Support for go < 1.21?

[mantas-sidlauskas]

General question/suggestion

go 1.21 declared in go.mod is preventing to use this module in projects with go version 1.20 for example.

As (at least) jwkset dependency is using slices package from go 1.21, this change would be bigger than this PR.

[MicahParks]

Great question.

Version 2 of this project requires go 1.18 and has almost the same feature set. Here are the docs for github.com/MicahParks/keyfunc/v2. I recommend using version 2 if you are unable to easily upgrade the Golang version used.

The primary difference between version 2 and version 3 is the JWK Set code being moved to github.com/MicahParks/jwkset. Functionally, there are not many differences. I still use version 2 in some production systems.

Version 3 of this project is going to remain with the requirement of go 1.21 in the go.mod file. There are two primary reasons:

1. Version 2 can be used at a lower version of Go.
2. The Golang release schedule is frequent enough and the backwards compatibility is good enough that I am confident that most actively developed projects will be close to the latest version when looking for new dependencies.

I do recognize that Go 1.21 was released relatively recently, so it's not ideal that version 3 depends on it. That should become less important as 1.22 and further are released.

For your use case, I recommend github.com/MicahParks/keyfunc/v2 for the time being :slightly_smiling_face: You should get a similar feature set.