fix issuer error

lestrrat-go · Oct 25, 2024 · e466263 · e466263
1 parent 7c57391
commit e466263
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 19 deletions.
diff --git a/jwt/errors.go b/jwt/errors.go
@@ -65,17 +65,27 @@ type invalidIssuerError struct {
 	error
 }
 
-func (err *invalidIssuerError) Is(target error) bool {
-	_, ok := target.(*invalidIssuerError)
+func (err invalidIssuerError) Is(target error) bool {
+	_, ok := target.(invalidIssuerError)
 	return ok
 }
 
-func (err *invalidIssuerError) Unwrap() error {
+func (err invalidIssuerError) Unwrap() error {
 	return err.error
 }
 
 func issuererr(f string, args ...any) error {
-	return &invalidIssuerError{fmt.Errorf(`"iss" not satisfied: `+f, args...)}
+	return invalidIssuerError{fmt.Errorf(`"iss" not satisfied: `+f, args...)}
+}
+
+var errDefaultInvalidIssuer = invalidIssuerError{errors.New(`"iss" not satisfied`)}
+
+// InvalidIssuerError returns the immutable error used when `iss` claim
+// is not satisfied
+//
+// The return value should only be used for comparison using `errors.Is()`
+func InvalidIssuerError() error {
+	return errDefaultInvalidIssuer
 }
 
 type tokenExpiredError struct {
@@ -147,10 +157,6 @@ func TokenNotYetValidError() error {
 	return errDefaultTokenNotYetValid
 }
 
-var errInvalidAudience = claimverr(`"aud" not satisfied`)
-var errInvalidIssuer = claimverr(`"iss" not satisfied`)
-var errRequiredClaim = &missingRequiredClaimError{}
-
 type invalidAudienceError struct {
 	error
 }
@@ -178,14 +184,6 @@ func InvalidAudienceError() error {
 	return errDefaultInvalidAudience
 }
 
-// InvalidIssuerError returns the immutable error used when `iss` claim
-// is not satisfied
-//
-// The return value should only be used for comparison using `errors.Is()`
-func InvalidIssuerError() error {
-	return errInvalidIssuer
-}
-
 type missingRequiredClaimError struct {
 	error
 	claim string

diff --git a/jwt/validate.go b/jwt/validate.go
@@ -383,10 +383,10 @@ func claimverr(f string, args ...interface{}) error {
 func (cv *claimValueIs) Validate(_ context.Context, t Token) error {
 	var v interface{}
 	if err := t.Get(cv.name, &v); err != nil {
-		return claimverr(`%[1]q not satisfied: claim %[1]q does not exist or is not a []string: %[2]w`, cv.name, err)
+		return cv.makeErr(`%[1]q not satisfied: claim %[1]q does not exist or is not a []string: %[2]w`, cv.name, err)
 	}
 	if v != cv.value {
-		return claimverr(`%q not satisfied: values do not match`, cv.name)
+		return cv.makeErr(`%q not satisfied: values do not match`, cv.name)
 	}
 	return nil
 }

diff --git a/jwt/validate_test.go b/jwt/validate_test.go
@@ -74,8 +74,9 @@ func TestGH010(t *testing.T) {
 		require.NoError(t, jwt.Validate(t1, jwt.WithIssuer(iss)), "jwt.Validate should succeed")
 
 		err = jwt.Validate(t1, jwt.WithIssuer("poop"))
+
 		require.Error(t, err, "jwt.Validate should fail")
-		require.ErrorIs(t, err, jwt.InvalidIssuerError(), "error should be jwt.ErrInvalidIssuer")
+		require.ErrorIs(t, err, jwt.InvalidIssuerError(), "error should be jwt.InvalidIssuerError")
 		require.ErrorIs(t, err, jwt.ValidateError(), "error should be a validation error")
 	})
 	t.Run(jwt.IssuedAtKey, func(t *testing.T) {