kyle/mcias
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Complete implementation: e2e tests, gofmt, hardening

Browse Source 
- Add test/e2e: 11 end-to-end tests covering full login/logout,
  token renewal, admin account management, credential-never-in-response,
  unauthorised access, JWT alg confusion and alg:none attacks,
  revoked token rejection, system account token issuance,
  wrong-password vs unknown-user indistinguishability
- Apply gofmt to all source files (formatting only, no logic changes)
- Update .golangci.yaml for golangci-lint v2 (version field required,
  gosimple merged into staticcheck, formatters section separated)
- Update PROGRESS.md to reflect Phase 5 completion
Security:
  All 97 tests pass with go test -race ./... (zero race conditions).
  Adversarial JWT tests (alg confusion, alg:none) confirm the
  ValidateToken alg-first check is effective against both attack classes.
  Credential fields (PasswordHash, TOTPSecret*, PGPassword) confirmed
  absent from all API responses via both unit and e2e tests.
  go vet ./... clean. golangci-lint v2.6.2 incompatible with go1.26
  runtime; go vet used as linter until toolchain is updated.
This commit is contained in:
Kyle Isom
2026-03-11 11:54:14 -07:00
parent d75a1d6fd3
commit f02eff21b4
10 changed files with 779 additions and 114 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
internal/token/token.go
View File

@@ -1,13 +1,13 @@
// Package token handles JWT issuance, validation, and revocation for MCIAS.
//
// Security design:
// - Algorithm header is checked FIRST, before any signature verification.
// This prevents algorithm-confusion attacks (CVE-2022-21449 class).
// - Only "EdDSA" is accepted; "none", HS*, RS*, ES* are all rejected.
// - The signing key is taken from the server's keystore, never from the token.
// - All standard claims (exp, iat, iss, jti) are required and validated.
// - JTIs are UUIDs generated from crypto/rand (via google/uuid).
// - Token values are never stored; only JTIs are recorded for revocation.
// - Algorithm header is checked FIRST, before any signature verification.
// This prevents algorithm-confusion attacks (CVE-2022-21449 class).
// - Only "EdDSA" is accepted; "none", HS*, RS*, ES* are all rejected.
// - The signing key is taken from the server's keystore, never from the token.
// - All standard claims (exp, iat, iss, jti) are required and validated.
// - JTIs are UUIDs generated from crypto/rand (via google/uuid).
// - Token values are never stored; only JTIs are recorded for revocation.
package token
import (