Using jwt-go Library - key is of invalid type

Question

I am trying to generate the token as mention in the code but it's giving me error on this line though i am using

tokenString, err := token.SignedString(mySigningKey) as key is of invalid type

Any suggestions to solve this problem?

Thanks

package main

import (
    "fmt"
    "github.com/dgrijalva/jwt-go"
    "time"
)

var (
    mySigningKey = []byte("secret")
)

func GenerateJWT() (string, error) {

    token := jwt.New(jwt.SigningMethodES256)

    claims := token.Claims.(jwt.MapClaims)

    claims["authorized"] = true
    claims["user"] = "ravi"
    claims["exp"] = time.Now().Add(time.Minute + 30).Unix()

    tokenString, err := token.SignedString(mySigningKey)

    if err != nil {
        fmt.Println(err)
        fmt.Errorf("Something went wrong : %s", err.Error())
        return "", err

    }
    return tokenString, nil
}

func main() {
    tokenString, err := GenerateJWT()
    if err != nil {
        fmt.Println(err)
    }
    fmt.Println(tokenString)
}

Answer 1

You can also use something like this to generate your token . You can modify the signedDetails to your taste. This way you can re use the code

   import ( 
   "log"
   "time"
   "github.com/dgrijalva/jwt-go"
    )
    type SignedDetails struct {
        Email     string
        FirstName string
        LastName  string
        Uid       string
        UserType  string
        jwt.StandardClaims
    }
    
  
    
    func GenerateAllTokens(
        email string,
        firstName string,
        lastName string,
        userType string,
        userId string) (
        signedToken string, signedRefreshToken string, error error) {
        claims := &SignedDetails{
            Email:     email,
            FirstName: firstName,
            LastName:  lastName,
            Uid:       userId,
            UserType:  userType,
            StandardClaims: jwt.StandardClaims{
                ExpiresAt: time.Now().Add(time.Hour * time.Duration(24)).Unix(),
            },
        }
        refreshClaims := &SignedDetails{
            StandardClaims: jwt.StandardClaims{
                ExpiresAt: time.Now().Add(time.Hour * time.Duration(24)).Unix(),
            },
        }
        token, err := jwt.NewWithClaims(jwt.SigningMethodHS256, claims).SignedString([]byte(SECRET_KEY))
        if err != nil {
            log.Println(err)
            return
        }
        refreshToken, err := jwt.NewWithClaims(jwt.SigningMethodHS256, refreshClaims).SignedString([]byte(SECRET_KEY))
        if err != nil {
            log.Panicln(err)
            return
        }
        log.Panicln(token, refreshToken)
        return token, refreshToken, nil
    }

Answer 2

This method (SigningMethodES256) is ECDSA signing method, you need pair key for signing and validation , in your case, it's better change to SigningMethodHS256

    token := jwt.New(jwt.SigningMethodHS256)