chore(deps): update jwx library to v3 (#1287)

Author: ecrupper

database/integration_test.go

@@ -12,7 +12,7 @@ import (
 
 	"github.com/adhocore/gronx"
 	"github.com/google/go-cmp/cmp"
-	"github.com/lestrrat-go/jwx/v2/jwk"
+	"github.com/lestrrat-go/jwx/v3/jwk"
 
 	api "github.com/go-vela/server/api/types"
 	"github.com/go-vela/server/api/types/settings"
@@ -991,9 +991,14 @@ func testJWKs(t *testing.T, db Interface, resources *Resources) {
 
 		jkPub, _ := jk.(jwk.RSAPublicKey)
 
+		kid, ok := jkPub.KeyID()
+		if !ok {
+			t.Errorf("unable to get key ID for jwk")
+		}
+
 		err := db.CreateJWK(context.TODO(), jkPub)
 		if err != nil {
-			t.Errorf("unable to create jwk %s: %v", jkPub.KeyID(), err)
+			t.Errorf("unable to create jwk %s: %v", kid, err)
 		}
 	}
 	methods["CreateJWK"] = true
@@ -1014,9 +1019,14 @@ func testJWKs(t *testing.T, db Interface, resources *Resources) {
 
 		jkPub, _ := jk.(jwk.RSAPublicKey)
 
-		got, err := db.GetActiveJWK(context.TODO(), jkPub.KeyID())
+		kid, ok := jkPub.KeyID()
+		if !ok {
+			t.Errorf("unable to get key ID for jwk")
+		}
+
+		got, err := db.GetActiveJWK(context.TODO(), kid)
 		if err != nil {
-			t.Errorf("unable to get jwk %s: %v", jkPub.KeyID(), err)
+			t.Errorf("unable to get jwk %s: %v", kid, err)
 		}
 
 		if !cmp.Equal(jkPub, got, testutils.JwkKeyOpts) {
@@ -1036,7 +1046,12 @@ func testJWKs(t *testing.T, db Interface, resources *Resources) {
 
 		jkPub, _ := jk.(jwk.RSAPublicKey)
 
-		_, err := db.GetActiveJWK(context.TODO(), jkPub.KeyID())
+		kid, ok := jkPub.KeyID()
+		if !ok {
+			t.Errorf("unable to get key ID for jwk")
+		}
+
+		_, err := db.GetActiveJWK(context.TODO(), kid)
 		if err == nil {
 			t.Errorf("GetActiveJWK() should return err after rotation")
 		}

database/jwk/create.go

@@ -5,8 +5,9 @@ package jwk
 import (
 	"context"
 	"database/sql"
+	"fmt"
 
-	"github.com/lestrrat-go/jwx/v2/jwk"
+	"github.com/lestrrat-go/jwx/v3/jwk"
 	"github.com/sirupsen/logrus"
 
 	"github.com/go-vela/server/constants"
@@ -15,9 +16,14 @@ import (
 
 // CreateJWK creates a new JWK in the database.
 func (e *engine) CreateJWK(ctx context.Context, j jwk.RSAPublicKey) error {
+	logKeyID, ok := j.KeyID()
+	if !ok {
+		return fmt.Errorf("unable to create JWK: no key provided")
+	}
+
 	e.logger.WithFields(logrus.Fields{
-		"jwk": j.KeyID(),
-	}).Tracef("creating key %s", j.KeyID())
+		"jwk": logKeyID,
+	}).Tracef("creating key %s", logKeyID)
 
 	key := types.JWKFromAPI(j)
 	key.Active = sql.NullBool{Bool: true, Valid: true}

database/jwk/create_test.go

@@ -23,11 +23,16 @@ func TestJWK_Engine_CreateJWK(t *testing.T) {
 	_postgres, _mock := testPostgres(t)
 	defer func() { _sql, _ := _postgres.client.DB(); _sql.Close() }()
 
+	kid, ok := _jwk.KeyID()
+	if !ok {
+		t.Errorf("unable to get key ID for jwk")
+	}
+
 	// ensure the mock expects the query
 	_mock.ExpectExec(`INSERT INTO "jwks"
 ("id","active","key")
 VALUES ($1,$2,$3)`).
-		WithArgs(_jwk.KeyID(), true, _jwkBytes).
+		WithArgs(kid, true, _jwkBytes).
 		WillReturnResult(sqlmock.NewResult(1, 1))
 
 	_sqlite := testSqlite(t)

database/jwk/get.go

@@ -5,7 +5,7 @@ package jwk
 import (
 	"context"
 
-	"github.com/lestrrat-go/jwx/v2/jwk"
+	"github.com/lestrrat-go/jwx/v3/jwk"
 
 	"github.com/go-vela/server/constants"
 	"github.com/go-vela/server/database/types"

database/jwk/get_test.go

@@ -9,7 +9,7 @@ import (
 
 	"github.com/DATA-DOG/go-sqlmock"
 	"github.com/google/go-cmp/cmp"
-	"github.com/lestrrat-go/jwx/v2/jwk"
+	"github.com/lestrrat-go/jwx/v3/jwk"
 
 	"github.com/go-vela/server/database/testutils"
 )
@@ -25,13 +25,18 @@ func TestJWK_Engine_GetJWK(t *testing.T) {
 	_postgres, _mock := testPostgres(t)
 	defer func() { _sql, _ := _postgres.client.DB(); _sql.Close() }()
 
+	kid, ok := _jwk.KeyID()
+	if !ok {
+		t.Errorf("unable to get key ID for jwk")
+	}
+
 	// create expected result in mock
 	_rows := sqlmock.NewRows(
 		[]string{"id", "active", "key"},
-	).AddRow(_jwk.KeyID(), true, _jwkBytes)
+	).AddRow(kid, true, _jwkBytes)
 
 	// ensure the mock expects the query
-	_mock.ExpectQuery(`SELECT * FROM "jwks" WHERE id = $1 AND active = $2 LIMIT $3`).WithArgs(_jwk.KeyID(), true, 1).WillReturnRows(_rows)
+	_mock.ExpectQuery(`SELECT * FROM "jwks" WHERE id = $1 AND active = $2 LIMIT $3`).WithArgs(kid, true, 1).WillReturnRows(_rows)
 
 	_sqlite := testSqlite(t)
 	defer func() { _sql, _ := _sqlite.client.DB(); _sql.Close() }()
@@ -65,7 +70,7 @@ func TestJWK_Engine_GetJWK(t *testing.T) {
 	// run tests
 	for _, test := range tests {
 		t.Run(test.name, func(t *testing.T) {
-			got, err := test.database.GetActiveJWK(context.TODO(), _jwk.KeyID())
+			got, err := test.database.GetActiveJWK(context.TODO(), kid)
 
 			if test.failure {
 				if err == nil {

database/jwk/interface.go

@@ -5,7 +5,7 @@ package jwk
 import (
 	"context"
 
-	"github.com/lestrrat-go/jwx/v2/jwk"
+	"github.com/lestrrat-go/jwx/v3/jwk"
 )
 
 // JWKInterface represents the Vela interface for JWK

database/jwk/list.go

@@ -5,7 +5,7 @@ package jwk
 import (
 	"context"
 
-	"github.com/lestrrat-go/jwx/v2/jwk"
+	"github.com/lestrrat-go/jwx/v3/jwk"
 
 	"github.com/go-vela/server/constants"
 	"github.com/go-vela/server/database/types"

database/jwk/list_test.go

@@ -9,7 +9,7 @@ import (
 	"testing"
 
 	"github.com/DATA-DOG/go-sqlmock"
-	"github.com/lestrrat-go/jwx/v2/jwk"
+	"github.com/lestrrat-go/jwx/v3/jwk"
 
 	"github.com/go-vela/server/database/testutils"
 )
@@ -31,11 +31,21 @@ func TestJWK_Engine_ListJWKs(t *testing.T) {
 	_postgres, _mock := testPostgres(t)
 	defer func() { _sql, _ := _postgres.client.DB(); _sql.Close() }()
 
+	kidOne, ok := _jwkOne.KeyID()
+	if !ok {
+		t.Errorf("unable to get key ID for jwk")
+	}
+
+	kidTwo, ok := _jwkTwo.KeyID()
+	if !ok {
+		t.Errorf("unable to get key ID for jwk")
+	}
+
 	// create expected result in mock
 	_rows := sqlmock.NewRows(
 		[]string{"id", "active", "key"}).
-		AddRow(_jwkOne.KeyID(), true, _jwkOneBytes).
-		AddRow(_jwkTwo.KeyID(), true, _jwkTwoBytes)
+		AddRow(kidOne, true, _jwkOneBytes).
+		AddRow(kidTwo, true, _jwkTwoBytes)
 
 	// ensure the mock expects the query
 	_mock.ExpectQuery(`SELECT * FROM "jwks"`).WillReturnRows(_rows)

database/jwk/rotate_test.go

@@ -29,21 +29,31 @@ func TestJWK_Engine_RotateKeys(t *testing.T) {
 	_postgres, _mock := testPostgres(t)
 	defer func() { _sql, _ := _postgres.client.DB(); _sql.Close() }()
 
+	kidOne, ok := _jwkOne.KeyID()
+	if !ok {
+		t.Errorf("unable to get key ID for jwk")
+	}
+
+	kidTwo, ok := _jwkTwo.KeyID()
+	if !ok {
+		t.Errorf("unable to get key ID for jwk")
+	}
+
 	// create expected result in mock
 	_rows := sqlmock.NewRows(
 		[]string{"id", "active", "key"},
-	).AddRow(_jwkOne.KeyID(), true, _jwkOneBytes)
+	).AddRow(kidOne, true, _jwkOneBytes)
 
 	// ensure the mock expects the query
-	_mock.ExpectQuery(`SELECT * FROM "jwks" WHERE id = $1 AND active = $2 LIMIT $3`).WithArgs(_jwkOne.KeyID(), true, 1).WillReturnRows(_rows)
+	_mock.ExpectQuery(`SELECT * FROM "jwks" WHERE id = $1 AND active = $2 LIMIT $3`).WithArgs(kidOne, true, 1).WillReturnRows(_rows)
 
 	// create expected result in mock
 	_rows = sqlmock.NewRows(
 		[]string{"id", "active", "key"},
-	).AddRow(_jwkTwo.KeyID(), true, _jwkTwoBytes)
+	).AddRow(kidTwo, true, _jwkTwoBytes)
 
 	// ensure the mock expects the query
-	_mock.ExpectQuery(`SELECT * FROM "jwks" WHERE id = $1 AND active = $2 LIMIT $3`).WithArgs(_jwkTwo.KeyID(), true, 1).WillReturnRows(_rows)
+	_mock.ExpectQuery(`SELECT * FROM "jwks" WHERE id = $1 AND active = $2 LIMIT $3`).WithArgs(kidTwo, true, 1).WillReturnRows(_rows)
 
 	_mock.ExpectExec(`DELETE FROM "jwks" WHERE active = $1`).
 		WithArgs(false).
@@ -87,12 +97,12 @@ func TestJWK_Engine_RotateKeys(t *testing.T) {
 	// run tests
 	for _, test := range tests {
 		t.Run(test.name, func(t *testing.T) {
-			_, err := test.database.GetActiveJWK(context.TODO(), _jwkOne.KeyID())
+			_, err := test.database.GetActiveJWK(context.TODO(), kidOne)
 			if err != nil {
 				t.Errorf("GetActiveJWK for %s returned err: %v", test.name, err)
 			}
 
-			_, err = test.database.GetActiveJWK(context.TODO(), _jwkTwo.KeyID())
+			_, err = test.database.GetActiveJWK(context.TODO(), kidTwo)
 			if err != nil {
 				t.Errorf("GetActiveJWK for %s returned err: %v", test.name, err)
 			}
@@ -111,12 +121,12 @@ func TestJWK_Engine_RotateKeys(t *testing.T) {
 				t.Errorf("RotateKeys for %s returned err: %v", test.name, err)
 			}
 
-			_, err = test.database.GetActiveJWK(context.TODO(), _jwkOne.KeyID())
+			_, err = test.database.GetActiveJWK(context.TODO(), kidOne)
 			if err == nil {
 				t.Errorf("GetActiveJWK for %s should have returned err", test.name)
 			}
 
-			_, err = test.database.GetActiveJWK(context.TODO(), _jwkTwo.KeyID())
+			_, err = test.database.GetActiveJWK(context.TODO(), kidTwo)
 			if err == nil {
 				t.Errorf("GetActiveJWK for %s should have returned err", test.name)
 			}

database/testutils/api_resources.go

@@ -7,7 +7,7 @@ import (
 	"crypto/rsa"
 
 	"github.com/google/uuid"
-	"github.com/lestrrat-go/jwx/v2/jwk"
+	"github.com/lestrrat-go/jwx/v3/jwk"
 
 	api "github.com/go-vela/server/api/types"
 	"github.com/go-vela/server/api/types/actions"
@@ -302,7 +302,7 @@ func JWK() jwk.RSAPublicKey {
 		return nil
 	}
 
-	pubJwk, err := jwk.FromRaw(privateRSAKey.PublicKey)
+	pubJwk, err := jwk.Import(privateRSAKey.PublicKey)
 	if err != nil {
 		return nil
 	}