Change validator.New signature to stop depending on jose pkg directly

Author: sergiught

middleware_test.go

@@ -11,7 +11,6 @@ import (
 
 	"github.com/google/go-cmp/cmp"
 	"github.com/pkg/errors"
-	"gopkg.in/square/go-jose.v2"
 	"gopkg.in/square/go-jose.v2/jwt"
 
 	"github.com/auth0/go-jwt-middleware/validate/josev2"
@@ -32,9 +31,9 @@ func Test_CheckJWT(t *testing.T) {
 		func(_ context.Context) (interface{}, error) {
 			return []byte("secret"), nil
 		},
-		jose.HS256,
+		"HS256",
 		"testing",
-		jwt.Audience{},
+		[]string{},
 	)
 	if err != nil {
 		t.Fatal(err)

validate/josev2/examples/main.go

@@ -8,8 +8,6 @@ import (
 	"time"
 
 	"github.com/pkg/errors"
-	"gopkg.in/square/go-jose.v2"
-	"gopkg.in/square/go-jose.v2/jwt"
 
 	"github.com/auth0/go-jwt-middleware"
 	"github.com/auth0/go-jwt-middleware/validate/josev2"
@@ -56,9 +54,9 @@ func main() {
 	// Set up the josev2 validator.
 	validator, err := josev2.New(
 		keyFunc,
-		jose.HS256,
+		"HS256",
 		"josev2-example",
-		jwt.Audience{},
+		[]string{},
 		josev2.WithCustomClaims(customClaims),
 		josev2.WithAllowedClockSkew(30*time.Second),
 	)

validate/josev2/validator.go

@@ -31,9 +31,9 @@ type UserContext struct {
 // and signatureAlgorithm as well as custom options.
 func New(
 	keyFunc func(context.Context) (interface{}, error),
-	signatureAlgorithm jose.SignatureAlgorithm,
+	signatureAlgorithm string,
 	issuerURL string,
-	audience jwt.Audience,
+	audience []string,
 	opts ...Option,
 ) (*Validator, error) {
 	if keyFunc == nil {
@@ -51,7 +51,7 @@ func New(
 
 	v := &Validator{
 		keyFunc:            keyFunc,
-		signatureAlgorithm: signatureAlgorithm,
+		signatureAlgorithm: jose.SignatureAlgorithm(signatureAlgorithm),
 		expectedClaims: jwt.Expected{
 			Issuer:   issuerURL,
 			Audience: audience,

validate/josev2/validator_test.go

@@ -6,7 +6,6 @@ import (
 	"testing"
 
 	"github.com/google/go-cmp/cmp"
-	"gopkg.in/square/go-jose.v2"
 	"gopkg.in/square/go-jose.v2/jwt"
 )
 
@@ -30,7 +29,7 @@ func TestValidator_ValidateToken(t *testing.T) {
 		name            string
 		token           string
 		keyFunc         func(context.Context) (interface{}, error)
-		algorithm       jose.SignatureAlgorithm
+		algorithm       string
 		customClaims    CustomClaims
 		expectedError   error
 		expectedContext *UserContext
@@ -73,7 +72,7 @@ func TestValidator_ValidateToken(t *testing.T) {
 			keyFunc: func(context.Context) (interface{}, error) {
 				return []byte("secret"), nil
 			},
-			algorithm:     jose.RS256,
+			algorithm:     "RS256",
 			expectedError: errors.New(`expected "RS256" signing algorithm but token specified "HS256"`),
 		},
 		{
@@ -93,7 +92,7 @@ func TestValidator_ValidateToken(t *testing.T) {
 			expectedError: errors.New("error getting the keys from the key func: key func error message"),
 		},
 		{
-			name:  "it throws an error when it fails to deserialize the claims",
+			name:  "it throws an error when it fails to deserialize the claims because the signature is invalid",
 			token: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2dvLWp3dC1taWRkbGV3YXJlLmV1LmF1dGgwLmNvbS8iLCJzdWIiOiIxMjM0NTY3ODkwIiwiYXVkIjpbImh0dHBzOi8vZ28tand0LW1pZGRsZXdhcmUtYXBpLyJdfQ.vR2K2tZHDrgsEh9zNWcyk4aljtR6gZK0s2anNGlfwz0",
 			keyFunc: func(context.Context) (interface{}, error) {
 				return []byte("secret"), nil
@@ -124,14 +123,14 @@ func TestValidator_ValidateToken(t *testing.T) {
 	for _, testCase := range testCases {
 		t.Run(testCase.name, func(t *testing.T) {
 			if testCase.algorithm == "" {
-				testCase.algorithm = jose.HS256
+				testCase.algorithm = "HS256"
 			}
 
 			validator, err := New(
 				testCase.keyFunc,
 				testCase.algorithm,
 				issuer,
-				jwt.Audience{audience},
+				[]string{audience},
 				WithCustomClaims(testCase.customClaims),
 			)
 			if err != nil {