From 72854e36784b554001733f63f9a6853bbfce384e Mon Sep 17 00:00:00 2001
From: Josh McCullough <joshua.mccullough@gmail.com>
Date: Mon, 4 Dec 2023 12:59:11 -0500
Subject: [PATCH 1/4] replace `sizeof` with `strlen`

---
 src/ngx_http_auth_jwt_module.c | 30 +++++++++++++++---------------
 1 file changed, 15 insertions(+), 15 deletions(-)

diff --git a/src/ngx_http_auth_jwt_module.c b/src/ngx_http_auth_jwt_module.c
index 744b50d..edef14a 100644
--- a/src/ngx_http_auth_jwt_module.c
+++ b/src/ngx_http_auth_jwt_module.c
@@ -489,7 +489,7 @@ static ngx_int_t redirect(ngx_http_request_t *r, auth_jwt_conf_t *jwtcf)
     }
 
     r->headers_out.location->hash = 1;
-    r->headers_out.location->key.len = sizeof("Location") - 1;
+    r->headers_out.location->key.len = strlen("Location");
     r->headers_out.location->key.data = (u_char *)"Location";
 
     if (r->method == NGX_HTTP_GET)
@@ -526,21 +526,21 @@ static ngx_int_t redirect(ngx_http_request_t *r, auth_jwt_conf_t *jwtcf)
       uri_escaped.len = escaped_len;
       ngx_escape_uri(uri_escaped.data, uri.data, uri.len, NGX_ESCAPE_ARGS);
 
-      r->headers_out.location->value.len = loginlen + sizeof("?return_url=") - 1 + strlen(scheme) + sizeof("://") - 1 + server.len + uri_escaped.len;
+      r->headers_out.location->value.len = loginlen + strlen("?return_url=") + strlen(scheme) + strlen("://") + server.len + uri_escaped.len;
 
       return_url = ngx_palloc(r->pool, r->headers_out.location->value.len);
       ngx_memcpy(return_url, jwtcf->loginurl.data, jwtcf->loginurl.len);
 
       return_url_idx = jwtcf->loginurl.len;
-      ngx_memcpy(return_url + return_url_idx, "?return_url=", sizeof("?return_url=") - 1);
+      ngx_memcpy(return_url + return_url_idx, "?return_url=", strlen("?return_url="));
 
-      return_url_idx += sizeof("?return_url=") - 1;
+      return_url_idx += strlen("?return_url=");
       ngx_memcpy(return_url + return_url_idx, scheme, strlen(scheme));
 
       return_url_idx += strlen(scheme);
-      ngx_memcpy(return_url + return_url_idx, "://", sizeof("://") - 1);
+      ngx_memcpy(return_url + return_url_idx, "://", strlen("://"));
 
-      return_url_idx += sizeof("://") - 1;
+      return_url_idx += strlen("://");
       ngx_memcpy(return_url + return_url_idx, server.data, server.len);
 
       return_url_idx += server.len;
@@ -617,12 +617,12 @@ static char *get_jwt(ngx_http_request_t *r, ngx_str_t jwt_location)
 
   ngx_log_debug(NGX_LOG_DEBUG, r->connection->log, 0, "jwt_location.len %d", jwt_location.len);
 
-  if (jwt_location.len > sizeof(HEADER_PREFIX) && ngx_strncmp(jwt_location.data, HEADER_PREFIX, sizeof(HEADER_PREFIX) - 1) == 0)
+  if (jwt_location.len > strlen(HEADER_PREFIX) && ngx_strncmp(jwt_location.data, HEADER_PREFIX, strlen(HEADER_PREFIX)) == 0)
   {
     ngx_table_elt_t *jwtHeaderVal;
 
-    jwt_location.data += sizeof(HEADER_PREFIX) - 1;
-    jwt_location.len -= sizeof(HEADER_PREFIX) - 1;
+    jwt_location.data += strlen(HEADER_PREFIX);
+    jwt_location.len -= strlen(HEADER_PREFIX);
 
     jwtHeaderVal = search_headers_in(r, jwt_location.data, jwt_location.len);
 
@@ -630,12 +630,12 @@ static char *get_jwt(ngx_http_request_t *r, ngx_str_t jwt_location)
     {
       static const char *BEARER_PREFIX = "Bearer ";
 
-      if (ngx_strncmp(jwtHeaderVal->value.data, BEARER_PREFIX, sizeof(BEARER_PREFIX) - 1) == 0)
+      if (ngx_strncmp(jwtHeaderVal->value.data, BEARER_PREFIX, strlen(BEARER_PREFIX)) == 0)
       {
         ngx_str_t jwtHeaderValWithoutBearer = jwtHeaderVal->value;
         
-        jwtHeaderValWithoutBearer.data += sizeof(BEARER_PREFIX) - 1;
-        jwtHeaderValWithoutBearer.len -= sizeof(BEARER_PREFIX) - 1;
+        jwtHeaderValWithoutBearer.data += strlen(BEARER_PREFIX);
+        jwtHeaderValWithoutBearer.len -= strlen(BEARER_PREFIX);
 
         jwtPtr = ngx_str_t_to_char_ptr(r->pool, jwtHeaderValWithoutBearer);
       }
@@ -645,13 +645,13 @@ static char *get_jwt(ngx_http_request_t *r, ngx_str_t jwt_location)
       }
     }
   }
-  else if (jwt_location.len > sizeof(COOKIE_PREFIX) && ngx_strncmp(jwt_location.data, COOKIE_PREFIX, sizeof(COOKIE_PREFIX) - 1) == 0)
+  else if (jwt_location.len > strlen(COOKIE_PREFIX) && ngx_strncmp(jwt_location.data, COOKIE_PREFIX, strlen(COOKIE_PREFIX)) == 0)
   {
     bool has_cookie = false;
     ngx_str_t jwtCookieVal;
 
-    jwt_location.data += sizeof(COOKIE_PREFIX) - 1;
-    jwt_location.len -= sizeof(COOKIE_PREFIX) - 1;
+    jwt_location.data += strlen(COOKIE_PREFIX);
+    jwt_location.len -= strlen(COOKIE_PREFIX);
 
 #ifndef NGX_LINKED_LIST_COOKIES
     if (ngx_http_parse_multi_header_lines(&r->headers_in.cookies, &jwt_location, &jwtCookieVal) != NGX_DECLINED)

From fd447a7c27d74cb597aaea282e17cd0cc92eab50 Mon Sep 17 00:00:00 2001
From: Josh McCullough <joshua.mccullough@gmail.com>
Date: Mon, 4 Dec 2023 13:01:13 -0500
Subject: [PATCH 2/4] update NGINX versions in CI workflow

---
 .github/workflows/ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 9177330..ee52241 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -18,7 +18,7 @@ jobs:
     strategy:
       matrix:
         # Each nginx version to build against
-        nginx-version: ['1.20.2', '1.22.1', '1.24.0', '1.25.1']
+        nginx-version: ['1.20.2', '1.22.1', '1.24.0', '1.25.3']
         # The following versions of libjwt are compatible:
         #   * v1.0 - v1.12.0
         #   * v1.12.1 - v1.14.0

From 8755c7fa487e7ee62787b46ef444e07c49a908ab Mon Sep 17 00:00:00 2001
From: Josh McCullough <joshua.mccullough@gmail.com>
Date: Mon, 4 Dec 2023 13:12:11 -0500
Subject: [PATCH 3/4] remove ref_name from artifact because it includes
 `/merge` for pull requests

---
 .github/workflows/ci.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index ee52241..413623d 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -90,14 +90,14 @@ jobs:
     - name: Create release archive
       run: |
         cp ./nginx/objs/ngx_http_auth_jwt_module.so ./
-        tar czf ngx_http_auth_jwt_module_${{github.ref_name}}_libjwt_${{matrix.libjwt-version}}_nginx_${{matrix.nginx-version}}.tgz ngx_http_auth_jwt_module.so
+        tar czf ngx_http_auth_jwt_module_libjwt_${{matrix.libjwt-version}}_nginx_${{matrix.nginx-version}}.tgz ngx_http_auth_jwt_module.so
 
     - name: Upload build artifact
       uses: actions/upload-artifact@v3
       with:
         if-no-files-found: error
-        name: ngx_http_auth_jwt_module_${{github.ref_name}}_libjwt_${{matrix.libjwt-version}}_nginx_${{matrix.nginx-version}}.tgz
-        path: ngx_http_auth_jwt_module_${{github.ref_name}}_libjwt_${{matrix.libjwt-version}}_nginx_${{matrix.nginx-version}}.tgz
+        name: ngx_http_auth_jwt_module_libjwt_${{matrix.libjwt-version}}_nginx_${{matrix.nginx-version}}.tgz
+        path: ngx_http_auth_jwt_module_libjwt_${{matrix.libjwt-version}}_nginx_${{matrix.nginx-version}}.tgz
 
   update_releases_page:
     name: Upload builds to Releases

From 8c1bf52086f9b0c5a04cf46ef85d44e3654e7810 Mon Sep 17 00:00:00 2001
From: Josh McCullough <joshua.mccullough@gmail.com>
Date: Mon, 4 Dec 2023 13:20:29 -0500
Subject: [PATCH 4/4] add build name

---
 .github/workflows/ci.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 413623d..3c31403 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -15,6 +15,7 @@ on:
 
 jobs:
   build:
+    name: "NGINX: ${{ matrix.nginx-version }}; libjwt: ${{ matrix.libjwt-version }}"
     strategy:
       matrix:
         # Each nginx version to build against