Revert Encoding/Decoding changes for better compatibility

parser_test.go

@@ -436,49 +436,49 @@ func TestParser_ParseUnverified(t *testing.T) {
 }
 
 var setPaddingTestData = []struct {
-	name    string
-	tokenString string
-	claims jwt.Claims
-	paddedDecode uint64
+	name          string
+	tokenString   string
+	claims        jwt.Claims
+	paddedDecode  bool
 	signingMethod jwt.SigningMethod
-	keyfunc jwt.Keyfunc
-	valid   bool
+	keyfunc       jwt.Keyfunc
+	valid         bool
 }{
 	{
-		name:    "Validated non-padded token with padding disabled",
-		tokenString: "",
-		claims:  jwt.MapClaims{"foo": "paddedbar"},
-		paddedDecode: jwt.DisablePadding,
+		name:          "Validated non-padded token with padding disabled",
+		tokenString:   "",
+		claims:        jwt.MapClaims{"foo": "paddedbar"},
+		paddedDecode:  false,
 		signingMethod: jwt.SigningMethodRS256,
-		keyfunc: defaultKeyFunc,
-		valid:   true,
+		keyfunc:       defaultKeyFunc,
+		valid:         true,
 	},
 	{
-		name:    "Validated non-padded token with padding enabled",
-		tokenString: "",
-		claims:  jwt.MapClaims{"foo": "paddedbar"},
-		paddedDecode: jwt.AllowPadding,
+		name:          "Validated non-padded token with padding enabled",
+		tokenString:   "",
+		claims:        jwt.MapClaims{"foo": "paddedbar"},
+		paddedDecode:  true,
 		signingMethod: jwt.SigningMethodRS256,
-		keyfunc: defaultKeyFunc,
-		valid:   true,
+		keyfunc:       defaultKeyFunc,
+		valid:         true,
 	},
 	{
-		name:    "Error for padded token with padding disabled",
-		tokenString: "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJmb28iOiJwYWRkZWRiYXIifQ==.20kGGJaYekGTRFf8b0TwhuETcR8lv5z2363X5jf7G1yTWVTwOmte5Ii8L8_OQbYwPoiVHmZY6iJPbt_DhCN42AeFY74BcsUhR-BVrYUVhKK0RppuzEcSlILDNeQsJDLEL035CPm1VO6Jrgk7enQPIctVxUesRgswP71OpGvJxy3j1k_J8p0WzZvRZTe1D_2Misa0UDGwnEIHhmr97fIpMSZjFxlcygQw8QN34IHLHIXMaTY1eiCf4CCr6rOS9wUeu7P3CPkmFq9XhxBT_LLCmIMhHnxP5x27FUJE_JZlfek0MmARcrhpsZS2sFhHAiWrjxjOE27jkDtv1nEwn65wMw==",
-		claims:  jwt.MapClaims{"foo": "paddedbar"},
-		paddedDecode: jwt.DisablePadding,
+		name:          "Error for padded token with padding disabled",
+		tokenString:   "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJmb28iOiJwYWRkZWRiYXIifQ==.20kGGJaYekGTRFf8b0TwhuETcR8lv5z2363X5jf7G1yTWVTwOmte5Ii8L8_OQbYwPoiVHmZY6iJPbt_DhCN42AeFY74BcsUhR-BVrYUVhKK0RppuzEcSlILDNeQsJDLEL035CPm1VO6Jrgk7enQPIctVxUesRgswP71OpGvJxy3j1k_J8p0WzZvRZTe1D_2Misa0UDGwnEIHhmr97fIpMSZjFxlcygQw8QN34IHLHIXMaTY1eiCf4CCr6rOS9wUeu7P3CPkmFq9XhxBT_LLCmIMhHnxP5x27FUJE_JZlfek0MmARcrhpsZS2sFhHAiWrjxjOE27jkDtv1nEwn65wMw==",
+		claims:        jwt.MapClaims{"foo": "paddedbar"},
+		paddedDecode:  false,
 		signingMethod: jwt.SigningMethodRS256,
-		keyfunc: defaultKeyFunc,
-		valid:   false,
+		keyfunc:       defaultKeyFunc,
+		valid:         false,
 	},
 	{
-		name:    "Validated padded token with padding enabled",
-		tokenString: "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJmb28iOiJwYWRkZWRiYXIifQ==.20kGGJaYekGTRFf8b0TwhuETcR8lv5z2363X5jf7G1yTWVTwOmte5Ii8L8_OQbYwPoiVHmZY6iJPbt_DhCN42AeFY74BcsUhR-BVrYUVhKK0RppuzEcSlILDNeQsJDLEL035CPm1VO6Jrgk7enQPIctVxUesRgswP71OpGvJxy3j1k_J8p0WzZvRZTe1D_2Misa0UDGwnEIHhmr97fIpMSZjFxlcygQw8QN34IHLHIXMaTY1eiCf4CCr6rOS9wUeu7P3CPkmFq9XhxBT_LLCmIMhHnxP5x27FUJE_JZlfek0MmARcrhpsZS2sFhHAiWrjxjOE27jkDtv1nEwn65wMw==",
-		claims:  jwt.MapClaims{"foo": "paddedbar"},
-		paddedDecode: jwt.AllowPadding,
+		name:          "Validated padded token with padding enabled",
+		tokenString:   "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJmb28iOiJwYWRkZWRiYXIifQ==.20kGGJaYekGTRFf8b0TwhuETcR8lv5z2363X5jf7G1yTWVTwOmte5Ii8L8_OQbYwPoiVHmZY6iJPbt_DhCN42AeFY74BcsUhR-BVrYUVhKK0RppuzEcSlILDNeQsJDLEL035CPm1VO6Jrgk7enQPIctVxUesRgswP71OpGvJxy3j1k_J8p0WzZvRZTe1D_2Misa0UDGwnEIHhmr97fIpMSZjFxlcygQw8QN34IHLHIXMaTY1eiCf4CCr6rOS9wUeu7P3CPkmFq9XhxBT_LLCmIMhHnxP5x27FUJE_JZlfek0MmARcrhpsZS2sFhHAiWrjxjOE27jkDtv1nEwn65wMw==",
+		claims:        jwt.MapClaims{"foo": "paddedbar"},
+		paddedDecode:  true,
 		signingMethod: jwt.SigningMethodRS256,
-		keyfunc: defaultKeyFunc,
-		valid:   true,
+		keyfunc:       defaultKeyFunc,
+		valid:         true,
 	},
 }
 
@@ -512,7 +512,7 @@ func TestSetPadding(t *testing.T) {
 			}
 
 		})
-		jwt.SetDecodePadding(jwt.DisablePadding)
+		jwt.SetDecodePadding(false)
 
 	}
 }

token.go

@@ -4,24 +4,17 @@ import (
 	"encoding/base64"
 	"encoding/json"
 	"strings"
-	"sync/atomic"
 	"time"
 )
 
-const (
-	DisablePadding uint64 = 0 // Utilizes RawURLEncoding
-	AllowPadding   uint64 = 1 // Utilizes URLEncoding
-
-)
-
-var decodePaddingAllowed uint64
+var decodePaddingAllowed bool
 
 // SetDecodePadding will switch the codec used for encoding/decoding JWTs respectively. Note that the JWS RFC7515
 // states that the tokens will utilize a Base64url encoding with no padding. Unfortunately, some implementations
 // of JWT are producing non-standard tokens, and thus require support for decoding. Note that this is a global
-// variable, and updating it will change the behavior on a package level.
-func SetDecodePadding(setPadding uint64) {
-	atomic.SwapUint64(&decodePaddingAllowed, setPadding)
+// variable, and updating it will change the behavior on a package level, and is also NOT go-routine safe.
+func SetDecodePadding(setPadding bool) {
+	decodePaddingAllowed = setPadding
 }
 
 // TimeFunc provides the current time when parsing token to validate "exp" claim (expiration time).
@@ -129,7 +122,7 @@ func EncodeSegment(seg []byte) string {
 // Deprecated: In a future release, we will demote this function to a non-exported function, since it
 // should only be used internally
 func DecodeSegment(seg string) ([]byte, error) {
-	if atomic.LoadUint64(&decodePaddingAllowed) == AllowPadding {
+	if decodePaddingAllowed {
 		if l := len(seg) % 4; l > 0 {
 			seg += strings.Repeat("=", 4-l)
 		}