Handle contrib v3 imports in token migrators

[ReneWerner87]

Summary

• update JWT and Paseto extractor migrators to recognize contrib v3 module paths
• add regression coverage for migrated contrib import paths
• document the regex intent to support already-updated imports

Testing

• make lint
• make test (fails: existing vendor directory is out of sync with go.mod)

---

Codex Task

Summary by CodeRabbit

• Bug Fixes

  • Migration tool now recognizes JWT and Paseto middleware from both legacy and v3 contrib module paths, ensuring configurations are correctly updated during migration.

• Tests

  • Added tests covering contrib/v3 import path migration scenarios for JWT and Paseto middleware.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[gemini-code-assist]

Summary of Changes

Hello @ReneWerner87, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request refines the existing migration tools for JWT and Paseto extractors by enhancing their ability to parse and process import statements that utilize the github.com/gofiber/contrib/v3 module paths. The change ensures that the migration utility remains robust and compatible with projects that have already adopted the updated v3 import conventions, preventing potential issues during the migration process. Comprehensive test coverage has been introduced to validate these updates.

Highlights

• Migration Logic Update: The JWT and Paseto extractor migrators have been updated to correctly recognize and handle github.com/gofiber/contrib/v3 module paths in import statements.
• Regression Coverage: New test cases have been added for both JWT and Paseto extractors to ensure that the migration process functions as expected with the new contrib/v3 import paths.
• Regex Documentation: Comments have been added to the regular expressions in the migrators to clarify their intent and confirm support for import paths that may have already been updated to the v3 module structure.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[ReneWerner87]

/gemini review

[gemini-code-assist]

Code Review

This pull request updates the JWT and Paseto extractor migrators to correctly handle contrib packages that have already been migrated to their v3 module paths. The regular expressions for detecting import paths have been updated to recognize paths like github.com/gofiber/contrib/v3/jwt. Additionally, regression tests have been added to ensure this new logic works as expected. The changes are logical and well-tested. I have one suggestion to simplify one of the regular expressions for better readability.

[gemini-code-assist]

Code Review

This pull request updates the JWT and Paseto extractor migrators to recognize v3 module paths for contrib packages, which is a necessary update. The changes are accompanied by regression tests, ensuring the new import paths are handled correctly. The implementation is solid, but I've found an opportunity to simplify one of the regular expressions for better readability and maintainability, which I've detailed in a specific comment.

[coderabbitai]

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

Walkthrough

Migration regexes for JWT and Paseto extractors were widened to also match contrib v3 import paths; tests were added verifying migration of github.com/gofiber/contrib/v3/... imports and resulting extractor/import updates. No public signatures or control flow changes.

Changes

Cohort / File(s)	Change Summary
JWT Extractor Migration cmd/internal/migrations/v3/jwt_extractor.go	Broadened the import-path regex to match contrib v3 jwt paths (e.g., github.com/gofiber/contrib/v3/jwt) and added explanatory comments; no public API or control-flow changes.
JWT Extractor Tests cmd/internal/migrations/v3/jwt_extractor_test.go	Added Test_MigrateJWTExtractor_ContribV3Import to assert migration of contrib v3 jwt imports, expected extractor config (extractors.FromCookie("jwt")), injected github.com/gofiber/fiber/v3/extractors import, and emitted migration message.
Paseto Extractor Migration cmd/internal/migrations/v3/paseto_extractor.go	Broadened the import-path regex to match contrib v3 paseto paths (e.g., github.com/gofiber/contrib/v3/paseto) and added a clarifying comment; no signature or control-flow changes.
Paseto Extractor Tests cmd/internal/migrations/v3/paseto_extractor_test.go	Added Test_MigratePasetoExtractor_ContribV3Import to validate migration of contrib v3 paseto imports to extractors.FromCookie("session"), import injection, and presence of the migration header.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

• Pay attention to the updated regexes for correct anchors and to avoid false positives.
• Verify new tests follow existing patterns and sufficiently cover edge cases.
• Confirm comments accurately describe matching intent.

Possibly related PRs

• feat: Add extractors package fiber#3725 — Introduces/uses extractors.FromCookie and changes migration targets referenced by these migrations.
• Handle legacy jwt TokenLookup migration #240 — Similar updates to JWT extractor import-detection regex and tests; closely related.
• feat: Refactor WebSocket, JWT and PASETO Middleware to Refactor Filter to Next and Support Flexible Token Extractors contrib#1390 — Updates contrib v3 packages and path conventions that these migrations must detect.

Suggested reviewers

• gaby
• sixcolors
• efectn

Poem

🐰 I hopped through lines of code so spry,
Widened regex nets to catch v3—oh my!
JWT and Paseto now can be found,
Tests applaud the migration sound.
A little hop, a cheerful cry! 🥕

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely summarizes the main change: updating token migrators to handle contrib v3 imports.
Description check	✅ Passed	The description provides a clear summary of changes, testing steps, and references context, but lacks detailed explanation of the problem being solved.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch codex/2025-12-01-11-42-09

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c85790a and 54e2d7c.

📒 Files selected for processing (1)

• cmd/internal/migrations/v3/jwt_extractor.go (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• cmd/internal/migrations/v3/jwt_extractor.go

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: Build (1.25.x, macos-latest)
• GitHub Check: Build (1.25.x, windows-latest)
• GitHub Check: Build (1.25.x, macos-13)
• GitHub Check: Build (1.25.x, ubuntu-latest)

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e3c60c7 and c85790a.

📒 Files selected for processing (1)

• cmd/internal/migrations/v3/jwt_extractor.go (1 hunks)

🧰 Additional context used

🪛 GitHub Actions: golangci-lint

cmd/internal/migrations/v3/jwt_extractor.go

[error] 18-18: golangci-lint (gci): File is not properly formatted.

🪛 GitHub Check: lint

cmd/internal/migrations/v3/jwt_extractor.go

[failure] 18-18:
File is not properly formatted (gci)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Build (1.25.x, windows-latest)

🔇 Additional comments (1)

cmd/internal/migrations/v3/jwt_extractor.go (1)

16-19: Regex update correctly handles contrib/v3 and existing JWT import variants

The new reImport pattern cleanly supports both legacy and github.com/gofiber/contrib/v3/jwt import paths (with optional /vN suffixes) while preserving the alias capture in group 1 and existing behavior for non‑contrib imports. The added comment documents the intent well and keeps the migrator aligned with the paseto extractor behavior.