Add ES256 (ECDSA P-256) JWT support for Apple Sign In

- Added SignES256 function with issuer, audience, and subject parameters
- Added ParseES256 function for validation with issuer and audience
- Comprehensive test coverage for ES256 signing and parsing
- Supports Apple Sign In requirements with ES256 algorithm

go.mod

@@ -3,18 +3,18 @@ module code.patial.tech/go/appcore
 go 1.25
 
 require (
-	github.com/go-playground/validator/v10 v10.27.0
+	github.com/go-playground/validator/v10 v10.28.0
 	github.com/golang-jwt/jwt/v5 v5.3.0
 	github.com/google/uuid v1.6.0
 	github.com/sqids/sqids-go v0.4.1
-	golang.org/x/crypto v0.42.0
+	golang.org/x/crypto v0.45.0
 )
 
 require (
-	github.com/gabriel-vasile/mimetype v1.4.10 // indirect
+	github.com/gabriel-vasile/mimetype v1.4.11 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/leodido/go-urn v1.4.0 // indirect
-	golang.org/x/sys v0.36.0 // indirect
-	golang.org/x/text v0.29.0 // indirect
+	golang.org/x/sys v0.38.0 // indirect
+	golang.org/x/text v0.31.0 // indirect
 )

go.sum

@@ -2,6 +2,8 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/gabriel-vasile/mimetype v1.4.10 h1:zyueNbySn/z8mJZHLt6IPw0KoZsiQNszIpU+bX4+ZK0=
 github.com/gabriel-vasile/mimetype v1.4.10/go.mod h1:d+9Oxyo1wTzWdyVUPMmXFvp4F9tea18J8ufA774AB3s=
+github.com/gabriel-vasile/mimetype v1.4.11 h1:AQvxbp830wPhHTqc1u7nzoLT+ZFxGY7emj5DR5DYFik=
+github.com/gabriel-vasile/mimetype v1.4.11/go.mod h1:d+9Oxyo1wTzWdyVUPMmXFvp4F9tea18J8ufA774AB3s=
 github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
 github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
 github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=
@@ -10,6 +12,8 @@ github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJn
 github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
 github.com/go-playground/validator/v10 v10.27.0 h1:w8+XrWVMhGkxOaaowyKH35gFydVHOvC0/uWoy2Fzwn4=
 github.com/go-playground/validator/v10 v10.27.0/go.mod h1:I5QpIEbmr8On7W0TktmJAumgzX4CA1XNl4ZmDuVHKKo=
+github.com/go-playground/validator/v10 v10.28.0 h1:Q7ibns33JjyW48gHkuFT91qX48KG0ktULL6FgHdG688=
+github.com/go-playground/validator/v10 v10.28.0/go.mod h1:GoI6I1SjPBh9p7ykNE/yj3fFYbyDOpwMn5KXd+m2hUU=
 github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo=
 github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
@@ -24,9 +28,15 @@ github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcU
 github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 golang.org/x/crypto v0.42.0 h1:chiH31gIWm57EkTXpwnqf8qeuMUi0yekh6mT2AvFlqI=
 golang.org/x/crypto v0.42.0/go.mod h1:4+rDnOTJhQCx2q7/j6rAN5XDw8kPjeaXEUR2eL94ix8=
+golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q=
+golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=
 golang.org/x/sys v0.36.0 h1:KVRy2GtZBrk1cBYA7MKu5bEZFxQk4NIDV6RLVcC8o0k=
 golang.org/x/sys v0.36.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
+golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
 golang.org/x/text v0.29.0 h1:1neNs90w9YzJ9BocxfsQNHKuAT4pkghyXc4nhZ6sJvk=
 golang.org/x/text v0.29.0/go.mod h1:7MhJOA9CD2qZyOKYazxdYMF85OwPdEr9jTtBpO7ydH4=
+golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM=
+golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

jwt/jwt.go

@@ -6,6 +6,7 @@
 package jwt
 
 import (
+	"crypto/ecdsa"
 	"crypto/ed25519"
 	"errors"
 	"fmt"
@@ -94,3 +95,69 @@ func ParseHS256(secret []byte, tokenString string, issuer string) (jwt.MapClaims
 	}
 	return nil, errors.New("no claims found in token")
 }
+
+// SignES256 signs a JWT using ES256 (ECDSA P-256) algorithm.
+// This is required for Apple Sign In which mandates ES256.
+// Pass empty string for issuer, audience, or subject to omit them from the token.
+func SignES256(
+	key *ecdsa.PrivateKey, issuer, audience, subject string, d time.Duration, claims map[string]any,
+) (string, error) {
+	cl := jwt.MapClaims{
+		"iat": jwt.NewNumericDate(time.Now().UTC()),
+		"exp": jwt.NewNumericDate(time.Now().Add(d)),
+	}
+
+	if issuer != "" {
+		cl["iss"] = issuer
+	}
+
+	if audience != "" {
+		cl["aud"] = audience
+	}
+
+	if subject != "" {
+		cl["sub"] = subject
+	}
+
+	maps.Copy(cl, claims)
+
+	t := jwt.NewWithClaims(jwt.SigningMethodES256, cl)
+	return t.SignedString(key)
+}
+
+// ParseES256 parses and validates a JWT signed with ES256 (ECDSA P-256) algorithm.
+// This is required for Apple Sign In which mandates ES256.
+// issuer and audience are typically validated, while subject is optional (pass empty string to skip).
+func ParseES256(key *ecdsa.PublicKey, tokenString, issuer, audience string) (jwt.MapClaims, error) {
+	opts := []jwt.ParserOption{
+		jwt.WithValidMethods([]string{jwt.SigningMethodES256.Alg()}),
+		jwt.WithIssuedAt(),
+		jwt.WithExpirationRequired(),
+	}
+
+	if issuer != "" {
+		opts = append(opts, jwt.WithIssuer(issuer))
+	}
+	if audience != "" {
+		opts = append(opts, jwt.WithAudience(audience))
+	}
+
+	token, err := jwt.Parse(
+		tokenString,
+		func(token *jwt.Token) (any, error) {
+			if _, ok := token.Method.(*jwt.SigningMethodECDSA); !ok {
+				return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
+			}
+			return key, nil
+		},
+		opts...,
+	)
+	if err != nil {
+		return nil, fmt.Errorf("failed to parse JWT token: %w", err)
+	}
+
+	if claims, ok := token.Claims.(jwt.MapClaims); ok {
+		return claims, nil
+	}
+	return nil, errors.New("no claims found in token")
+}

jwt/jwt_test.go

@@ -6,6 +6,9 @@
 package jwt
 
 import (
+	"crypto/ecdsa"
+	"crypto/elliptic"
+	"crypto/rand"
 	"fmt"
 	"testing"
 	"time"
@@ -85,3 +88,133 @@ func TestHS256(t *testing.T) {
 		return
 	}
 }
+
+func TestES256(t *testing.T) {
+	// Generate ECDSA P-256 key pair for testing
+	privKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	claims := map[string]any{
+		"email": "user@example.com",
+	}
+	issuer := "https://appleid.apple.com"
+	audience := "com.example.app"
+	subject := "001234.56789abcdef.1234"
+
+	// Sign with issuer, audience, and subject
+	token, err := SignES256(privKey, issuer, audience, subject, time.Hour, claims)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	t.Log("ES256 token:", token)
+
+	// Parse with issuer and audience validation
+	parsedClaims, err := ParseES256(&privKey.PublicKey, token, issuer, audience)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// Verify claims
+	if parsedClaims["sub"] != subject {
+		t.Errorf("expected sub to be '%s', got %v", subject, parsedClaims["sub"])
+	}
+	if parsedClaims["aud"] != audience {
+		t.Errorf("expected aud to be '%s', got %v", audience, parsedClaims["aud"])
+	}
+	if parsedClaims["email"] != "user@example.com" {
+		t.Errorf("expected email to be 'user@example.com', got %v", parsedClaims["email"])
+	}
+
+	t.Logf("Parsed claims: %v", parsedClaims)
+
+	// Test parsing without validation (empty strings)
+	parsedClaims2, err := ParseES256(&privKey.PublicKey, token, "", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if parsedClaims2["sub"] != subject {
+		t.Errorf("expected sub to be '%s', got %v", subject, parsedClaims2["sub"])
+	}
+}
+
+func TestES256_ExpiredToken(t *testing.T) {
+	// Generate ECDSA P-256 key pair for testing
+	privKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	claims := map[string]any{}
+	issuer := "https://appleid.apple.com"
+	subject := "001234.56789abcdef.1234"
+
+	// Sign with very short duration
+	token, err := SignES256(privKey, issuer, "", subject, time.Nanosecond, claims)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// Wait for token to expire
+	time.Sleep(10 * time.Millisecond)
+
+	// Parse should fail due to expiration
+	_, err = ParseES256(&privKey.PublicKey, token, issuer, "")
+	if err == nil {
+		t.Error("expected error for expired token, got nil")
+	}
+	t.Logf("Expected error for expired token: %v", err)
+}
+
+func TestES256_InvalidIssuer(t *testing.T) {
+	// Generate ECDSA P-256 key pair for testing
+	privKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	claims := map[string]any{}
+	issuer := "https://appleid.apple.com"
+	subject := "001234.56789abcdef.1234"
+
+	// Sign with one issuer
+	token, err := SignES256(privKey, issuer, "", subject, time.Hour, claims)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// Parse with different issuer should fail
+	_, err = ParseES256(&privKey.PublicKey, token, "https://wrong-issuer.com", "")
+	if err == nil {
+		t.Error("expected error for invalid issuer, got nil")
+	}
+	t.Logf("Expected error for invalid issuer: %v", err)
+}
+
+func TestES256_InvalidAudience(t *testing.T) {
+	// Generate ECDSA P-256 key pair for testing
+	privKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	claims := map[string]any{}
+	issuer := "https://appleid.apple.com"
+	audience := "com.example.app"
+	subject := "001234.56789abcdef.1234"
+
+	// Sign with one audience
+	token, err := SignES256(privKey, issuer, audience, subject, time.Hour, claims)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// Parse with different audience should fail
+	_, err = ParseES256(&privKey.PublicKey, token, issuer, "com.wrong.app")
+	if err == nil {
+		t.Error("expected error for invalid audience, got nil")
+	}
+	t.Logf("Expected error for invalid audience: %v", err)
+}