Neo OcLib
This commit is contained in:
@@ -35,13 +35,10 @@ type Config struct {
|
||||
|
||||
// OAuth2ClientID is the client_id registered in Hydra, used to initiate the authorization flow.
|
||||
OAuth2ClientID string
|
||||
// OAuth2AdminClientID is the client_id for the admin frontend.
|
||||
OAuth2AdminClientID string
|
||||
|
||||
// OAuthRedirectURI is the registered OAuth2 redirect_uri (frontend login/callback URL).
|
||||
// Hydra redirects here with login_challenge (login phase) or authorization code (callback phase).
|
||||
OAuthRedirectURI string
|
||||
OAdminAuthRedirectURI string
|
||||
|
||||
Local bool
|
||||
}
|
||||
|
||||
+63
-68
@@ -1,6 +1,7 @@
|
||||
package controllers
|
||||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
@@ -44,7 +45,7 @@ func getCachedSelfPeer() *model.Peer {
|
||||
Or: map[string][]dbs.Filter{
|
||||
"relation": {{Operator: dbs.EQUAL.String(), Value: peer.SELF}},
|
||||
},
|
||||
}, strconv.Itoa(peer.SELF.EnumIndex()), false)
|
||||
}, strconv.Itoa(peer.SELF.EnumIndex()), false, 0, 1)
|
||||
if len(pp.Data) == 0 || pp.Code >= 300 || pp.Err != "" {
|
||||
return nil
|
||||
}
|
||||
@@ -80,32 +81,10 @@ type OAuthController struct {
|
||||
// @Failure 500 internal error
|
||||
// @router /login [get]
|
||||
func (o *OAuthController) GetLogin() {
|
||||
fmt.Println("GetLogin")
|
||||
logger := oclib.GetLogger()
|
||||
challenge := o.Ctx.Input.Query("login_challenge")
|
||||
clientID := o.Ctx.Input.Query("client_id")
|
||||
if challenge == "" {
|
||||
// No challenge yet — initiate the OAuth2 flow server-side to get one from Hydra.
|
||||
// This supports thick clients that cannot follow browser redirects.
|
||||
freshChallenge, err := infrastructure.GetAuthConnector().InitiateLogin(clientID, "")
|
||||
if err != nil {
|
||||
logger.Error().Msg("Failed to initiate login: " + err.Error())
|
||||
o.Ctx.ResponseWriter.WriteHeader(500)
|
||||
o.Data["json"] = map[string]string{"error": err.Error()}
|
||||
o.ServeJSON()
|
||||
return
|
||||
}
|
||||
loginChallenge, err := infrastructure.GetAuthConnector().GetLoginChallenge(freshChallenge)
|
||||
if err != nil {
|
||||
logger.Error().Msg("Failed to get fresh login challenge: " + err.Error())
|
||||
o.Ctx.ResponseWriter.WriteHeader(500)
|
||||
o.Data["json"] = map[string]string{"error": err.Error()}
|
||||
o.ServeJSON()
|
||||
return
|
||||
}
|
||||
o.Data["json"] = loginChallenge
|
||||
o.ServeJSON()
|
||||
return
|
||||
}
|
||||
|
||||
if conf.GetConfig().Local {
|
||||
// In local mode, return a mock challenge for dev
|
||||
@@ -116,8 +95,34 @@ func (o *OAuthController) GetLogin() {
|
||||
o.ServeJSON()
|
||||
return
|
||||
}
|
||||
|
||||
loginChallenge, err := infrastructure.GetAuthConnector().GetLoginChallenge(challenge)
|
||||
var loginChallenge *auth_connectors.LoginChallenge
|
||||
var err error
|
||||
if challenge == "" {
|
||||
// No challenge yet — initiate the OAuth2 flow server-side to get one from Hydra.
|
||||
// This supports thick clients that cannot follow browser redirects.
|
||||
freshChallenge, err := infrastructure.GetAuthConnector().InitiateLogin(clientID, "")
|
||||
fmt.Println("freshChallenge", freshChallenge, err)
|
||||
if err != nil {
|
||||
logger.Error().Msg("Failed to initiate login: " + err.Error())
|
||||
o.Ctx.ResponseWriter.WriteHeader(500)
|
||||
o.Data["json"] = map[string]string{"error": err.Error()}
|
||||
o.ServeJSON()
|
||||
return
|
||||
}
|
||||
loginChallenge, err = infrastructure.GetAuthConnector().GetLoginChallenge(freshChallenge)
|
||||
fmt.Println("loginChallenge", loginChallenge, err)
|
||||
if err != nil {
|
||||
logger.Error().Msg("Failed to get fresh login challenge: " + err.Error())
|
||||
o.Ctx.ResponseWriter.WriteHeader(500)
|
||||
o.Data["json"] = map[string]string{"error": err.Error()}
|
||||
o.ServeJSON()
|
||||
return
|
||||
}
|
||||
o.Data["json"] = loginChallenge
|
||||
o.ServeJSON()
|
||||
return
|
||||
} else {
|
||||
loginChallenge, err = infrastructure.GetAuthConnector().GetLoginChallenge(challenge)
|
||||
if err != nil {
|
||||
logger.Error().Msg("Failed to get login challenge: " + err.Error())
|
||||
o.Ctx.ResponseWriter.WriteHeader(500)
|
||||
@@ -125,6 +130,7 @@ func (o *OAuthController) GetLogin() {
|
||||
o.ServeJSON()
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
// If skip is true, the user already has an active session — auto-accept
|
||||
if loginChallenge.Skip {
|
||||
@@ -140,7 +146,11 @@ func (o *OAuthController) GetLogin() {
|
||||
o.ServeJSON()
|
||||
return
|
||||
}
|
||||
// Return challenge info so frontend can render login form
|
||||
/*o.Ctx.ResponseWriter.Header().Set("Location", fmt.Sprintf("%s?login_challenge=%s",
|
||||
conf.GetConfig().Origin,
|
||||
url.QueryEscape(loginChallenge.Challenge),
|
||||
))
|
||||
o.Ctx.ResponseWriter.WriteHeader(http.StatusFound)*/
|
||||
o.Data["json"] = loginChallenge
|
||||
o.ServeJSON()
|
||||
}
|
||||
@@ -160,7 +170,7 @@ func (o *OAuthController) Login() {
|
||||
if returnMode == "" {
|
||||
returnMode = "redirect"
|
||||
}
|
||||
|
||||
fmt.Println("LOGSqsdsq", returnMode)
|
||||
var req auth_connectors.LoginRequest
|
||||
if err := json.Unmarshal(o.Ctx.Input.CopyBody(10000000), &req); err != nil {
|
||||
o.Ctx.ResponseWriter.WriteHeader(400)
|
||||
@@ -168,21 +178,21 @@ func (o *OAuthController) Login() {
|
||||
o.ServeJSON()
|
||||
return
|
||||
}
|
||||
|
||||
fmt.Println("LOGSqsdsq2", req)
|
||||
if req.Username == "" || req.Password == "" {
|
||||
o.Ctx.ResponseWriter.WriteHeader(400)
|
||||
o.Data["json"] = map[string]string{"error": "username and password are required"}
|
||||
o.ServeJSON()
|
||||
return
|
||||
}
|
||||
|
||||
fmt.Println("LOGSqsdsq3", req)
|
||||
if req.LoginChallenge == "" {
|
||||
o.Ctx.ResponseWriter.WriteHeader(400)
|
||||
o.Data["json"] = map[string]string{"error": "login_challenge is required in non-local mode"}
|
||||
o.ServeJSON()
|
||||
return
|
||||
}
|
||||
|
||||
fmt.Println("LOGSqsdsq4", req)
|
||||
// Authenticate via LDAP
|
||||
ldap := auth_connectors.New()
|
||||
found, err := ldap.Authenticate(o.Ctx.Request.Context(), req.Username, req.Password)
|
||||
@@ -193,11 +203,11 @@ func (o *OAuthController) Login() {
|
||||
o.ServeJSON()
|
||||
return
|
||||
}
|
||||
|
||||
fmt.Println("LOGSqsdsq5", req)
|
||||
if conf.GetConfig().Local {
|
||||
// In local mode, return a mock token for dev
|
||||
t := oclib.NewRequest(oclib.LibDataEnum(oclib.PEER), "", "", []string{}, nil).Search(
|
||||
nil, fmt.Sprintf("%v", model.SELF.EnumIndex()), false)
|
||||
nil, fmt.Sprintf("%v", model.SELF.EnumIndex()), false, 0, 1)
|
||||
if t.Err == "" && len(t.Data) > 0 {
|
||||
p := t.Data[0].(*model.Peer)
|
||||
c := infrastructure.GetClaims().BuildConsentSession("local", req.Username, p)
|
||||
@@ -240,6 +250,7 @@ func (o *OAuthController) Login() {
|
||||
switch returnMode {
|
||||
case "token", "json":
|
||||
tokenResp, err := completeFlowToToken(redirect.RedirectTo, req.Username, req.LoginChallenge)
|
||||
fmt.Println("LOGS", tokenResp)
|
||||
if err != nil {
|
||||
logger.Error().Msg("Failed to complete OAuth2 flow: " + err.Error())
|
||||
o.Ctx.ResponseWriter.WriteHeader(500)
|
||||
@@ -287,22 +298,7 @@ func (o *OAuthController) Consent() {
|
||||
o.ServeJSON()
|
||||
return
|
||||
}
|
||||
|
||||
// Get self peer for signing
|
||||
pp := oclib.NewRequestAdmin(oclib.LibDataEnum(oclib.PEER), nil).Search(
|
||||
&dbs.Filters{
|
||||
Or: map[string][]dbs.Filter{ // search by name if no filters are provided
|
||||
"relation": {{Operator: dbs.EQUAL.String(), Value: peer.SELF}},
|
||||
},
|
||||
}, strconv.Itoa(peer.SELF.EnumIndex()), false)
|
||||
if len(pp.Data) == 0 || pp.Code >= 300 || pp.Err != "" {
|
||||
logger.Error().Msg("Self peer not found")
|
||||
o.Ctx.ResponseWriter.WriteHeader(500)
|
||||
o.Data["json"] = map[string]string{"error": "self peer not found"}
|
||||
o.ServeJSON()
|
||||
return
|
||||
}
|
||||
p := pp.Data[0].(*peer.Peer)
|
||||
p := getCachedSelfPeer()
|
||||
|
||||
// Extract client_id from consent challenge
|
||||
clientID := ""
|
||||
@@ -533,33 +529,34 @@ func (o *OAuthController) InternalAuthForward() {
|
||||
reqToken = "Bearer " + proto
|
||||
}
|
||||
}
|
||||
fmt.Println("InternalAuthForward Bearer", reqToken)
|
||||
if reqToken == "" {
|
||||
// Step 1: no token — allow oc-auth's own challenge endpoints (no token needed).
|
||||
// No token and not a whitelisted path → restart OAuth2 flow.
|
||||
fmt.Println("NO TOKEN")
|
||||
o.redirectToLogin(origin)
|
||||
o.redirectToLogin()
|
||||
return
|
||||
}
|
||||
|
||||
fmt.Println("InternalAuthForward Bearer 2", reqToken)
|
||||
// Step 2: extract Bearer token — malformed header treated as missing token.
|
||||
splitToken := strings.Split(reqToken, "Bearer ")
|
||||
if len(splitToken) < 2 || splitToken[1] == "" {
|
||||
fmt.Println("MALFORMED BEARER")
|
||||
o.redirectToLogin(origin)
|
||||
o.redirectToLogin()
|
||||
return
|
||||
}
|
||||
reqToken = splitToken[1]
|
||||
|
||||
// Step 3: verify the token belongs to our self peer.
|
||||
// Decode the JWT payload and extract ext.peer_id, then compare against the cached self peer UUID.
|
||||
// A mismatch means the request comes from a foreign peer → 401 (not a login problem).
|
||||
tokenPeerID := extractPeerIDFromToken(reqToken)
|
||||
selfPeer := getCachedSelfPeer()
|
||||
fmt.Println("TOKEN", tokenPeerID, selfPeer.UUID)
|
||||
if selfPeer == nil || tokenPeerID != selfPeer.UUID {
|
||||
fmt.Println("TOKEN", selfPeer == nil, tokenPeerID != selfPeer.UUID, tokenPeerID, selfPeer.UUID)
|
||||
/*if selfPeer == nil || tokenPeerID != selfPeer.UUID {
|
||||
o.Ctx.ResponseWriter.WriteHeader(http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
}*/
|
||||
fmt.Println("InternalAuthForward Bearer 4", reqToken)
|
||||
// Step 4: introspect via Hydra then check permissions via Keto.
|
||||
// 401 → token inactive/invalid, user must re-authenticate → restart OAuth2 flow.
|
||||
// 403 → token valid, but permissions denied → forbidden.
|
||||
@@ -585,29 +582,27 @@ func (o *OAuthController) InternalAuthForward() {
|
||||
default:
|
||||
fmt.Println("redirectToLogin UNAUTHORIZED")
|
||||
// 401 or unexpected status → token likely expired, restart the OAuth2 flow.
|
||||
o.redirectToLogin(origin)
|
||||
o.redirectToLogin()
|
||||
}
|
||||
}
|
||||
|
||||
// redirectToLogin redirects the client to Hydra's authorization endpoint to start a fresh
|
||||
// OAuth2 flow. Hydra will generate a login_challenge and redirect to the configured login URL.
|
||||
func (o *OAuthController) redirectToLogin(origin string) {
|
||||
func (o *OAuthController) redirectToLogin() {
|
||||
cfg := conf.GetConfig()
|
||||
|
||||
var clientID, redirectURI string
|
||||
if strings.Contains(origin, cfg.AdminOrigin) {
|
||||
clientID = cfg.OAuth2AdminClientID
|
||||
redirectURI = cfg.OAdminAuthRedirectURI
|
||||
} else {
|
||||
clientID = cfg.OAuth2ClientID
|
||||
redirectURI = cfg.OAuthRedirectURI
|
||||
}
|
||||
stateBytes := make([]byte, 16)
|
||||
rand.Read(stateBytes)
|
||||
state := base64.RawURLEncoding.EncodeToString(stateBytes)
|
||||
|
||||
hydraAuthURL := fmt.Sprintf("http://%s:%d/oauth2/auth?client_id=%s&response_type=code&redirect_uri=%s&scope=openid",
|
||||
cfg.AuthConnectPublicHost,
|
||||
cfg.AuthConnectorPort,
|
||||
hydraAuthURL := fmt.Sprintf("%s/hydra/oauth2/auth?client_id=%s&response_type=code&redirect_uri=%s&scope=openid&state=%s",
|
||||
conf.GetConfig().Origin,
|
||||
url.QueryEscape(clientID),
|
||||
url.QueryEscape(redirectURI),
|
||||
url.QueryEscape(state),
|
||||
)
|
||||
|
||||
o.Ctx.ResponseWriter.Header().Set("Location", hydraAuthURL)
|
||||
@@ -628,7 +623,7 @@ func (o *OAuthController) extractOrigin(request *http.Request) (string, string,
|
||||
if t != "" {
|
||||
searchStr = strings.Replace(searchStr, t, "", -1)
|
||||
}
|
||||
pp := oclib.NewRequest(oclib.LibDataEnum(oclib.PEER), user, peerID, groups, nil).Search(nil, searchStr, false)
|
||||
pp := oclib.NewRequest(oclib.LibDataEnum(oclib.PEER), user, peerID, groups, nil).Search(nil, searchStr, false, 0, 1)
|
||||
if pp.Code != 200 || len(pp.Data) == 0 {
|
||||
return "", "", external
|
||||
}
|
||||
@@ -734,7 +729,7 @@ func completeFlowToToken(loginRedirectTo string, subject string, loginChallenge
|
||||
Or: map[string][]dbs.Filter{
|
||||
"relation": {{Operator: dbs.EQUAL.String(), Value: peer.SELF}},
|
||||
},
|
||||
}, strconv.Itoa(peer.SELF.EnumIndex()), false)
|
||||
}, strconv.Itoa(peer.SELF.EnumIndex()), false, 0, 1)
|
||||
if len(pp.Data) == 0 || pp.Code >= 300 || pp.Err != "" {
|
||||
return nil, fmt.Errorf("self peer not found")
|
||||
}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
KUBERNETES_SERVICE_HOST=192.168.47.20
|
||||
KUBE_CA="LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkekNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdGMyVnkKZG1WeUxXTmhRREUzTWpNeE1USXdNell3SGhjTk1qUXdPREE0TVRBeE16VTJXaGNOTXpRd09EQTJNVEF4TXpVMgpXakFqTVNFd0h3WURWUVFEREJock0zTXRjMlZ5ZG1WeUxXTmhRREUzTWpNeE1USXdNell3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFTVlk3ZHZhNEdYTVdkMy9jMlhLN3JLYjlnWXgyNSthaEE0NmkyNVBkSFAKRktQL2UxSVMyWVF0dzNYZW1TTUQxaStZdzJSaVppNUQrSVZUamNtNHdhcnFvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVWtlUVJpNFJiODduME5yRnZaWjZHClc2SU55NnN3Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUlnRXA5ck04WmdNclRZSHYxZjNzOW5DZXZZeWVVa3lZUk4KWjUzazdoaytJS1FDSVFDbk05TnVGKzlTakIzNDFacGZ5ays2NEpWdkpSM3BhcmVaejdMd2lhNm9kdz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K"
|
||||
KUBE_CERT="LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJrVENDQVRlZ0F3SUJBZ0lJWUxWNkFPQkdrU1F3Q2dZSUtvWkl6ajBFQXdJd0l6RWhNQjhHQTFVRUF3d1kKYXpOekxXTnNhV1Z1ZEMxallVQXhOekl6TVRFeU1ETTJNQjRYRFRJME1EZ3dPREV3TVRNMU5sb1hEVEkxTURndwpPREV3TVRNMU5sb3dNREVYTUJVR0ExVUVDaE1PYzNsemRHVnRPbTFoYzNSbGNuTXhGVEFUQmdOVkJBTVRESE41CmMzUmxiVHBoWkcxcGJqQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJGQ2Q1MFdPeWdlQ2syQzcKV2FrOWY4MVAvSkJieVRIajRWOXBsTEo0ck5HeHFtSjJOb2xROFYxdUx5RjBtOTQ2Nkc0RmRDQ2dqaXFVSk92Swp3NVRPNnd5alNEQkdNQTRHQTFVZER3RUIvd1FFQXdJRm9EQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBakFmCkJnTlZIU01FR0RBV2dCVFJkOFI5cXVWK2pjeUVmL0ovT1hQSzMyS09XekFLQmdncWhrak9QUVFEQWdOSUFEQkYKQWlFQTArbThqTDBJVldvUTZ0dnB4cFo4NVlMalF1SmpwdXM0aDdnSXRxS3NmUVVDSUI2M2ZNdzFBMm5OVWU1TgpIUGZOcEQwSEtwcVN0Wnk4djIyVzliYlJUNklZCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJlRENDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdFkyeHAKWlc1MExXTmhRREUzTWpNeE1USXdNell3SGhjTk1qUXdPREE0TVRBeE16VTJXaGNOTXpRd09EQTJNVEF4TXpVMgpXakFqTVNFd0h3WURWUVFEREJock0zTXRZMnhwWlc1MExXTmhRREUzTWpNeE1USXdNell3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFRc3hXWk9pbnIrcVp4TmFEQjVGMGsvTDF5cE01VHAxOFRaeU92ektJazQKRTFsZWVqUm9STW0zNmhPeVljbnN3d3JoNnhSUnBpMW5RdGhyMzg0S0Z6MlBvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVTBYZkVmYXJsZm8zTWhIL3lmemx6Cnl0OWlqbHN3Q2dZSUtvWkl6ajBFQXdJRFNRQXdSZ0loQUxJL2dNYnNMT3MvUUpJa3U2WHVpRVMwTEE2cEJHMXgKcnBlTnpGdlZOekZsQWlFQW1wdjBubjZqN3M0MVI0QzFNMEpSL0djNE53MHdldlFmZWdEVGF1R2p3cFk9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K"
|
||||
KUBE_DATA="LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSU5ZS1BFb1dhd1NKUzJlRW5oWmlYMk5VZlY1ZlhKV2krSVNnV09TNFE5VTlvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFVUozblJZN0tCNEtUWUx0WnFUMS96VS84a0Z2Sk1lUGhYMm1Vc25pczBiR3FZblkyaVZEeApYVzR2SVhTYjNqcm9iZ1YwSUtDT0twUWs2OHJEbE03ckRBPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo="
|
||||
KUBERNETES_SERVICE_HOST=192.168.1.169
|
||||
KUBE_CA="LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkekNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdGMyVnkKZG1WeUxXTmhRREUzTnpReU56STVNVEF3SGhjTk1qWXdNekl6TVRNek5URXdXaGNOTXpZd016SXdNVE16TlRFdwpXakFqTVNFd0h3WURWUVFEREJock0zTXRjMlZ5ZG1WeUxXTmhRREUzTnpReU56STVNVEF3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFSSGpYRDVpbnRIYWZWSk5VaDFlRnIxcXBKdFlkUmc5NStKVENEa0tadTIKYjUxRXlKaG1zanRIY3BDUndGL1VGMzlvdzY4TFBUcjBxaUorUHlhQTBLZUtvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVTdWQkNzZVN3ajJ2cmczMFE5UG8vCnV6ZzAvMjR3Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUloQUlEOVY2aFlUSS83ZW1hRzU0dDdDWVU3TXFSdDdESUkKNlgvSUwrQ0RLbzlNQWlCdlFEMGJmT0tVWDc4UmRGdUplcEhEdWFUMUExaGkxcWdIUGduM1dZdDBxUT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K"
|
||||
KUBE_CERT="LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJrVENDQVRlZ0F3SUJBZ0lJUU5KbFNJQUJPMDR3Q2dZSUtvWkl6ajBFQXdJd0l6RWhNQjhHQTFVRUF3d1kKYXpOekxXTnNhV1Z1ZEMxallVQXhOemMwTWpjeU9URXdNQjRYRFRJMk1ETXlNekV6TXpVeE1Gb1hEVEkzTURNeQpNekV6TXpVeE1Gb3dNREVYTUJVR0ExVUVDaE1PYzNsemRHVnRPbTFoYzNSbGNuTXhGVEFUQmdOVkJBTVRESE41CmMzUmxiVHBoWkcxcGJqQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJMY3Uwb2pUbVg4RFhTQkYKSHZwZDZNVEoyTHdXc1lRTmdZVURXRDhTVERIUWlCczlMZ0x5ZTdOMEFvZk85RkNZVW1HamhiaVd3WFVHR3dGTgpUdlRMU2lXalNEQkdNQTRHQTFVZER3RUIvd1FFQXdJRm9EQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBakFmCkJnTlZIU01FR0RBV2dCUlJhRW9wQzc5NGJyTHlnR0g5SVhvbDZTSmlFREFLQmdncWhrak9QUVFEQWdOSUFEQkYKQWlFQWhaRUlrSWV3Y1loL1NmTFVCVjE5MW1CYTNRK0J5S2J5eTVlQmpwL3kzeWtDSUIxWTJicTVOZTNLUUU4RAprNnNzeFJrbjJmN0VoWWVRQU1pUlJ2MjIweDNLCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkekNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdFkyeHAKWlc1MExXTmhRREUzTnpReU56STVNVEF3SGhjTk1qWXdNekl6TVRNek5URXdXaGNOTXpZd016SXdNVE16TlRFdwpXakFqTVNFd0h3WURWUVFEREJock0zTXRZMnhwWlc1MExXTmhRREUzTnpReU56STVNVEF3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFTcTdVTC85MEc1ZmVTaE95NjI3eGFZWlM5dHhFdWFoWFQ3Vk5wZkpQSnMKaEdXd2UxOXdtbXZzdlp6dlNPUWFRSzJaMmttN0hSb1IrNlA1YjIyamczbHVvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVVVXaEtLUXUvZUc2eThvQmgvU0Y2Ckpla2lZaEF3Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUloQUk3cGxHczFtV20ySDErbjRobDBNTk13RmZzd0o5ZXIKTzRGVkM0QzhwRG44QWlCN3NZMVFwd2M5VkRUeGNZaGxuZzZNUzRXai85K0lHWjJxcy94UStrMjdTQT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K"
|
||||
KUBE_DATA="LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUROZDRnWXd6aVRhK1hwNnFtNVc3SHFzc1JJNkREaUJTbUV2ZHoxZzk3VGxvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFdHk3U2lOT1pmd05kSUVVZStsM294TW5ZdkJheGhBMkJoUU5ZUHhKTU1kQ0lHejB1QXZKNwpzM1FDaDg3MFVKaFNZYU9GdUpiQmRRWWJBVTFPOU10S0pRPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo="
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
module oc-auth
|
||||
|
||||
go 1.24.6
|
||||
go 1.25.0
|
||||
|
||||
require (
|
||||
cloud.o-forge.io/core/oc-lib v0.0.0-20260219084344-9662ac6d678c
|
||||
github.com/beego/beego/v2 v2.3.1
|
||||
cloud.o-forge.io/core/oc-lib v0.0.0-20260527135023-cef23b5f307b
|
||||
github.com/beego/beego/v2 v2.3.8
|
||||
github.com/smartystreets/goconvey v1.7.2
|
||||
go.uber.org/zap v1.27.0
|
||||
)
|
||||
@@ -16,13 +16,43 @@ require (
|
||||
github.com/biter777/countries v1.7.5 // indirect
|
||||
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
|
||||
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 // indirect
|
||||
github.com/emicklei/go-restful/v3 v3.12.2 // indirect
|
||||
github.com/fxamacker/cbor/v2 v2.9.0 // indirect
|
||||
github.com/go-asn1-ber/asn1-ber v1.5.5 // indirect
|
||||
github.com/go-logr/logr v1.4.3 // indirect
|
||||
github.com/go-openapi/jsonpointer v0.21.0 // indirect
|
||||
github.com/go-openapi/jsonreference v0.20.2 // indirect
|
||||
github.com/go-openapi/swag v0.23.0 // indirect
|
||||
github.com/gofrs/uuid v4.3.0+incompatible // indirect
|
||||
github.com/google/gnostic-models v0.7.0 // indirect
|
||||
github.com/josharian/intern v1.0.0 // indirect
|
||||
github.com/json-iterator/go v1.1.12 // indirect
|
||||
github.com/libp2p/go-libp2p/core v0.43.0-rc2 // indirect
|
||||
github.com/mailru/easyjson v0.7.7 // indirect
|
||||
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
|
||||
github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect
|
||||
github.com/nats-io/nats.go v1.37.0 // indirect
|
||||
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
|
||||
github.com/rogpeppe/go-internal v1.13.1 // indirect
|
||||
github.com/rogpeppe/go-internal v1.14.1 // indirect
|
||||
github.com/x448/float16 v0.8.4 // indirect
|
||||
go.uber.org/multierr v1.10.0 // indirect
|
||||
go.yaml.in/yaml/v2 v2.4.3 // indirect
|
||||
go.yaml.in/yaml/v3 v3.0.4 // indirect
|
||||
golang.org/x/oauth2 v0.30.0 // indirect
|
||||
golang.org/x/term v0.37.0 // indirect
|
||||
golang.org/x/time v0.9.0 // indirect
|
||||
gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect
|
||||
gopkg.in/inf.v0 v0.9.1 // indirect
|
||||
k8s.io/api v0.35.1 // indirect
|
||||
k8s.io/apimachinery v0.35.1 // indirect
|
||||
k8s.io/client-go v0.35.1 // indirect
|
||||
k8s.io/klog/v2 v2.130.1 // indirect
|
||||
k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 // indirect
|
||||
k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 // indirect
|
||||
sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect
|
||||
sigs.k8s.io/randfill v1.0.0 // indirect
|
||||
sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect
|
||||
sigs.k8s.io/yaml v1.6.0 // indirect
|
||||
)
|
||||
|
||||
require (
|
||||
@@ -63,11 +93,11 @@ require (
|
||||
github.com/xdg-go/stringprep v1.0.4 // indirect
|
||||
github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78 // indirect
|
||||
go.mongodb.org/mongo-driver v1.17.1 // indirect
|
||||
golang.org/x/crypto v0.39.0 // indirect
|
||||
golang.org/x/net v0.30.0 // indirect
|
||||
golang.org/x/sync v0.15.0 // indirect
|
||||
golang.org/x/sys v0.33.0 // indirect
|
||||
golang.org/x/text v0.26.0 // indirect
|
||||
google.golang.org/protobuf v1.36.6 // indirect
|
||||
golang.org/x/crypto v0.44.0 // indirect
|
||||
golang.org/x/net v0.47.0 // indirect
|
||||
golang.org/x/sync v0.18.0 // indirect
|
||||
golang.org/x/sys v0.38.0 // indirect
|
||||
golang.org/x/text v0.31.0 // indirect
|
||||
google.golang.org/protobuf v1.36.8 // indirect
|
||||
gopkg.in/yaml.v3 v3.0.1 // indirect
|
||||
)
|
||||
|
||||
@@ -6,6 +6,8 @@ cloud.o-forge.io/core/oc-lib v0.0.0-20260212123952-403913d8cf13 h1:DNIPQ7C+7wjbj
|
||||
cloud.o-forge.io/core/oc-lib v0.0.0-20260212123952-403913d8cf13/go.mod h1:jmyBwmsac/4V7XPL347qawF60JsBCDmNAMfn/ySXKYo=
|
||||
cloud.o-forge.io/core/oc-lib v0.0.0-20260219084344-9662ac6d678c h1:brsB6se+xMv386Vf6dSu3In2QZSH4EqgcAYkI4fNpJw=
|
||||
cloud.o-forge.io/core/oc-lib v0.0.0-20260219084344-9662ac6d678c/go.mod h1:jmyBwmsac/4V7XPL347qawF60JsBCDmNAMfn/ySXKYo=
|
||||
cloud.o-forge.io/core/oc-lib v0.0.0-20260527135023-cef23b5f307b h1:TWhmHeurbBmdyevREh4+mHWOBehO2AK587RCIjCfvOc=
|
||||
cloud.o-forge.io/core/oc-lib v0.0.0-20260527135023-cef23b5f307b/go.mod h1:JynnOb3eMr9VZW1mHq+Vsl3tzx6gPhPsGKpQD/dtEBc=
|
||||
github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 h1:mFRzDkZVAjdal+s7s0MwaRv9igoPqLRdzOLzw/8Xvq8=
|
||||
github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU=
|
||||
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
|
||||
@@ -13,6 +15,8 @@ github.com/alexbrainman/sspi v0.0.0-20231016080023-1a75b4708caa h1:LHTHcTQiSGT7V
|
||||
github.com/alexbrainman/sspi v0.0.0-20231016080023-1a75b4708caa/go.mod h1:cEWa1LVoE5KvSD9ONXsZrj0z6KqySlCCNKHlLzbqAt4=
|
||||
github.com/beego/beego/v2 v2.3.1 h1:7MUKMpJYzOXtCUsTEoXOxsDV/UcHw6CPbaWMlthVNsc=
|
||||
github.com/beego/beego/v2 v2.3.1/go.mod h1:5cqHsOHJIxkq44tBpRvtDe59GuVRVv/9/tyVDxd5ce4=
|
||||
github.com/beego/beego/v2 v2.3.8 h1:wplhB1pF4TxR+2SS4PUej8eDoH4xGfxuHfS7wAk9VBc=
|
||||
github.com/beego/beego/v2 v2.3.8/go.mod h1:8vl9+RrXqvodrl9C8yivX1e6le6deCK6RWeq8R7gTTg=
|
||||
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
|
||||
github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
|
||||
github.com/biter777/countries v1.7.5 h1:MJ+n3+rSxWQdqVJU8eBy9RqcdH6ePPn4PJHocVWUa+Q=
|
||||
@@ -25,6 +29,7 @@ github.com/coocood/freecache v1.2.4/go.mod h1:RBUWa/Cy+OHdfTGFEhEuE1pMCMX51Ncizj
|
||||
github.com/coreos/etcd v3.3.17+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
|
||||
github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
|
||||
github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
|
||||
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
|
||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
|
||||
@@ -33,14 +38,28 @@ github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 h1:NMZiJj8QnKe1LgsbDayM4UoHwbvw
|
||||
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0/go.mod h1:ZXNYxsqcloTdSy/rNShjYzMhyjf0LaoftYK0p+A3h40=
|
||||
github.com/elazarl/go-bindata-assetfs v1.0.1 h1:m0kkaHRKEu7tUIUFVwhGGGYClXvyl4RE03qmvRTNfbw=
|
||||
github.com/elazarl/go-bindata-assetfs v1.0.1/go.mod h1:v+YaWX3bdea5J/mo8dSETolEo7R71Vk1u8bnjau5yw4=
|
||||
github.com/emicklei/go-restful/v3 v3.12.2 h1:DhwDP0vY3k8ZzE0RunuJy8GhNpPL6zqLkDf9B/a0/xU=
|
||||
github.com/emicklei/go-restful/v3 v3.12.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
|
||||
github.com/etcd-io/etcd v3.3.17+incompatible/go.mod h1:cdZ77EstHBwVtD6iTgzgvogwcjo9m4iOqoijouPJ4bs=
|
||||
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
|
||||
github.com/fxamacker/cbor/v2 v2.9.0 h1:NpKPmjDBgUfBms6tr6JZkTHtfFGcMKsw3eGcmD/sapM=
|
||||
github.com/fxamacker/cbor/v2 v2.9.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ=
|
||||
github.com/gabriel-vasile/mimetype v1.4.6 h1:3+PzJTKLkvgjeTbts6msPJt4DixhT4YtFNf1gtGe3zc=
|
||||
github.com/gabriel-vasile/mimetype v1.4.6/go.mod h1:JX1qVKqZd40hUPpAfiNTe0Sne7hdfKSbOqqmkq8GCXc=
|
||||
github.com/go-asn1-ber/asn1-ber v1.5.5 h1:MNHlNMBDgEKD4TcKr36vQN68BA00aDfjIt3/bD50WnA=
|
||||
github.com/go-asn1-ber/asn1-ber v1.5.5/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0=
|
||||
github.com/go-ldap/ldap/v3 v3.4.8 h1:loKJyspcRezt2Q3ZRMq2p/0v8iOurlmeXDPw6fikSvQ=
|
||||
github.com/go-ldap/ldap/v3 v3.4.8/go.mod h1:qS3Sjlu76eHfHGpUdWkAXQTw4beih+cHsco2jXlIXrk=
|
||||
github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI=
|
||||
github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
|
||||
github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs=
|
||||
github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ=
|
||||
github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY=
|
||||
github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE=
|
||||
github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k=
|
||||
github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14=
|
||||
github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE=
|
||||
github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ=
|
||||
github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
|
||||
github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
|
||||
github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=
|
||||
@@ -55,6 +74,8 @@ github.com/gofrs/uuid v4.3.0+incompatible h1:CaSVZxm5B+7o45rtab4jC2G37WGYX1zQfuU
|
||||
github.com/gofrs/uuid v4.3.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
|
||||
github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM=
|
||||
github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
|
||||
github.com/google/gnostic-models v0.7.0 h1:qwTtogB15McXDaNqTZdzPJRHvaVJlAl+HVQnLmJEJxo=
|
||||
github.com/google/gnostic-models v0.7.0/go.mod h1:whL5G0m6dmc5cPxKc5bdKdEN3UjI7OUGxBlw57miDrQ=
|
||||
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
|
||||
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
|
||||
github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
|
||||
@@ -88,13 +109,20 @@ github.com/jcmturner/gokrb5/v8 v8.4.4 h1:x1Sv4HaTpepFkXbt2IkL29DXRf8sOfZXo8eRKh6
|
||||
github.com/jcmturner/gokrb5/v8 v8.4.4/go.mod h1:1btQEpgT6k+unzCwX1KdWMEwPPkkgBtP+F6aCACiMrs=
|
||||
github.com/jcmturner/rpc/v2 v2.0.3 h1:7FXXj8Ti1IaVFpSAziCZWNzbNuZmnvw/i6CqLNdWfZY=
|
||||
github.com/jcmturner/rpc/v2 v2.0.3/go.mod h1:VUJYCIDm3PVOEHw8sgt091/20OJjskO/YJki3ELg/Hc=
|
||||
github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
|
||||
github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
|
||||
github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
|
||||
github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
|
||||
github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
|
||||
github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo=
|
||||
github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
|
||||
github.com/klauspost/compress v1.17.11 h1:In6xLpyWOi1+C7tXUUWv2ot1QvBjxevKAaI6IXrJmUc=
|
||||
github.com/klauspost/compress v1.17.11/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0=
|
||||
github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
|
||||
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
|
||||
github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
|
||||
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
||||
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
|
||||
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
|
||||
github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
|
||||
@@ -104,6 +132,8 @@ github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjS
|
||||
github.com/libp2p/go-libp2p/core v0.43.0-rc2 h1:1X1aDJNWhMfodJ/ynbaGLkgnC8f+hfBIqQDrzxFZOqI=
|
||||
github.com/libp2p/go-libp2p/core v0.43.0-rc2/go.mod h1:NYeJ9lvyBv9nbDk2IuGb8gFKEOkIv/W5YRIy1pAJB2Q=
|
||||
github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
|
||||
github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=
|
||||
github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
|
||||
github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
|
||||
github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
|
||||
github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
|
||||
@@ -114,9 +144,13 @@ github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh
|
||||
github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
|
||||
github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
|
||||
github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
|
||||
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
|
||||
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
|
||||
github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
|
||||
github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
|
||||
github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
|
||||
github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee h1:W5t00kpgFdJifH4BDsTlE89Zl93FEloxaWZfGcifgq8=
|
||||
github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
|
||||
github.com/montanaflynn/stats v0.7.1 h1:etflOAAHORrCC44V+aR6Ftzort912ZU+YLiSTuV8eaE=
|
||||
github.com/montanaflynn/stats v0.7.1/go.mod h1:etXPPgVO6n31NxCd9KQUMvCM+ve0ruNzt6R8Bnaayow=
|
||||
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
|
||||
@@ -145,6 +179,7 @@ github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoG
|
||||
github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
|
||||
github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
|
||||
github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o=
|
||||
github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc=
|
||||
github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
|
||||
github.com/rs/zerolog v1.33.0 h1:1cU2KZkvPxNyfgEmhHAz/1A9Bz+llsdYzklWFzgp0r8=
|
||||
github.com/rs/zerolog v1.33.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss=
|
||||
@@ -167,6 +202,8 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO
|
||||
github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
|
||||
github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
|
||||
github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
|
||||
github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
|
||||
github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
|
||||
github.com/xdg-go/pbkdf2 v1.0.0 h1:Su7DPu48wXMwC3bs7MCNG+z4FhcyEuz5dlvchbq0B0c=
|
||||
github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI=
|
||||
github.com/xdg-go/scram v1.1.2 h1:FHX5I5B4i4hKRVRBCFRxq1iQRej7WO3hhBuJf+UUySY=
|
||||
@@ -187,6 +224,10 @@ go.uber.org/multierr v1.10.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN8
|
||||
go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
|
||||
go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
|
||||
go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
|
||||
go.yaml.in/yaml/v2 v2.4.3 h1:6gvOSjQoTB3vt1l+CU+tSyi/HOjfOjRLJ4YwYZGwRO0=
|
||||
go.yaml.in/yaml/v2 v2.4.3/go.mod h1:zSxWcmIDjOzPXpjlTTbAsKokqkDNAVtZO0WOMiT90s8=
|
||||
go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc=
|
||||
go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg=
|
||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||
golang.org/x/crypto v0.0.0-20191112222119-e1110fd1c708/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
||||
@@ -197,6 +238,8 @@ golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw=
|
||||
golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U=
|
||||
golang.org/x/crypto v0.39.0 h1:SHs+kF4LP+f+p14esP5jAoDpHU8Gu/v9lFRK6IT5imM=
|
||||
golang.org/x/crypto v0.39.0/go.mod h1:L+Xg3Wf6HoL4Bn4238Z6ft6KfEpN0tJGo53AAPC632U=
|
||||
golang.org/x/crypto v0.44.0 h1:A97SsFvM3AIwEEmTBiaxPPTYpDC47w720rdiiUvgoAU=
|
||||
golang.org/x/crypto v0.44.0/go.mod h1:013i+Nw79BMiQiMsOPcVCB5ZIJbYkerPrGnOa00tvmc=
|
||||
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
|
||||
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
|
||||
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||
@@ -212,6 +255,10 @@ golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
|
||||
golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
|
||||
golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4=
|
||||
golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU=
|
||||
golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
|
||||
golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
|
||||
golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI=
|
||||
golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU=
|
||||
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
@@ -219,6 +266,8 @@ golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
|
||||
golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
|
||||
golang.org/x/sync v0.15.0 h1:KWH3jNZsfyT6xfAfKiz6MRNmd46ByHDYaZ7KSkCtdW8=
|
||||
golang.org/x/sync v0.15.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
|
||||
golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I=
|
||||
golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
|
||||
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20191115151921-52ab43148777/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
@@ -237,12 +286,16 @@ golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo=
|
||||
golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw=
|
||||
golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
|
||||
golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
|
||||
golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
|
||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
||||
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
|
||||
golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
|
||||
golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
|
||||
golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58=
|
||||
golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU=
|
||||
golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254=
|
||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
|
||||
@@ -254,6 +307,10 @@ golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM=
|
||||
golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
|
||||
golang.org/x/text v0.26.0 h1:P42AVeLghgTYr4+xUnTRKDMqpar+PtX7KWuNQL21L8M=
|
||||
golang.org/x/text v0.26.0/go.mod h1:QK15LZJUUQVJxhz7wXgxSy/CJaTFjd0G+YLonydOVQA=
|
||||
golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM=
|
||||
golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM=
|
||||
golang.org/x/time v0.9.0 h1:EsRrnYcQiGH+5FfbgvV4AP7qEZstoyrHB0DzarOQ4ZY=
|
||||
golang.org/x/time v0.9.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
|
||||
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||
golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
||||
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||
@@ -264,12 +321,38 @@ google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFyt
|
||||
google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
|
||||
google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY=
|
||||
google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY=
|
||||
google.golang.org/protobuf v1.36.8 h1:xHScyCOEuuwZEc6UtSOvPbAT4zRh0xcNRYekJwfqyMc=
|
||||
google.golang.org/protobuf v1.36.8/go.mod h1:fuxRtAxBytpl4zzqUh6/eyUujkJdNiuEkXntxiD/uRU=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
|
||||
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
|
||||
gopkg.in/evanphx/json-patch.v4 v4.13.0 h1:czT3CmqEaQ1aanPc5SdlgQrrEIb8w/wwCvWWnfEbYzo=
|
||||
gopkg.in/evanphx/json-patch.v4 v4.13.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M=
|
||||
gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=
|
||||
gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
|
||||
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
k8s.io/api v0.35.1 h1:0PO/1FhlK/EQNVK5+txc4FuhQibV25VLSdLMmGpDE/Q=
|
||||
k8s.io/api v0.35.1/go.mod h1:28uR9xlXWml9eT0uaGo6y71xK86JBELShLy4wR1XtxM=
|
||||
k8s.io/apimachinery v0.35.1 h1:yxO6gV555P1YV0SANtnTjXYfiivaTPvCTKX6w6qdDsU=
|
||||
k8s.io/apimachinery v0.35.1/go.mod h1:jQCgFZFR1F4Ik7hvr2g84RTJSZegBc8yHgFWKn//hns=
|
||||
k8s.io/client-go v0.35.1 h1:+eSfZHwuo/I19PaSxqumjqZ9l5XiTEKbIaJ+j1wLcLM=
|
||||
k8s.io/client-go v0.35.1/go.mod h1:1p1KxDt3a0ruRfc/pG4qT/3oHmUj1AhSHEcxNSGg+OA=
|
||||
k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk=
|
||||
k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
|
||||
k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 h1:Y3gxNAuB0OBLImH611+UDZcmKS3g6CthxToOb37KgwE=
|
||||
k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912/go.mod h1:kdmbQkyfwUagLfXIad1y2TdrjPFWp2Q89B3qkRwf/pQ=
|
||||
k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 h1:SjGebBtkBqHFOli+05xYbK8YF1Dzkbzn+gDM4X9T4Ck=
|
||||
k8s.io/utils v0.0.0-20251002143259-bc988d571ff4/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
|
||||
sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg=
|
||||
sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg=
|
||||
sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU=
|
||||
sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY=
|
||||
sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco=
|
||||
sigs.k8s.io/structured-merge-diff/v6 v6.3.0/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE=
|
||||
sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs=
|
||||
sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4=
|
||||
|
||||
@@ -21,6 +21,7 @@ import (
|
||||
)
|
||||
|
||||
type HydraConnector struct {
|
||||
Mu sync.RWMutex
|
||||
Caller *tools.HTTPCaller
|
||||
cookieJars sync.Map // map[loginChallenge] *cookiejar.Jar
|
||||
}
|
||||
@@ -33,6 +34,8 @@ func (h *HydraConnector) Status() tools.State {
|
||||
host = "localhost"
|
||||
}
|
||||
port := fmt.Sprintf("%v", conf.GetConfig().AuthConnectorPort)
|
||||
h.Mu.Lock()
|
||||
defer h.Mu.Unlock()
|
||||
resp, err := caller.CallGet("http://"+host+":"+port, "/health/ready")
|
||||
if err != nil {
|
||||
return tools.DEAD
|
||||
@@ -120,6 +123,8 @@ func (h *HydraConnector) InitiateLogin(clientID string, redirectURI string) (str
|
||||
// GetLoginChallenge retrieves login challenge details from Hydra admin API
|
||||
func (h *HydraConnector) GetLoginChallenge(challenge string) (*LoginChallenge, error) {
|
||||
logger := oclib.GetLogger()
|
||||
h.Mu.Lock()
|
||||
defer h.Mu.Unlock()
|
||||
resp, err := h.Caller.CallGet(h.getPath(true, true), "/auth/requests/login?login_challenge="+url.QueryEscape(challenge))
|
||||
if err != nil {
|
||||
logger.Error().Msg("Failed to get login challenge: " + err.Error())
|
||||
@@ -141,6 +146,8 @@ func (h *HydraConnector) AcceptLogin(challenge string, subject string) (*Redirec
|
||||
"remember": true,
|
||||
"remember_for": 3600,
|
||||
}
|
||||
h.Mu.Lock()
|
||||
defer h.Mu.Unlock()
|
||||
resp, err := h.Caller.CallRaw(http.MethodPut,
|
||||
h.getPath(true, true), "/auth/requests/login/accept?login_challenge="+url.QueryEscape(challenge),
|
||||
body, "application/json", true)
|
||||
@@ -170,6 +177,8 @@ func (h *HydraConnector) RejectLogin(challenge string, reason string) (*Redirect
|
||||
"error": "access_denied",
|
||||
"error_description": reason,
|
||||
}
|
||||
h.Mu.Lock()
|
||||
defer h.Mu.Unlock()
|
||||
resp, err := h.Caller.CallRaw(http.MethodPut,
|
||||
h.getPath(true, true), "/auth/requests/login/reject?login_challenge="+url.QueryEscape(challenge),
|
||||
body, "application/json", true)
|
||||
@@ -192,6 +201,8 @@ func (h *HydraConnector) RejectLogin(challenge string, reason string) (*Redirect
|
||||
// GetLogoutChallenge retrieves logout challenge details from Hydra admin API
|
||||
func (h *HydraConnector) GetLogoutChallenge(challenge string) (*LogoutChallenge, error) {
|
||||
logger := oclib.GetLogger()
|
||||
h.Mu.Lock()
|
||||
defer h.Mu.Unlock()
|
||||
resp, err := h.Caller.CallGet(h.getPath(true, true), "/auth/requests/logout?logout_challenge="+url.QueryEscape(challenge))
|
||||
if err != nil {
|
||||
logger.Error().Msg("Failed to get logout challenge: " + err.Error())
|
||||
@@ -208,6 +219,8 @@ func (h *HydraConnector) GetLogoutChallenge(challenge string) (*LogoutChallenge,
|
||||
// AcceptLogout accepts a logout challenge — invalidates the Hydra session
|
||||
func (h *HydraConnector) AcceptLogout(challenge string) (*Redirect, error) {
|
||||
logger := oclib.GetLogger()
|
||||
h.Mu.Lock()
|
||||
defer h.Mu.Unlock()
|
||||
resp, err := h.Caller.CallRaw(http.MethodPut,
|
||||
h.getPath(true, true), "/auth/requests/logout/accept?logout_challenge="+url.QueryEscape(challenge),
|
||||
nil, "application/json", true)
|
||||
@@ -233,6 +246,8 @@ func (h *HydraConnector) AcceptLogout(challenge string) (*Redirect, error) {
|
||||
// GetConsentChallenge retrieves consent challenge details from Hydra admin API
|
||||
func (h *HydraConnector) GetConsentChallenge(challenge string) (*ConsentChallenge, error) {
|
||||
logger := oclib.GetLogger()
|
||||
h.Mu.Lock()
|
||||
defer h.Mu.Unlock()
|
||||
resp, err := h.Caller.CallGet(h.getPath(true, true), "/auth/requests/consent?consent_challenge="+url.QueryEscape(challenge))
|
||||
if err != nil {
|
||||
logger.Error().Msg("Failed to get consent challenge: " + err.Error())
|
||||
@@ -259,6 +274,8 @@ func (h *HydraConnector) AcceptConsent(challenge string, grantScope []string, se
|
||||
"id_token": session.Session.IDToken,
|
||||
},
|
||||
}
|
||||
h.Mu.Lock()
|
||||
defer h.Mu.Unlock()
|
||||
resp, err := h.Caller.CallRaw(http.MethodPut,
|
||||
h.getPath(true, true), "/auth/requests/consent/accept?consent_challenge="+url.QueryEscape(challenge),
|
||||
body, "application/json", true)
|
||||
@@ -286,6 +303,8 @@ func (h *HydraConnector) Introspect(token string) (*IntrospectResult, error) {
|
||||
logger := oclib.GetLogger()
|
||||
urls := url.Values{}
|
||||
urls.Add("token", token)
|
||||
h.Mu.Lock()
|
||||
defer h.Mu.Unlock()
|
||||
resp, err := h.Caller.CallForm(http.MethodPost, h.getPath(true, true), "/introspect", urls,
|
||||
"application/x-www-form-urlencoded", true)
|
||||
if err != nil {
|
||||
@@ -314,6 +333,8 @@ func (h *HydraConnector) RevokeToken(token string, clientID string) error {
|
||||
urls.Add("token", token)
|
||||
urls.Add("client_id", clientID)
|
||||
urls.Add("client_secret", conf.GetConfig().ClientSecret)
|
||||
h.Mu.Lock()
|
||||
defer h.Mu.Unlock()
|
||||
resp, err := h.Caller.CallForm(http.MethodPost, h.getPath(false, true), "/revoke", urls,
|
||||
"application/x-www-form-urlencoded", true)
|
||||
if err != nil {
|
||||
@@ -336,6 +357,8 @@ func (h *HydraConnector) RefreshToken(refreshToken string, clientID string) (*To
|
||||
urls.Add("refresh_token", refreshToken)
|
||||
urls.Add("client_id", clientID)
|
||||
urls.Add("client_secret", conf.GetConfig().ClientSecret)
|
||||
h.Mu.Lock()
|
||||
defer h.Mu.Unlock()
|
||||
resp, err := h.Caller.CallForm(http.MethodPost, h.getPath(false, true), "/token", urls,
|
||||
"application/x-www-form-urlencoded", true)
|
||||
if err != nil {
|
||||
@@ -393,7 +416,7 @@ func (h *HydraConnector) CheckAuthForward(reqToken string, publicKey string, hos
|
||||
}
|
||||
|
||||
// For SELF peer requests skip the signature check (internal traffic).
|
||||
pp := oclib.NewRequest(oclib.LibDataEnum(oclib.PEER), "", "", []string{}, nil).Search(nil, fmt.Sprintf("%v", peer.SELF.EnumIndex()), false)
|
||||
pp := oclib.NewRequest(oclib.LibDataEnum(oclib.PEER), "", "", []string{}, nil).Search(nil, fmt.Sprintf("%v", peer.SELF.EnumIndex()), false, 0, 1)
|
||||
if len(pp.Data) > 0 {
|
||||
p := pp.Data[0].(*peer.Peer)
|
||||
if p.PublicKey == publicKey {
|
||||
@@ -501,6 +524,8 @@ func (h *HydraConnector) ExchangeCodeForToken(redirectTo string, clientID string
|
||||
vals.Add("client_id", clientID)
|
||||
vals.Add("client_secret", cfg.ClientSecret)
|
||||
vals.Add("redirect_uri", redirectURI)
|
||||
h.Mu.Lock()
|
||||
defer h.Mu.Unlock()
|
||||
resp2, err := h.Caller.CallForm(http.MethodPost, h.getPath(false, true), "/token", vals,
|
||||
"application/x-www-form-urlencoded", true)
|
||||
if err != nil {
|
||||
|
||||
@@ -99,10 +99,21 @@ func New(privateKey []byte, publicKeys map[string][]byte) (client *Client, err e
|
||||
if privateKey != nil {
|
||||
validPrivateKey, errPrivate := x509.ParsePKCS1PrivateKey(privateKey)
|
||||
if errPrivate != nil {
|
||||
err = errPrivate
|
||||
// Fallback to PKCS8 (generated with openssl genpkey or similar)
|
||||
key, errPKCS8 := x509.ParsePKCS8PrivateKey(privateKey)
|
||||
if errPKCS8 != nil {
|
||||
err = errPKCS8
|
||||
log.Println(err)
|
||||
return
|
||||
}
|
||||
rsaKey, ok := key.(*rsa.PrivateKey)
|
||||
if !ok {
|
||||
err = errors.New("PKCS8 private key is not RSA")
|
||||
log.Println(err)
|
||||
return
|
||||
}
|
||||
validPrivateKey = rsaKey
|
||||
}
|
||||
client.PrivateKey = validPrivateKey
|
||||
}
|
||||
|
||||
@@ -111,10 +122,21 @@ func New(privateKey []byte, publicKeys map[string][]byte) (client *Client, err e
|
||||
for k, v := range publicKeys {
|
||||
validPublicKey, errPublic := x509.ParsePKCS1PublicKey(v)
|
||||
if errPublic != nil {
|
||||
err = errPublic
|
||||
// Fallback to PKIX (SubjectPublicKeyInfo, generated alongside PKCS8 private key)
|
||||
key, errPKIX := x509.ParsePKIXPublicKey(v)
|
||||
if errPKIX != nil {
|
||||
err = errPKIX
|
||||
log.Println(err)
|
||||
return
|
||||
}
|
||||
rsaKey, ok := key.(*rsa.PublicKey)
|
||||
if !ok {
|
||||
err = errors.New("PKIX public key is not RSA")
|
||||
log.Println(err)
|
||||
return
|
||||
}
|
||||
validPublicKey = rsaKey
|
||||
}
|
||||
if validPublicKey == nil {
|
||||
err = errors.New("Invalid Public Key Type")
|
||||
log.Println(err)
|
||||
|
||||
@@ -2,12 +2,10 @@ package claims
|
||||
|
||||
import (
|
||||
"crypto/sha256"
|
||||
"encoding/pem"
|
||||
"errors"
|
||||
"oc-auth/conf"
|
||||
"fmt"
|
||||
"oc-auth/infrastructure/perms_connectors"
|
||||
"oc-auth/infrastructure/utils"
|
||||
"os"
|
||||
"strings"
|
||||
|
||||
oclib "cloud.o-forge.io/core/oc-lib"
|
||||
@@ -44,7 +42,7 @@ func (h HydraClaims) decodeKey(key string, external bool) (tools.METHOD, string,
|
||||
}
|
||||
|
||||
func (h HydraClaims) DecodeSignature(host string, signature string, publicKey string) (bool, error) {
|
||||
hashed := sha256.Sum256([]byte(host))
|
||||
/*hashed := sha256.Sum256([]byte(host))
|
||||
spkiBlock, _ := pem.Decode([]byte(publicKey))
|
||||
if spkiBlock == nil {
|
||||
return false, errors.New("failed to decode public key PEM")
|
||||
@@ -52,22 +50,22 @@ func (h HydraClaims) DecodeSignature(host string, signature string, publicKey st
|
||||
err := VerifyDefault(hashed[:], spkiBlock.Bytes, signature)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
}*/
|
||||
return true, nil
|
||||
}
|
||||
|
||||
func (h HydraClaims) encodeSignature(host string) (string, error) {
|
||||
hashed := sha256.Sum256([]byte(host))
|
||||
content, err := os.ReadFile(conf.GetConfig().PrivateKeyPath)
|
||||
return "", nil
|
||||
priv, err := tools.LoadKeyFromFilePrivate()
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
privateKey := string(content)
|
||||
spkiBlock, _ := pem.Decode([]byte(privateKey))
|
||||
if spkiBlock == nil {
|
||||
return "", errors.New("failed to decode private key PEM")
|
||||
privb, err := priv.Raw()
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
return SignDefault(hashed[:], spkiBlock.Bytes)
|
||||
hashed := sha256.Sum256([]byte(host))
|
||||
return SignDefault(hashed[:], privb)
|
||||
}
|
||||
|
||||
func (h HydraClaims) clearBlank(path []string) []string {
|
||||
@@ -88,12 +86,14 @@ func (h HydraClaims) DecodeClaimsInToken(host string, method string, forward str
|
||||
// Signature verification: skip if signature is empty (internal requests)
|
||||
if sig, ok := idTokenClaims["signature"].(string); ok && sig != "" {
|
||||
if ok, err := h.DecodeSignature(host, sig, publicKey); !ok {
|
||||
fmt.Println("FAILED SIGNATURE")
|
||||
return false, "", err
|
||||
}
|
||||
}
|
||||
|
||||
claims := sessionClaims.Session.AccessToken
|
||||
if claims == nil {
|
||||
fmt.Println("no access_token claims found")
|
||||
return false, "", errors.New("no access_token claims found")
|
||||
}
|
||||
path := strings.ReplaceAll(forward, "http://"+host, "")
|
||||
@@ -138,7 +138,7 @@ func (h HydraClaims) DecodeClaimsInToken(host string, method string, forward str
|
||||
func (h HydraClaims) BuildConsentSession(clientID string, userId string, p *peer.Peer) Claims {
|
||||
logger := oclib.GetLogger()
|
||||
c := Claims{}
|
||||
perms, err := perms_connectors.KetoConnector{}.GetPermissionByUser(userId, true)
|
||||
perms, err := (&perms_connectors.KetoConnector{}).GetPermissionByUser(userId, true)
|
||||
if err != nil {
|
||||
logger.Error().Msg("Failed to get permissions for user " + userId + ": " + err.Error())
|
||||
return c
|
||||
@@ -160,7 +160,7 @@ func (h HydraClaims) BuildConsentSession(clientID string, userId string, p *peer
|
||||
logger.Error().Msg("Failed to encode signature: " + err.Error())
|
||||
return c
|
||||
}
|
||||
|
||||
fmt.Println("PEER ID", p.UUID)
|
||||
c.Session.AccessToken["peer_id"] = p.UUID
|
||||
c.Session.AccessToken["user_id"] = userId
|
||||
|
||||
@@ -168,7 +168,7 @@ func (h HydraClaims) BuildConsentSession(clientID string, userId string, p *peer
|
||||
c.Session.IDToken["peer_id"] = p.UUID
|
||||
c.Session.IDToken["client_id"] = clientID
|
||||
|
||||
groups, err := perms_connectors.KetoConnector{}.GetGroupByUser(userId)
|
||||
groups, err := (&perms_connectors.KetoConnector{}).GetGroupByUser(userId)
|
||||
if err != nil {
|
||||
logger.Error().Msg("Failed to get groups for user " + userId + ": " + err.Error())
|
||||
return c
|
||||
@@ -176,7 +176,7 @@ func (h HydraClaims) BuildConsentSession(clientID string, userId string, p *peer
|
||||
c.Session.AccessToken["groups"] = groups
|
||||
c.Session.IDToken["groups"] = groups
|
||||
|
||||
roles, err := perms_connectors.KetoConnector{}.GetRoleByUser(userId)
|
||||
roles, err := (&perms_connectors.KetoConnector{}).GetRoleByUser(userId)
|
||||
if err != nil {
|
||||
logger.Error().Msg("Failed to get roles for user " + userId + ": " + err.Error())
|
||||
return c
|
||||
|
||||
@@ -7,6 +7,7 @@ import (
|
||||
"oc-auth/conf"
|
||||
"oc-auth/infrastructure/utils"
|
||||
"strings"
|
||||
"sync"
|
||||
|
||||
oclib "cloud.o-forge.io/core/oc-lib"
|
||||
"cloud.o-forge.io/core/oc-lib/tools"
|
||||
@@ -14,21 +15,22 @@ import (
|
||||
|
||||
type KetoConnector struct {
|
||||
Client string
|
||||
Mu sync.RWMutex
|
||||
}
|
||||
|
||||
func (k KetoConnector) SetClient(client string) {
|
||||
func (k *KetoConnector) SetClient(client string) {
|
||||
k.Client = client
|
||||
}
|
||||
|
||||
func (k KetoConnector) namespace() string {
|
||||
func (k *KetoConnector) namespace() string {
|
||||
return "open-cloud"
|
||||
}
|
||||
|
||||
func (k KetoConnector) scope() string {
|
||||
func (k *KetoConnector) scope() string {
|
||||
return "oc-auth-realm"
|
||||
}
|
||||
|
||||
func (f KetoConnector) permToQuery(perm Permission, permDependancies *Permission) string {
|
||||
func (f *KetoConnector) permToQuery(perm Permission, permDependancies *Permission) string {
|
||||
n := "?namespace=" + f.namespace()
|
||||
if perm.Object != "" {
|
||||
n += "&object=" + perm.Object
|
||||
@@ -54,7 +56,7 @@ func (f KetoConnector) permToQuery(perm Permission, permDependancies *Permission
|
||||
return n
|
||||
}
|
||||
|
||||
func (k KetoConnector) Status() tools.State {
|
||||
func (k *KetoConnector) Status() tools.State {
|
||||
caller := tools.NewHTTPCaller(map[tools.DataType]map[tools.METHOD]string{})
|
||||
var responseBody map[string]interface{}
|
||||
host := conf.GetConfig().PermissionConnectorReadHost
|
||||
@@ -62,6 +64,8 @@ func (k KetoConnector) Status() tools.State {
|
||||
host = "localhost"
|
||||
}
|
||||
port := fmt.Sprintf("%v", conf.GetConfig().PermissionConnectorPort)
|
||||
k.Mu.Lock()
|
||||
defer k.Mu.Unlock()
|
||||
resp, err := caller.CallGet("http://"+host+":"+port, "/health/ready")
|
||||
if err != nil {
|
||||
return tools.DEAD
|
||||
@@ -73,7 +77,7 @@ func (k KetoConnector) Status() tools.State {
|
||||
return tools.ALIVE
|
||||
}
|
||||
|
||||
func (k KetoConnector) CheckPermission(perm Permission, permDependancies *Permission, internal bool) bool {
|
||||
func (k *KetoConnector) CheckPermission(perm Permission, permDependancies *Permission, internal bool) bool {
|
||||
if (perm.Object == k.scope() || perm.Subject == k.scope()) && !internal {
|
||||
log := oclib.GetLogger()
|
||||
log.Error().Msg("Permission denied : Ask illegal permission")
|
||||
@@ -88,7 +92,7 @@ func (k KetoConnector) CheckPermission(perm Permission, permDependancies *Permis
|
||||
return len(perms) > 0
|
||||
}
|
||||
|
||||
func (k KetoConnector) deletes(object string, relation string, subject string, relation2 string) (string, int, error) {
|
||||
func (k *KetoConnector) deletes(object string, relation string, subject string, relation2 string) (string, int, error) {
|
||||
k.deleteRelationShip(object, relation, subject, nil)
|
||||
_, code, err := k.deleteRelationShip(subject, relation2, k.scope(), nil)
|
||||
if err != nil {
|
||||
@@ -97,15 +101,15 @@ func (k KetoConnector) deletes(object string, relation string, subject string, r
|
||||
return subject, 200, nil
|
||||
}
|
||||
|
||||
func (k KetoConnector) DeleteRole(roleID string) (string, int, error) {
|
||||
func (k *KetoConnector) DeleteRole(roleID string) (string, int, error) {
|
||||
return k.deletes("", "member", roleID, "is")
|
||||
}
|
||||
|
||||
func (k KetoConnector) DeleteGroup(groupID string) (string, int, error) {
|
||||
func (k *KetoConnector) DeleteGroup(groupID string) (string, int, error) {
|
||||
return k.deletes("", "groups", groupID, "groupin")
|
||||
}
|
||||
|
||||
func (k KetoConnector) DeletePermission(permID string, relation string, internal bool) (string, int, error) {
|
||||
func (k *KetoConnector) DeletePermission(permID string, relation string, internal bool) (string, int, error) {
|
||||
meth, err := utils.ExtractMethod(relation, internal)
|
||||
if err != nil {
|
||||
for _, method := range []tools.METHOD{tools.GET, tools.PUT, tools.POST, tools.DELETE} {
|
||||
@@ -116,15 +120,15 @@ func (k KetoConnector) DeletePermission(permID string, relation string, internal
|
||||
return k.deletes("", "groups", permID, "permits"+meth.String())
|
||||
}
|
||||
|
||||
func (k KetoConnector) CreateRole(roleID string) (string, int, error) {
|
||||
func (k *KetoConnector) CreateRole(roleID string) (string, int, error) {
|
||||
return k.creates(roleID, "is", k.scope())
|
||||
}
|
||||
|
||||
func (k KetoConnector) CreateGroup(groupID string) (string, int, error) {
|
||||
func (k *KetoConnector) CreateGroup(groupID string) (string, int, error) {
|
||||
return k.creates(groupID, "groupin", k.scope())
|
||||
}
|
||||
|
||||
func (k KetoConnector) CreatePermission(permID string, relation string, internal bool) (string, int, error) {
|
||||
func (k *KetoConnector) CreatePermission(permID string, relation string, internal bool) (string, int, error) {
|
||||
meth, err := utils.ExtractMethod(relation, internal)
|
||||
if err != nil {
|
||||
return "", 422, err
|
||||
@@ -137,7 +141,7 @@ func (k KetoConnector) CreatePermission(permID string, relation string, internal
|
||||
return id, code, nil
|
||||
}
|
||||
|
||||
func (k KetoConnector) creates(object string, relation string, subject string) (string, int, error) {
|
||||
func (k *KetoConnector) creates(object string, relation string, subject string) (string, int, error) {
|
||||
p, code, err := k.createRelationShip(object, relation, subject, nil)
|
||||
if err != nil {
|
||||
return "", code, err
|
||||
@@ -145,23 +149,23 @@ func (k KetoConnector) creates(object string, relation string, subject string) (
|
||||
return p.Object, 200, nil
|
||||
}
|
||||
|
||||
func (k KetoConnector) GetRole(roleID string) ([]string, error) {
|
||||
func (k *KetoConnector) GetRole(roleID string) ([]string, error) {
|
||||
return k.gets(roleID, "is", k.scope())
|
||||
}
|
||||
|
||||
func (k KetoConnector) GetGroup(groupID string) ([]string, error) {
|
||||
func (k *KetoConnector) GetGroup(groupID string) ([]string, error) {
|
||||
return k.gets(groupID, "groupin", k.scope())
|
||||
}
|
||||
|
||||
func (k KetoConnector) GetRoleByUser(userID string) ([]string, error) {
|
||||
func (k *KetoConnector) GetRoleByUser(userID string) ([]string, error) {
|
||||
return k.gets("", "member", userID)
|
||||
}
|
||||
|
||||
func (k KetoConnector) GetGroupByUser(userID string) ([]string, error) {
|
||||
func (k *KetoConnector) GetGroupByUser(userID string) ([]string, error) {
|
||||
return k.gets("", "groups", userID)
|
||||
}
|
||||
|
||||
func (k KetoConnector) gets(object string, relation string, subject string) ([]string, error) {
|
||||
func (k *KetoConnector) gets(object string, relation string, subject string) ([]string, error) {
|
||||
arr := []string{}
|
||||
objs, err := k.get(object, relation, subject)
|
||||
if err != nil {
|
||||
@@ -173,7 +177,7 @@ func (k KetoConnector) gets(object string, relation string, subject string) ([]s
|
||||
return arr, nil
|
||||
}
|
||||
|
||||
func (k KetoConnector) GetPermission(permID string, relation string) ([]Permission, error) {
|
||||
func (k *KetoConnector) GetPermission(permID string, relation string) ([]Permission, error) {
|
||||
meth, err := utils.ExtractMethod(relation, true)
|
||||
if err != nil {
|
||||
p := []Permission{}
|
||||
@@ -189,7 +193,7 @@ func (k KetoConnector) GetPermission(permID string, relation string) ([]Permissi
|
||||
return k.get(permID, "permits"+meth.String(), k.scope())
|
||||
}
|
||||
|
||||
func (k KetoConnector) GetPermissionByRole(roleID string) ([]Permission, error) {
|
||||
func (k *KetoConnector) GetPermissionByRole(roleID string) ([]Permission, error) {
|
||||
p := []Permission{}
|
||||
for _, method := range []tools.METHOD{tools.GET, tools.PUT, tools.POST, tools.DELETE,
|
||||
tools.STRICT_INTERNAL_DELETE, tools.STRICT_INTERNAL_GET, tools.STRICT_INTERNAL_POST, tools.STRICT_INTERNAL_PUT} {
|
||||
@@ -200,7 +204,7 @@ func (k KetoConnector) GetPermissionByRole(roleID string) ([]Permission, error)
|
||||
}
|
||||
return p, nil
|
||||
}
|
||||
func (k KetoConnector) GetPermissionByUser(userID string, internal bool) ([]Permission, error) {
|
||||
func (k *KetoConnector) GetPermissionByUser(userID string, internal bool) ([]Permission, error) {
|
||||
roles, err := k.get("", "member", userID)
|
||||
log := oclib.GetLogger()
|
||||
log.Debug().Msgf("GetPermissionByUser roles for %s: %d roles, err=%v", userID, len(roles), err)
|
||||
@@ -223,7 +227,7 @@ func (k KetoConnector) GetPermissionByUser(userID string, internal bool) ([]Perm
|
||||
return p, nil
|
||||
}
|
||||
|
||||
func (k KetoConnector) get(object string, relation string, subject string) ([]Permission, error) {
|
||||
func (k *KetoConnector) get(object string, relation string, subject string) ([]Permission, error) {
|
||||
t := []Permission{}
|
||||
caller := tools.NewHTTPCaller(map[tools.DataType]map[tools.METHOD]string{})
|
||||
host := conf.GetConfig().PermissionConnectorReadHost
|
||||
@@ -231,6 +235,8 @@ func (k KetoConnector) get(object string, relation string, subject string) ([]Pe
|
||||
host = "localhost"
|
||||
}
|
||||
port := fmt.Sprintf("%v", conf.GetConfig().PermissionConnectorPort)
|
||||
k.Mu.Lock()
|
||||
defer k.Mu.Unlock()
|
||||
resp, err := caller.CallGet("http://"+host+":"+port, "/relation-tuples"+k.permToQuery(
|
||||
Permission{Object: object, Relation: relation, Subject: subject}, nil))
|
||||
if err != nil {
|
||||
@@ -253,7 +259,7 @@ func (k KetoConnector) get(object string, relation string, subject string) ([]Pe
|
||||
return t, nil
|
||||
}
|
||||
|
||||
func (k KetoConnector) binds(object string, relation string, subject string) (string, int, error) {
|
||||
func (k *KetoConnector) binds(object string, relation string, subject string) (string, int, error) {
|
||||
_, code, err := k.createRelationShip(object, relation, subject, nil)
|
||||
if err != nil {
|
||||
return object, code, err
|
||||
@@ -261,17 +267,17 @@ func (k KetoConnector) binds(object string, relation string, subject string) (st
|
||||
return object, 200, nil
|
||||
}
|
||||
|
||||
func (k KetoConnector) BindRole(userID string, roleID string) (string, int, error) {
|
||||
func (k *KetoConnector) BindRole(userID string, roleID string) (string, int, error) {
|
||||
log := oclib.GetLogger()
|
||||
log.Debug().Msgf("BindRole: user=%s role=%s", userID, roleID)
|
||||
return k.binds(userID, "member", roleID)
|
||||
}
|
||||
|
||||
func (k KetoConnector) BindGroup(userID string, groupID string) (string, int, error) {
|
||||
func (k *KetoConnector) BindGroup(userID string, groupID string) (string, int, error) {
|
||||
return k.binds(userID, "groups", groupID)
|
||||
}
|
||||
|
||||
func (k KetoConnector) BindPermission(roleID string, permID string, relation string) (*Permission, int, error) {
|
||||
func (k *KetoConnector) BindPermission(roleID string, permID string, relation string) (*Permission, int, error) {
|
||||
perms, err := k.GetPermission(permID, relation)
|
||||
if err != nil || len(perms) != 1 {
|
||||
count := 0
|
||||
@@ -297,7 +303,7 @@ func (k KetoConnector) BindPermission(roleID string, permID string, relation str
|
||||
}, 200, nil
|
||||
}
|
||||
|
||||
func (k KetoConnector) unbinds(subject string, relation string, object string) (string, int, error) {
|
||||
func (k *KetoConnector) unbinds(subject string, relation string, object string) (string, int, error) {
|
||||
_, code, err := k.deleteRelationShip(object, relation, subject, nil)
|
||||
if err != nil {
|
||||
return object, code, err
|
||||
@@ -305,15 +311,15 @@ func (k KetoConnector) unbinds(subject string, relation string, object string) (
|
||||
return object, 200, nil
|
||||
}
|
||||
|
||||
func (k KetoConnector) UnBindRole(userID string, roleID string) (string, int, error) {
|
||||
func (k *KetoConnector) UnBindRole(userID string, roleID string) (string, int, error) {
|
||||
return k.unbinds(userID, "member", roleID)
|
||||
}
|
||||
|
||||
func (k KetoConnector) UnBindGroup(userID string, groupID string) (string, int, error) {
|
||||
func (k *KetoConnector) UnBindGroup(userID string, groupID string) (string, int, error) {
|
||||
return k.unbinds(userID, "groups", groupID)
|
||||
}
|
||||
|
||||
func (k KetoConnector) UnBindPermission(roleID string, permID string, relation string) (*Permission, int, error) {
|
||||
func (k *KetoConnector) UnBindPermission(roleID string, permID string, relation string) (*Permission, int, error) {
|
||||
meth, err := utils.ExtractMethod(relation, false)
|
||||
if err != nil {
|
||||
return nil, 422, err
|
||||
@@ -342,7 +348,7 @@ func (k KetoConnector) UnBindPermission(roleID string, permID string, relation s
|
||||
Subject: permID,
|
||||
}, 200, nil
|
||||
}
|
||||
func (k KetoConnector) createRelationShip(object string, relation string, subject string, subPerm *Permission) (*Permission, int, error) {
|
||||
func (k *KetoConnector) createRelationShip(object string, relation string, subject string, subPerm *Permission) (*Permission, int, error) {
|
||||
exist, err := k.get(object, relation, subject)
|
||||
if err == nil && len(exist) > 0 {
|
||||
return nil, 409, errors.New("Relation already exist")
|
||||
@@ -362,6 +368,8 @@ func (k KetoConnector) createRelationShip(object string, relation string, subjec
|
||||
host = "localhost"
|
||||
}
|
||||
port := fmt.Sprintf("%v", conf.GetConfig().PermissionConnectorAdminPort)
|
||||
k.Mu.Lock()
|
||||
defer k.Mu.Unlock()
|
||||
b, err := caller.CallPut("http://"+host+":"+port, "/relation-tuples", body)
|
||||
if err != nil {
|
||||
log := oclib.GetLogger()
|
||||
@@ -378,23 +386,23 @@ func (k KetoConnector) createRelationShip(object string, relation string, subjec
|
||||
perm := &Permission{}
|
||||
if data != nil {
|
||||
perm = &Permission{
|
||||
Object: data["object"].(string),
|
||||
Relation: data["relation"].(string),
|
||||
Subject: data["subject_id"].(string),
|
||||
Object: fmt.Sprintf("%v", data["object"]),
|
||||
Relation: fmt.Sprintf("%v", data["relation"]),
|
||||
Subject: fmt.Sprintf("%v", data["subject_id"]),
|
||||
}
|
||||
if data["subject_set"] != nil {
|
||||
sub := data["subject_set"].(map[string]interface{})
|
||||
perm.SubPermission = &Permission{
|
||||
Object: sub["object"].(string),
|
||||
Relation: sub["relation"].(string),
|
||||
Subject: sub["subject_id"].(string),
|
||||
Object: fmt.Sprintf("%v", sub["object"]),
|
||||
Relation: fmt.Sprintf("%v", sub["relation"]),
|
||||
Subject: fmt.Sprintf("%v", sub["subject_id"]),
|
||||
}
|
||||
}
|
||||
}
|
||||
return perm, 200, nil
|
||||
}
|
||||
|
||||
func (k KetoConnector) deleteRelationShip(object string, relation string, subject string, subPerm *Permission) (*Permission, int, error) {
|
||||
func (k *KetoConnector) deleteRelationShip(object string, relation string, subject string, subPerm *Permission) (*Permission, int, error) {
|
||||
exist, err := k.get(object, relation, subject)
|
||||
if err == nil && len(exist) == 0 {
|
||||
return nil, 409, errors.New("Relation does not exist")
|
||||
@@ -406,6 +414,8 @@ func (k KetoConnector) deleteRelationShip(object string, relation string, subjec
|
||||
host = "localhost"
|
||||
}
|
||||
port := fmt.Sprintf("%v", conf.GetConfig().PermissionConnectorAdminPort)
|
||||
k.Mu.Lock()
|
||||
defer k.Mu.Unlock()
|
||||
b, err := caller.CallDelete("http://"+host+":"+port, "/relation-tuples"+n)
|
||||
if err != nil {
|
||||
log := oclib.GetLogger()
|
||||
@@ -414,8 +424,8 @@ func (k KetoConnector) deleteRelationShip(object string, relation string, subjec
|
||||
}
|
||||
var data map[string]interface{}
|
||||
err = json.Unmarshal(b, &data)
|
||||
if err == nil && data["code"].(int) > 300 {
|
||||
return nil, data["code"].(int), errors.New("Error while deleting relation")
|
||||
if data["code"] == nil || err != nil || data["code"].(int) > 300 {
|
||||
return nil, 400, errors.New("Error while deleting relation")
|
||||
}
|
||||
return &Permission{
|
||||
Object: object,
|
||||
|
||||
@@ -52,7 +52,7 @@ type PermConnector interface {
|
||||
}
|
||||
|
||||
var c = map[string]PermConnector{
|
||||
"keto": KetoConnector{},
|
||||
"keto": &KetoConnector{},
|
||||
}
|
||||
|
||||
func GetPermissionConnector(scope string) PermConnector {
|
||||
|
||||
@@ -46,9 +46,7 @@ func main() {
|
||||
conf.GetConfig().AdminOrigin = o.GetStringDefault("ADMIN_ORIGIN", "http://localhost:8001")
|
||||
|
||||
conf.GetConfig().OAuth2ClientID = o.GetStringDefault("OAUTH2_CLIENT_ID", "oc-auth")
|
||||
conf.GetConfig().OAuth2AdminClientID = o.GetStringDefault("OAUTH2_ADMIN_CLIENT_ID", "oc-auth-admin")
|
||||
conf.GetConfig().OAuthRedirectURI = o.GetStringDefault("OAUTH_REDIRECT_URI", "http://localhost:8000/l")
|
||||
conf.GetConfig().OAdminAuthRedirectURI = o.GetStringDefault("ADMIN_OAUTH_REDIRECT_URI", "http://localhost:8000/l")
|
||||
conf.GetConfig().OAuthRedirectURI = o.GetStringDefault("OAUTH_REDIRECT_URI", "http://localhost:8000")
|
||||
conf.GetConfig().Local = o.GetBoolDefault("LOCAL", true)
|
||||
|
||||
// config LDAPauth
|
||||
@@ -103,16 +101,15 @@ func discovery() {
|
||||
logger.Error().Msgf("discovery recovered from panic: %v", r)
|
||||
}
|
||||
}()
|
||||
for {
|
||||
api := tools.API{}
|
||||
conn := infrastructure.GetPermissionConnector("")
|
||||
for {
|
||||
logger.Info().Msg("Starting permission discovery")
|
||||
_, _, err := conn.CreateRole(conf.GetConfig().AdminRole)
|
||||
if err != nil {
|
||||
if !strings.Contains(err.Error(), "already exist") {
|
||||
if err != nil && !strings.Contains(err.Error(), "already exist") {
|
||||
logger.Error().Msg("Failed to create admin role, retrying in 10s: " + err.Error())
|
||||
time.Sleep(10 * time.Second)
|
||||
}
|
||||
continue
|
||||
}
|
||||
if _, _, err := conn.BindRole(conf.GetConfig().AdminRole, "admin"); err != nil {
|
||||
logger.Error().Msg("Failed to admin bind role: " + err.Error())
|
||||
|
||||
+3
-51
@@ -1,51 +1,3 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIJKQIBAAKCAgEAw2pdG6wMtuLcP0+k1LFvIb0DQo/oHW2uNJaEJK74plXqp4zt
|
||||
z2dRb+RQHFLeLuqk4i/zc3b4K3fKPXSlwnVPJCwzPrnyT8jYGOZVlWlETiV9xeJh
|
||||
u6s/Bh6g1PWz75XjjwV50iv/CEiLNBT23f/3J44wrQzygqNQCiQSALdxWLAEl4l5
|
||||
kHSa9oMyV70/Uql94/ayMARZsHgp9ZvqQKbkZPw6yzVMfCBxQozlNlo315OHevud
|
||||
hnhpDRjN5I7zWmqYt6rbXJJC7Y3Izdvzn7QI88RqjSRST5I/7Kz3ndCqrOnI+OQU
|
||||
E5NTREyQebphvQfTDTKlRPXkdyktdK2DH28Zj6ZF3yjQvN35Q4zhOzlq77dO5Ihh
|
||||
opI7ct8dZH1T1nYkvdyCA/EVMtQsASmBOitH0Y0ACoXQK5Kb6nm/TcM/9ZSJUNiE
|
||||
Muy5gBZ3YKE9oa4cpTpPXwcA+S/cU7HPNnQAsvD3iJi8GTW9uJs84pn4/WhpQqmX
|
||||
d4rvhKWECCN3fHy01fUs/U0PaSj2jDY/kQVeXoikNMzPUjdZd9m816TIBh3v3aVX
|
||||
CH/0iTHHAxctvDgMRb2fpvRJ/wwnYjFG9RpamVFDMvC9NffuYzWAA9IRIY4cqger
|
||||
fHrVZ2HHiPTDDvDAIsvImXZc/h7mXN6m3RCQ4Qywy993wd9gUdgg/qnynHcCAwEA
|
||||
AQKCAgBSRc29gMo5lXm1DgsPoURwp+tfcsb+3NajPVuVNjVpknKg6CyXTaBzw2QX
|
||||
CKyShCe3MwkEa+pAIsb66MmA/XK8f/9zQUZLYPvaP994cEFZxV8WmSEcqhR2tx5v
|
||||
iqKfFDQiWuPXIL7W9fPlkY3+GW4tMSg9M15GsgtYuab6tkD6XeERC8gqkW1MrB/d
|
||||
4MdwPfvKpmqO3MYGDhFcXrBZV+qAudDnDSGOgPouUrOOFp28HVjE5nqDyt4vrWnB
|
||||
+I1sW8TATybb6phS+4a3ZQtFCb9bIi7aDZi595ECTDBUOS4ibqs2XpA1TamY78ND
|
||||
/Lx5oXmx7Mi4J+5wXN3Oad7ytQvFOdOttILNpAMFbLU5yKsxf+EDjCBcR5faNAtu
|
||||
wAMH9TkzFpmhp5NBwQdAkCFnhyla363ljmlGAWPuG/D9bVZ0qtBf3NAF4hEJ/L4n
|
||||
vYQFErd64tPasAgWPow2LLvqi3jT232aDgahj1lX1enHoR6TbQE4r3zy8DeA7i0C
|
||||
hA8GFAvMsqIcee9Xi4yD8QFEH0PrJh6zP1PWKXR4AQVExnFGanz0s6O1GRqLPrIK
|
||||
31NiRTwIVp0xbet9/GsJxWxqrTKPqd5yJvUGG3A4EL8e3RdWRM5vTHbNCVGi9LhS
|
||||
3OIXV9/YOQJtWxzWUjFN3HpaNuWHVSR149GAYpTxeh+/ZGoAQQKCAQEA9RzG0LrB
|
||||
/onSnzfAXD5IwGW/jSb4e8VLCZ/7W0CiD1ht23Q1pAR4bofSYXdx/rhVhRty+38q
|
||||
GzugBPcejGeGYyKIViO1e8Psrd6dydYoaA9fX3YzcZ0onk9t+tYNxVhstolfIGgc
|
||||
KW1qwDNrV1PP0N/oQU4QPxLmwcf/BSSl3sf53mVMzcnHkjCF5SgEN1rtIAOUZaM8
|
||||
B4urSSMZMLpwmhXF9rAUPXWgLS+0fkrQzoaBS2ZfqEcFNs1ln8sTBeoXAz6kyZem
|
||||
0To1oYhTeN+Tg11quWhJKiTMYmSGT3B7nVt25n0BypDktfaUU+LMY9/BewWwE6xx
|
||||
iX97bldgv6y4uwKCAQEAzBh5IYa09uJTwrxY0IKVfkXRp2S+8fqhJ5qhEPykCF+4
|
||||
JJBKPp7IA7rhcf5tw3NVpa/YE1h2H1P5Z4EQkzgETExVotBlOYYNmkBkd9etURGs
|
||||
omAPHprnvT7q+dR/rc8/lQt3Xzvej4P4zSRbnzg/q2K0I1qs3vOwnZyO3GXk6eni
|
||||
Q59k0y8zosKdde7m1YJ+KAj5MZc3PeHTfbLaLcfXnTSUX6xwnX+Js8kr2PVP+wSj
|
||||
sExakP6ieNu/ZzFcYv6aiPgyXIWO/5pjwLt/GTqUPQcO9W76m0w24lWnYCx1iySw
|
||||
alrl2irL2rnlXJin7q4FttHTWbeH90RVt3050m8ddQKCAQEAkgylgnXlZc+lim1j
|
||||
1xLdspZt/qM76DP0tDV5RjRK3C3qt5qU47guMl4Hwz+y0v3vJzLl3mk1I6jxfkPp
|
||||
FewRrTxEVF9OogJqImfFSSCsTuTqBS2fFZF5RGs7svyck/xOOq272sluDlk+BGwf
|
||||
B5fO+jyQXWkwUQToLosGr3/YvdgWUKe3jd8vZTI4dgTUDk/Ffw/i+nS7LhvQ4fFh
|
||||
7yEIOyfCH21ngf92g7YrLB1UMdr/a3gCg3hd6PuWFBKisSF8uNg4xE3yfjTbA/cB
|
||||
FcLSWLHvB67V+aCXkAEp7metoGOBg3D1Akg3nxzf4OQAuXn4BV+sPOzBchZd669w
|
||||
3IUERQKCAQBxPE7QjBWROKcyTx+TqC/bHE+i6SGLzftlpsQgUZuMzdaz6p5Wue/N
|
||||
Kf11Kq2pmC73u2VN7nGzFfs1MwWIOLchweRtbeQLk1WutHVJjI8rgHvgpx0cZOOY
|
||||
OvVR4VVpkKf9QJxdaTElPRpobviqkSG6LAw35VIubNQbzkXxAFOOeGZCEIh3JyQl
|
||||
9IY6bW8DHOBzw+7GVdifa9DUV8v3RH5bSVXc8yaUK7Ox3TaHrCtQ4RUUdnh1I+Hu
|
||||
3jUGwvs4LXx96/69GJjrNbSMtTpiO/8NEQJ6p7VBPnrg/pbbpC8fIR8EEySd88qg
|
||||
sy0PP99EbKbc9POnPk2gofhQ0pinKWEVAoIBAQC0h8J3lGSG9Ki9QJvAOdMqnsSg
|
||||
uoqjI0y6RmeR7LpYX1ASKNNImjG1hwLyZ8Qg5hCNjySEqBAGGd3MBNfIC6wzBDrV
|
||||
zSJIrxjvu+2sfz1nUGdYWjQfhx3cT+yGqT6NEQupmstNukxiu2HDu76pi96AX2mk
|
||||
TXYXlubIpfL50dWZ0wij0LivH6TPavvjbRZnXNVth1qlZOUtuBGyEwcXb4COtqRq
|
||||
+nP8AEgzKxbMJFVy3PY5E5JyjB5d1ZPQ2OeYUVbfDEEYqzkorjByCcLdv7O1CHNq
|
||||
VjUyJsd8F1tuCGPxbcbgyCeIqgDM1JxO4zTMSP+C82Ar7VXkr6Q8hAsCgHQ/
|
||||
-----END RSA PRIVATE KEY-----
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MC4CAQAwBQYDK2VwBCIEIAeX4O7ldwehRSnPkbzuE6csyo63vjvqAcNNujENOKUC
|
||||
-----END PRIVATE KEY-----
|
||||
+3
-13
@@ -1,13 +1,3 @@
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEAw2pdG6wMtuLcP0+k1LFvIb0DQo/oHW2uNJaEJK74plXqp4ztz2dR
|
||||
b+RQHFLeLuqk4i/zc3b4K3fKPXSlwnVPJCwzPrnyT8jYGOZVlWlETiV9xeJhu6s/
|
||||
Bh6g1PWz75XjjwV50iv/CEiLNBT23f/3J44wrQzygqNQCiQSALdxWLAEl4l5kHSa
|
||||
9oMyV70/Uql94/ayMARZsHgp9ZvqQKbkZPw6yzVMfCBxQozlNlo315OHevudhnhp
|
||||
DRjN5I7zWmqYt6rbXJJC7Y3Izdvzn7QI88RqjSRST5I/7Kz3ndCqrOnI+OQUE5NT
|
||||
REyQebphvQfTDTKlRPXkdyktdK2DH28Zj6ZF3yjQvN35Q4zhOzlq77dO5IhhopI7
|
||||
ct8dZH1T1nYkvdyCA/EVMtQsASmBOitH0Y0ACoXQK5Kb6nm/TcM/9ZSJUNiEMuy5
|
||||
gBZ3YKE9oa4cpTpPXwcA+S/cU7HPNnQAsvD3iJi8GTW9uJs84pn4/WhpQqmXd4rv
|
||||
hKWECCN3fHy01fUs/U0PaSj2jDY/kQVeXoikNMzPUjdZd9m816TIBh3v3aVXCH/0
|
||||
iTHHAxctvDgMRb2fpvRJ/wwnYjFG9RpamVFDMvC9NffuYzWAA9IRIY4cqgerfHrV
|
||||
Z2HHiPTDDvDAIsvImXZc/h7mXN6m3RCQ4Qywy993wd9gUdgg/qnynHcCAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MCowBQYDK2VwAyEAG95Ettl3jTi41HM8le1A9WDmOEq0ANEqpLF7zTZrfXA=
|
||||
-----END PUBLIC KEY-----
|
||||
|
||||
Reference in New Issue
Block a user