search

traefik / yaegi

Yaegi is Another Elegant Go Interpreter
https://pkg.go.dev/github.com/traefik/yaegi
Apache License 2.0
6.82k stars 342 forks source link

Unexpected response in github.com/golang-jwt/jwt/v4 yaegi interpreter #1547

Open talevy-runai opened 1 year ago

talevy-runai commented 1 year ago

The following program sample.go triggers an unexpected result

func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Token, parts []string, err error) {
    parts = strings.Split(tokenString, ".")
    if len(parts) != 3 {
        return nil, parts, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed)
    }

    token = &Token{Raw: tokenString}
    // parse Header
    var headerBytes []byte
    if headerBytes, err = DecodeSegment(parts[0]); err != nil {
        if strings.HasPrefix(strings.ToLower(tokenString), "bearer ") {
            return token, parts, NewValidationError("tokenstring should not contain 'bearer '", ValidationErrorMalformed)
        }
        return token, parts, &ValidationError{Inner: err, Errors: ValidationErrorMalformed}
    }
    if err = json.Unmarshal(headerBytes, &token.Header); err != nil {
        return token, parts, &ValidationError{Inner: err, Errors: ValidationErrorMalformed}
    }

    // parse Claims
    var claimBytes []byte
    token.Claims = claims

    if claimBytes, err = DecodeSegment(parts[1]); err != nil {
        return token, parts, &ValidationError{Inner: err, Errors: ValidationErrorMalformed}
    }
    dec := json.NewDecoder(bytes.NewBuffer(claimBytes))
    if p.UseJSONNumber {
        dec.UseNumber()
    }
    // JSON Decode.  Special case for map type to avoid weird pointer behavior
    if c, ok := token.Claims.(MapClaims); ok {
        err = dec.Decode(&c)
    } else {
        err = dec.Decode(&claims)
    }
    // Handle decode error
    if err != nil {
        return token, parts, &ValidationError{Inner: err, Errors: ValidationErrorMalformed}
    }

    // Lookup signature method
    if method, ok := token.Header["alg"].(string); ok {
        if token.Method = GetSigningMethod(method); token.Method == nil {
            return token, parts, NewValidationError("signing method (alg) is unavailable.", ValidationErrorUnverifiable)
        }
    } else {
        return token, parts, NewValidationError("signing method (alg) is unspecified.", ValidationErrorUnverifiable)
    }
    return token, parts, nil
}

Expected result

correct mapped claims

Got

empty claims

Yaegi Version

v0.15.1

Additional Notes

I can provide code example of using it but it is pretty standard library, of course the same code works with go run

With yaegi test

image

With go test

image