diff --git a/internal/app/root.go b/internal/app/root.go index cc5961c..0948e75 100644 --- a/internal/app/root.go +++ b/internal/app/root.go @@ -15,7 +15,7 @@ import ( var rootCmd = &cobra.Command{ Use: "pye", Short: "Pye is a simple JWT system", - Long: `A bare-bones authentication system with RS256`, + Long: `An HTTP JSON Web Token authentication system`, } var ( diff --git a/internal/app/serve.go b/internal/app/serve.go index 07f198b..613035d 100644 --- a/internal/app/serve.go +++ b/internal/app/serve.go @@ -23,10 +23,10 @@ var serveCmd = &cobra.Command{ Use: "serve", Short: "Start JWT service", Long: `Start a simple authentication service`, - Run: serveAuth, + Run: serve, } -func serveAuth(cmd *cobra.Command, args []string) { +func serve(cmd *cobra.Command, args []string) { if port == 0 { port = config.Cfg.Port } diff --git a/internal/app/verify.go b/internal/app/verify.go index 081c288..4e8d62f 100644 --- a/internal/app/verify.go +++ b/internal/app/verify.go @@ -27,10 +27,10 @@ var verifyCmd = &cobra.Command{ Short: "Verify a JWT token", Long: `Pass a JWT token (and optionally a path to a PEM-formatted file with the public key) to verify whether it is valid.`, - Run: verifyFunc, + Run: verify, } -func verifyFunc(cmd *cobra.Command, args []string) { +func verify(cmd *cobra.Command, args []string) { if verifyToken == "" { fmt.Println("Empty token supplied!") return @@ -40,14 +40,14 @@ func verifyFunc(cmd *cobra.Command, args []string) { var err error if verifyFile == "" { fmt.Println("No PEM file supplied, assuming local") - t, err = auth.VerifyLocal(verifyToken) + t, err = auth.VerifyLocalToken(verifyToken) } else { key, err_k := os.ReadFile(verifyFile) if err_k != nil { slog.Error("error reading file", "error", err, "file", verifyFile) return } - t, err = auth.Verify(verifyToken, key) + t, err = auth.VerifyToken(verifyToken, key) } slog.Debug("result", "token", t, "error", err, "ok", err == nil) if err == nil { diff --git a/internal/auth/auth.go b/internal/auth/auth.go index 657b169..59e3ecc 100644 --- a/internal/auth/auth.go +++ b/internal/auth/auth.go @@ -15,7 +15,7 @@ func validEmail(email string) bool { return err == nil } func validPass(pass string) bool { - // TODO: Obviously, we *might* want something more sophisticated here + // Note: Obviously, we *might* want something more sophisticated here return len(pass) >= 8 } @@ -67,7 +67,7 @@ func Login(w http.ResponseWriter, r *http.Request) { return } - token, err := Create(user) + token, err := CreateToken(user) if err != nil { http.Error(w, "error creating jwt", http.StatusInternalServerError) return diff --git a/internal/auth/jwt.go b/internal/auth/jwt.go index c7bc391..a0b2ba5 100644 --- a/internal/auth/jwt.go +++ b/internal/auth/jwt.go @@ -66,7 +66,7 @@ func ServePublicKey(w http.ResponseWriter, r *http.Request) { } // Create creates a JSON Web Token that expires after a week -func Create(user user.User) (token string, err error) { +func CreateToken(user user.User) (token string, err error) { t := jwt.NewWithClaims(jwt.SigningMethodRS256, jwt.MapClaims{ "iss": "pye", @@ -85,7 +85,7 @@ func Create(user user.User) (token string, err error) { // Verify receives a JWT and PEM-encoded public key, // then returns whether the token is valid -func Verify(token string, publicKey []byte) (*jwt.Token, error) { +func VerifyToken(token string, publicKey []byte) (*jwt.Token, error) { t, err := jwt.Parse(token, func(token *jwt.Token) (interface{}, error) { key, err := jwt.ParseRSAPublicKeyFromPEM(publicKey) if err != nil { @@ -100,8 +100,8 @@ func Verify(token string, publicKey []byte) (*jwt.Token, error) { } // VerifyLocal calls Verify with public key set to current local one -func VerifyLocal(token string) (*jwt.Token, error) { +func VerifyLocalToken(token string) (*jwt.Token, error) { key_marshalled := x509.MarshalPKCS1PublicKey(&key.PublicKey) block := pem.Block{Bytes: key_marshalled, Type: "RSA PUBLIC KEY"} - return Verify(token, pem.EncodeToMemory(&block)) + return VerifyToken(token, pem.EncodeToMemory(&block)) }