com/MicahParks/jwkset/issues/26](https://togithub.com/MicahParks/jwkset/issues/26)

Relevant pull requests:

-
[https://github.com/MicahParks/keyfunc/pull/118](https://togithub.com/MicahParks/keyfunc/pull/118)
-
[https://github.com/MicahParks/keyfunc/pull/119](https://togithub.com/MicahParks/keyfunc/pull/119)
-
[https://github.com/MicahParks/keyfunc/pull/120](https://togithub.com/MicahParks/keyfunc/pull/120)
-
[https://github.com/MicahParks/keyfunc/pull/121](https://togithub.com/MicahParks/keyfunc/pull/121)

###
[`v3.3.1`](https://togithub.com/MicahParks/keyfunc/compare/v3.3.0...v3.3.1)

[Compare
Source](https://togithub.com/MicahParks/keyfunc/compare/v3.3.0...v3.3.1)

###
[`v3.3.0`](https://togithub.com/MicahParks/keyfunc/compare/v3.2.9...v3.3.0)

[Compare
Source](https://togithub.com/MicahParks/keyfunc/compare/v3.2.9...v3.3.0)

</details>

<details>
<summary>aws/aws-sdk-go (github.com/aws/aws-sdk-go)</summary>

###
[`v1.51.7`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1517-2024-03-25)

[Compare
Source](https://togithub.com/aws/aws-sdk-go/compare/v1.51.6...v1.51.7)

\===

##### Service Client Updates

-   `service/codebuild`: Updates service API and documentation
- Supporting GitLab and GitLab Self Managed as source types in AWS
CodeBuild.
-   `service/ec2`: Updates service API and documentation
- Added support for ModifyInstanceMetadataDefaults and
GetInstanceMetadataDefaults to set Instance Metadata Service account
defaults
-   `service/ecs`: Updates service documentation
    -   Documentation only update for Amazon ECS.
-   `service/emr-containers`: Updates service API
-   `service/globalaccelerator`: Updates service API and documentation
-   `service/medialive`: Updates service API and documentation
    -   Exposing TileMedia H265 options
-   `service/sagemaker`: Updates service API
- Introduced support for the following new instance types on SageMaker
Studio for JupyterLab and CodeEditor applications: m6i, m6id, m7i, c6i,
c6id, c7i, r6i, r6id, r7i, and p5

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "after 10pm every weekday,before 5am
every weekday,every weekend" (UTC), Automerge - At any time (no schedule
defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/nobl9/nobl9-go).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNjkuMiIsInVwZGF0ZWRJblZlciI6IjM3LjI2OS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
github-merge-queue bot referenced this pull request in infratographer/x Apr 3, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[github.com/MicahParks/keyfunc/v2](https://togithub.com/MicahParks/keyfunc)
| `v2.1.0` -> `v3.3.2` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fMicahParks%2fkeyfunc%2fv2/v3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fMicahParks%2fkeyfunc%2fv2/v3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fMicahParks%2fkeyfunc%2fv2/v2.1.0/v3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fMicahParks%2fkeyfunc%2fv2/v2.1.0/v3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>MicahParks/keyfunc (github.com/MicahParks/keyfunc/v2)</summary>

###
[`v3.3.2`](https://togithub.com/MicahParks/keyfunc/releases/tag/v3.3.2):
Allow for user provided ctx during parse

[Compare
Source](https://togithub.com/MicahParks/keyfunc/compare/v3.3.1...v3.3.2)

The purpose of this release is to add a new method, `.KeyfuncCtx`.

This new method accepts a `context.Context`, then returns a
`jwt.Keyfunc`. This user provided `context.Context` is used during JWK
lookup in the `github.com/MicahParks/jwkset` package when parsing JWTs.
Passing a request scoped context allows the JWT parsing and JWK
retrieval to cancel according to the given `context.Context` behavior
instead of the default `context.Context`, which was provided at
`keyfunc.Keyfunc` initialization.

In practice, this is used to prevent situations where many JWTs with
`kid` not in a remote JWK Set are attempting to be parsed over a long
period of time.

Relevant issues:

-
[https://github.com/MicahParks/jwkset/issues/26](https://togithub.com/MicahParks/jwkset/issues/26)

Relevant pull requests:

-
[https://github.com/MicahParks/keyfunc/pull/118](https://togithub.com/MicahParks/keyfunc/pull/118)
-
[https://github.com/MicahParks/keyfunc/pull/119](https://togithub.com/MicahParks/keyfunc/pull/119)
-
[https://github.com/MicahParks/keyfunc/pull/120](https://togithub.com/MicahParks/keyfunc/pull/120)
-
[https://github.com/MicahParks/keyfunc/pull/121](https://togithub.com/MicahParks/keyfunc/pull/121)

###
[`v3.3.1`](https://togithub.com/MicahParks/keyfunc/compare/v3.3.0...v3.3.1)

[Compare
Source](https://togithub.com/MicahParks/keyfunc/compare/v3.3.0...v3.3.1)

###
[`v3.3.0`](https://togithub.com/MicahParks/keyfunc/compare/v3.2.9...v3.3.0)

[Compare
Source](https://togithub.com/MicahParks/keyfunc/compare/v3.2.9...v3.3.0)

###
[`v3.2.9`](https://togithub.com/MicahParks/keyfunc/compare/v3.2.8...v3.2.9)

[Compare
Source](https://togithub.com/MicahParks/keyfunc/compare/v3.2.8...v3.2.9)

###
[`v3.2.8`](https://togithub.com/MicahParks/keyfunc/compare/v3.2.7...v3.2.8)

[Compare
Source](https://togithub.com/MicahParks/keyfunc/compare/v3.2.7...v3.2.8)

###
[`v3.2.7`](https://togithub.com/MicahParks/keyfunc/compare/v3.2.6...v3.2.7)

[Compare
Source](https://togithub.com/MicahParks/keyfunc/compare/v3.2.6...v3.2.7)

###
[`v3.2.6`](https://togithub.com/MicahParks/keyfunc/compare/v3.2.5...v3.2.6)

[Compare
Source](https://togithub.com/MicahParks/keyfunc/compare/v3.2.5...v3.2.6)

###
[`v3.2.5`](https://togithub.com/MicahParks/keyfunc/compare/v3.2.4...v3.2.5)

[Compare
Source](https://togithub.com/MicahParks/keyfunc/compare/v3.2.4...v3.2.5)

###
[`v3.2.4`](https://togithub.com/MicahParks/keyfunc/compare/v3.2.3...v3.2.4)

[Compare
Source](https://togithub.com/MicahParks/keyfunc/compare/v3.2.3...v3.2.4)

###
[`v3.2.3`](https://togithub.com/MicahParks/keyfunc/releases/tag/v3.2.3):
Wrap errors where appropriate

[Compare
Source](https://togithub.com/MicahParks/keyfunc/compare/v3.1.2...v3.2.3)

The purpose of this pull request is to wrap errors with
[`errors.Join`](https://pkg.go.dev/errors#Join) where appropriate.

Relevant issues:

-
[https://github.com/MicahParks/keyfunc/issues/103](https://togithub.com/MicahParks/keyfunc/issues/103)

Relevant pull requests:

-
[https://github.com/MicahParks/keyfunc/pull/104](https://togithub.com/MicahParks/keyfunc/pull/104)

###
[`v3.1.2`](https://togithub.com/MicahParks/keyfunc/releases/tag/v3.1.2):
X.509 Thumbprint bug fix

[Compare
Source](https://togithub.com/MicahParks/keyfunc/compare/v3.1.1...v3.1.2)

JWK Sets have two X.509 thumbprint parameters that are optional. A bug
in `github.com/MicahParks/jwkset` made these parameters required in
circumstances that affect the `keyfunc` project. This release updates
this dependency to the latest version.

Thank you, [@&#8203;joshkaplinsky](https://togithub.com/joshkaplinsky),
for reporting this bug!

Please see the below release for details:
https://github.com/MicahParks/jwkset/releases/tag/v0.5.5

###
[`v3.1.1`](https://togithub.com/MicahParks/keyfunc/compare/v3.1.0...v3.1.1)

[Compare
Source](https://togithub.com/MicahParks/keyfunc/compare/v3.1.0...v3.1.1)

###
[`v3.1.0`](https://togithub.com/MicahParks/keyfunc/compare/v3.0.0...v3.1.0)

[Compare
Source](https://togithub.com/MicahParks/keyfunc/compare/v3.0.0...v3.1.0)

###
[`v3.0.0`](https://togithub.com/MicahParks/keyfunc/releases/tag/v3.0.0):
V3 simplify API by using github.com/MicahParks/jwkset

[Compare
Source](https://togithub.com/MicahParks/keyfunc/compare/v2.1.0...v3.0.0)

This upgrade removes most of the code in this repository and outsources
JWK and JWK Set related code to the updated
[github.com/MicahParks/jwkset](https://togithub.com/MicahParks/jwkset)
package. The exported assets from the keyfunc project has been vastly
reduced as well, with the intention of making it easier to use for the
majority of use cases.

> \[!NOTE]
> A superset of features from V1 and V2  is available.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/infratographer/x).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNjkuMiIsInVwZGF0ZWRJblZlciI6IjM3LjI2OS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

---------

Signed-off-by: Mike Mason <[email protected]>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Mike Mason <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant