From d4c0fedc4162bdb88ec2a35ce80aeb16ac686256 Mon Sep 17 00:00:00 2001
From: Patrick Demers <patrickdemers6@gmail.com>
Date: Sun, 18 Aug 2024 12:20:36 -0700
Subject: [PATCH] upgrade to golang-jwt/jwt v5

---
 cmd/tesla-jws/main.go               |  2 +-
 go.mod                              |  2 +-
 go.sum                              |  4 ++--
 internal/authentication/jwt.go      | 20 ++++++--------------
 internal/authentication/jwt_test.go |  2 +-
 pkg/proxy/proxy.go                  |  2 +-
 6 files changed, 12 insertions(+), 20 deletions(-)

diff --git a/cmd/tesla-jws/main.go b/cmd/tesla-jws/main.go
index e1de2af..169d468 100644
--- a/cmd/tesla-jws/main.go
+++ b/cmd/tesla-jws/main.go
@@ -8,7 +8,7 @@ import (
 	"io"
 	"os"
 
-	"github.com/golang-jwt/jwt"
+	"github.com/golang-jwt/jwt/v5"
 
 	"github.com/teslamotors/vehicle-command/internal/authentication"
 	"github.com/teslamotors/vehicle-command/pkg/cli"
diff --git a/go.mod b/go.mod
index a9097df..8cbba4d 100644
--- a/go.mod
+++ b/go.mod
@@ -6,7 +6,7 @@ require (
 	github.com/99designs/keyring v1.2.2
 	github.com/cronokirby/saferith v0.33.0
 	github.com/go-ble/ble v0.0.0-20220207185428-60d1eecf2633
-	github.com/golang-jwt/jwt v3.2.2+incompatible
+	github.com/golang-jwt/jwt/v5 v5.2.1
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510
 	golang.org/x/term v0.5.0
 	google.golang.org/protobuf v1.34.2
diff --git a/go.sum b/go.sum
index 3b366a9..94b70a0 100644
--- a/go.sum
+++ b/go.sum
@@ -17,8 +17,8 @@ github.com/go-ble/ble v0.0.0-20220207185428-60d1eecf2633 h1:ZrzoZQz1CF33SPHLkjRp
 github.com/go-ble/ble v0.0.0-20220207185428-60d1eecf2633/go.mod h1:fFJl/jD/uyILGBeD5iQ8tYHrPlJafyqCJzAyTHNJ1Uk=
 github.com/godbus/dbus v0.0.0-20190726142602-4481cbc300e2 h1:ZpnhV/YsD2/4cESfV5+Hoeu/iUR3ruzNvZ+yQfO03a0=
 github.com/godbus/dbus v0.0.0-20190726142602-4481cbc300e2/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4=
-github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
-github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
+github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk=
+github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
 github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg=
 github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4=
diff --git a/internal/authentication/jwt.go b/internal/authentication/jwt.go
index e2c0dca..e11d6b9 100644
--- a/internal/authentication/jwt.go
+++ b/internal/authentication/jwt.go
@@ -5,7 +5,7 @@ package authentication
 import (
 	"encoding/base64"
 
-	"github.com/golang-jwt/jwt"
+	"github.com/golang-jwt/jwt/v5"
 	"github.com/teslamotors/vehicle-command/internal/schnorr"
 )
 
@@ -21,28 +21,20 @@ func init() {
 	jwt.RegisterSigningMethod(TeslaSchnorrSHA256, func() jwt.SigningMethod { return &tss256 })
 }
 
-func (s *SigningMethodSchnorrP256) Verify(signingString, signature string, key interface{}) error {
+func (s *SigningMethodSchnorrP256) Verify(signingString string, signature []byte, key interface{}) error {
 	pkeyBytes, ok := key.([]byte)
 	if !ok {
 		return jwt.ErrInvalidKeyType
 	}
-	sig, err := jwt.DecodeSegment(signature)
-	if err != nil {
-		return err
-	}
-	return schnorr.Verify(pkeyBytes, []byte(signingString), sig)
+	return schnorr.Verify(pkeyBytes, []byte(signingString), signature)
 }
 
-func (s *SigningMethodSchnorrP256) Sign(signingString string, key interface{}) (string, error) {
+func (s *SigningMethodSchnorrP256) Sign(signingString string, key interface{}) ([]byte, error) {
 	skey, ok := key.(ECDHPrivateKey)
 	if !ok {
-		return "", jwt.ErrInvalidKeyType
-	}
-	sig, err := skey.SchnorrSignature([]byte(signingString))
-	if err != nil {
-		return "", err
+		return nil, jwt.ErrInvalidKeyType
 	}
-	return jwt.EncodeSegment(sig), nil
+	return skey.SchnorrSignature([]byte(signingString))
 }
 
 func (s *SigningMethodSchnorrP256) Alg() string {
diff --git a/internal/authentication/jwt_test.go b/internal/authentication/jwt_test.go
index 40056b9..01d7ae6 100644
--- a/internal/authentication/jwt_test.go
+++ b/internal/authentication/jwt_test.go
@@ -3,7 +3,7 @@ package authentication
 import (
 	"testing"
 
-	"github.com/golang-jwt/jwt"
+	"github.com/golang-jwt/jwt/v5"
 )
 
 const testVIN = "0123456789abcdefX"
diff --git a/pkg/proxy/proxy.go b/pkg/proxy/proxy.go
index 56a3152..bae76c7 100644
--- a/pkg/proxy/proxy.go
+++ b/pkg/proxy/proxy.go
@@ -14,7 +14,7 @@ import (
 	"sync"
 	"time"
 
-	"github.com/golang-jwt/jwt"
+	"github.com/golang-jwt/jwt/v5"
 
 	"github.com/teslamotors/vehicle-command/internal/authentication"
 	"github.com/teslamotors/vehicle-command/internal/log"