diff --git a/go.mod b/go.mod
index abeb655ebc5..aab839274cb 100644
--- a/go.mod
+++ b/go.mod
@@ -125,7 +125,6 @@ require (
gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
gopkg.in/ini.v1 v1.67.0
gopkg.in/mail.v2 v2.3.1
- gopkg.in/square/go-jose.v2 v2.5.1
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.1
xorm.io/builder v0.3.6
@@ -268,6 +267,7 @@ require (
buf.build/gen/go/parca-dev/parca/protocolbuffers/go v1.28.1-20221222094228-8b1d3d0f62e6.4
github.com/Masterminds/semver/v3 v3.1.1
github.com/dave/dst v0.27.2
+ github.com/go-jose/go-jose/v3 v3.0.0
github.com/grafana/thema v0.0.0-20230224141623-cb20887cb028
github.com/hmarr/codeowners v1.1.1
github.com/weaveworks/common v0.0.0-20230208133027-16871410fca4
diff --git a/go.sum b/go.sum
index 4208219cc02..28eca37610a 100644
--- a/go.sum
+++ b/go.sum
@@ -826,6 +826,8 @@ github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
github.com/go-ini/ini v1.25.4/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8=
+github.com/go-jose/go-jose/v3 v3.0.0 h1:s6rrhirfEP/CGIoc6p+PZAeogN2SxKav6Wp7+dyMWVo=
+github.com/go-jose/go-jose/v3 v3.0.0/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8=
github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
github.com/go-kit/kit v0.10.0/go.mod h1:xUsJbQ/Fp4kEt7AFgCuvyX4a71u8h9jB8tj/ORgOZ7o=
@@ -2471,6 +2473,7 @@ golang.org/x/crypto v0.0.0-20190617133340-57b3e21c3d56/go.mod h1:yigFU9vqHzYiE8U
golang.org/x/crypto v0.0.0-20190621222207-cc06ce4a13d4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392/go.mod h1:/lpIB1dKB+9EgE3H3cr1v9wB50oz8l4C4h62xy7jSTY=
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20191202143827-86a70503ff7e/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
@@ -3159,7 +3162,6 @@ gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24
gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo=
gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
gopkg.in/square/go-jose.v2 v2.3.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
-gopkg.in/square/go-jose.v2 v2.5.1 h1:7odma5RETjNHWJnR32wx8t+Io4djHE1PqxCFx3iiZ2w=
gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
gopkg.in/telebot.v3 v3.1.2/go.mod h1:GJKwwWqp9nSkIVN51eRKU78aB5f5OnQuWdwiIZfPbko=
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
diff --git a/pkg/extensions/main.go b/pkg/extensions/main.go
index ff130b6c654..ff5db83ffd9 100644
--- a/pkg/extensions/main.go
+++ b/pkg/extensions/main.go
@@ -11,6 +11,7 @@ import (
_ "github.com/blugelabs/bluge"
_ "github.com/blugelabs/bluge_segment_api"
_ "github.com/crewjam/saml"
+ _ "github.com/go-jose/go-jose/v3"
_ "github.com/gobwas/glob"
_ "github.com/googleapis/gax-go/v2"
_ "github.com/grafana/dskit/backoff"
@@ -25,7 +26,6 @@ import (
_ "github.com/vectordotdev/go-datemath"
_ "golang.org/x/time/rate"
_ "google.golang.org/genproto/googleapis/cloud/kms/v1"
- _ "gopkg.in/square/go-jose.v2"
)
var IsEnterprise bool = false
diff --git a/pkg/login/social/azuread_oauth.go b/pkg/login/social/azuread_oauth.go
index c5120818d70..fa0600715ab 100644
--- a/pkg/login/social/azuread_oauth.go
+++ b/pkg/login/social/azuread_oauth.go
@@ -8,8 +8,8 @@ import (
"net/http"
"strings"
+ "github.com/go-jose/go-jose/v3/jwt"
"golang.org/x/oauth2"
- "gopkg.in/square/go-jose.v2/jwt"
"github.com/grafana/grafana/pkg/models/roletype"
"github.com/grafana/grafana/pkg/services/org"
diff --git a/pkg/login/social/azuread_oauth_test.go b/pkg/login/social/azuread_oauth_test.go
index 26a005ddb22..ecdda16e01d 100644
--- a/pkg/login/social/azuread_oauth_test.go
+++ b/pkg/login/social/azuread_oauth_test.go
@@ -9,10 +9,10 @@ import (
"testing"
"time"
+ "github.com/go-jose/go-jose/v3"
+ "github.com/go-jose/go-jose/v3/jwt"
"github.com/stretchr/testify/require"
"golang.org/x/oauth2"
- "gopkg.in/square/go-jose.v2"
- "gopkg.in/square/go-jose.v2/jwt"
"github.com/grafana/grafana/pkg/services/featuremgmt"
)
diff --git a/pkg/login/social/okta_oauth.go b/pkg/login/social/okta_oauth.go
index 0cfe488e85c..090b47b5feb 100644
--- a/pkg/login/social/okta_oauth.go
+++ b/pkg/login/social/okta_oauth.go
@@ -6,8 +6,8 @@ import (
"fmt"
"net/http"
+ "github.com/go-jose/go-jose/v3/jwt"
"golang.org/x/oauth2"
- "gopkg.in/square/go-jose.v2/jwt"
"github.com/grafana/grafana/pkg/models/roletype"
)
diff --git a/pkg/services/auth/jwt/auth.go b/pkg/services/auth/jwt/auth.go
index 0edeb3f8506..41b8afc3999 100644
--- a/pkg/services/auth/jwt/auth.go
+++ b/pkg/services/auth/jwt/auth.go
@@ -6,7 +6,7 @@ import (
"errors"
"strings"
- "gopkg.in/square/go-jose.v2/jwt"
+ "github.com/go-jose/go-jose/v3/jwt"
"github.com/grafana/grafana/pkg/infra/log"
"github.com/grafana/grafana/pkg/infra/remotecache"
diff --git a/pkg/services/auth/jwt/auth_test.go b/pkg/services/auth/jwt/auth_test.go
index 18351482df4..a77166534fc 100644
--- a/pkg/services/auth/jwt/auth_test.go
+++ b/pkg/services/auth/jwt/auth_test.go
@@ -13,10 +13,10 @@ import (
"testing"
"time"
+ jose "github.com/go-jose/go-jose/v3"
+ "github.com/go-jose/go-jose/v3/jwt"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
- jose "gopkg.in/square/go-jose.v2"
- "gopkg.in/square/go-jose.v2/jwt"
"github.com/grafana/grafana/pkg/infra/remotecache"
"github.com/grafana/grafana/pkg/setting"
diff --git a/pkg/services/auth/jwt/key_sets.go b/pkg/services/auth/jwt/key_sets.go
index 5ebb6cb9d0d..6fc366191f0 100644
--- a/pkg/services/auth/jwt/key_sets.go
+++ b/pkg/services/auth/jwt/key_sets.go
@@ -14,7 +14,7 @@ import (
"os"
"time"
- jose "gopkg.in/square/go-jose.v2"
+ jose "github.com/go-jose/go-jose/v3"
"github.com/grafana/grafana/pkg/infra/log"
"github.com/grafana/grafana/pkg/infra/remotecache"
diff --git a/pkg/services/auth/jwt/rsa_keys_test.go b/pkg/services/auth/jwt/rsa_keys_test.go
index 58f2694a567..3a93da5ebe1 100644
--- a/pkg/services/auth/jwt/rsa_keys_test.go
+++ b/pkg/services/auth/jwt/rsa_keys_test.go
@@ -6,7 +6,7 @@ import (
"encoding/pem"
"fmt"
- jose "gopkg.in/square/go-jose.v2"
+ jose "github.com/go-jose/go-jose/v3"
)
var rsaKeys [3]*rsa.PrivateKey
diff --git a/pkg/services/auth/jwt/signing_test.go b/pkg/services/auth/jwt/signing_test.go
index 71327b04210..a1088a58dd2 100644
--- a/pkg/services/auth/jwt/signing_test.go
+++ b/pkg/services/auth/jwt/signing_test.go
@@ -3,9 +3,9 @@ package jwt
import (
"testing"
+ jose "github.com/go-jose/go-jose/v3"
+ "github.com/go-jose/go-jose/v3/jwt"
"github.com/stretchr/testify/require"
- jose "gopkg.in/square/go-jose.v2"
- "gopkg.in/square/go-jose.v2/jwt"
)
type noneSigner struct{}
diff --git a/pkg/services/auth/jwt/validation.go b/pkg/services/auth/jwt/validation.go
index e4a134b2d63..075198d0892 100644
--- a/pkg/services/auth/jwt/validation.go
+++ b/pkg/services/auth/jwt/validation.go
@@ -6,7 +6,7 @@ import (
"reflect"
"time"
- "gopkg.in/square/go-jose.v2/jwt"
+ "github.com/go-jose/go-jose/v3/jwt"
)
func (s *AuthService) initClaimExpectations() error {