SigningString produces a string without a signature
vault-thirteen opened this issue · comments
Vault Thirteen commented
The SigningString
method produces a string without a signature. A simple example is following.
import (
"github.com/golang-jwt/jwt/v5"
)
const (
WebTokenField_UserId = "userId"
WebTokenField_SessionId = "sessionId"
)
func (srv *Server) makeJWToken(userId uint, sessionId uint) (tokenString string, err error) {
signingMethod := jwt.SigningMethodPS512
claims := jwt.MapClaims{
WebTokenField_UserId: userId,
WebTokenField_SessionId: sessionId,
}
token := jwt.NewWithClaims(signingMethod, claims, nil)
tokenString, err = token.SigningString()
if err != nil {
return "", err
}
return tokenString, nil
}
When I use the function with arguments 2 and 2 like this
tokenString, err = srv.makeJWToken(2, 2)
it returns a following token string consisting of only two segments instead of three:
eyJhbGciOiJQUzUxMiIsInR5cCI6IkpXVCJ9.eyJzZXNzaW9uSWQiOjIsInVzZXJJZCI6Mn0.
Where is the signature ?
What am I doing wrong ?
Thank you.
Michael Fridman commented
Most users don't need this method, instead use SignedString()
Lines 58 to 63 in 0cb4fa1
Vault Thirteen commented
Thank you !