build(deps): update module github.com/golang-jwt/jwt/v4 to v4.1.0 (#2418)

go.mod

@@ -14,7 +14,7 @@ require (
 	github.com/fasthttp/session/v2 v2.4.3
 	github.com/go-ldap/ldap/v3 v3.4.1
 	github.com/go-sql-driver/mysql v1.6.0
-	github.com/golang-jwt/jwt/v4 v4.0.0
+	github.com/golang-jwt/jwt/v4 v4.1.0
 	github.com/golang/mock v1.6.0
 	github.com/google/uuid v1.3.0
 	github.com/jackc/pgx/v4 v4.13.0

go.sum

@@ -575,8 +575,8 @@ github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7a
 github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
 github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4=
 github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
-github.com/golang-jwt/jwt/v4 v4.0.0 h1:RAqyYixv1p7uEnocuy8P1nru5wprCh/MH2BIlW5z5/o=
-github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
+github.com/golang-jwt/jwt/v4 v4.1.0 h1:XUgk2Ex5veyVFVeLm0xhusUTQybEbexJXrvPNOKkSY0=
+github.com/golang-jwt/jwt/v4 v4.1.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
 github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k=
 github.com/golang/gddo v0.0.0-20180828051604-96d2a289f41e/go.mod h1:xEhNfoBDX1hzLm2Nf80qUvZ2sVwoMZ8d6IE2SrsQfh4=
 github.com/golang/gddo v0.0.0-20190904175337-72a348e765d2/go.mod h1:xEhNfoBDX1hzLm2Nf80qUvZ2sVwoMZ8d6IE2SrsQfh4=

internal/handlers/handler_register_u2f_step1_test.go

@@ -36,8 +36,10 @@ func (s *HandlerRegisterU2FStep1Suite) TearDownTest() {
 
 func createToken(secret string, username string, action string, expiresAt time.Time) string {
 	claims := &middlewares.IdentityVerificationClaim{
-		StandardClaims: jwt.StandardClaims{
-			ExpiresAt: expiresAt.Unix(),
+		RegisteredClaims: jwt.RegisteredClaims{
+			ExpiresAt: &jwt.NumericDate{
+				Time: expiresAt,
+			},
 			Issuer: "Authelia",
 		},
 		Action:   action,

internal/middlewares/identity_verification.go

@@ -30,12 +30,14 @@ func IdentityVerificationStart(args IdentityVerificationStartArgs) RequestHandle
 
 		// Create the claim with the action to sign it.
 		claims := &IdentityVerificationClaim{
-			jwt.StandardClaims{
-				ExpiresAt: time.Now().Add(5 * time.Minute).Unix(),
+			RegisteredClaims: jwt.RegisteredClaims{
+				ExpiresAt: &jwt.NumericDate{
+					Time: time.Now().Add(5 * time.Minute),
+				},
 				Issuer: jwtIssuer,
 			},
-			args.ActionClaim,
-			identity.Username,
+			Action:   args.ActionClaim,
+			Username: identity.Username,
 		}
 		token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
 		ss, err := token.SignedString([]byte(ctx.Configuration.JWTSecret))

internal/middlewares/identity_verification_test.go

@@ -166,12 +166,14 @@ func (s *IdentityVerificationFinishProcess) TearDownTest() {
 
 func createToken(secret string, username string, action string, expiresAt time.Time) string {
 	claims := &middlewares.IdentityVerificationClaim{
-		jwt.StandardClaims{
-			ExpiresAt: expiresAt.Unix(),
+		RegisteredClaims: jwt.RegisteredClaims{
+			ExpiresAt: &jwt.NumericDate{
+				Time: expiresAt,
+			},
 			Issuer: "Authelia",
 		},
-		action,
-		username,
+		Action:   action,
+		Username: username,
 	}
 	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
 	ss, _ := token.SignedString([]byte(secret))

internal/middlewares/types.go

@@ -88,7 +88,7 @@ type IdentityVerificationFinishArgs struct {
 // IdentityVerificationClaim custom claim for specifying the action claim.
 // The action can be to register a TOTP device, a U2F device or reset one's password.
 type IdentityVerificationClaim struct {
-	jwt.StandardClaims
+	jwt.RegisteredClaims
 
 	// The action this token has been crafted for.
 	Action string `json:"action"`