go-jose icon indicating copy to clipboard operation
go-jose copied to clipboard
verified publisher icon square

import paths issue with SignedAndEncrypted()

Open watercraft opened this issue 5 years ago • 2 comments

I'm trying to use the SignedAndEncrypted() / ParseSignedAndEncrypted() workflow to implement JWE and I ran into problems with the import path in this repo:

cannot use sig (type "bitbucket.eng.zebrium.com/zsw/zwsd/vendor/github.com/square/go-jose".Signer) as type "bitbucket.eng.zebrium.com/zsw/zwsd/vendor/gopkg.in/square/go-jose.v2".Signer in argument to jwt.SignedAndEncrypted

I resolved the problem by using the gopkg vertion:

import (
	jose "gopkg.in/square/go-jose.v2"
	//"github.com/square/go-jose"
	"github.com/square/go-jose/jwt"
)

I'm concerned that this code may be out-of-date. Is there a better solution? Is there a different workflow for JWE that I should be using instead?

watercraft avatar Jul 18 '20 14:07 watercraft

Using the gopkg.in import path is the correct solution.

csstaub avatar Jul 18 '20 15:07 csstaub

The import path determines which version (branch) is imported. The stable version right now is v2, for which the import path is the gopkg.in one. Make sure to use this import path consistently for all imports (including of sub-packages).

See also: https://github.com/square/go-jose#versions https://github.com/golang/go/wiki/Modules

csstaub avatar Jul 18 '20 15:07 csstaub