fix: jwks validation using the wrong type

go.mod

@@ -14,7 +14,6 @@ require (
 	github.com/charmbracelet/ssh v0.0.0-20221117183211-483d43d97103
 	github.com/charmbracelet/wish v1.1.1
 	github.com/dgraph-io/badger/v3 v3.2103.2
-	github.com/go-jose/go-jose v2.6.2+incompatible
 	github.com/golang-jwt/jwt/v4 v4.5.0
 	github.com/google/uuid v1.3.0
 	github.com/jacobsa/crypto v0.0.0-20190317225127-9f44e2d11115
@@ -32,6 +31,7 @@ require (
 	goji.io v2.0.2+incompatible
 	golang.org/x/crypto v0.21.0
 	golang.org/x/sync v0.6.0
+	gopkg.in/go-jose/go-jose.v2 v2.6.2
 	modernc.org/sqlite v1.29.2
 )
 
@@ -83,7 +83,6 @@ require (
 	golang.org/x/term v0.18.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	google.golang.org/protobuf v1.30.0 // indirect
-	gopkg.in/go-jose/go-jose.v2 v2.6.2 // indirect
 	modernc.org/gc/v3 v3.0.0-20240107210532-573471604cb6 // indirect
 	modernc.org/libc v1.41.0 // indirect
 	modernc.org/mathutil v1.6.0 // indirect

go.sum

@@ -139,8 +139,6 @@ github.com/go-git/go-git/v5 v5.6.1/go.mod h1:mvyoL6Unz0PiTQrGQfSfiLFhBH1c1e84ylC
 github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
 github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
 github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
-github.com/go-jose/go-jose v2.6.2+incompatible h1:X6pNb5PAs58olW3wThjNqIEh3CfyV+21e/cW+wQrwBU=
-github.com/go-jose/go-jose v2.6.2+incompatible/go.mod h1:coBhWG9DQz8V/JlBMg3LkUGnarUaxjQlWQUUv9Cv7tw=
 github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
 github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
 github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY=

server/http.go

@@ -19,12 +19,12 @@
 	charm "github.com/charmbracelet/charm/proto"
 	"github.com/charmbracelet/charm/server/db"
 	"github.com/charmbracelet/charm/server/storage"
-	"github.com/go-jose/go-jose"
 	"github.com/meowgorithm/babylogger"
 	"goji.io"
 	"goji.io/pat"
 	"goji.io/pattern"
 	"golang.org/x/sync/errgroup"
+	"gopkg.in/go-jose/go-jose.v2"
 )
 
 const resultsPerPage = 50
@@ -52,8 +52,8 @@
 func NewHTTPServer(cfg *Config) (*HTTPServer, error) {
 	healthMux := http.NewServeMux()
 	// No auth health check endpoint
 	healthMux.Handle("/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		fmt.Fprintf(w, "We live!")
 	}))
 	health := &http.Server{
 		Addr:              fmt.Sprintf("%s:%d", cfg.BindAddr, cfg.HealthPort),

server/jwk.go

@@ -5,7 +5,7 @@ import (
 	"crypto/sha256"
 	"fmt"
 
-	jose "github.com/go-jose/go-jose"
+	"gopkg.in/go-jose/go-jose.v2"
 )
 
 // JSONWebKeyPair holds the ED25519 private key and JSON Web Key used in JWT

server/middleware.go

@@ -2,12 +2,12 @@ package server
 
 import (
 	"context"
-	"crypto"
 	"fmt"
 	"net/http"
 	"strings"
 
 	"github.com/charmbracelet/log"
+	"gopkg.in/go-jose/go-jose.v2"
 
 	jwtmiddleware "github.com/auth0/go-jwt-middleware/v2"
 	"github.com/auth0/go-jwt-middleware/v2/validator"
@@ -65,7 +65,7 @@ func PublicPrefixesMiddleware(prefixes []string) func(http.Handler) http.Handler
 
 // JWTMiddleware creates a new middleware function that will validate JWT
 // tokens based on the supplied public key.
-func JWTMiddleware(pk crypto.PublicKey, iss string, aud []string) (func(http.Handler) http.Handler, error) {
+func JWTMiddleware(pk jose.JSONWebKey, iss string, aud []string) (func(http.Handler) http.Handler, error) {
 	jm, err := jwtMiddlewareImpl(pk, iss, aud)
 	if err != nil {
 		return nil, err
@@ -134,9 +134,12 @@ func charmIDFromRequest(r *http.Request) (string, error) {
 	return sub, nil
 }
 
-func jwtMiddlewareImpl(pk crypto.PublicKey, iss string, aud []string) (func(http.Handler) http.Handler, error) {
-	kf := func(ctx context.Context) (interface{}, error) {
-		return pk, nil
+func jwtMiddlewareImpl(pk jose.JSONWebKey, iss string, aud []string) (func(http.Handler) http.Handler, error) {
+	kf := func(context.Context) (interface{}, error) {
+		jwks := jose.JSONWebKeySet{
+			Keys: []jose.JSONWebKey{pk},
+		}
+		return &jwks, nil
 	}
 	v, err := validator.New(
 		kf,