diff --git a/__debug_bin142225022 b/__debug_bin142225022 new file mode 100755 index 0000000..dce313c Binary files /dev/null and b/__debug_bin142225022 differ diff --git a/__debug_bin1674802629 b/__debug_bin1674802629 new file mode 100755 index 0000000..72d07ff Binary files /dev/null and b/__debug_bin1674802629 differ diff --git a/conf/config.go b/conf/config.go index 0c9dccb..d3ecfe5 100644 --- a/conf/config.go +++ b/conf/config.go @@ -3,10 +3,24 @@ package conf import "sync" type Config struct { - NatsUrl string - NatsLogin string - NatsPassword string - OidcUrl string + PVKPath string + + LDAPEndpoints string + LDAPBindDN string + LDAPBindPW string + LDAPBaseDN string + LDAPRoleBaseDN string + + ClientSecret string + + Auth string + AuthConnectorHost string + AuthConnectorPort int + AuthConnectorAdminPort int + + PermissionConnectorHost string + PermissionConnectorPort int + PermissionConnectorAdminPort int } var instance *Config diff --git a/controllers/auth.go b/controllers/auth.go deleted file mode 100644 index 2d9d5c4..0000000 --- a/controllers/auth.go +++ /dev/null @@ -1,84 +0,0 @@ -package controllers - -import ( - "fmt" - "net/http" - - beego "github.com/beego/beego/v2/server/web" -) - -// Operations about auth -type AuthController struct { - beego.Controller -} - -// @Title Get -// @Description find auth by authid -// @Param authId path string true "the authid you want to get" -// @Success 200 {auth} models.auth -// @Failure 403 :authId is empty -// @router /discover/:url [get] -func (o *AuthController) GetConfig() { - url := o.Ctx.Input.Param(":url") - response, err := http.Get(url + "/.well-known/openid-configuration") - if err != nil { - fmt.Println(err) - } - fmt.Println(url) - // read response body - data := make([]byte, 1024) - _, err = response.Body.Read(data) - if err != nil { - fmt.Println(err) - } - o.Data["json"] = data - o.ServeJSON() -} - -// @Title Create -// @Description create auths -// @Param body body []models.auth true "The auth content" -// @Success 200 {string} models.auth.Id -// @Failure 403 body is empty -// @router / [post] -func (o *AuthController) Post() { - // store and return Id or post with UUID - o.Data["json"] = map[string]string{"Id": "?"} - o.ServeJSON() -} - -// @Title Get -// @Description find auth by authid -// @Param authId path string true "the authid you want to get" -// @Success 200 {auth} models.auth -// @Failure 403 :authId is empty -// @router /:authId [get] -func (o *AuthController) Get() { - authId := o.Ctx.Input.Param(":authId") - fmt.Println(authId) - o.ServeJSON() -} - -// @Title Find -// @Description find auths with query -// @Param query path string true "the keywords you need" -// @Success 200 {auths} []models.auth -// @Failure 403 -// @router /find/:query [get] -func (o *AuthController) Find() { - query := o.Ctx.Input.Param(":query") - fmt.Println(query) - o.ServeJSON() -} - -// @Title Delete -// @Description delete the auth -// @Param authId path string true "The authId you want to delete" -// @Success 200 {string} delete success! -// @Failure 403 authId is empty -// @router /:authId [delete] -func (o *AuthController) Delete() { - authId := o.Ctx.Input.Param(":authId") - fmt.Println(authId) - o.ServeJSON() -} diff --git a/controllers/oauth2.go b/controllers/oauth2.go new file mode 100644 index 0000000..41e192c --- /dev/null +++ b/controllers/oauth2.go @@ -0,0 +1,225 @@ +package controllers + +import ( + "encoding/base64" + "encoding/json" + "fmt" + "net/http" + "oc-auth/infrastructure" + auth_connectors "oc-auth/infrastructure/auth_connector" + "oc-auth/infrastructure/claims" + "strings" + + oclib "cloud.o-forge.io/core/oc-lib" + model "cloud.o-forge.io/core/oc-lib/models/peer" + "cloud.o-forge.io/core/oc-lib/static" + beego "github.com/beego/beego/v2/server/web" +) + +// Operations about auth +type OAuthController struct { + beego.Controller +} + +// @Title Logout +// @Description unauthenticate user +// @Param Authorization header string false "auth token" +// @Success 200 {string} +// @router /ldap/logout [delete] +func (o *OAuthController) LogOutLDAP() { + // authorize user + reqToken := o.Ctx.Request.Header.Get("Authorization") + splitToken := strings.Split(reqToken, "Bearer ") + if len(splitToken) < 2 { + reqToken = "" + } else { + reqToken = splitToken[1] + } + var res auth_connectors.Token + json.Unmarshal(o.Ctx.Input.CopyBody(10000000), &res) + + token, err := infrastructure.GetAuthConnector().Logout(reqToken) + if err != nil || token == nil { + o.Data["json"] = err + } else { + o.Data["json"] = token + } + o.ServeJSON() +} + +// @Title Login +// @Description authenticate user +// @Param body body models.workflow true "The workflow content" +// @Success 200 {string} +// @router /ldap/login [post] +func (o *OAuthController) LoginLDAP() { + // authorize user + var res auth_connectors.Token + json.Unmarshal(o.Ctx.Input.CopyBody(10000000), &res) + ldap := auth_connectors.New() + found, err := ldap.Authenticate(o.Ctx.Request.Context(), res.Username, res.Password) + if err != nil || !found { + o.Data["json"] = err + o.Ctx.ResponseWriter.WriteHeader(401) + o.ServeJSON() + return + } + token, err := infrastructure.GetAuthConnector().Login(res.Username, + &http.Cookie{ // open a session + Name: "csrf_token", + Value: o.XSRFToken(), + }) + if err != nil || token == nil { + o.Data["json"] = err + o.Ctx.ResponseWriter.WriteHeader(401) + } else { + o.Data["json"] = token + } + o.ServeJSON() +} + +// @Title Claims +// @Description enrich token with claims +// @Param body body models.Token true "The token info" +// @Success 200 {string} +// @router /claims [post] +func (o *OAuthController) Claims() { + // enrich token with claims + var res claims.Claims + json.Unmarshal(o.Ctx.Input.CopyBody(100000), &res) + claims := res.Session.IDToken["id_token_claims"].(map[string]interface{}) + userName := claims["sub"].(string) + _, loc := static.GetMyLocalJsonPeer() + o.Data["json"] = infrastructure.GetClaims().AddClaimsToToken(userName, loc["url"].(string)) + o.ServeJSON() +} + +// @Title Introspection +// @Description introspect token +// @Param body body models.Token true "The token info" +// @Success 200 {string} +// @router /refresh [post] +func (o *OAuthController) Refresh() { + var token auth_connectors.Token + json.Unmarshal(o.Ctx.Input.CopyBody(100000), &token) + // refresh token + newToken, err := infrastructure.GetAuthConnector().Refresh(&token) + if err != nil || newToken == nil { + o.Data["json"] = err + o.Ctx.ResponseWriter.WriteHeader(401) + } else { + o.Data["json"] = newToken + } + o.ServeJSON() +} + +// @Title Introspection +// @Description introspect token +// @Param Authorization header string false "auth token" +// @Success 200 {string} +// @router /introspect [get] +func (o *OAuthController) Introspect() { + reqToken := o.Ctx.Request.Header.Get("Authorization") + splitToken := strings.Split(reqToken, "Bearer ") + if len(splitToken) < 2 { + reqToken = "" + } else { + reqToken = splitToken[1] + } + token, err := infrastructure.GetAuthConnector().Introspect(reqToken) + if err != nil || !token { + o.Data["json"] = err + o.Ctx.ResponseWriter.WriteHeader(401) + } + o.ServeJSON() +} + +// @Title AuthForward +// @Description auth forward +// @Param Authorization header string false "auth token" +// @Param body body models.workflow true "The workflow content" +// @Success 200 {string} +// @router /forward [get] +func (o *OAuthController) InternalAuthForward() { + reqToken := o.Ctx.Request.Header.Get("Authorization") + splitToken := strings.Split(reqToken, "Bearer ") + if len(splitToken) < 2 { + reqToken = "" + } else { + reqToken = splitToken[1] + } + origin, publicKey, external := o.extractOrigin() + if reqToken != "" && !o.checkAuthForward(reqToken, publicKey) && origin != "" { + fmt.Println("Unauthorized", origin, reqToken) + o.Ctx.ResponseWriter.WriteHeader(401) + o.ServeJSON() + return + } + token, err := infrastructure.GetAuthConnector().Introspect(reqToken, &http.Cookie{ + Name: "csrf_token", + Value: o.XSRFToken(), + }) // may be a problem... we should check if token is valid on our side + // prefers a refresh token call + if err != nil || external { + fmt.Println("Unauthorized 2", err, external) // error + o.Ctx.ResponseWriter.WriteHeader(401) + } else if token && !external { // redirect to login + o.Data["json"] = token + } + o.ServeJSON() +} + +func (o *OAuthController) extractOrigin() (string, string, bool) { + external := true + publicKey := "" + origin := o.Ctx.Request.Header.Get("X-Forwarded-Host") + if origin == "" { + origin = o.Ctx.Request.Header.Get("Origin") + } + idLoc, loc := static.GetMyLocalJsonPeer() + if origin != "" { // is external + peer := oclib.Search(nil, origin, oclib.LibDataEnum(oclib.PEER)) + if peer.Code != 200 { + return "", "", external + } + p := peer.Data[0] + if strings.Contains(origin, "localhost") || strings.Contains(origin, "127.0.0.1") || idLoc == p.GetID() { + external = false + } + publicKey = p.(*model.Peer).PublicKey + } else { + external = false + publicKey = loc["public_key"].(string) + } + return origin, publicKey, external +} + +func (o *OAuthController) checkAuthForward(reqToken string, publicKey string) bool { + bytes, err := base64.StdEncoding.DecodeString(reqToken) // Converting data + if err != nil { + fmt.Println("Failed to Decode secret", err) + return false + } + var decodedToken map[string]interface{} + err = json.Unmarshal(bytes, &decodedToken) + if err != nil { + fmt.Println("Failed to parse secret", err) + return false + } else if decodedToken["session"] != nil { + host := o.Ctx.Request.Header.Get("X-Forwarded-Host") + method := o.Ctx.Request.Header.Get("X-Forwarded-Method") + forward := o.Ctx.Request.Header.Get("X-Forwarded-Uri") + if forward == "" || method == "" { + fmt.Println("Forwarded headers are missing") + return false + } + // ask keto for permission is in claims + ok, err := infrastructure.GetClaims().DecodeClaimsInToken( + host, method, forward, decodedToken["session"].(map[string]interface{}), publicKey) + if err != nil { + fmt.Println("Failed to decode claims", err) + } + return ok + } + return false +} diff --git a/controllers/permission.go b/controllers/permission.go new file mode 100644 index 0000000..9ebafdc --- /dev/null +++ b/controllers/permission.go @@ -0,0 +1,192 @@ +package controllers + +import ( + "oc-auth/infrastructure" + + beego "github.com/beego/beego/v2/server/web" +) + +// Operations about auth +type PermissionController struct { + beego.Controller +} + +// @Title GetAll +// @Description find permissions +// @Success 200 {permission} string +// @router / [get] +func (o *PermissionController) GetAll() { + role, err := infrastructure.GetPermissionConnector().GetPermission("", "") + if err != nil { + o.Data["json"] = map[string]interface{}{ + "data": nil, + "error": err.Error(), + "code": 200, + } + + } else { + o.Data["json"] = map[string]interface{}{ + "data": role, + "error": nil, + "code": 200, + } + } + o.ServeJSON() +} + +// @Title GetByRole +// @Description find permission by role id +// @Param id path string true "the id you want to get" +// @Success 200 {auth} string +// @router /role/:id [get] +func (o *PermissionController) GetByRole() { + id := o.Ctx.Input.Param(":id") + role, err := infrastructure.GetPermissionConnector().GetPermissionByRole(id) + if err != nil { + o.Data["json"] = map[string]interface{}{ + "data": nil, + "error": err.Error(), + "code": 200, + } + + } else { + o.Data["json"] = map[string]interface{}{ + "data": role, + "error": nil, + "code": 200, + } + } + o.ServeJSON() +} + +// @Title GetByUser +// @Description find permission by user id +// @Param id path string true "the id you want to get" +// @Success 200 {auth} string +// @router /user/:id [get] +func (o *PermissionController) GetByUser() { + id := o.Ctx.Input.Param(":id") + role, err := infrastructure.GetPermissionConnector().GetPermissionByUser(id) + if err != nil { + o.Data["json"] = map[string]interface{}{ + "data": nil, + "error": err.Error(), + "code": 200, + } + + } else { + o.Data["json"] = map[string]interface{}{ + "data": role, + "error": nil, + "code": 200, + } + } + o.ServeJSON() +} + +// @Title Get +// @Description find auth by permission +// @Param id path string true "the permission you want to get" +// @Success 200 {auth} models.auth +// @router /:id/:relation[get] +func (o *PermissionController) Get() { + id := o.Ctx.Input.Param(":id") + rel := o.Ctx.Input.Param(":relation") + role, err := infrastructure.GetPermissionConnector().GetPermission(id, rel) + if err != nil { + o.Data["json"] = map[string]interface{}{ + "data": nil, + "error": err.Error(), + "code": 200, + } + + } else { + o.Data["json"] = map[string]interface{}{ + "data": role, + "error": nil, + "code": 200, + } + } + o.ServeJSON() +} + +// @Title Clear +// @Description clear the permission +// @Success 200 {string} delete success! +// @router /clear [delete] +func (o *PermissionController) Clear() { + role, code, err := infrastructure.GetPermissionConnector().DeletePermission("", "", true) + if err != nil { + o.Data["json"] = map[string]interface{}{ + "data": nil, + "error": err.Error(), + "code": code, + } + + } else { + o.Data["json"] = map[string]interface{}{ + "data": role, + "error": nil, + "code": 200, + } + } + o.ServeJSON() +} + +// @Title Bind +// @Description bind the permission to role +// @Param role_id path string true "The role_id you want to bind" +// @Param method path string true "The method you want to relate role & permission" +// @Param permission_id path string true "The permission_id you want to bind" +// @Success 200 {string} bind success! +// @router /:permission_id/:role_id/:relation [post] +func (o *PermissionController) Bind() { + permission_id := o.Ctx.Input.Param(":permission_id") + role_id := o.Ctx.Input.Param(":role_id") + rel := o.Ctx.Input.Param(":relation") + role, code, err := infrastructure.GetPermissionConnector().BindPermission(role_id, permission_id, rel) + if err != nil { + o.Data["json"] = map[string]interface{}{ + "data": nil, + "error": err.Error(), + "code": code, + } + + } else { + o.Data["json"] = map[string]interface{}{ + "data": role, + "error": nil, + "code": 200, + } + } + o.ServeJSON() +} + +// @Title UnBind +// @Description unbind the permission to role +// @Param role_id path string true "The role_id you want to unbind" +// @Param relation path string true "The method you want to unrelate role & permission" +// @Param permission_id path string true "The permission_id you want to unbind" +// @Success 200 {string} bind success! +// @router /:permission_id/:role_id/:relation [delete] +func (o *PermissionController) UnBind() { + permission_id := o.Ctx.Input.Param(":permission_id") + role_id := o.Ctx.Input.Param(":role_id") + rel := o.Ctx.Input.Param(":relation") + role, code, err := infrastructure.GetPermissionConnector().UnBindPermission(role_id, permission_id, rel) + if err != nil { + o.Data["json"] = map[string]interface{}{ + "data": nil, + "error": err.Error(), + "code": code, + } + + } else { + o.Data["json"] = map[string]interface{}{ + "data": role, + "error": nil, + "code": 200, + } + } + o.ServeJSON() +} diff --git a/controllers/registration.go b/controllers/registration.go deleted file mode 100644 index ab2c486..0000000 --- a/controllers/registration.go +++ /dev/null @@ -1,52 +0,0 @@ -package controllers - -import ( - "encoding/json" - "log" - "oc-auth/models" - "strings" - - beego "github.com/beego/beego/v2/server/web" - "github.com/nats-io/nats.go" -) - -// Operations about auth -type RegistrationController struct { - beego.Controller -} - -// @Title Create -// @Description create auths -// @Param body body models.Application true "The app info" -// @Success 200 {string} models.auth.Id -// @Failure 403 body is empty -// @router / [post] -func (o *RegistrationController) Post() { - var app models.Application - // Store the app info in the nats server - err := json.Unmarshal(o.Ctx.Input.RequestBody, &app) - if err != nil { - log.Fatal(err) - } - servers := []string{"nats://127.0.0.1:1222", "nats://127.0.0.1:1223", "nats://127.0.0.1:1224"} - - nc, err := nats.Connect(strings.Join(servers, ",")) - if err != nil { - log.Fatal(err) - } - defer nc.Close() - js, err := nc.JetStream(nats.PublishAsyncMaxPending(256)) - if err != nil { - log.Fatal(err) - } - kv, err := js.KeyValue("auth") - if err != nil { - log.Fatal(err) - } - kv.Put(app.ClientId, o.Ctx.Input.RequestBody) - // register to OIDC server - - // store and return Id or post with UUID - o.Data["json"] = map[string]string{"Id": "?"} - o.ServeJSON() -} diff --git a/controllers/role.go b/controllers/role.go new file mode 100644 index 0000000..206ff1d --- /dev/null +++ b/controllers/role.go @@ -0,0 +1,213 @@ +package controllers + +import ( + "oc-auth/infrastructure" + + beego "github.com/beego/beego/v2/server/web" +) + +// Operations about auth +type RoleController struct { + beego.Controller +} + +// @Title Create +// @Description create role +// @Param id path string true "the id you want to get" +// @Success 200 {auth} create success! +// @router /:id [post] +func (o *RoleController) Post() { + // store and return Id or post with UUID + id := o.Ctx.Input.Param(":id") + role, code, err := infrastructure.GetPermissionConnector().CreateRole(id) + if err != nil { + o.Data["json"] = map[string]interface{}{ + "data": nil, + "error": err.Error(), + "code": code, + } + + } else { + o.Data["json"] = map[string]interface{}{ + "data": role, + "error": nil, + "code": 200, + } + } + o.ServeJSON() +} + +// @Title GetByUser +// @Description find role by user id +// @Param id path string true "the id you want to get" +// @Success 200 {auth} string +// @router /user/:id [get] +func (o *RoleController) GetByUser() { + id := o.Ctx.Input.Param(":id") + role, err := infrastructure.GetPermissionConnector().GetRoleByUser(id) + if err != nil { + o.Data["json"] = map[string]interface{}{ + "data": nil, + "error": err.Error(), + "code": 200, + } + + } else { + o.Data["json"] = map[string]interface{}{ + "data": role, + "error": nil, + "code": 200, + } + } + o.ServeJSON() +} + +// @Title GetAll +// @Description find roles +// @Success 200 {role} string +// @router / [get] +func (o *RoleController) GetAll() { + role, err := infrastructure.GetPermissionConnector().GetRole("") + if err != nil { + o.Data["json"] = map[string]interface{}{ + "data": nil, + "error": err.Error(), + "code": 200, + } + + } else { + o.Data["json"] = map[string]interface{}{ + "data": role, + "error": nil, + "code": 200, + } + } + o.ServeJSON() +} + +// @Title Get +// @Description find role by id +// @Param id path string true "the id you want to get" +// @Success 200 {role} string +// @router /:id [get] +func (o *RoleController) Get() { + id := o.Ctx.Input.Param(":id") + role, err := infrastructure.GetPermissionConnector().GetRole(id) + if err != nil { + o.Data["json"] = map[string]interface{}{ + "data": nil, + "error": err.Error(), + "code": 200, + } + + } else { + o.Data["json"] = map[string]interface{}{ + "data": role, + "error": nil, + "code": 200, + } + } + o.ServeJSON() +} + +// @Title Delete +// @Description delete the role +// @Param id path string true "The id you want to delete" +// @Success 200 {string} delete success! +// @router /:id [delete] +func (o *RoleController) Delete() { + id := o.Ctx.Input.Param(":id") + role, code, err := infrastructure.GetPermissionConnector().DeleteRole(id) + if err != nil { + o.Data["json"] = map[string]interface{}{ + "data": nil, + "error": err.Error(), + "code": code, + } + + } else { + o.Data["json"] = map[string]interface{}{ + "data": role, + "error": nil, + "code": 200, + } + } + o.ServeJSON() +} + +// @Title Clear +// @Description clear the role +// @Success 200 {string} delete success! +// @router /clear [delete] +func (o *RoleController) Clear() { + role, code, err := infrastructure.GetPermissionConnector().DeleteRole("") + if err != nil { + o.Data["json"] = map[string]interface{}{ + "data": nil, + "error": err.Error(), + "code": code, + } + + } else { + o.Data["json"] = map[string]interface{}{ + "data": role, + "error": nil, + "code": 200, + } + } + o.ServeJSON() +} + +// @Title Bind +// @Description bind the role to user +// @Param user_id path string true "The user_id you want to bind" +// @Param role_id path string true "The role_id you want to bind" +// @Success 200 {string} bind success! +// @router /:user_id/:role_id [post] +func (o *RoleController) Bind() { + user_id := o.Ctx.Input.Param(":user_id") + role_id := o.Ctx.Input.Param(":role_id") + role, code, err := infrastructure.GetPermissionConnector().BindRole(user_id, role_id) + if err != nil { + o.Data["json"] = map[string]interface{}{ + "data": nil, + "error": err.Error(), + "code": code, + } + + } else { + o.Data["json"] = map[string]interface{}{ + "data": role, + "error": nil, + "code": 200, + } + } + o.ServeJSON() +} + +// @Title UnBind +// @Description unbind the role to user +// @Param role_id path string true "The role_id you want to unbind" +// @Param user_id path string true "The user_id you want to unbind" +// @Success 200 {string} bind success! +// @router /:user_id/:role_id [delete] +func (o *RoleController) UnBind() { + user_id := o.Ctx.Input.Param(":user_id") + role_id := o.Ctx.Input.Param(":role_id") + role, code, err := infrastructure.GetPermissionConnector().UnBindRole(user_id, role_id) + if err != nil { + o.Data["json"] = map[string]interface{}{ + "data": nil, + "error": err.Error(), + "code": code, + } + + } else { + o.Data["json"] = map[string]interface{}{ + "data": role, + "error": nil, + "code": 200, + } + } + o.ServeJSON() +} diff --git a/controllers/version.go b/controllers/version.go index 6fa3e9c..04b6a99 100644 --- a/controllers/version.go +++ b/controllers/version.go @@ -17,3 +17,12 @@ func (c *VersionController) GetAll() { c.Data["json"] = map[string]string{"version": "1"} c.ServeJSON() } + +// @Title Get +// @Description get version +// @Success 200 +// @router /discovery [get] +func (c *VersionController) Get() { + c.Data["json"] = map[string]string{"version": "1"} + c.ServeJSON() +} diff --git a/docker-compose.yml b/docker-compose.yml index ac59b68..37a6011 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,10 +1,20 @@ version: '3.4' services: - ocauth: - image: 'ocauth:latest' + oc-auth: + image: 'oc-auth:latest' ports: - - 8088:8080 - container_name: ocauth - - \ No newline at end of file + - 8094:8080 + container_name: oc-auth + environment: + PVK_PATH: /etc/oc/pvk.pem + LDAP_ENDPOINTS: ldap:389 + LDAP_BINDDN: cn=admin,dc=example,dc=com + LDAP_BINDPW: password + LDAP_BASEDN: "dc=example,dc=com" + LDAP_ROLE_BASEDN: "ou=AppRoles,dc=example,dc=com" + networks: + - catalog +networks: + catalog: + external: true \ No newline at end of file diff --git a/docker_auth.json b/docker_auth.json index 52db999..a20f479 100644 --- a/docker_auth.json +++ b/docker_auth.json @@ -1,6 +1,7 @@ { - "natsurl":"http://localhost:4080", - "login":"admin", - "password":"admin", - "oidcserver":"http://localhost:8080" + "MONGO_URL":"mongodb://mongo:27017/", + "MONGO_DATABASE":"DC_myDC", + "NATS_URL": "nats://nats:4222", + "PORT" : 8080, + "AUTH_CONNECTOR_HOST": "hydra" } \ No newline at end of file diff --git a/go.mod b/go.mod index 610919b..082ad86 100644 --- a/go.mod +++ b/go.mod @@ -3,59 +3,131 @@ module oc-auth go 1.22.0 require ( - cloud.o-forge.io/core/oc-lib v0.0.0-20240927065314-0ac55a0ec151 - github.com/beego/beego/v2 v2.0.7 + cloud.o-forge.io/core/oc-lib v0.0.0-20241025125832-c34e5579fcfc + github.com/beego/beego/v2 v2.3.1 github.com/nats-io/nats.go v1.37.0 github.com/ory/hydra-client-go v1.11.8 github.com/smartystreets/goconvey v1.7.2 - golang.org/x/oauth2 v0.5.0 + golang.org/x/oauth2 v0.23.0 +) + +require ( + github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect + github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect + github.com/cenkalti/backoff/v4 v4.2.1 // indirect + github.com/dgraph-io/ristretto v0.1.1 // indirect + github.com/dustin/go-humanize v1.0.1 // indirect + github.com/felixge/httpsnoop v1.0.3 // indirect + github.com/fsnotify/fsnotify v1.6.0 // indirect + github.com/go-asn1-ber/asn1-ber v1.5.5 // indirect + github.com/go-jose/go-jose/v3 v3.0.3 // indirect + github.com/go-logr/logr v1.2.4 // indirect + github.com/go-logr/stdr v1.2.2 // indirect + github.com/gobuffalo/pop/v6 v6.0.8 // indirect + github.com/gofrs/uuid v4.3.0+incompatible // indirect + github.com/gogo/protobuf v1.3.2 // indirect + github.com/golang/glog v1.2.0 // indirect + github.com/golang/mock v1.6.0 // indirect + github.com/gorilla/websocket v1.5.0 // indirect + github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.2 // indirect + github.com/hashicorp/go-cleanhttp v0.5.2 // indirect + github.com/hashicorp/go-retryablehttp v0.7.7 // indirect + github.com/hashicorp/hcl v1.0.0 // indirect + github.com/inconshreveable/mousetrap v1.1.0 // indirect + github.com/magiconair/properties v1.8.7 // indirect + github.com/mattn/goveralls v0.0.12 // indirect + github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect + github.com/openzipkin/zipkin-go v0.4.1 // indirect + github.com/ory/go-acc v0.2.9-0.20230103102148-6b1c9a70dbbe // indirect + github.com/ory/go-convenience v0.1.0 // indirect + github.com/ory/x v0.0.575 // indirect + github.com/pelletier/go-toml/v2 v2.0.9 // indirect + github.com/pkg/errors v0.9.1 // indirect + github.com/seatgeek/logrus-gelf-formatter v0.0.0-20210414080842-5b05eb8ff761 // indirect + github.com/sirupsen/logrus v1.9.0 // indirect + github.com/spf13/afero v1.9.5 // indirect + github.com/spf13/cast v1.5.1 // indirect + github.com/spf13/cobra v1.7.0 // indirect + github.com/spf13/jwalterweatherman v1.1.0 // indirect + github.com/spf13/pflag v1.0.5 // indirect + github.com/spf13/viper v1.16.0 // indirect + github.com/subosito/gotenv v1.4.2 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.42.0 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.42.0 // indirect + go.opentelemetry.io/contrib/propagators/b3 v1.17.0 // indirect + go.opentelemetry.io/contrib/propagators/jaeger v1.17.0 // indirect + go.opentelemetry.io/contrib/samplers/jaegerremote v0.11.0 // indirect + go.opentelemetry.io/otel v1.16.0 // indirect + go.opentelemetry.io/otel/exporters/jaeger v1.16.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.16.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.16.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.16.0 // indirect + go.opentelemetry.io/otel/exporters/zipkin v1.16.0 // indirect + go.opentelemetry.io/otel/metric v1.16.0 // indirect + go.opentelemetry.io/otel/sdk v1.16.0 // indirect + go.opentelemetry.io/otel/trace v1.16.0 // indirect + go.opentelemetry.io/proto/otlp v1.0.0 // indirect + go.uber.org/atomic v1.9.0 // indirect + go.uber.org/multierr v1.10.0 // indirect + go.uber.org/zap v1.27.0 // indirect + golang.org/x/mod v0.17.0 // indirect + golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect + google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20240227224415-6ceb2ff114de // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20240227224415-6ceb2ff114de // indirect + google.golang.org/grpc v1.63.0 // indirect + gopkg.in/ini.v1 v1.67.0 // indirect ) require ( github.com/beorn7/perks v1.0.1 // indirect - github.com/cespare/xxhash/v2 v2.2.0 // indirect - github.com/gabriel-vasile/mimetype v1.4.4 // indirect + github.com/cespare/xxhash/v2 v2.3.0 // indirect + github.com/coocood/freecache v1.2.4 + github.com/gabriel-vasile/mimetype v1.4.6 // indirect + github.com/go-ldap/ldap/v3 v3.4.8 github.com/go-playground/locales v0.14.1 // indirect github.com/go-playground/universal-translator v0.18.1 // indirect - github.com/go-playground/validator/v10 v10.22.0 // indirect - github.com/golang/protobuf v1.5.2 // indirect + github.com/go-playground/validator/v10 v10.22.1 // indirect + github.com/golang/protobuf v1.5.4 // indirect github.com/golang/snappy v0.0.4 // indirect github.com/google/uuid v1.6.0 // indirect github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 // indirect github.com/goraz/onion v0.1.3 // indirect - github.com/hashicorp/golang-lru v0.5.4 // indirect + github.com/hashicorp/golang-lru v1.0.2 // indirect + github.com/i-core/rlog v1.0.0 github.com/jtolds/gls v4.20.0+incompatible // indirect - github.com/klauspost/compress v1.17.9 // indirect - github.com/kr/pretty v0.3.1 // indirect + github.com/justinas/nosurf v1.1.1 + github.com/kelseyhightower/envconfig v1.4.0 + github.com/klauspost/compress v1.17.11 // indirect + github.com/kr/text v0.2.0 // indirect github.com/leodido/go-urn v1.4.0 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.20 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/montanaflynn/stats v0.7.1 // indirect + github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/nats-io/nkeys v0.4.7 // indirect github.com/nats-io/nuid v1.0.1 // indirect - github.com/pkg/errors v0.9.1 // indirect - github.com/prometheus/client_golang v1.14.0 // indirect - github.com/prometheus/client_model v0.3.0 // indirect - github.com/prometheus/common v0.41.0 // indirect - github.com/prometheus/procfs v0.9.0 // indirect + github.com/ory/fosite v0.47.0 + github.com/prometheus/client_golang v1.20.5 // indirect + github.com/prometheus/client_model v0.6.1 // indirect + github.com/prometheus/common v0.60.1 // indirect + github.com/prometheus/procfs v0.15.1 // indirect github.com/robfig/cron/v3 v3.0.1 // indirect github.com/rs/zerolog v1.33.0 // indirect - github.com/shiena/ansicolor v0.0.0-20200904210342-c7312218db18 // indirect + github.com/shiena/ansicolor v0.0.0-20230509054315-a9deabde6e02 // indirect github.com/smartystreets/assertions v1.2.0 // indirect github.com/xdg-go/pbkdf2 v1.0.0 // indirect github.com/xdg-go/scram v1.1.2 // indirect github.com/xdg-go/stringprep v1.0.4 // indirect - github.com/youmark/pkcs8 v0.0.0-20240424034433-3c2c7870ae76 // indirect - go.mongodb.org/mongo-driver v1.16.0 // indirect - golang.org/x/crypto v0.25.0 // indirect - golang.org/x/net v0.27.0 // indirect - golang.org/x/sync v0.7.0 // indirect - golang.org/x/sys v0.22.0 // indirect - golang.org/x/text v0.16.0 // indirect - google.golang.org/appengine v1.6.7 // indirect - google.golang.org/protobuf v1.28.1 // indirect - gopkg.in/yaml.v2 v2.4.0 // indirect + github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78 // indirect + go.mongodb.org/mongo-driver v1.17.1 // indirect + golang.org/x/crypto v0.28.0 // indirect + golang.org/x/net v0.30.0 // indirect + golang.org/x/sync v0.8.0 // indirect + golang.org/x/sys v0.26.0 // indirect + golang.org/x/text v0.19.0 // indirect + google.golang.org/appengine v1.6.8 // indirect + google.golang.org/protobuf v1.35.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 7ead3fa..f10baa9 100644 --- a/go.sum +++ b/go.sum @@ -3,6 +3,7 @@ cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= +cloud.google.com/go v0.44.3/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= @@ -13,6 +14,9 @@ cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKV cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= +cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI= +cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk= +cloud.google.com/go v0.75.0/go.mod h1:VGuuCn7PG0dwsd5XPVm2Mm3wlh3EL55/79EKB6hlPTY= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= @@ -30,53 +34,161 @@ cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0Zeo cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= -cloud.o-forge.io/core/oc-lib v0.0.0-20240927065314-0ac55a0ec151 h1:Sjap/XMOz3ludAGHKk1GimzWKb2wFmoo5tdBQ1E8/Ro= -cloud.o-forge.io/core/oc-lib v0.0.0-20240927065314-0ac55a0ec151/go.mod h1:FIJD0taWLJ5pjQLJ6sfE2KlTkvbmk5SMcyrxdjsaVz0= +cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo= +cloud.o-forge.io/core/oc-lib v0.0.0-20241016115009-b43226648692 h1:cfRhQioLwTBg9h1OOOp3VcUsBChO97M9lRDP8aq2Gkk= +cloud.o-forge.io/core/oc-lib v0.0.0-20241016115009-b43226648692/go.mod h1:t+zpCTVKVdHH/BImwtMYY2QIWLMXKgY4n/JhFm3Vpu8= +cloud.o-forge.io/core/oc-lib v0.0.0-20241016151521-9654d59fc076 h1:kPIBXPWdO47YdZClB/QYkt3EaReYS7Gs/c4FSXzhjtI= +cloud.o-forge.io/core/oc-lib v0.0.0-20241016151521-9654d59fc076/go.mod h1:t+zpCTVKVdHH/BImwtMYY2QIWLMXKgY4n/JhFm3Vpu8= +cloud.o-forge.io/core/oc-lib v0.0.0-20241017121404-847ef2e95c64 h1:iPyRjeEiQD0lo40OlboBeVZke7zw+uYCvqcPdq+p60E= +cloud.o-forge.io/core/oc-lib v0.0.0-20241017121404-847ef2e95c64/go.mod h1:t+zpCTVKVdHH/BImwtMYY2QIWLMXKgY4n/JhFm3Vpu8= +cloud.o-forge.io/core/oc-lib v0.0.0-20241017121618-1561d0c81e9d h1:BagZaE9jASefM9u5Hf/xyWXXJEd2/xwmRzL6GFy6nqg= +cloud.o-forge.io/core/oc-lib v0.0.0-20241017121618-1561d0c81e9d/go.mod h1:t+zpCTVKVdHH/BImwtMYY2QIWLMXKgY4n/JhFm3Vpu8= +cloud.o-forge.io/core/oc-lib v0.0.0-20241017140500-73fce1d8fb8d h1:ZnXPVbPYXVS/lWOf+aAPnHwQMpzKoIoowLdzsZ08Hi8= +cloud.o-forge.io/core/oc-lib v0.0.0-20241017140500-73fce1d8fb8d/go.mod h1:t+zpCTVKVdHH/BImwtMYY2QIWLMXKgY4n/JhFm3Vpu8= +cloud.o-forge.io/core/oc-lib v0.0.0-20241017150409-3c54f3d39ee8 h1:5Lx4J+ict5ge+Q4vQdytpIm7AghAno3VPSQRuqWus7Q= +cloud.o-forge.io/core/oc-lib v0.0.0-20241017150409-3c54f3d39ee8/go.mod h1:t+zpCTVKVdHH/BImwtMYY2QIWLMXKgY4n/JhFm3Vpu8= +cloud.o-forge.io/core/oc-lib v0.0.0-20241018065112-59a1b52242b3 h1:IH0kY/aDvaxQAYDHuxpG82vf40P4QygIxf7mAxm7epU= +cloud.o-forge.io/core/oc-lib v0.0.0-20241018065112-59a1b52242b3/go.mod h1:t+zpCTVKVdHH/BImwtMYY2QIWLMXKgY4n/JhFm3Vpu8= +cloud.o-forge.io/core/oc-lib v0.0.0-20241021074805-8e82b87fb396 h1:43xWXPcQJqxeMeStuQMwu81wGrMbmcjVBLBby6F5MiQ= +cloud.o-forge.io/core/oc-lib v0.0.0-20241021074805-8e82b87fb396/go.mod h1:t+zpCTVKVdHH/BImwtMYY2QIWLMXKgY4n/JhFm3Vpu8= +cloud.o-forge.io/core/oc-lib v0.0.0-20241021093952-e45fefe88369 h1:sM2UjMJzeeNkHWflFkfArMIJQ6MYNMf1LEkSbso5T5I= +cloud.o-forge.io/core/oc-lib v0.0.0-20241021093952-e45fefe88369/go.mod h1:t+zpCTVKVdHH/BImwtMYY2QIWLMXKgY4n/JhFm3Vpu8= +cloud.o-forge.io/core/oc-lib v0.0.0-20241022072818-72d5c64c2d9d h1:zLcbjXkJhKzXqAceRSSYfOHs//A77NbesWy2UBoPXfw= +cloud.o-forge.io/core/oc-lib v0.0.0-20241022072818-72d5c64c2d9d/go.mod h1:t+zpCTVKVdHH/BImwtMYY2QIWLMXKgY4n/JhFm3Vpu8= +cloud.o-forge.io/core/oc-lib v0.0.0-20241022122752-55a25aba835b h1:2R2Ig3c//nOjTnXLC2wj8ONIQ95bdriuEIQMNjqyDIo= +cloud.o-forge.io/core/oc-lib v0.0.0-20241022122752-55a25aba835b/go.mod h1:t+zpCTVKVdHH/BImwtMYY2QIWLMXKgY4n/JhFm3Vpu8= +cloud.o-forge.io/core/oc-lib v0.0.0-20241023070736-158d3aacc866 h1:qM1GvdwqrksvMOzm12Wjz4ug+dFq/U7OxXOQQ2SUals= +cloud.o-forge.io/core/oc-lib v0.0.0-20241023070736-158d3aacc866/go.mod h1:t+zpCTVKVdHH/BImwtMYY2QIWLMXKgY4n/JhFm3Vpu8= +cloud.o-forge.io/core/oc-lib v0.0.0-20241023075508-84deb17e37f0 h1:ufVT1FwXjwuEZWScSsrNLVuEHW/G8+NJNxPmkPPRXW8= +cloud.o-forge.io/core/oc-lib v0.0.0-20241023075508-84deb17e37f0/go.mod h1:t+zpCTVKVdHH/BImwtMYY2QIWLMXKgY4n/JhFm3Vpu8= +cloud.o-forge.io/core/oc-lib v0.0.0-20241023085115-cd902c6688f6 h1:wpOwV9rHrD4msZgZ5PH2Xf+sbeZ8PIOXcx6O10VnVgI= +cloud.o-forge.io/core/oc-lib v0.0.0-20241023085115-cd902c6688f6/go.mod h1:t+zpCTVKVdHH/BImwtMYY2QIWLMXKgY4n/JhFm3Vpu8= +cloud.o-forge.io/core/oc-lib v0.0.0-20241023092234-cc8fc2df2161 h1:T4Lkp3H/I/dZbiOkpd+FE4EmepUFyWk39oqX2d75NbQ= +cloud.o-forge.io/core/oc-lib v0.0.0-20241023092234-cc8fc2df2161/go.mod h1:t+zpCTVKVdHH/BImwtMYY2QIWLMXKgY4n/JhFm3Vpu8= +cloud.o-forge.io/core/oc-lib v0.0.0-20241025125832-c34e5579fcfc h1:kDoodLH2HuIuZ0oppb3z+9YBYl7XwneXlqSGlYh/BnY= +cloud.o-forge.io/core/oc-lib v0.0.0-20241025125832-c34e5579fcfc/go.mod h1:t+zpCTVKVdHH/BImwtMYY2QIWLMXKgY4n/JhFm3Vpu8= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= +github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 h1:mFRzDkZVAjdal+s7s0MwaRv9igoPqLRdzOLzw/8Xvq8= +github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/beego/beego/v2 v2.0.7 h1:9KNnUM40tn3pbCOFfe6SJ1oOL0oTi/oBS/C/wCEdAXA= -github.com/beego/beego/v2 v2.0.7/go.mod h1:f0uOEkmJWgAuDTlTxUdgJzwG3PDSIf3UWF3NpMohbFE= +github.com/Masterminds/semver/v3 v3.1.1/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs= +github.com/alexbrainman/sspi v0.0.0-20231016080023-1a75b4708caa/go.mod h1:cEWa1LVoE5KvSD9ONXsZrj0z6KqySlCCNKHlLzbqAt4= +github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= +github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= +github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4= +github.com/beego/beego/v2 v2.3.1 h1:7MUKMpJYzOXtCUsTEoXOxsDV/UcHw6CPbaWMlthVNsc= +github.com/beego/beego/v2 v2.3.1/go.mod h1:5cqHsOHJIxkq44tBpRvtDe59GuVRVv/9/tyVDxd5ce4= +github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= +github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM= +github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= +github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= +github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ= +github.com/coocood/freecache v1.2.4 h1:UdR6Yz/X1HW4fZOuH0Z94KwG851GWOSknua5VUbb/5M= +github.com/coocood/freecache v1.2.4/go.mod h1:RBUWa/Cy+OHdfTGFEhEuE1pMCMX51Ncizj7rthiQ3vk= github.com/coreos/etcd v3.3.17+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= +github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= +github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= +github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/dgraph-io/ristretto v0.1.1 h1:6CWw5tJNgpegArSHpNHJKldNeq03FQCwYvfMVWajOK8= +github.com/dgraph-io/ristretto v0.1.1/go.mod h1:S1GPSBCYCIhmVNfcth17y2zZtQT6wzkzgwUve0VDWWA= +github.com/dgryski/go-farm v0.0.0-20190423205320-6a90982ecee2/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw= +github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= +github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= +github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= github.com/elazarl/go-bindata-assetfs v1.0.1 h1:m0kkaHRKEu7tUIUFVwhGGGYClXvyl4RE03qmvRTNfbw= github.com/elazarl/go-bindata-assetfs v1.0.1/go.mod h1:v+YaWX3bdea5J/mo8dSETolEo7R71Vk1u8bnjau5yw4= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= +github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po= +github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/etcd-io/etcd v3.3.17+incompatible/go.mod h1:cdZ77EstHBwVtD6iTgzgvogwcjo9m4iOqoijouPJ4bs= +github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= +github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M= +github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk= +github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/gabriel-vasile/mimetype v1.4.4 h1:QjV6pZ7/XZ7ryI2KuyeEDE8wnh7fHP9YnQy+R0LnH8I= -github.com/gabriel-vasile/mimetype v1.4.4/go.mod h1:JwLei5XPtWdGiMFB5Pjle1oEeoSeEuJfJE+TtfvdB/s= +github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= +github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= +github.com/gabriel-vasile/mimetype v1.4.6 h1:3+PzJTKLkvgjeTbts6msPJt4DixhT4YtFNf1gtGe3zc= +github.com/gabriel-vasile/mimetype v1.4.6/go.mod h1:JX1qVKqZd40hUPpAfiNTe0Sne7hdfKSbOqqmkq8GCXc= +github.com/go-asn1-ber/asn1-ber v1.5.5 h1:MNHlNMBDgEKD4TcKr36vQN68BA00aDfjIt3/bD50WnA= +github.com/go-asn1-ber/asn1-ber v1.5.5/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/go-jose/go-jose/v3 v3.0.3 h1:fFKWeig/irsp7XD2zBxvnmA/XaRWp5V3CBsZXJF7G7k= +github.com/go-jose/go-jose/v3 v3.0.3/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ= +github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= +github.com/go-ldap/ldap/v3 v3.4.8 h1:loKJyspcRezt2Q3ZRMq2p/0v8iOurlmeXDPw6fikSvQ= +github.com/go-ldap/ldap/v3 v3.4.8/go.mod h1:qS3Sjlu76eHfHGpUdWkAXQTw4beih+cHsco2jXlIXrk= +github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= +github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= +github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= +github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s= github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4= github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA= github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY= github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY= github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY= -github.com/go-playground/validator/v10 v10.22.0 h1:k6HsTZ0sTnROkhS//R0O+55JgM8C4Bx7ia+JlgcnOao= -github.com/go-playground/validator/v10 v10.22.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM= +github.com/go-playground/validator/v10 v10.22.1 h1:40JcKH+bBNGFczGuoBYgX4I6m/i27HYW8P9FDk5PbgA= +github.com/go-playground/validator/v10 v10.22.1/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM= +github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= +github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/gobuffalo/attrs v1.0.3/go.mod h1:KvDJCE0avbufqS0Bw3UV7RQynESY0jjod+572ctX4t8= +github.com/gobuffalo/envy v1.10.2/go.mod h1:qGAGwdvDsaEtPhfBzb3o0SfDea8ByGn9j8bKmVft9z8= +github.com/gobuffalo/fizz v1.14.4/go.mod h1:9/2fGNXNeIFOXEEgTPJwiK63e44RjG+Nc4hfMm1ArGM= +github.com/gobuffalo/flect v0.3.0/go.mod h1:5pf3aGnsvqvCj50AVni7mJJF8ICxGZ8HomberC3pXLE= +github.com/gobuffalo/genny/v2 v2.1.0/go.mod h1:4yoTNk4bYuP3BMM6uQKYPvtP6WsXFGm2w2EFYZdRls8= +github.com/gobuffalo/github_flavored_markdown v1.1.3/go.mod h1:IzgO5xS6hqkDmUh91BW/+Qxo/qYnvfzoz3A7uLkg77I= +github.com/gobuffalo/helpers v0.6.7/go.mod h1:j0u1iC1VqlCaJEEVkZN8Ia3TEzfj/zoXANqyJExTMTA= +github.com/gobuffalo/logger v1.0.7/go.mod h1:u40u6Bq3VVvaMcy5sRBclD8SXhBYPS0Qk95ubt+1xJM= +github.com/gobuffalo/nulls v0.4.2/go.mod h1:EElw2zmBYafU2R9W4Ii1ByIj177wA/pc0JdjtD0EsH8= +github.com/gobuffalo/packd v1.0.2/go.mod h1:sUc61tDqGMXON80zpKGp92lDb86Km28jfvX7IAyxFT8= +github.com/gobuffalo/plush/v4 v4.1.16/go.mod h1:6t7swVsarJ8qSLw1qyAH/KbrcSTwdun2ASEQkOznakg= +github.com/gobuffalo/pop/v6 v6.0.8 h1:9+5ShHYh3x9NDFCITfm/gtKDDRSgOwiY7kA0Hf7N9aQ= +github.com/gobuffalo/pop/v6 v6.0.8/go.mod h1:f4JQ4Zvkffcevz+t+XAwBLStD7IQs19DiIGIDFYw1eA= +github.com/gobuffalo/tags/v3 v3.1.4/go.mod h1:ArRNo3ErlHO8BtdA0REaZxijuWnWzF6PUXngmMXd2I0= +github.com/gobuffalo/validate/v3 v3.3.3/go.mod h1:YC7FsbJ/9hW/VjQdmXPvFqvRis4vrRYFxr69WiNZw6g= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= +github.com/gofrs/uuid v3.2.0+incompatible h1:y12jRkkFxsd7GpqdSZ+/KCs/fJbqpEXSGd4+jfEaewE= +github.com/gofrs/uuid v3.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= +github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= +github.com/gofrs/uuid v4.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= +github.com/gofrs/uuid v4.3.0+incompatible h1:CaSVZxm5B+7o45rtab4jC2G37WGYX1zQfuU2i6DSvnc= +github.com/gofrs/uuid v4.3.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/glog v1.2.0 h1:uCdmnmatrKCgMBlM4rMuJZWOkPDqdbZPnrMXDY4gI68= +github.com/golang/glog v1.2.0/go.mod h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -87,6 +199,8 @@ github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= +github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc= +github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -100,9 +214,11 @@ github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:W github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= +github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= @@ -114,12 +230,16 @@ github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= +github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= @@ -127,47 +247,149 @@ github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hf github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20201218002935-b9804c9f04c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= +github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= +github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/goraz/onion v0.1.3 h1:KhyvbDA2b70gcz/d5izfwTiOH8SmrvV43AsVzpng3n0= github.com/goraz/onion v0.1.3/go.mod h1:XEmz1XoBz+wxTgWB8NwuvRm4RAu3vKxvrmYtzK+XCuQ= +github.com/gorilla/css v1.0.0/go.mod h1:Dn721qIggHpt4+EFCcTLTU/vk5ySda2ReITrtgBl60c= +github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4= +github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM= +github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc= +github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.2 h1:dygLcbEBA+t/P7ck6a8AkXv6juQ4cK0RHBoh32jxhHM= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.2/go.mod h1:Ap9RLCIJVtgQg1/BBgVEfypOAySvvlcpcVQkSzJCH4Y= +github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= +github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= +github.com/hashicorp/go-retryablehttp v0.7.7 h1:C8hUCYzor8PIfXHa4UrZkU4VvK8o9ISHxT2Q8+VepXU= +github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk= +github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= +github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= +github.com/hashicorp/golang-lru v1.0.2 h1:dV3g9Z/unq5DpblPpw+Oqcv4dU/1omnb4Ok8iPY6p1c= +github.com/hashicorp/golang-lru v1.0.2/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= +github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= +github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= +github.com/i-core/rlog v1.0.0 h1:8CY2rsqvm3Z9cfl3hroppn8LTBwbtL45+ho79JTz8Jg= +github.com/i-core/rlog v1.0.0/go.mod h1:wTQKCF9IKx2HlNQ2M7dUpP3zIOD5ayqF4X3uQFbwY3g= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= +github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= +github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= +github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= +github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= +github.com/jackc/chunkreader v1.0.0/go.mod h1:RT6O25fNZIuasFJRyZ4R/Y2BbhasbmZXF9QQ7T3kePo= +github.com/jackc/chunkreader/v2 v2.0.0/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk= +github.com/jackc/chunkreader/v2 v2.0.1/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk= +github.com/jackc/pgconn v0.0.0-20190420214824-7e0022ef6ba3/go.mod h1:jkELnwuX+w9qN5YIfX0fl88Ehu4XC3keFuOJJk9pcnA= +github.com/jackc/pgconn v0.0.0-20190824142844-760dd75542eb/go.mod h1:lLjNuW/+OfW9/pnVKPazfWOgNfH2aPem8YQ7ilXGvJE= +github.com/jackc/pgconn v0.0.0-20190831204454-2fabfa3c18b7/go.mod h1:ZJKsE/KZfsUgOEh9hBm+xYTstcNHg7UPMVJqRfQxq4s= +github.com/jackc/pgconn v1.8.0/go.mod h1:1C2Pb36bGIP9QHGBYCjnyhqu7Rv3sGshaQUvmfGIB/o= +github.com/jackc/pgconn v1.9.0/go.mod h1:YctiPyvzfU11JFxoXokUOOKQXQmDMoJL9vJzHH8/2JY= +github.com/jackc/pgconn v1.9.1-0.20210724152538-d89c8390a530/go.mod h1:4z2w8XhRbP1hYxkpTuBjTS3ne3J48K83+u0zoyvg2pI= +github.com/jackc/pgconn v1.13.0/go.mod h1:AnowpAqO4CMIIJNZl2VJp+KrkAZciAkhEl0W0JIobpI= +github.com/jackc/pgio v1.0.0/go.mod h1:oP+2QK2wFfUWgr+gxjoBH9KGBb31Eio69xUb0w5bYf8= +github.com/jackc/pgmock v0.0.0-20190831213851-13a1b77aafa2/go.mod h1:fGZlG77KXmcq05nJLRkk0+p82V8B8Dw8KN2/V9c/OAE= +github.com/jackc/pgmock v0.0.0-20201204152224-4fe30f7445fd/go.mod h1:hrBW0Enj2AZTNpt/7Y5rr2xe/9Mn757Wtb2xeBzPv2c= +github.com/jackc/pgmock v0.0.0-20210724152146-4ad1a8207f65/go.mod h1:5R2h2EEX+qri8jOWMbJCtaPWkrrNc7OHwsp2TCqp7ak= +github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg= +github.com/jackc/pgproto3 v1.1.0/go.mod h1:eR5FA3leWg7p9aeAqi37XOTgTIbkABlvcPB3E5rlc78= +github.com/jackc/pgproto3/v2 v2.0.0-alpha1.0.20190420180111-c116219b62db/go.mod h1:bhq50y+xrl9n5mRYyCBFKkpRVTLYJVWeCc+mEAI3yXA= +github.com/jackc/pgproto3/v2 v2.0.0-alpha1.0.20190609003834-432c2951c711/go.mod h1:uH0AWtUmuShn0bcesswc4aBTWGvw0cAxIJp+6OB//Wg= +github.com/jackc/pgproto3/v2 v2.0.0-rc3/go.mod h1:ryONWYqW6dqSg1Lw6vXNMXoBJhpzvWKnT95C46ckYeM= +github.com/jackc/pgproto3/v2 v2.0.0-rc3.0.20190831210041-4c03ce451f29/go.mod h1:ryONWYqW6dqSg1Lw6vXNMXoBJhpzvWKnT95C46ckYeM= +github.com/jackc/pgproto3/v2 v2.0.6/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA= +github.com/jackc/pgproto3/v2 v2.1.1/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA= +github.com/jackc/pgproto3/v2 v2.3.1/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA= +github.com/jackc/pgservicefile v0.0.0-20200714003250-2b9c44734f2b/go.mod h1:vsD4gTJCa9TptPL8sPkXrLZ+hDuNrZCnj29CQpr4X1E= +github.com/jackc/pgtype v0.0.0-20190421001408-4ed0de4755e0/go.mod h1:hdSHsc1V01CGwFsrv11mJRHWJ6aifDLfdV3aVjFF0zg= +github.com/jackc/pgtype v0.0.0-20190824184912-ab885b375b90/go.mod h1:KcahbBH1nCMSo2DXpzsoWOAfFkdEtEJpPbVLq8eE+mc= +github.com/jackc/pgtype v0.0.0-20190828014616-a8802b16cc59/go.mod h1:MWlu30kVJrUS8lot6TQqcg7mtthZ9T0EoIBFiJcmcyw= +github.com/jackc/pgtype v1.8.1-0.20210724151600-32e20a603178/go.mod h1:C516IlIV9NKqfsMCXTdChteoXmwgUceqaLfjg2e3NlM= +github.com/jackc/pgtype v1.12.0/go.mod h1:LUMuVrfsFfdKGLw+AFFVv6KtHOFMwRgDDzBt76IqCA4= +github.com/jackc/pgx/v4 v4.0.0-20190420224344-cc3461e65d96/go.mod h1:mdxmSJJuR08CZQyj1PVQBHy9XOp5p8/SHH6a0psbY9Y= +github.com/jackc/pgx/v4 v4.0.0-20190421002000-1b8f0016e912/go.mod h1:no/Y67Jkk/9WuGR0JG/JseM9irFbnEPbuWV2EELPNuM= +github.com/jackc/pgx/v4 v4.0.0-pre1.0.20190824185557-6972a5742186/go.mod h1:X+GQnOEnf1dqHGpw7JmHqHc1NxDoalibchSk9/RWuDc= +github.com/jackc/pgx/v4 v4.12.1-0.20210724153913-640aa07df17c/go.mod h1:1QD0+tgSXP7iUjYm9C1NxKhny7lq6ee99u/z+IHFcgs= +github.com/jackc/pgx/v4 v4.17.2/go.mod h1:lcxIZN44yMIrWI78a5CpucdD14hX0SBDbNRvjDBItsw= +github.com/jackc/puddle v0.0.0-20190413234325-e4ced69a3a2b/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk= +github.com/jackc/puddle v0.0.0-20190608224051-11cab39313c9/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk= +github.com/jackc/puddle v1.1.3/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk= +github.com/jackc/puddle v1.3.0/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk= +github.com/jcmturner/aescts/v2 v2.0.0/go.mod h1:AiaICIRyfYg35RUkr8yESTqvSy7csK90qZ5xfvvsoNs= +github.com/jcmturner/dnsutils/v2 v2.0.0/go.mod h1:b0TnjGOvI/n42bZa+hmXL+kFJZsFT7G4t3HTlQ184QM= +github.com/jcmturner/gofork v1.7.6/go.mod h1:1622LH6i/EZqLloHfE7IeZ0uEJwMSUyQ/nDd82IeqRo= +github.com/jcmturner/goidentity/v6 v6.0.1/go.mod h1:X1YW3bgtvwAXju7V3LCIMpY0Gbxyjn/mY9zx4tFonSg= +github.com/jcmturner/gokrb5/v8 v8.4.4/go.mod h1:1btQEpgT6k+unzCwX1KdWMEwPPkkgBtP+F6aCACiMrs= +github.com/jcmturner/rpc/v2 v2.0.3/go.mod h1:VUJYCIDm3PVOEHw8sgt091/20OJjskO/YJki3ELg/Hc= +github.com/jmoiron/sqlx v1.3.5/go.mod h1:nRVWtLre0KfCLJvgxzCsLVMogSvQ1zNJtpYr2Ccp0mQ= +github.com/joho/godotenv v1.4.0/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= +github.com/justinas/nosurf v1.1.1 h1:92Aw44hjSK4MxJeMSyDa7jwuI9GR2J/JCQiaKvXXSlk= +github.com/justinas/nosurf v1.1.1/go.mod h1:ALpWdSbuNGy2lZWtyXdjkYv4edL23oSEgfBT1gPJ5BQ= +github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8= +github.com/kelseyhightower/envconfig v1.4.0 h1:Im6hONhd3pLkfDFsbRgu68RDNkGF1r3dvMUtDTo2cv8= +github.com/kelseyhightower/envconfig v1.4.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA= -github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= +github.com/klauspost/compress v1.17.11 h1:In6xLpyWOi1+C7tXUUWv2ot1QvBjxevKAaI6IXrJmUc= +github.com/klauspost/compress v1.17.11/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0= +github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/pty v1.1.8/go.mod h1:O1sed60cT9XZ5uDucP5qwvh+TE3NnUj51EiZO/lmSfw= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ= github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI= +github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= +github.com/lib/pq v1.1.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= +github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= +github.com/lib/pq v1.10.2/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= +github.com/lib/pq v1.10.7/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= +github.com/luna-duclos/instrumentedsql v1.1.3/go.mod h1:9J1njvFds+zN7y85EDhN9XNQLANWwZt2ULeIC8yMNYs= github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= +github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY= +github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0= +github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ= +github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= +github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= +github.com/mattn/go-isatty v0.0.5/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= +github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= +github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= +github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= -github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= -github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= +github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= +github.com/mattn/go-sqlite3 v1.14.15/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg= +github.com/mattn/goveralls v0.0.12 h1:PEEeF0k1SsTjOBQ8FOmrOAoCu4ytuMaWCnWe94zxbCg= +github.com/mattn/goveralls v0.0.12/go.mod h1:44ImGEUfmqH8bBtaMrYKsM65LXfNLWmwaxFGjZwgMSQ= +github.com/microcosm-cc/bluemonday v1.0.20/go.mod h1:yfBmMi8mxvaZut3Yytv+jTXRY8mxyjJ0/kQBTElld50= github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= @@ -175,8 +397,12 @@ github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 h1:RWengNIwukTxcDr9M+97sNutRR1RKhG96O6jWumTTnw= +github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8= github.com/montanaflynn/stats v0.7.1 h1:etflOAAHORrCC44V+aR6Ftzort912ZU+YLiSTuV8eaE= github.com/montanaflynn/stats v0.7.1/go.mod h1:etXPPgVO6n31NxCd9KQUMvCM+ve0ruNzt6R8Bnaayow= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/nats-io/nats.go v1.37.0 h1:07rauXbVnnJvv1gfIyghFEo6lUcYRY0WXc3x7x0vUxE= github.com/nats-io/nats.go v1.37.0/go.mod h1:Ubdu4Nh9exXdSz0RVWRFBbRfrbSxOYd26oF0wkWclB8= github.com/nats-io/nkeys v0.4.7 h1:RwNJbbIdYCoClSDNY7QVKZlyb/wfT6ugvFCiKy6vDvI= @@ -184,33 +410,74 @@ github.com/nats-io/nkeys v0.4.7/go.mod h1:kqXRgRDPlGy7nGaEDMuYzmiJCIAAWDK0IMBtDm github.com/nats-io/nuid v1.0.1 h1:5iA8DT8V7q8WK2EScv2padNa/rTESc1KdnPw4TC2paw= github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c= github.com/ogier/pflag v0.0.1/go.mod h1:zkFki7tvTa0tafRvTBIZTvzYyAu6kQhPZFnshFFPE+g= +github.com/openzipkin/zipkin-go v0.4.1 h1:kNd/ST2yLLWhaWrkgchya40TJabe8Hioj9udfPcEO5A= +github.com/openzipkin/zipkin-go v0.4.1/go.mod h1:qY0VqDSN1pOBN94dBc6w2GJlWLiovAyg7Qt6/I9HecM= +github.com/ory/fosite v0.47.0 h1:Iqu5uhx54JqZQPn2hRhqjESrmRRyQb00uJjfEi1a1QI= +github.com/ory/fosite v0.47.0/go.mod h1:5U6c9nOLxyTdD/qrFv7N88TSxkdk5Wq8NzvB7UViDP0= +github.com/ory/go-acc v0.2.9-0.20230103102148-6b1c9a70dbbe h1:rvu4obdvqR0fkSIJ8IfgzKOWwZ5kOT2UNfLq81Qk7rc= +github.com/ory/go-acc v0.2.9-0.20230103102148-6b1c9a70dbbe/go.mod h1:z4n3u6as84LbV4YmgjHhnwtccQqzf4cZlSk9f1FhygI= +github.com/ory/go-convenience v0.1.0 h1:zouLKfF2GoSGnJwGq+PE/nJAE6dj2Zj5QlTgmMTsTS8= +github.com/ory/go-convenience v0.1.0/go.mod h1:uEY/a60PL5c12nYz4V5cHY03IBmwIAEm8TWB0yn9KNs= github.com/ory/hydra-client-go v1.11.8 h1:GwJjvH/DBcfYzoST4vUpi4pIRzDGH5oODKpIVuhwVyc= github.com/ory/hydra-client-go v1.11.8/go.mod h1:4YuBuwUEC4yiyDrnKjGYc1tB3gUXan4ZiUYMjXJbfxA= +github.com/ory/x v0.0.575 h1:LvOeR+YlJ6/JtvIJvSwMoDBY/i3GACUe7HpWXHGNUTA= +github.com/ory/x v0.0.575/go.mod h1:aeJFTlvDLGYSABzPS3z5SeLcYC52Ek7uGZiuYGcTMSU= github.com/pelletier/go-toml v1.6.0/go.mod h1:5N711Q9dKgbdkxHL+MEfF31hpT7l0S0s/t2kKREewys= +github.com/pelletier/go-toml/v2 v2.0.9 h1:uH2qQXheeefCCkuBBSLi7jCiSmj3VRh2+Goq2N7Xxu0= +github.com/pelletier/go-toml/v2 v2.0.9/go.mod h1:tJU2Z3ZkXwnxa4DPO899bsyIoywizdUvyaeZurnPPDc= github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= +github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.14.0 h1:nJdhIvne2eSX/XRAFV9PcvFFRbrjbcTUj0VP62TMhnw= -github.com/prometheus/client_golang v1.14.0/go.mod h1:8vpkKitgIVNcqrRBWh1C4TIUQgYNtG/XQE4E/Zae36Y= +github.com/prometheus/client_golang v1.19.0 h1:ygXvpU1AoN1MhdzckN+PyD9QJOSD4x7kmXYlnfbA6JU= +github.com/prometheus/client_golang v1.19.0/go.mod h1:ZRM9uEAypZakd+q/x7+gmsvXdURP+DABIEIjnmDdp+k= +github.com/prometheus/client_golang v1.20.5 h1:cxppBPuYhUnsO6yo/aoRol4L7q7UFfdm+bR9r+8l63Y= +github.com/prometheus/client_golang v1.20.5/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.3.0 h1:UBgGFHqYdG/TPFD1B1ogZywDqEkwp3fBMvqdiQ7Xew4= -github.com/prometheus/client_model v0.3.0/go.mod h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w= -github.com/prometheus/common v0.41.0 h1:npo01n6vUlRViIj5fgwiK8vlNIh8bnoxqh3gypKsyAw= -github.com/prometheus/common v0.41.0/go.mod h1:xBwqVerjNdUDjgODMpudtOMwlOwf2SaTr1yjz4b7Zbc= -github.com/prometheus/procfs v0.9.0 h1:wzCHvIvM5SxWqYvwgVL7yJY8Lz3PKn49KQtpgMYJfhI= -github.com/prometheus/procfs v0.9.0/go.mod h1:+pB4zwohETzFnmlpe6yd2lSc+0/46IYZRB/chUwxUZY= +github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw= +github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI= +github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= +github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= +github.com/prometheus/common v0.48.0 h1:QO8U2CdOzSn1BBsmXJXduaaW+dY/5QLjfB8svtSzKKE= +github.com/prometheus/common v0.48.0/go.mod h1:0/KsvlIEfPQCQ5I2iNSAWKPZziNCvRs5EC6ILDTlAPc= +github.com/prometheus/common v0.60.0 h1:+V9PAREWNvJMAuJ1x1BaWl9dewMW4YrHZQbx0sJNllA= +github.com/prometheus/common v0.60.0/go.mod h1:h0LYf1R1deLSKtD4Vdg8gy4RuOvENW2J/h19V5NADQw= +github.com/prometheus/common v0.60.1 h1:FUas6GcOw66yB/73KC+BOZoFJmbo/1pojoILArPAaSc= +github.com/prometheus/common v0.60.1/go.mod h1:h0LYf1R1deLSKtD4Vdg8gy4RuOvENW2J/h19V5NADQw= +github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= +github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= +github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= +github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs= github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= +github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= +github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= +github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ= github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg= +github.com/rs/zerolog v1.13.0/go.mod h1:YbFCdg8HfsridGWAh22vktObvhZbQsZXe4/zB0OKkWU= +github.com/rs/zerolog v1.15.0/go.mod h1:xYTKnLHcpfU2225ny5qZjxnj9NvkumZYjJHlAThCjNc= github.com/rs/zerolog v1.33.0 h1:1cU2KZkvPxNyfgEmhHAz/1A9Bz+llsdYzklWFzgp0r8= github.com/rs/zerolog v1.33.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss= +github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= +github.com/seatgeek/logrus-gelf-formatter v0.0.0-20210414080842-5b05eb8ff761 h1:0b8DF5kR0PhRoRXDiEEdzrgBc8UqVY4JWLkQJCRsLME= +github.com/seatgeek/logrus-gelf-formatter v0.0.0-20210414080842-5b05eb8ff761/go.mod h1:/THDZYi7F/BsVEcYzYPqdcWFQ+1C2InkawTKfLOAnzg= +github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/shiena/ansicolor v0.0.0-20200904210342-c7312218db18 h1:DAYUYH5869yV94zvCES9F51oYtN5oGlwjxJJz7ZCnik= github.com/shiena/ansicolor v0.0.0-20200904210342-c7312218db18/go.mod h1:nkxAfR/5quYxwPZhyDxgasBMnRtBZd0FCEpawpjMUFg= +github.com/shiena/ansicolor v0.0.0-20230509054315-a9deabde6e02 h1:v9ezJDHA1XGxViAUSIoO/Id7Fl63u6d0YmsAm+/p2hs= +github.com/shiena/ansicolor v0.0.0-20230509054315-a9deabde6e02/go.mod h1:RF16/A3L0xSa0oSERcnhd8Pu3IXSDZSK2gmGIMsttFE= +github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24/go.mod h1:M+9NzErvs504Cn4c5DxATwIqPbtswREoFCre64PpcG4= +github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= +github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= +github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= +github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= +github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/skarademir/naturalsort v0.0.0-20150715044055-69a5d87bef62/go.mod h1:oIdVclZaltY1Nf7OQUkg1/2jImBJ+ZfKZuDIRSwk3p0= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= github.com/smartystreets/assertions v1.2.0 h1:42S6lae5dvLc7BrLu/0ugRtcFVjoJNMC/N3yZFZkDFs= @@ -218,39 +485,138 @@ github.com/smartystreets/assertions v1.2.0/go.mod h1:tcbTF8ujkAEcZ8TElKY+i30BzYl github.com/smartystreets/goconvey v0.0.0-20190731233626-505e41936337/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/smartystreets/goconvey v1.7.2 h1:9RBaZCeXEQ3UselpuwUQHltGVXvdwm6cv1hgR6gDIPg= github.com/smartystreets/goconvey v1.7.2/go.mod h1:Vw0tHAZW6lzCRk3xgdin6fKYcG+G3Pg9vgXWeJpQFMM= +github.com/sourcegraph/annotate v0.0.0-20160123013949-f4cad6c6324d/go.mod h1:UdhH50NIW0fCiwBSr0co2m7BnFLdv4fQTgdqdJTHFeE= +github.com/sourcegraph/syntaxhighlight v0.0.0-20170531221838-bd320f5d308e/go.mod h1:HuIsMU8RRBOtsCgI77wP899iHVBQpCmg4ErYMZB+2IA= +github.com/spf13/afero v1.9.5 h1:stMpOSZFs//0Lv29HduCmli3GUfpFoF3Y1Q/aXj/wVM= +github.com/spf13/afero v1.9.5/go.mod h1:UBogFpq8E9Hx+xc5CNTTEpTnuHVmXDwZcZcE1eb/UhQ= +github.com/spf13/cast v1.5.1 h1:R+kOtfhWQE6TVQzY+4D7wJLBgkdVasCEFxSUBYBYIlA= +github.com/spf13/cast v1.5.1/go.mod h1:b9PdjNptOpzXr7Rq1q9gJML/2cdGQAo69NKzQ10KN48= +github.com/spf13/cobra v1.5.0/go.mod h1:dWXEIy2H428czQCjInthrTRUg7yKbok+2Qi/yBIJoUM= +github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= +github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= +github.com/spf13/jwalterweatherman v1.1.0 h1:ue6voC5bR5F8YxI5S67j9i582FU4Qvo2bmqnqMYADFk= +github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= +github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= +github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/viper v1.16.0 h1:rGGH0XDZhdUOryiDWjmIvUSWpbNqisK8Wk0Vyefw8hc= +github.com/spf13/viper v1.16.0/go.mod h1:yg78JgCJcbrQOvV9YLXgkLaZqUidkY9K+Dd1FofRzQg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/subosito/gotenv v1.4.2 h1:X1TuBLAMDFbaTAChgCBLu3DU3UPyELpnF2jjJ2cz/S8= +github.com/subosito/gotenv v1.4.2/go.mod h1:ayKnFf/c6rvx/2iiLrJUk1e6plDbT3edrFNGqEflhK0= github.com/xdg-go/pbkdf2 v1.0.0 h1:Su7DPu48wXMwC3bs7MCNG+z4FhcyEuz5dlvchbq0B0c= github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI= github.com/xdg-go/scram v1.1.2 h1:FHX5I5B4i4hKRVRBCFRxq1iQRej7WO3hhBuJf+UUySY= github.com/xdg-go/scram v1.1.2/go.mod h1:RT/sEzTbU5y00aCK8UOx6R7YryM0iF1N2MOmC3kKLN4= github.com/xdg-go/stringprep v1.0.4 h1:XLI/Ng3O1Atzq0oBs3TWm+5ZVgkq2aqdlvP9JtoZ6c8= github.com/xdg-go/stringprep v1.0.4/go.mod h1:mPGuuIYwz7CmR2bT9j4GbQqutWS1zV24gijq1dTyGkM= -github.com/youmark/pkcs8 v0.0.0-20240424034433-3c2c7870ae76 h1:tBiBTKHnIjovYoLX/TPkcf+OjqqKGQrPtGT3Foz+Pgo= -github.com/youmark/pkcs8 v0.0.0-20240424034433-3c2c7870ae76/go.mod h1:SQliXeA7Dhkt//vS29v3zpbEwoa+zb2Cn5xj5uO4K5U= +github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78 h1:ilQV1hzziu+LLM3zUTJ0trRztfwgjqKnBWNtSRkbmwM= +github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78/go.mod h1:aL8wCCfTfSfmXjznFBSZNN13rSJjlIOI1fUNAtF7rmI= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -go.mongodb.org/mongo-driver v1.16.0 h1:tpRsfBJMROVHKpdGyc1BBEzzjDUWjItxbVSZ8Ls4BQ4= -go.mongodb.org/mongo-driver v1.16.0/go.mod h1:oB6AhJQvFQL4LEHyXi6aJzQJtBiTQHiAd83l0GdFaiw= +github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q= +go.mongodb.org/mongo-driver v1.17.1 h1:Wic5cJIwJgSpBhe3lx3+/RybR5PiYRMpVFgO7cOHyIM= +go.mongodb.org/mongo-driver v1.17.1/go.mod h1:wwWm/+BuOddhcq3n68LKRmgk2wXzmF6s0SFOa0GINL4= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= +go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.42.0 h1:0vzgiFDsCh/jxRCR1xcRrtMoeCu2itXz/PsXst5P8rI= +go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.42.0/go.mod h1:y0vOY2OKFMOTvwxKfurStPayUUKGHlNeVqNneHmFXr0= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.42.0 h1:pginetY7+onl4qN1vl0xW/V/v6OBZ0vVdH+esuJgvmM= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.42.0/go.mod h1:XiYsayHc36K3EByOO6nbAXnAWbrUxdjUROCEeeROOH8= +go.opentelemetry.io/contrib/propagators/b3 v1.17.0 h1:ImOVvHnku8jijXqkwCSyYKRDt2YrnGXD4BbhcpfbfJo= +go.opentelemetry.io/contrib/propagators/b3 v1.17.0/go.mod h1:IkfUfMpKWmynvvE0264trz0sf32NRTZL4nuAN9AbWRc= +go.opentelemetry.io/contrib/propagators/jaeger v1.17.0 h1:Zbpbmwav32Ea5jSotpmkWEl3a6Xvd4tw/3xxGO1i05Y= +go.opentelemetry.io/contrib/propagators/jaeger v1.17.0/go.mod h1:tcTUAlmO8nuInPDSBVfG+CP6Mzjy5+gNV4mPxMbL0IA= +go.opentelemetry.io/contrib/samplers/jaegerremote v0.11.0 h1:P3JkQvs0s4Ww3hPb+jWFW9N6A0ioew7WwGTyqwgeofs= +go.opentelemetry.io/contrib/samplers/jaegerremote v0.11.0/go.mod h1:U+s0mJMfMC2gicc4WEgZ50JSR+5DhOIjcvFOCVAe8/U= +go.opentelemetry.io/otel v1.16.0 h1:Z7GVAX/UkAXPKsy94IU+i6thsQS4nb7LviLpnaNeW8s= +go.opentelemetry.io/otel v1.16.0/go.mod h1:vl0h9NUa1D5s1nv3A5vZOYWn8av4K8Ml6JDeHrT/bx4= +go.opentelemetry.io/otel/exporters/jaeger v1.16.0 h1:YhxxmXZ011C0aDZKoNw+juVWAmEfv/0W2XBOv9aHTaA= +go.opentelemetry.io/otel/exporters/jaeger v1.16.0/go.mod h1:grYbBo/5afWlPpdPZYhyn78Bk04hnvxn2+hvxQhKIQM= +go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.16.0 h1:t4ZwRPU+emrcvM2e9DHd0Fsf0JTPVcbfa/BhTDF03d0= +go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.16.0/go.mod h1:vLarbg68dH2Wa77g71zmKQqlQ8+8Rq3GRG31uc0WcWI= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.16.0 h1:cbsD4cUcviQGXdw8+bo5x2wazq10SKz8hEbtCRPcU78= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.16.0/go.mod h1:JgXSGah17croqhJfhByOLVY719k1emAXC8MVhCIJlRs= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.16.0 h1:iqjq9LAB8aK++sKVcELezzn655JnBNdsDhghU4G/So8= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.16.0/go.mod h1:hGXzO5bhhSHZnKvrDaXB82Y9DRFour0Nz/KrBh7reWw= +go.opentelemetry.io/otel/exporters/zipkin v1.16.0 h1:WdMSH6vIJ+myJfr/HB/pjsYoJWQP0Wz/iJ1haNO5hX4= +go.opentelemetry.io/otel/exporters/zipkin v1.16.0/go.mod h1:QjDOKdylighHJBc7pf4Vo6fdhtiEJEqww/3Df8TOWjo= +go.opentelemetry.io/otel/metric v1.16.0 h1:RbrpwVG1Hfv85LgnZ7+txXioPDoh6EdbZHo26Q3hqOo= +go.opentelemetry.io/otel/metric v1.16.0/go.mod h1:QE47cpOmkwipPiefDwo2wDzwJrlfxxNYodqc4xnGCo4= +go.opentelemetry.io/otel/sdk v1.16.0 h1:Z1Ok1YsijYL0CSJpHt4cS3wDDh7p572grzNrBMiMWgE= +go.opentelemetry.io/otel/sdk v1.16.0/go.mod h1:tMsIuKXuuIWPBAOrH+eHtvhTL+SntFtXF9QD68aP6p4= +go.opentelemetry.io/otel/trace v1.16.0 h1:8JRpaObFoW0pxuVPapkgH8UhHQj+bJW8jJsCZEu5MQs= +go.opentelemetry.io/otel/trace v1.16.0/go.mod h1:Yt9vYq1SdNz3xdjZZK7wcXv1qv2pwLkqr2QVwea0ef0= +go.opentelemetry.io/proto/otlp v1.0.0 h1:T0TX0tmXU8a3CbNXzEKGeU5mIVOdf0oykP+u2lIVU/I= +go.opentelemetry.io/proto/otlp v1.0.0/go.mod h1:Sy6pihPLfYHkr3NkUbEhGHFhINUSI/v80hjKIs5JXpM= +go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= +go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= +go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= +go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= +go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= +go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE= +go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= +go.uber.org/goleak v1.1.11-0.20210813005559-691160354723/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= +go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= +go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= +go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4= +go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU= +go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= +go.uber.org/multierr v1.7.0 h1:zaiO/rmgFjbmCXdSYJWQcdvOCsthmdaHfr3Gm2Kx4Ec= +go.uber.org/multierr v1.7.0/go.mod h1:7EAYxJLBy9rStEaz58O2t4Uvip6FSURkq8/ppBp95ak= +go.uber.org/multierr v1.8.0/go.mod h1:7EAYxJLBy9rStEaz58O2t4Uvip6FSURkq8/ppBp95ak= +go.uber.org/multierr v1.10.0 h1:S0h4aNzvfcFsC3dRF1jLoaov7oRaKqRGC/pUEJ2yvPQ= +go.uber.org/multierr v1.10.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= +go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA= +go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= +go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= +go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM= +go.uber.org/zap v1.19.1 h1:ue41HOKd1vGURxrmeKIgELGb3jPW9DMUDGtsinblHwI= +go.uber.org/zap v1.19.1/go.mod h1:j3DNczoxDZroyBnOT1L/Q79cfUMGZxlv/9dzN7SM1rI= +go.uber.org/zap v1.21.0/go.mod h1:wjWOCqI0f2ZZrJF/UufIOkiC8ii6tm1iqIsLo76RfJw= +go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= +go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190411191339-88737f569e3a/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191112222119-e1110fd1c708/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20201203163018-be400aefbc4c/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= +golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= +golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30= -golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M= +golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= +golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= +golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= +golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw= +golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -273,6 +639,7 @@ golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHl golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= @@ -281,7 +648,14 @@ golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzB golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= +golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA= +golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -294,6 +668,7 @@ golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -308,18 +683,38 @@ golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/ golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= +golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys= -golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE= +golang.org/x/net v0.0.0-20220826154423-83b083e8dc8b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= +golang.org/x/net v0.0.0-20221002022538-bcab6841153b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= +golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= +golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= +golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= +golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= +golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4= +golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210323180902-22b0adad7558/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.5.0 h1:HuArIo48skDwlrvM3sEdHXElYslAMsf3KwRkkW4MC4s= -golang.org/x/oauth2 v0.5.0/go.mod h1:9/XBHVqLaWO3/BRHs5jbpYCnOZVjj5V0ndyaAM7KB4I= +golang.org/x/oauth2 v0.16.0 h1:aDkGMBSYxElaoP81NpoUoz2oo2R2wHdZpGToUxfyQrQ= +golang.org/x/oauth2 v0.16.0/go.mod h1:hqZ+0LWXsiVoZpeld6jVt06P3adbS2Uu911W1SsJv2o= +golang.org/x/oauth2 v0.23.0 h1:PbgcYx2W7i4LvjJWEbf0ngHV6qJYr86PkAV3bXdLEbs= +golang.org/x/oauth2 v0.23.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -328,23 +723,35 @@ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= -golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.0.0-20220929204114-8fcdb60fdcc0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ= +golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191115151921-52ab43148777/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -357,26 +764,58 @@ golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20221010170243-090e33056c14/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI= -golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo= +golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.0.0-20220722155259-a9ba230a4035/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= +golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= +golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= +golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= +golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= -golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4= -golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= +golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM= +golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -388,14 +827,18 @@ golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3 golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190425163242-31fd60d6bfdc/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20190823170909-c4a336ef6a2f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -403,6 +846,7 @@ golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200103221440-774c71fcf114/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= @@ -418,10 +862,27 @@ golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roY golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE= +golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= +golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= +golang.org/x/tools v0.8.0/go.mod h1:JxBZ99ISMI5ViVkT1tr6tdNmXeTrcpVSD3vZ1RsRdN4= +golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg= +golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= +golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -442,6 +903,9 @@ google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0M google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= +google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg= +google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE= +google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= @@ -450,6 +914,7 @@ google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCID google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= @@ -479,6 +944,19 @@ google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7Fc google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210108203827-ffc7fda8c3d7/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210226172003-ab064af71705/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de h1:F6qOa9AZTYJXOUEr4jDysRDLrm4PHePlge4v4TGAlxY= +google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:VUhTRKeHn9wwcdrk73nvdC9gF178Tzhmt/qyaFcPLSo= +google.golang.org/genproto/googleapis/api v0.0.0-20240227224415-6ceb2ff114de h1:jFNzHPIeuzhdRwVhbZdiym9q0ory/xY3sA+v2wPg8I0= +google.golang.org/genproto/googleapis/api v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:5iCWqnniDlqZHrd3neWVTOwvh/v6s3232omMecelax8= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240227224415-6ceb2ff114de h1:cZGRis4/ot9uVm639a+rHCUaG0JJHEsdyzSQTMX+suY= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:H4O17MA/PE9BsGx3w+a+W2VOLLD1Qf7oJneAoU6WktY= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -491,6 +969,12 @@ google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKa google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= +google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8= +google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/grpc v1.63.0 h1:WjKe+dnvABXyPJMD7KDNLxtoGk5tgk+YFWN6cBWjZE8= +google.golang.org/grpc v1.63.0/go.mod h1:WAX/8DgncnokcFUldAxq7GeB5DXHDbMF+lLvDomNkRA= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -503,18 +987,24 @@ google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGj google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w= -google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA= +google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= +gopkg.in/inconshreveable/log15.v2 v2.0.0-20180818164646-67afb5ed74ec/go.mod h1:aPpfJ7XW+gOuirDoZ8gHhLh3kZ1B08FtV2bbmy7Jv3s= +gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= +gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/infrastructure/auth_connector/auth_connector.go b/infrastructure/auth_connector/auth_connector.go new file mode 100644 index 0000000..6bdeed6 --- /dev/null +++ b/infrastructure/auth_connector/auth_connector.go @@ -0,0 +1,28 @@ +package auth_connectors + +import ( + "net/http" + + "cloud.o-forge.io/core/oc-lib/tools" +) + +type AuthConnector interface { + Status() tools.State + Login(username string, cookies ...*http.Cookie) (*Token, error) + Logout(token string, cookies ...*http.Cookie) (*Token, error) + Introspect(token string, cookie ...*http.Cookie) (bool, error) + Refresh(token *Token) (*Token, error) +} + +type Token struct { + Active bool `json:"active"` + AccessToken string `json:"access_token"` + ExpiresIn int `json:"expires_in"` + Challenge string `json:"challenge"` + Username string `json:"username,omitempty"` + Password string `json:"password,omitempty"` +} + +type Redirect struct { + RedirectTo string `json:"redirect_to"` +} diff --git a/infrastructure/auth_connector/hydra_connector.go b/infrastructure/auth_connector/hydra_connector.go new file mode 100644 index 0000000..02bb667 --- /dev/null +++ b/infrastructure/auth_connector/hydra_connector.go @@ -0,0 +1,240 @@ +package auth_connectors + +import ( + "encoding/json" + "errors" + "fmt" + "io" + "net/http" + "net/url" + "oc-auth/conf" + "regexp" + "strconv" + "strings" + + "cloud.o-forge.io/core/oc-lib/tools" +) + +type HydraConnector struct { + State string `json:"state"` + Scopes string `json:"scope"` + ClientID string `json:"client_id"` + ResponseType string `json:"response_type"` + + Caller *tools.HTTPCaller +} + +func (a HydraConnector) Status() tools.State { + caller := tools.NewHTTPCaller(map[tools.DataType]map[tools.METHOD]string{}) + var responseBody map[string]interface{} + host := conf.GetConfig().AuthConnectorHost + port := fmt.Sprintf("%v", conf.GetConfig().AuthConnectorPort) + resp, err := caller.CallGet("http://"+host+":"+port, "/health/ready") + if err != nil { + return tools.DEAD + } + err = json.Unmarshal(resp, &responseBody) + if err != nil || responseBody["status"] != "ok" { + return tools.DEAD + } + return tools.ALIVE +} + +// urlFormat formats the URL of the peer with the data type API function +func (a *HydraConnector) urlFormat(url string, replaceWith string) string { + // localhost is replaced by the local peer URL + // because localhost must collide on a web request security protocol + r := regexp.MustCompile("(http://[a-z]+:[0-9]+)/oauth2") + t := r.FindString(url) + if t != "" { + url = strings.Replace(url, t, replaceWith, -1) + } + return url +} + +func (a HydraConnector) challenge(username string, url string, challenge string, cookies ...*http.Cookie) (*Redirect, string, []*http.Cookie, error) { + body := map[string]interface{}{ + "remember_for": 0, + "remember": true, + } + if challenge != "consent" { + body["subject"] = username + } + s := strings.Split(url, challenge+"_challenge=") + resp, err := a.Caller.CallRaw(http.MethodPut, + a.getPath(true, true), "/auth/requests/"+challenge+"/accept?"+challenge+"_challenge="+s[1], + body, "application/json", true, cookies...) // "remember": true, "subject": username + if err != nil { + return nil, s[1], cookies, err + } + defer resp.Body.Close() + b, err := io.ReadAll(resp.Body) + if err != nil { + return nil, s[1], cookies, err + } + var token Redirect + err = json.Unmarshal(b, &token) + if err != nil { + return nil, s[1], cookies, err + } + return &token, s[1], cookies, nil +} + +func (a HydraConnector) Refresh(token *Token) (*Token, error) { + isValid, err := a.Introspect(token.AccessToken) + if err != nil || !isValid { + return nil, err + } + return a.Login(token.Username) +} + +func (a HydraConnector) tryLog(username string, url string, subpath string, challenge string, cookies ...*http.Cookie) (*Redirect, string, []*http.Cookie, error) { + resp, err := a.Caller.CallRaw(http.MethodGet, url, subpath, + map[string]interface{}{}, "application/json", true, cookies...) + if err != nil || resp.Request.Response == nil || resp.Request.Response.Header["Set-Cookie"] == nil { + return nil, "", cookies, err + } + cc := resp.Request.Response.Header["Set-Cookie"] // retrieve oauth2 csrf token cookie + if len(cc) > 0 { + for _, c := range cc { + first := strings.Split(c, ";") + cookies = append(cookies, &http.Cookie{ + Name: strings.Split(first[0], "=")[0], + Value: strings.ReplaceAll(first[0], strings.Split(first[0], "=")[0]+"=", ""), + }) + } + } + return a.challenge(username, resp.Request.URL.String(), challenge, cookies...) +} + +func (a HydraConnector) extractTokenFromFragment(fragment string) *Token { + splittedFragment := strings.Split(fragment, "#") + f := splittedFragment[0] + if len(splittedFragment) > 1 { + f = splittedFragment[1] + } + token := &Token{} + frags := strings.Split(f, "&") + for _, f := range frags { + splittedFrag := strings.Split(f, "=") + if len(splittedFrag) > 1 { + if splittedFrag[0] == "access_token" { + token.AccessToken = strings.ReplaceAll(splittedFrag[1], "ory_at_", "") + } + if splittedFrag[0] == "expires_in" { + i, err := strconv.Atoi(splittedFrag[1]) + if err != nil { + return nil + } + token.ExpiresIn = i + } + } + } + return token +} + +func (a HydraConnector) getClient() string { + resp, err := a.Caller.CallGet(a.getPath(true, false), "/clients") + if err != nil { + return "" + } + var clients []interface{} + err = json.Unmarshal(resp, &clients) + if err != nil || len(clients) == 0 { + return "" + } + return clients[0].(map[string]interface{})["client_id"].(string) +} + +func (a HydraConnector) Login(username string, cookies ...*http.Cookie) (t *Token, err error) { + clientID := a.getClient() + redirect, challenge, cookies, err := a.tryLog(username, a.getPath(false, true), + "/auth?client_id="+clientID+"&response_type="+strings.ReplaceAll(a.ResponseType, " ", "%20")+"&scope="+strings.ReplaceAll(a.Scopes, " ", "%20")+"&state="+a.State, + "login", cookies...) + if err != nil || redirect == nil { + return nil, err + } + redirect, challenge, cookies, err = a.tryLog(username, a.urlFormat(redirect.RedirectTo, a.getPath(false, true)), "", "consent", cookies...) + if err != nil || redirect == nil { + return nil, err + } + // problem with consent THERE we need to accept the consent challenge && get the token + url := "" + resp, err := a.Caller.CallRaw(http.MethodGet, a.urlFormat(redirect.RedirectTo, a.getPath(false, true)), "", map[string]interface{}{}, + "application/json", true, cookies...) + if err != nil { + s := strings.Split(err.Error(), "\"") + if len(s) > 1 && strings.Contains(s[1], "access_token") { + url = s[1] + err = nil + } else { + return nil, err + } + } else { + url = resp.Request.Response.Request.URL.Fragment + } + token := a.extractTokenFromFragment(url) + fmt.Println(url, token) + if token == nil || token.AccessToken == "" { + return nil, errors.New("no token found") + } + token.Challenge = challenge + token.Active = true + token.Username = username + fmt.Println(token) + return token, nil +} + +func (a HydraConnector) Logout(token string, cookies ...*http.Cookie) (*Token, error) { + p := a.getPath(false, true) + "/revoke" + urls := url.Values{} + urls.Add("token", token) + urls.Add("client_id", a.getClient()) + urls.Add("client_secret", conf.GetConfig().ClientSecret) + _, err := a.Caller.CallForm(http.MethodPost, p, "", urls, "application/x-www-form-urlencoded", true) + if err != nil { + return nil, err + } + return &Token{ + AccessToken: token, + Active: false, + }, nil +} +func (a HydraConnector) Introspect(token string, cookie ...*http.Cookie) (bool, error) { + // check validity of the token by calling introspect endpoint + // if token is not active, we need to re-authenticate by sending the user to the login page + urls := url.Values{} + urls.Add("token", token) + resp, err := a.Caller.CallForm(http.MethodPost, a.getPath(true, true), "/introspect", urls, + "application/x-www-form-urlencoded", true, cookie...) + if err != nil || resp.StatusCode >= 300 { + return false, err + } + defer resp.Body.Close() + b, err := io.ReadAll(resp.Body) + if err != nil { + return false, err + } + var introspect Token + err = json.Unmarshal(b, &introspect) + if err != nil { + return false, err + } + introspect.AccessToken = token + return introspect.Active, nil +} + +func (a HydraConnector) getPath(isAdmin bool, isOauth bool) string { + host := conf.GetConfig().AuthConnectorHost + port := fmt.Sprintf("%v", conf.GetConfig().AuthConnectorPort) + if isAdmin { + port = fmt.Sprintf("%v", conf.GetConfig().AuthConnectorAdminPort) + "/admin" + } + oauth := "" + if isOauth { + oauth = "/oauth2" + } + fmt.Println("http://" + host + ":" + port + oauth) + return "http://" + host + ":" + port + oauth + +} diff --git a/infrastructure/auth_connector/ldap.go b/infrastructure/auth_connector/ldap.go new file mode 100644 index 0000000..69db72f --- /dev/null +++ b/infrastructure/auth_connector/ldap.go @@ -0,0 +1,386 @@ +package auth_connectors + +import ( + "context" + "crypto/tls" + "encoding/json" + "errors" + "fmt" + "net" + "oc-auth/conf" + "strings" + "sync" + "time" + + "github.com/coocood/freecache" + "github.com/go-ldap/ldap/v3" + "github.com/i-core/rlog" + "go.uber.org/zap" +) + +var ( + // errInvalidCredentials is an error that happens when a user's password is invalid. + errInvalidCredentials = fmt.Errorf("invalid credentials") + // errConnectionTimeout is an error that happens when no one LDAP endpoint responds. + errConnectionTimeout = fmt.Errorf("connection timeout") + // errMissedUsername is an error that happens + errMissedUsername = errors.New("username is missed") + // errUnknownUsername is an error that happens + errUnknownUsername = errors.New("unknown username") +) + +type conn interface { + Bind(bindDN, password string) error + SearchUser(user string, attrs ...string) ([]map[string]interface{}, error) + SearchUserRoles(user string, attrs ...string) ([]map[string]interface{}, error) + Close() error +} + +type connector interface { + Connect(ctx context.Context, addr string) (conn, error) +} + +// Config is a LDAP configuration. +type Config struct { + Endpoints []string `envconfig:"endpoints" required:"true" desc:"a LDAP's server URLs as \"
:\""` + BindDN string `envconfig:"binddn" desc:"a LDAP bind DN"` + BindPass string `envconfig:"bindpw" json:"-" desc:"a LDAP bind password"` + BaseDN string `envconfig:"basedn" required:"true" desc:"a LDAP base DN for searching users"` + AttrClaims map[string]string `envconfig:"attr_claims" default:"name:name,sn:family_name,givenName:given_name,mail:email" desc:"a mapping of LDAP attributes to OpenID connect claims"` + RoleBaseDN string `envconfig:"role_basedn" required:"true" desc:"a LDAP base DN for searching roles"` + RoleAttr string `envconfig:"role_attr" default:"description" desc:"a LDAP group's attribute that contains a role's name"` + RoleClaim string `envconfig:"role_claim" default:"https://github.com/i-core/werther/claims/roles" desc:"a name of an OpenID Connect claim that contains user roles"` + CacheSize int `envconfig:"cache_size" default:"512" desc:"a user info cache's size in KiB"` + CacheTTL time.Duration `envconfig:"cache_ttl" default:"30m" desc:"a user info cache TTL"` + IsTLS bool `envconfig:"is_tls" default:"false" desc:"should LDAP connection be established via TLS"` + FlatRoleClaims bool `envconfig:"flat_role_claims" desc:"add roles claim as single list"` +} + +// New creates a new LDAP client. +func New() *Client { + cnf := Config{ + Endpoints: strings.Split(conf.GetConfig().LDAPEndpoints, ","), + BindDN: conf.GetConfig().LDAPBindDN, + BindPass: conf.GetConfig().LDAPBindPW, + BaseDN: conf.GetConfig().LDAPBaseDN, + RoleBaseDN: conf.GetConfig().LDAPRoleBaseDN, + } + return &Client{ + Config: cnf, + connector: &ldapConnector{BaseDN: cnf.BaseDN, RoleBaseDN: cnf.RoleBaseDN, IsTLS: cnf.IsTLS}, + cache: freecache.NewCache(cnf.CacheSize * 1024), + } +} + +type Client struct { + Config + connector connector + cache *freecache.Cache +} + +func (cli *Client) Authenticate(ctx context.Context, username, password string) (bool, error) { + if username == "" || password == "" { + return false, nil + } + + var cancel context.CancelFunc + ctx, cancel = context.WithCancel(ctx) + + cn, ok := <-cli.connect(ctx) + cancel() + if !ok { + return false, errConnectionTimeout + } + defer cn.Close() + + // Find a user DN by his or her username. + details, err := cli.findBasicUserDetails(cn, username, []string{"dn"}) + if err != nil { + return false, err + } + if details == nil { + return false, nil + } + + if err := cn.Bind(details["dn"].(string), password); err != nil { + if err == errInvalidCredentials { + return false, nil + } + return false, err + } + + // Clear the claims' cache because of possible re-authentication. We don't want stale claims after re-login. + if ok := cli.cache.Del([]byte(username)); ok { + log := rlog.FromContext(ctx) + log.Debug("Cleared user's OIDC claims in the cache") + } + + return true, nil +} + +// Claim is the FindOIDCClaims result struct +type LDAPClaim struct { + Code string // the root claim name + Name string // the claim name + Value interface{} // the value +} + +// FindOIDCClaims finds all OIDC claims for a user. +func (cli *Client) FindOIDCClaims(ctx context.Context, username string) ([]LDAPClaim, error) { + if username == "" { + return nil, errMissedUsername + } + + log := rlog.FromContext(ctx).Sugar() + + // Retrieving from LDAP is slow. So, we try to get claims for the given username from the cache. + switch cdata, err := cli.cache.Get([]byte(username)); err { + case nil: + var claims []LDAPClaim + if err = json.Unmarshal(cdata, &claims); err != nil { + log.Info("Failed to unmarshal user's OIDC claims", zap.Error(err), "data", cdata) + return nil, err + } + log.Debugw("Retrieved user's OIDC claims from the cache", "claims", claims) + return claims, nil + case freecache.ErrNotFound: + log.Debug("User's OIDC claims is not found in the cache") + default: + log.Infow("Failed to retrieve user's OIDC claims from the cache", zap.Error(err)) + } + + // Try to make multiple TCP connections to the LDAP server for getting claims. + // Accept the first one, and cancel others. + var cancel context.CancelFunc + ctx, cancel = context.WithCancel(ctx) + + cn, ok := <-cli.connect(ctx) + cancel() + if !ok { + return nil, errConnectionTimeout + } + defer cn.Close() + + // We need to find LDAP attribute's names for all required claims. + attrs := []string{"dn"} + for k := range cli.AttrClaims { + attrs = append(attrs, k) + } + // Find the attributes in the LDAP server. + details, err := cli.findBasicUserDetails(cn, username, attrs) + if err != nil { + return nil, err + } + if details == nil { + return nil, errUnknownUsername + } + log.Infow("Retrieved user's info from LDAP", "details", details) + + // Transform the retrieved attributes to corresponding claims. + claims := make([]LDAPClaim, 0, len(details)) + for attr, v := range details { + if claim, ok := cli.AttrClaims[attr]; ok { + claims = append(claims, LDAPClaim{claim, claim, v}) + } + } + + // User's roles is stored in LDAP as groups. We find all groups in a role's DN + // that include the user as a member. + entries, err := cn.SearchUserRoles(fmt.Sprintf("%s", details["dn"]), "dn", cli.RoleAttr) + if err != nil { + return nil, err + } + + roles := make(map[string]interface{}) + for _, entry := range entries { + roleDN, ok := entry["dn"].(string) + if !ok || roleDN == "" { + log.Infow("No required LDAP attribute for a role", "ldapAttribute", "dn", "entry", entry) + continue + } + if entry[cli.RoleAttr] == nil { + log.Infow("No required LDAP attribute for a role", "ldapAttribute", cli.RoleAttr, "roleDN", roleDN) + continue + } + + // Ensure that a role's DN is inside of the role's base DN. + // It's sufficient to compare the DN's suffix with the base DN. + n, k := len(roleDN), len(cli.RoleBaseDN) + if n < k || !strings.EqualFold(roleDN[n-k:], cli.RoleBaseDN) { + panic("You should never see that") + } + // The DN without the role's base DN must contain a CN and OU + // where the CN is for uniqueness only, and the OU is an application id. + path := strings.Split(roleDN[:n-k-1], ",") + if len(path) != 2 { + log.Infow("A role's DN without the role's base DN must contain two nodes only", + "roleBaseDN", cli.RoleBaseDN, "roleDN", roleDN) + continue + } + appID := path[1][len("OU="):] + + var appRoles []interface{} + if v := roles[appID]; v != nil { + appRoles = v.([]interface{}) + } + appRoles = append(appRoles, entry[cli.RoleAttr]) + roles[appID] = appRoles + } + + claims = append(claims, LDAPClaim{cli.RoleClaim, cli.RoleClaim, roles}) + + if cli.FlatRoleClaims { + for appID, appRoles := range roles { + claims = append(claims, LDAPClaim{cli.RoleClaim, cli.RoleClaim + "/" + appID, appRoles}) + } + } + + // Save the claims in the cache for future queries. + cdata, err := json.Marshal(claims) + if err != nil { + log.Infow("Failed to marshal user's OIDC claims for caching", zap.Error(err), "claims", claims) + } + if err = cli.cache.Set([]byte(username), cdata, int(cli.CacheTTL.Seconds())); err != nil { + log.Infow("Failed to store user's OIDC claims into the cache", zap.Error(err), "claims", claims) + } + + return claims, nil +} + +func (cli *Client) connect(ctx context.Context) <-chan conn { + var ( + wg sync.WaitGroup + ch = make(chan conn) + ) + wg.Add(len(cli.Endpoints)) + for _, addr := range cli.Endpoints { + fmt.Println("addr", addr) + go func(addr string) { + defer wg.Done() + + cn, err := cli.connector.Connect(ctx, addr) + if err != nil { + fmt.Println("Failed to create a LDAP connection", "address", addr) + return + } + select { + case <-ctx.Done(): + cn.Close() + fmt.Println("a LDAP connection is cancelled", "address", addr) + return + case ch <- cn: + } + }(addr) + } + go func() { + wg.Wait() + close(ch) + }() + return ch +} + +// findBasicUserDetails finds user's LDAP attributes that were specified. It returns nil if no such user. +func (cli *Client) findBasicUserDetails(cn conn, username string, attrs []string) (map[string]interface{}, error) { + if cli.BindDN != "" { + // We need to login to a LDAP server with a service account for retrieving user data. + if err := cn.Bind(cli.BindDN, cli.BindPass); err != nil { + return nil, errors.New(err.Error() + " : failed to login to a LDAP woth a service account") + } + } + + entries, err := cn.SearchUser(username, attrs...) + if err != nil { + return nil, err + } + if len(entries) != 1 { + // We didn't find the user. + return nil, nil + } + + var ( + entry = entries[0] + details = make(map[string]interface{}) + ) + for _, attr := range attrs { + if v, ok := entry[attr]; ok { + details[attr] = v + } + } + return details, nil +} + +type ldapConnector struct { + BaseDN string + RoleBaseDN string + IsTLS bool +} + +func (c *ldapConnector) Connect(ctx context.Context, addr string) (conn, error) { + d := net.Dialer{Timeout: ldap.DefaultTimeout} + tcpcn, err := d.DialContext(ctx, "tcp", addr) + if err != nil { + return nil, err + } + + if c.IsTLS { + tlscn, err := tls.DialWithDialer(&d, "tcp", addr, nil) + if err != nil { + return nil, err + } + tcpcn = tlscn + } + + ldapcn := ldap.NewConn(tcpcn, c.IsTLS) + + ldapcn.Start() + return &ldapConn{Conn: ldapcn, BaseDN: c.BaseDN, RoleBaseDN: c.RoleBaseDN}, nil +} + +type ldapConn struct { + *ldap.Conn + BaseDN string + RoleBaseDN string +} + +func (c *ldapConn) Bind(bindDN, password string) error { + err := c.Conn.Bind(bindDN, password) + if ldapErr, ok := err.(*ldap.Error); ok && ldapErr.ResultCode == ldap.LDAPResultInvalidCredentials { + return errInvalidCredentials + } + return err +} + +func (c *ldapConn) SearchUser(user string, attrs ...string) ([]map[string]interface{}, error) { + query := fmt.Sprintf( + "(&(|(objectClass=organizationalPerson)(objectClass=inetOrgPerson))"+ + "(|(uid=%[1]s)(mail=%[1]s)(userPrincipalName=%[1]s)(sAMAccountName=%[1]s)))", user) + return c.searchEntries(c.BaseDN, query, attrs) +} + +func (c *ldapConn) SearchUserRoles(user string, attrs ...string) ([]map[string]interface{}, error) { + query := fmt.Sprintf("(|"+ + "(&(|(objectClass=group)(objectClass=groupOfNames))(member=%[1]s))"+ + "(&(objectClass=groupOfUniqueNames)(uniqueMember=%[1]s))"+ + ")", user) + return c.searchEntries(c.RoleBaseDN, query, attrs) +} + +// searchEntries executes a LDAP query, and returns a result as entries where each entry is mapping of LDAP attributes. +func (c *ldapConn) searchEntries(baseDN, query string, attrs []string) ([]map[string]interface{}, error) { + req := ldap.NewSearchRequest(baseDN, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, query, attrs, nil) + res, err := c.Search(req) + if err != nil { + return nil, err + } + + var entries []map[string]interface{} + for _, v := range res.Entries { + entry := map[string]interface{}{"dn": v.DN} + for _, attr := range v.Attributes { + // We need the first value only for the named attribute. + entry[attr.Name] = attr.Values[0] + } + entries = append(entries, entry) + } + return entries, nil +} diff --git a/infrastructure/claims/claims.go b/infrastructure/claims/claims.go new file mode 100644 index 0000000..86a8479 --- /dev/null +++ b/infrastructure/claims/claims.go @@ -0,0 +1,18 @@ +package claims + +// Tokenizer interface +type ClaimService interface { + AddClaimsToToken(userId string, host string) Claims + DecodeClaimsInToken(host string, method string, forward string, sessionClaims map[string]interface{}, publicKey string) (bool, error) +} + +// SessionClaims struct +type SessionClaims struct { + AccessToken map[string]interface{} `json:"access_token"` + IDToken map[string]interface{} `json:"id_token"` +} + +// Claims struct +type Claims struct { + Session SessionClaims `json:"session"` +} diff --git a/infrastructure/claims/hydra_claims.go b/infrastructure/claims/hydra_claims.go new file mode 100644 index 0000000..726f32e --- /dev/null +++ b/infrastructure/claims/hydra_claims.go @@ -0,0 +1,133 @@ +package claims + +import ( + "crypto" + "crypto/rand" + "crypto/rsa" + "crypto/sha256" + "crypto/x509" + "encoding/pem" + "errors" + "oc-auth/conf" + "oc-auth/infrastructure/perms_connectors" + "oc-auth/infrastructure/utils" + "os" + "strings" + + "cloud.o-forge.io/core/oc-lib/tools" +) + +type HydraClaims struct{} + +func (h HydraClaims) generateKey(relation string, path string) (string, error) { + method, err := utils.ExtractMethod(relation, false) + if err != nil { + return "", err + } + p := strings.ReplaceAll(strings.ToUpper(path), "/", "_") + return strings.ToLower(method.String()) + "_" + p, nil +} + +// decode key expect to extract method and path from key +func (h HydraClaims) decodeKey(key string) (tools.METHOD, string, error) { + s := strings.Split(key, "_") + if len(s) < 2 { + return tools.GET, "", errors.New("invalid key") + } + meth, err := utils.ExtractMethod(s[0], false) + if err != nil { + return meth, "", err + } + p := strings.ReplaceAll(strings.ToLower(s[1]), "_", "/") + return meth, p, nil +} + +func (h HydraClaims) DecodeSignature(host string, signature string, publicKey string) (bool, error) { + hashed := sha256.Sum256([]byte(host)) + // get public key into a variable + spkiBlock, _ := pem.Decode([]byte(publicKey)) + key, _ := x509.ParsePKCS1PublicKey(spkiBlock.Bytes) + err := rsa.VerifyPKCS1v15(key, crypto.SHA256, hashed[:], []byte(signature)) + if err != nil { + return false, err + } + return true, nil +} + +func (h HydraClaims) encodeSignature(host string) (string, error) { + hashed := sha256.Sum256([]byte(host)) + // READ FILE TO GET PRIVATE KEY FROM PVK PEM PATH + content, err := os.ReadFile(conf.GetConfig().PVKPath) + if err != nil { + return "", err + } + privateKey := string(content) + spkiBlock, _ := pem.Decode([]byte(privateKey)) + key, _ := x509.ParsePKCS1PrivateKey(spkiBlock.Bytes) + signature, err := rsa.SignPKCS1v15(rand.Reader, key, crypto.SHA256, hashed[:]) + if err != nil { + return "", err + } + return string(signature), nil +} + +func (h HydraClaims) DecodeClaimsInToken(host string, method string, forward string, sessionClaims map[string]interface{}, publicKey string) (bool, error) { + if sessionClaims["id_token"] == nil || sessionClaims["access_token"] == nil { + return false, errors.New("invalid session claims") + } + idTokenClaims := sessionClaims["id_token"].(map[string]interface{}) + signature := idTokenClaims["signature"].(string) + if ok, err := h.DecodeSignature(host, signature, publicKey); !ok { + return false, err + } + claims := sessionClaims["access_token"].(map[string]interface{}) + path := strings.ReplaceAll(forward, "http://"+host, "") + splittedPath := strings.Split(path, "/") + for m, p := range claims { + splittedP := strings.Split(p.(string), "/") + if len(splittedP) != len(splittedPath) { + return false, errors.New("invalid path") + } + for i, v := range splittedP { + if strings.Contains(v, ":") { // is a param + continue + } else if v != splittedPath[i] { + meth, _, err := h.decodeKey(m) + if err != nil { + return false, err + } + perm := perms_connectors.Permission{ + Relation: "permits" + strings.ToLower(meth.String()), + Object: p.(string), + } + return perms_connectors.GetPermissionConnector().CheckPermission(perm, nil, true), nil + } + } + } + return false, errors.New("no permission found") +} + +// add claims to token method of HydraTokenizer +func (h HydraClaims) AddClaimsToToken(userId string, host string) Claims { + claims := Claims{} + perms, err := perms_connectors.KetoConnector{}.GetPermissionByUser(userId) + if err != nil { + return claims + } + for _, perm := range perms { + key, err := h.generateKey(perm.Relation, perm.Object) + if err != nil { + continue + } + claims.Session.AccessToken[key] = perm.Object + } + sign, err := h.encodeSignature(host) + if err != nil { + return claims + } + claims.Session.IDToken["signature"] = sign + return claims + +} + +// add signature in the token MISSING diff --git a/infrastructure/infrastructure.go b/infrastructure/infrastructure.go new file mode 100644 index 0000000..3a9c100 --- /dev/null +++ b/infrastructure/infrastructure.go @@ -0,0 +1,32 @@ +package infrastructure + +import ( + "oc-auth/conf" + auth_connectors "oc-auth/infrastructure/auth_connector" + "oc-auth/infrastructure/claims" + "oc-auth/infrastructure/perms_connectors" + + "cloud.o-forge.io/core/oc-lib/tools" +) + +var t = map[string]claims.ClaimService{ + "hydra": claims.HydraClaims{}, +} + +var a = map[string]auth_connectors.AuthConnector{ + "hydra": auth_connectors.HydraConnector{ + Caller: tools.NewHTTPCaller(map[tools.DataType]map[tools.METHOD]string{}), + State: "12345678", ResponseType: "token", Scopes: "openid profile email roles"}, // base url +} + +func GetAuthConnector() auth_connectors.AuthConnector { + return a[conf.GetConfig().Auth] +} + +func GetPermissionConnector() perms_connectors.PermConnector { + return perms_connectors.GetPermissionConnector() +} + +func GetClaims() claims.ClaimService { + return t[conf.GetConfig().Auth] +} diff --git a/infrastructure/perms_connectors/keto_connector.go b/infrastructure/perms_connectors/keto_connector.go new file mode 100644 index 0000000..3b0685c --- /dev/null +++ b/infrastructure/perms_connectors/keto_connector.go @@ -0,0 +1,360 @@ +package perms_connectors + +import ( + "encoding/json" + "errors" + "fmt" + "oc-auth/conf" + "oc-auth/infrastructure/utils" + + oclib "cloud.o-forge.io/core/oc-lib" + "cloud.o-forge.io/core/oc-lib/tools" +) + +type KetoConnector struct{} + +func (k KetoConnector) namespace() string { + return "open-cloud" +} + +func (k KetoConnector) scope() string { + return "oc-auth" +} + +func (f KetoConnector) permToQuery(perm Permission, permDependancies *Permission) string { + n := "?namespace=" + perm.Namespace() + if perm.Object != "" { + n += "&object=" + perm.Object + } + if perm.Subject != "" { + n += "&subject_id=" + perm.Subject + } + if perm.Relation != "" { + n += "&relation=" + perm.Relation + } + if permDependancies != nil { + n += "&subject_set.namespace=" + perm.Namespace() + if permDependancies.Object != "" { + n += "&subject_set.object=" + permDependancies.Object + } + if permDependancies.Subject != "" { + n += "&subject_set.subject_id=" + permDependancies.Subject + } + if permDependancies.Relation != "" { + n += "&subject_set.relation=" + permDependancies.Relation + } + } + return n +} + +func (k KetoConnector) Status() tools.State { + caller := tools.NewHTTPCaller(map[tools.DataType]map[tools.METHOD]string{}) + var responseBody map[string]interface{} + host := conf.GetConfig().PermissionConnectorHost + port := fmt.Sprintf("%v", conf.GetConfig().PermissionConnectorPort) + resp, err := caller.CallGet("http://"+host+":"+port, "/health/ready") + if err != nil { + return tools.DEAD + } + err = json.Unmarshal(resp, &responseBody) + if err != nil || responseBody["status"] != "ok" { + return tools.DEAD + } + return tools.ALIVE +} + +func (k KetoConnector) CheckPermission(perm Permission, permDependancies *Permission, internal bool) bool { + if (perm.Object == k.scope() || perm.Subject == k.scope()) && !internal { + log := oclib.GetLogger() + log.Error().Msg("Permission denied : Ask illegal permission") + return false + } + caller := tools.NewHTTPCaller(map[tools.DataType]map[tools.METHOD]string{}) + var responseBody map[string]interface{} + host := conf.GetConfig().PermissionConnectorHost + port := fmt.Sprintf("%v", conf.GetConfig().PermissionConnectorPort) + resp, err := caller.CallGet("http://"+host+":"+port, "/relation-tuples/check"+k.permToQuery(perm, permDependancies)) + if err != nil { + log := oclib.GetLogger() + log.Error().Msg(err.Error()) + return false + } + err = json.Unmarshal(resp, &responseBody) + if err != nil || responseBody["allowed"] == nil { + return false + } + return responseBody["allowed"].(bool) +} + +func (k KetoConnector) DeleteRole(roleID string) (string, int, error) { + k.deleteRelationShip("", "", roleID, nil) + _, code, err := k.deleteRelationShip(roleID, "", k.scope(), nil) + if err != nil { + return "", code, err + } + return roleID, 200, nil +} + +func (k KetoConnector) DeletePermission(permID string, relation string, internal bool) (string, int, error) { + meth, err := utils.ExtractMethod(relation, internal) + if err != nil { + for _, method := range []tools.METHOD{tools.GET, tools.PUT, tools.POST, tools.DELETE} { + k.DeletePermission("", method.String(), internal) + } + return "", 200, err + } + k.deleteRelationShip("", "", permID, nil) + _, code, err := k.deleteRelationShip(permID, "permits"+meth.String(), k.scope(), nil) + if err != nil { + return "", code, err + } + return permID, 200, nil +} + +func (k KetoConnector) CreateRole(roleID string) (string, int, error) { + p, code, err := k.createRelationShip(roleID, "is", k.scope(), nil) + if err != nil { + return "", code, err + } + return p.Object, 200, nil +} + +func (k KetoConnector) CreatePermission(permID string, relation string, internal bool) (string, int, error) { + meth, err := utils.ExtractMethod(relation, internal) + if err != nil { + return "", 422, err + } + p, code, err := k.createRelationShip(permID, "permits"+meth.String(), k.scope(), nil) + if err != nil { + return "", code, err + } + return p.Object, 200, nil +} + +func (k KetoConnector) GetRole(roleID string) ([]string, error) { + arr := []string{} + roles, err := k.get(roleID, "is", k.scope()) + if err != nil { + return arr, err + } + for _, role := range roles { + arr = append(arr, role.Object) + } + return arr, nil +} + +func (k KetoConnector) GetRoleByUser(userID string) ([]string, error) { + arr := []string{} + roles, err := k.get("", "is", userID) + if err != nil { + return arr, err + } + for _, role := range roles { + arr = append(arr, role.Object) + } + return arr, nil +} + +func (k KetoConnector) GetPermission(permID string, relation string) ([]Permission, error) { + meth, err := utils.ExtractMethod(relation, true) + if err != nil { + p := []Permission{} + for _, method := range []tools.METHOD{tools.GET, tools.PUT, tools.POST, tools.DELETE} { + fmt.Println("blblbl", permID, "permits"+method.String(), k.scope()) + perms, err := k.get(permID, "permits"+method.String(), k.scope()) + fmt.Println("blblbl2", perms, err) + if err == nil && len(perms) > 0 { + p = append(p, perms...) + } + } + return p, nil + } + return k.get(permID, "permits"+meth.String(), k.scope()) +} + +func (k KetoConnector) GetPermissionByRole(roleID string) ([]Permission, error) { + return k.get("", "", roleID) +} +func (k KetoConnector) GetPermissionByUser(userID string) ([]Permission, error) { + roles, err := k.get("", "is", userID) + perms := []Permission{} + if err != nil { + return perms, err + } + for _, role := range roles { + p, err := k.get(role.Object, "", k.scope()) + if err != nil { + log := oclib.GetLogger() + log.Error().Msg(err.Error()) + continue + } + perms = append(perms, p...) + } + return perms, nil +} + +func (k KetoConnector) get(object string, relation string, subject string) ([]Permission, error) { + t := []Permission{} + caller := tools.NewHTTPCaller(map[tools.DataType]map[tools.METHOD]string{}) + host := conf.GetConfig().PermissionConnectorHost + port := fmt.Sprintf("%v", conf.GetConfig().PermissionConnectorPort) + resp, err := caller.CallGet("http://"+host+":"+port, "/relation-tuples"+k.permToQuery( + Permission{Object: object, Relation: relation, Subject: subject}, nil)) + if err != nil { + return t, err + } + var data map[string]interface{} + err = json.Unmarshal(resp, &data) + if err != nil { + return t, err + } + if data["relation_tuples"] != nil { + for _, v := range data["relation_tuples"].([]interface{}) { + t = append(t, Permission{ + Relation: v.(map[string]interface{})["relation"].(string), + Subject: v.(map[string]interface{})["subject_id"].(string), + Object: v.(map[string]interface{})["object"].(string), + }) + } + } + return t, nil +} + +func (k KetoConnector) BindRole(userID string, roleID string) (string, int, error) { + _, code, err := k.createRelationShip(roleID, "member", userID, nil) + if err != nil { + return roleID, code, err + } + return roleID, 200, nil +} + +func (k KetoConnector) BindPermission(roleID string, permID string, relation string) (*Permission, int, error) { + meth, err := utils.ExtractMethod(relation, false) + if err != nil { + return nil, 422, err + } + perms, err := k.GetPermission(permID, meth.String()) + if err != nil || len(perms) != 1 { + if len(perms) == 0 { + return nil, 404, errors.New("Permission not found") + } else if len(perms) > 1 { + return nil, 409, errors.New("Multiple permission found") + } + } + _, code, err := k.createRelationShip(roleID, perms[0].Relation, permID, nil) + if err != nil { + return nil, code, err + } + return &Permission{ + Object: roleID, + Relation: perms[0].Relation, + Subject: permID, + }, 200, nil +} + +func (k KetoConnector) UnBindRole(userID string, roleID string) (string, int, error) { + _, code, err := k.deleteRelationShip(roleID, "member", userID, nil) + if err != nil { + return roleID, code, err + } + return roleID, 200, nil +} + +func (k KetoConnector) UnBindPermission(roleID string, permID string, relation string) (*Permission, int, error) { + meth, err := utils.ExtractMethod(relation, false) + if err != nil { + return nil, 422, err + } + perms, err := k.GetPermission(permID, meth.String()) + if err != nil || len(perms) != 1 { + if len(perms) == 0 { + return nil, 404, errors.New("Permission not found") + } else if len(perms) > 1 { + return nil, 409, errors.New("Multiple permission found") + } + } + _, code, err := k.deleteRelationShip(roleID, perms[0].Relation, permID, nil) + if err != nil { + return nil, code, err + } + return &Permission{ + Object: roleID, + Relation: perms[0].Relation, + Subject: permID, + }, 200, nil +} +func (k KetoConnector) createRelationShip(object string, relation string, subject string, subPerm *Permission) (*Permission, int, error) { + exist, err := k.get(object, relation, subject) + if err == nil && len(exist) > 0 { + return nil, 409, errors.New("Relation already exist") + } + caller := tools.NewHTTPCaller(map[tools.DataType]map[tools.METHOD]string{}) + body := map[string]interface{}{"namespace": k.namespace(), "object": object, "relation": relation, "subject_id": subject} + + if subPerm != nil { + s, code, err := k.createRelationShip(subPerm.Object, subPerm.Relation, subPerm.Subject, nil) + if err != nil { + return nil, code, err + } + body["subject_set"] = map[string]interface{}{"namespace": s.Namespace(), "object": s.Object, "relation": s.Relation, "subject_id": s.Subject} + } + host := conf.GetConfig().PermissionConnectorHost + port := fmt.Sprintf("%v", conf.GetConfig().PermissionConnectorAdminPort) + b, err := caller.CallPut("http://"+host+":"+port, "/relation-tuples", body) + if err != nil { + log := oclib.GetLogger() + log.Error().Msg(err.Error()) + return nil, 500, err + } + var data map[string]interface{} + err = json.Unmarshal(b, &data) + if err != nil { + log := oclib.GetLogger() + log.Error().Msg(err.Error()) + return nil, 500, err + } + perm := &Permission{ + Object: data["object"].(string), + Relation: data["relation"].(string), + Subject: data["subject_id"].(string), + } + if data["subject_set"] != nil { + sub := data["subject_set"].(map[string]interface{}) + perm.SubPermission = &Permission{ + Object: sub["object"].(string), + Relation: sub["relation"].(string), + Subject: sub["subject_id"].(string), + } + } + return perm, 200, nil +} + +func (k KetoConnector) deleteRelationShip(object string, relation string, subject string, subPerm *Permission) (*Permission, int, error) { + exist, err := k.get(object, relation, subject) + if err == nil && len(exist) == 0 { + return nil, 409, errors.New("Relation does not exist") + } + caller := tools.NewHTTPCaller(map[tools.DataType]map[tools.METHOD]string{}) + n := k.permToQuery(Permission{Object: object, Relation: relation, Subject: subject}, subPerm) + host := conf.GetConfig().PermissionConnectorHost + port := fmt.Sprintf("%v", conf.GetConfig().PermissionConnectorAdminPort) + fmt.Println(host, port, n) + b, err := caller.CallDelete("http://"+host+":"+port, "/relation-tuples"+n) + fmt.Println(b, err) + if err != nil { + log := oclib.GetLogger() + log.Error().Msg(err.Error()) + return nil, 500, err + } + var data map[string]interface{} + err = json.Unmarshal(b, &data) + if err == nil && data["code"].(int) > 300 { + return nil, data["code"].(int), errors.New("Error while deleting relation") + } + return &Permission{ + Object: object, + Relation: relation, + Subject: subject, + SubPermission: subPerm, + }, 200, nil +} diff --git a/infrastructure/perms_connectors/perms_connector.go b/infrastructure/perms_connectors/perms_connector.go new file mode 100644 index 0000000..feaab67 --- /dev/null +++ b/infrastructure/perms_connectors/perms_connector.go @@ -0,0 +1,52 @@ +package perms_connectors + +import ( + "oc-auth/conf" + + "cloud.o-forge.io/core/oc-lib/tools" +) + +type Permission struct { + Object string `json:"object,omitempty"` + Relation string `json:"relation,omitempty"` + Subject string `json:"subject,omitempty"` + SubPermission *Permission `json:"sub_perm,omitempty"` +} + +func (p Permission) Namespace() string { + return "open-cloud" +} + +func (k Permission) Scope() string { + return "oc-auth" +} + +type PermConnector interface { + Status() tools.State + CheckPermission(perm Permission, permDependancies *Permission, internal bool) bool + BindRole(userID string, roleID string) (string, int, error) + BindPermission(roleID string, permID string, relation string) (*Permission, int, error) + + UnBindRole(userID string, roleID string) (string, int, error) + UnBindPermission(roleID string, permID string, relation string) (*Permission, int, error) + + CreateRole(roleID string) (string, int, error) + CreatePermission(permID string, relation string, internal bool) (string, int, error) + DeleteRole(roleID string) (string, int, error) + DeletePermission(permID string, relation string, internal bool) (string, int, error) + + GetRoleByUser(userID string) ([]string, error) + GetPermissionByRole(roleID string) ([]Permission, error) + GetPermissionByUser(userID string) ([]Permission, error) + + GetRole(roleID string) ([]string, error) + GetPermission(permID string, relation string) ([]Permission, error) +} + +var c = map[string]PermConnector{ + "keto": KetoConnector{}, +} + +func GetPermissionConnector() PermConnector { + return c[conf.GetConfig().PermissionConnectorHost] +} diff --git a/infrastructure/utils/utils.go b/infrastructure/utils/utils.go new file mode 100644 index 0000000..af81f2c --- /dev/null +++ b/infrastructure/utils/utils.go @@ -0,0 +1,21 @@ +package utils + +import ( + "errors" + "strings" + + "cloud.o-forge.io/core/oc-lib/tools" +) + +func ExtractMethod(relation string, internal bool) (tools.METHOD, error) { + meths := []tools.METHOD{tools.GET, tools.PUT, tools.POST, tools.DELETE} + if internal { + meths = append(meths, []tools.METHOD{tools.STRICT_INTERNAL_GET, tools.STRICT_INTERNAL_POST, tools.STRICT_INTERNAL_POST, tools.STRICT_INTERNAL_DELETE}...) + } + for _, method := range meths { + if (!internal && strings.Contains(strings.ToUpper(relation), strings.ToUpper(method.String()))) || (internal && strings.ToUpper(relation) == strings.ToUpper(method.String())) { + return method, nil + } + } + return tools.GET, errors.New("method not found") +} diff --git a/keto/docker-compose.yml b/keto/docker-compose.yml new file mode 100644 index 0000000..34f2f1a --- /dev/null +++ b/keto/docker-compose.yml @@ -0,0 +1,21 @@ +version: '3.4' + +services: + keto: + image: oryd/keto:v0.7.0-alpha.1-sqlite + ports: + - "4466:4466" + - "4467:4467" + command: serve -c /home/ory/keto.yml + restart: on-failure + volumes: + - type: bind + source: . + target: /home/ory + container_name: keto + networks: + - catalog + +networks: + catalog: + external: true diff --git a/keto/keto.yml b/keto/keto.yml new file mode 100644 index 0000000..1074ac8 --- /dev/null +++ b/keto/keto.yml @@ -0,0 +1,18 @@ +version: v0.6.0-alpha.1 + +log: + level: debug + +namespaces: + - id: 0 + name: open-cloud + +dsn: memory + +serve: + read: + host: 0.0.0.0 + port: 4466 + write: + host: 0.0.0.0 + port: 4467 diff --git a/ldap-hyda/config.yaml b/ldap-hyda/config.yaml new file mode 100644 index 0000000..86f887c --- /dev/null +++ b/ldap-hyda/config.yaml @@ -0,0 +1,466 @@ +# Ory Hydra Configuration +# +# +# !!WARNING!! +# This configuration file is for documentation purposes only. Do not use it in production. As all configuration items +# are enabled, it will not work out of the box either. +# +# +# Ory Hydra can be configured using a configuration file and passing the file location using `--config path/to/config.yaml`. +# Per default, Ory Hydra will look up and load file ~/.hydra.yaml. All configuration keys can be set using environment +# variables as well. +# +# Setting environment variables is easy: +# +## Linux / OSX +# +# $ export MY_ENV_VAR=foo +# $ hydra ... +# +# alternatively: +# +# $ MY_ENV_VAR=foo hydra ... +# +## Windows +# +### Command Prompt +# +# > set MY_ENV_VAR=foo +# > hydra ... +# +### Powershell +# +# > $env:MY_ENV_VAR="foo" +# > hydra ... +# +## Docker +# +# $ docker run -e MY_ENV_VAR=foo oryd/hydra:... +# +# +# Assuming the following configuration layout: +# +# serve: +# public: +# port: 4444 +# something_else: foobar +# +# Key `something_else` can be set as an environment variable by uppercasing it's path: +# `serve.public.port.somethihng_else` -> `SERVE.PUBLIC.PORT.SOMETHING_ELSE` +# and replacing `.` with `_`: +# `serve.public.port.somethihng_else` -> `SERVE_PUBLIC_PORT_SOMETHING_ELSE` +# +# Environment variables always override values from the configuration file. Here are some more examples: +# +# Configuration key | Environment variable | +# ------------------|----------------------| +# dsn | DSN | +# serve.admin.host | SERVE_ADMIN_HOST | +# ------------------|----------------------| +# +# +# List items such as +# +#secrets: +# system: +# - oc-auth-got-secret +# - this-is-an-old-secret +# - this-is-another-old-secret +# +# must be separated using `,` when using environment variables. The environment variable equivalent to the code section# +# above is: +# +# Linux/macOS: $ export SECRETS_SYSTEM=this-is-the-primary-secret,this-is-an-old-secret,this-is-another-old-secret +# Windows: > set SECRETS_SYSTEM=this-is-the-primary-secret,this-is-an-old-secret,this-is-another-old-secret + +# log configures the logger +log: + # Sets the log level, supports "panic", "fatal", "error", "warn", "info" and "debug". Defaults to "info". + level: info + # Sets the log format. Leave it undefined for text based log format, or set to "json" for JSON formatting. + format: json + +# serve controls the configuration for the http(s) daemon(s). +serve: + # public controls the public daemon serving public API endpoints like /oauth2/auth, /oauth2/token, /.well-known/jwks.json + public: + # The port to listen on. Defaults to 4444 + port: 4444 + # The interface or unix socket Ory Hydra should listen and handle public API requests on. + # Use the prefix "unix:" to specify a path to a unix socket. + # Leave empty to listen on all interfaces. + host: localhost # leave this out or empty to listen on all devices which is the default + # host: unix:/path/to/socket + # socket: + # owner: hydra + # group: hydra + # mode: 0775 + + # cors configures Cross Origin Resource Sharing for public endpoints. + cors: + # set enabled to true to enable CORS. Defaults to false. + enabled: true + # allowed_origins is a list of origins (comma separated values) a cross-domain request can be executed from. + # If the special * value is present in the list, all origins will be allowed. An origin may contain a wildcard (*) + # to replace 0 or more characters (i.e.: http://*.domain.com). Only one wildcard can be used per origin. + # + # If empty or undefined, this defaults to `*`, allowing CORS from every domain (if cors.enabled: true). + allowed_origins: + - https://example.com + - https://*.example.com + # allowed_methods is list of HTTP methods the user agent is allowed to use with cross-domain + # requests. Defaults to the methods listed. + allowed_methods: + - POST + - GET + - PUT + - PATCH + - DELETE + + # A list of non simple headers the client is allowed to use with cross-domain requests. Defaults to the listed values. + allowed_headers: + - Authorization + - Content-Type + + # Sets which headers (comma separated values) are safe to expose to the API of a CORS API specification. Defaults to the listed values. + exposed_headers: + - Content-Type + + # Sets whether the request can include user credentials like cookies, HTTP authentication + # or client side SSL certificates. Defaults to true. + allow_credentials: true + + # Sets how long (in seconds) the results of a preflight request can be cached. If set to 0, every request + # is preceded by a preflight request. Defaults to 0. + max_age: 10 + + # If set to true, adds additional log output to debug server side CORS issues. Defaults to false. + debug: true + + # Access Log configuration for public server. + request_log: + # Disable access log for health and metrics endpoints. + disable_for_health: false + + # admin controls the admin daemon serving admin API endpoints like /jwk, /client, ... + admin: + # The port to listen on. Defaults to 4445 + port: 4445 + # The interface or unix socket Ory Hydra should listen and handle administrative API requests on. + # Use the prefix "unix:" to specify a path to a unix socket. + # Leave empty to listen on all interfaces. + host: localhost # leave this out or empty to listen on all devices which is the default + # host: unix:/path/to/socket + # socket: + # owner: hydra + # group: hydra + # mode: 0775 + + # cors configures Cross Origin Resource Sharing for admin endpoints. + cors: + # set enabled to true to enable CORS. Defaults to false. + enabled: true + # allowed_origins is a list of origins (comma separated values) a cross-domain request can be executed from. + # If the special * value is present in the list, all origins will be allowed. An origin may contain a wildcard (*) + # to replace 0 or more characters (i.e.: http://*.domain.com). Only one wildcard can be used per origin. + # + # If empty or undefined, this defaults to `*`, allowing CORS from every domain (if cors.enabled: true). + allowed_origins: + - https://example.com + - https://*.example.com + # allowed_methods is list of HTTP methods the user agent is allowed to use with cross-domain + # requests. Defaults to GET and POST. + allowed_methods: + - POST + - GET + - PUT + - PATCH + - DELETE + + # A list of non simple headers the client is allowed to use with cross-domain requests. Defaults to the listed values. + allowed_headers: + - Authorization + - Content-Type + + # Sets which headers (comma separated values) are safe to expose to the API of a CORS API specification. Defaults to the listed values. + exposed_headers: + - Content-Type + + # Sets whether the request can include user credentials like cookies, HTTP authentication + # or client side SSL certificates. + allow_credentials: true + + # Sets how long (in seconds) the results of a preflight request can be cached. If set to 0, every request + # is preceded by a preflight request. Defaults to 0. + max_age: 10 + + # If set to true, adds additional log output to debug server side CORS issues. Defaults to false. + debug: true + + # Access Log configuration for admin server. + request_log: + # Disable access log for health endpoints. + disable_for_health: false + + # tls configures HTTPS (HTTP over TLS). If configured, the server automatically supports HTTP/2. + tls: + # key configures the private key (pem encoded) + key: + # The key can either be loaded from a file: + path: /path/to/key.pem + # Or from a base64 encoded (without padding) string: + base64: LS0tLS1CRUdJTiBFTkNSWVBURUQgUFJJVkFURSBLRVktLS0tLVxuTUlJRkRqQkFCZ2txaGtpRzl3MEJCUTB3... + + # cert configures the TLS certificate (PEM encoded) + cert: + # The cert can either be loaded from a file: + path: /path/to/cert.pem + # Or from a base64 encoded (without padding) string: + base64: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tXG5NSUlEWlRDQ0FrMmdBd0lCQWdJRVY1eE90REFOQmdr... + + # Whitelist one or multiple CIDR address ranges and allow them to terminate TLS connections. + # Be aware that the X-Forwarded-Proto header must be set and must never be modifiable by anyone but + # your proxy / gateway / load balancer. Supports ipv4 and ipv6. + # + # Hydra serves http instead of https when this option is set. + # + # For more information head over to: https://www.ory.sh/docs/hydra/production#tls-termination + allow_termination_from: + - 127.0.0.1/32 + cookies: + # specify the SameSite mode that cookies should be sent with + same_site_mode: Lax + + # Some older browser versions don't work with SameSite=None. This option enables the workaround + # defined in https://web.dev/samesite-cookie-recipes/ which essentially stores a second cookie + # without SameSite as a fallback. + same_site_legacy_workaround: false + +# dsn sets the data source name. This configures the backend where Ory Hydra persists data. +# +## In-memory database +# +# If dsn is "memory", data will be written to memory and is lost when you restart this instance. +# You can set this value using the DSN environment variable: +# +## SQL databases +# +# Ory Hydra supports popular SQL databases. For more detailed configuration information go to: +# https://www.ory.sh/docs/hydra/dependencies-environment#sql +# +### PostgreSQL (recommended) +# +# If dsn is starting with postgres:// PostgreSQL will be used as storage backend: +# dsn: dsn=postgres://user:password@host:123/database +# +### MySQL database +# +# If dsn is starting with mysql:// MySQL will be used as storage backend: +# dsn: mysql://user:password@tcp(host:123)/database +# +### CockroachDB +# +# If dsn is starting with cockroach:// CockroachDB will be used as storage backend: +# dsn: cockroach://user:password@host:123/database +# +dsn: memory +# dsn: postgres://user:password@host:123/database +# dsn: mysql://user:password@tcp(host:123)/database + +# hsm configures Hardware Security Module for hydra.openid.id-token, hydra.jwt.access-token keys +# Either slot or token_label must be set. If token_label is set, then first slot in index with this label is used. +hsm: + enabled: false + library: /path/to/hsm-vendor/library.so + pin: token-pin-code + slot: 0 + token_label: hydra + # Key set prefix can be used in case of multiple Ory Hydra instances need to store keys on the same HSM partition. + # For example if `hsm.key_set_prefix=app1.` then key set `hydra.openid.id-token` would be generated/requested/deleted + # on HSM with `CKA_LABEL=app1.hydra.openid.id-token`. + key_set_prefix: app1. + +# webfinger configures ./well-known/ settings +webfinger: + # jwks configures the /.well-known/jwks.json endpoint. + jwks: + # broadcast_keys is a list of JSON Web Keys that should be exposed at that endpoint. This is usually + # the public key for verifying OpenID Connect ID Tokens. However, you might want to add additional keys here as well. + broadcast_keys: + - hydra.openid.id-token # This key is always exposed by default + # - hydra.jwt.access-token # This key will be exposed when the OAuth2 Access Token strategy is set to JWT. + + # oidc_discovery configures OpenID Connect Discovery (/.well-known/openid-configuration) + oidc_discovery: + client_registration_url: https://my-service.com/clients + # A list of supported claims to be broadcasted. Claim `sub` is always included: + supported_claims: + - email + - username + # The scope OAuth 2.0 Clients may request. Scope `offline`, `offline_access`, and `openid` are always included. + supported_scope: + - email + - whatever + - read.photos + + # A URL of the userinfo endpoint to be advertised at the OpenID Connect + # Discovery endpoint /.well-known/openid-configuration. Defaults to Ory Hydra's userinfo endpoint at /userinfo. + # Set this value if you want to handle this endpoint yourself. + userinfo_url: https://example.org/my-custom-userinfo-endpoint + +# oidc configures OpenID Connect features. +oidc: + # subject_identifiers configures the Subject Identifier algorithm. + # + # For more information please head over to the documentation: + # -> https://www.ory.sh/docs/hydra/advanced#subject-identifier-algorithms + subject_identifiers: + # which algorithms to enable. Defaults to "public" + supported_types: + - pairwise + - public + # configures the pairwise algorithm + pairwise: + # if "pairwise" is enabled, the salt must be defined. + salt: some-random-salt + + # dynamic_client_registration configures OpenID Connect Dynamic Client Registration (exposed as admin endpoints /clients/...) + dynamic_client_registration: + enabled: false + + # The OpenID Connect Dynamic Client Registration specification has no concept of whitelisting OAuth 2.0 Scope. If you + # want to expose Dynamic Client Registration, you should set the default scope enabled for newly registered clients. + # Keep in mind that users can overwrite this default by setting the "scope" key in the registration payload, + # effectively disabling the concept of whitelisted scopes. + default_scope: + - openid + - offline + - offline_access + +urls: + self: + # This value will be used as the "issuer" in access and ID tokens. It must be + # specified and using HTTPS protocol, unless --dev is set. This should typically be equal + # to the public value. + issuer: https://localhost:4444/ + + # This is the base location of the public endpoints of your Ory Hydra installation. This should typically be equal + # to the issuer value. If left unspecified, it falls back to the issuer value. + public: https://localhost:4444/ + + # Sets the login endpoint of the User Login & Consent flow. Defaults to an internal fallback URL. + login: https://my-login.app/login + # Sets the consent endpoint of the User Login & Consent flow. Defaults to an internal fallback URL. + consent: https://my-consent.app/consent + # Sets the logout endpoint. Defaults to an internal fallback URL. + logout: https://my-logout.app/logout + # Sets the error endpoint. The error ui will be shown when an OAuth2 error occurs that which can not be sent back + # to the client. Defaults to an internal fallback URL. + error: https://my-error.app/error + # When a user agent requests to logout, it will be redirected to this url afterwards per default. + post_logout_redirect: https://my-example.app/logout-successful + +strategies: + scope: DEPRECATED_HIERARCHICAL_SCOPE_STRATEGY + # You may use JSON Web Tokens as access tokens. + # + # But seriously. Don't do that. It's not a great idea and has a ton of caveats and subtle security implications. Read more: + # -> https://www.ory.sh/docs/hydra/advanced#json-web-tokens + # + # access_token: jwt + +# configures time to live +ttl: + # configures how long a user login and consent flow may take. Defaults to 1h. + login_consent_request: 1h + # configures how long access tokens are valid. Defaults to 1h. + access_token: 1h + # configures how long refresh tokens are valid. Defaults to 720h. Set to -1 for refresh tokens to never expire. + refresh_token: 720h + # configures how long id tokens are valid. Defaults to 1h. + id_token: 1h + # configures how long auth codes are valid. Defaults to 10m. + auth_code: 10m + +oauth2: + # Set this to true if you want to share error debugging information with your OAuth 2.0 clients. + # Keep in mind that debug information is very valuable when dealing with errors, but might also expose database error + # codes and similar errors. Defaults to false. + expose_internal_errors: true + # Configures hashing algorithms. Supports only BCrypt at the moment. + hashers: + # Configures the BCrypt hashing algorithm used for hashing Client Secrets. + bcrypt: + # Sets the BCrypt cost. Minimum value is 4 and default value is 10. The higher the value, the more CPU time is being + # used to generate hashes. + cost: 10 + pkce: + # Set this to true if you want PKCE to be enforced for all clients. + enforced: false + # Set this to true if you want PKCE to be enforced for public clients. + enforced_for_public_clients: false + session: + # store encrypted data in database, default true + encrypt_at_rest: true + ## refresh_token_rotation + # By default Refresh Tokens are rotated and invalidated with each use. See https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics#section-4.13.2 for more details + refresh_token_rotation: + # + ## grace_period + # + # Set the grace period for refresh tokens to be reused. Such reused tokens will result in multiple refresh tokens being issued. + # + # Examples: + # - 5s + # - 1m + grace_period: 0s + +# The secrets section configures secrets used for encryption and signing of several systems. All secrets can be rotated, +# for more information on this topic navigate to: +# -> https://www.ory.sh/docs/hydra/advanced#rotation-of-hmac-token-signing-and-database-and-cookie-encryption-keys +secrets: + # The system secret must be at least 16 characters long. If none is provided, one will be generated. They key + # is used to encrypt sensitive data using AES-GCM (256 bit) and validate HMAC signatures. + # + # The first item in the list is used for signing and encryption. The whole list is used for verifying signatures + # and decryption. + system: + - this-is-the-primary-secret + - this-is-an-old-secret + - this-is-another-old-secret + # A secret that is used to encrypt cookie sessions. Defaults to secrets.system. It is recommended to use + # a separate secret in production. + # + # The first item in the list is used for signing and encryption. The whole list is used for verifying signatures + # and decryption. + cookie: + - this-is-the-primary-secret + - this-is-an-old-secret + - this-is-another-old-secret + +# Enables profiling if set. Use "cpu" to enable cpu profiling and "mem" to enable memory profiling. For more details +# on profiling, head over to: https://blog.golang.org/profiling-go-programs +profiling: cpu +# profiling: mem + +# Ory Hydra supports distributed tracing. +tracing: + # Set this to the tracing backend you wish to use. Currently supports jaeger. If omitted or empty, tracing will + # be disabled. + provider: jaeger + # Specifies the service name to use on the tracer. + service_name: Ory Hydra + providers: + # Configures the jaeger tracing backend. + jaeger: + # The address of the jaeger-agent where spans should be sent to + local_agent_address: 127.0.0.1:6831 + sampling: + # The value passed to the sampler type that has been configured. + # Supported values: This is dependant on the sampling strategy used: + # - const: 0 or 1 (all or nothing) + # - rateLimiting: a constant rate (e.g. setting this to 3 will sample requests with the rate of 3 traces per second) + # - probabilistic: a value between 0..1 + trace_id_ratio: 1.0 + # The address of jaeger-agent's HTTP sampling server + server_url: http://localhost:5778/sampling \ No newline at end of file diff --git a/ldap-hyda/docker-compose.yml b/ldap-hyda/docker-compose.yml new file mode 100644 index 0000000..ffdf1db --- /dev/null +++ b/ldap-hyda/docker-compose.yml @@ -0,0 +1,80 @@ +version: "3" +services: + hydra-client: + image: hydra-home # oryd/hydra:v2.2.0 + container_name: hydra-client + environment: + HYDRA_ADMIN_URL: http://hydra:4445 + ORY_SDK_URL: http://hydra:4445 + command: + - create + - oauth2-client + - --skip-consent + - --skip-logout-consent + - --skip-tls-verify + - --name + - test-client + - --secret + - oc-auth-got-secret + - --response-type + - id_token,token,code + - --grant-type + - implicit,refresh_token,authorization_code + - --scope + - openid,profile,email,roles + - --token-endpoint-auth-method + - client_secret_post + - --redirect-uri + - http://localhost:3000 + + networks: + - hydra-net + - catalog + deploy: + restart_policy: + condition: none + depends_on: + - hydra + healthcheck: + test: ["CMD", "curl", "-f", "http://hydra:4445"] + interval: 10s + timeout: 10s + retries: 10 + hydra: + container_name: hydra + image: hydra-home # oryd/hydra:v2.2.0 + environment: + SECRETS_SYSTEM: oc-auth-got-secret + LOG_LEAK_SENSITIVE_VALUES: true + URLS_SELF_ISSUER: http://hydra:4444 + URLS_SELF_PUBLIC: http://hydra:4444 + WEBFINGER_OIDC_DISCOVERY_SUPPORTED_SCOPES: profile,email,phone,roles + WEBFINGER_OIDC_DISCOVERY_SUPPORTED_CLAIMS: name,family_name,given_name,nickname,email,phone_number + DSN: memory + command: serve all --dev + networks: + - hydra-net + - catalog + ports: + - "4444:4444" + - "4445:4445" + deploy: + restart_policy: + condition: on-failure + ldap: + image: pgarrett/ldap-alpine + container_name: ldap + volumes: + - "./ldap.ldif:/ldif/ldap.ldif" + networks: + - hydra-net + - catalog + ports: + - "389:389" + deploy: + restart_policy: + condition: on-failure +networks: + hydra-net: + catalog: + external: true diff --git a/ldap-hyda/ldap.ldif b/ldap-hyda/ldap.ldif new file mode 100644 index 0000000..0d50fc0 --- /dev/null +++ b/ldap-hyda/ldap.ldif @@ -0,0 +1,24 @@ +dn: uid=momo,ou=Users,dc=example,dc=com +objectClass: inetOrgPerson +cn: Kolya Gerasyimov +sn: Gerasyimov +uid: momo +userPassword: 123 +mail: momo@example.com +ou: Users + +dn: ou=AppRoles,dc=example,dc=com +objectClass: organizationalunit +ou: AppRoles +description: AppRoles + +dn: ou=App1,ou=AppRoles,dc=example,dc=com +objectClass: organizationalunit +ou: App1 +description: App1 + +dn: cn=traveler,ou=App1,ou=AppRoles,dc=example,dc=com +objectClass: groupofnames +cn: traveler +description: traveler +member: uid=momo,ou=Users,dc=example,dc=com \ No newline at end of file diff --git a/main.go b/main.go index 343c755..581b147 100644 --- a/main.go +++ b/main.go @@ -1,41 +1,60 @@ package main import ( + "fmt" "oc-auth/conf" + "oc-auth/infrastructure" _ "oc-auth/routers" oclib "cloud.o-forge.io/core/oc-lib" + "cloud.o-forge.io/core/oc-lib/tools" beego "github.com/beego/beego/v2/server/web" ) const appname = "oc-auth" +// @securityDefinitions.apikey Bearer +// @in header +// @name Authorization +// @description Type "Bearer" followed by a space and JWT token. func main() { // Init the oc-lib oclib.Init(appname) - // Load the right config file o := oclib.GetConfLoader() - conf.GetConfig().NatsUrl = o.GetStringDefault("natsurl", "http://localhost:4080") - conf.GetConfig().NatsLogin = o.GetStringDefault("natslogin", "admin") - conf.GetConfig().NatsPassword = o.GetStringDefault("natspassword", "admin") - conf.GetConfig().OidcUrl = o.GetStringDefault("oidcurl", "admin") + conf.GetConfig().PVKPath = o.GetStringDefault("PVK_PATH", "./pvk.pem") + conf.GetConfig().ClientSecret = o.GetStringDefault("CLIENT_SECRET", "oc-auth-got-secret") - // feed the library with the loaded config - oclib.SetConfig( - o.GetStringDefault("MONGO_URL", "mongodb://127.0.0.1:27017"), - o.GetStringDefault("MONGO_DATABASE", "DC_myDC"), - "", - o.GetStringDefault("lokiurl", ""), - o.GetStringDefault("loglevel", "info"), - ) - // Beego init - beego.BConfig.AppName = appname - beego.BConfig.Listen.HTTPPort = o.GetIntDefault("port", 8080) - beego.BConfig.WebConfig.DirectoryIndex = true - beego.BConfig.WebConfig.StaticDir["/swagger"] = "swagger" + conf.GetConfig().Auth = o.GetStringDefault("AUTH", "hydra") + conf.GetConfig().AuthConnectorHost = o.GetStringDefault("AUTH_CONNECTOR_HOST", "localhost") + conf.GetConfig().AuthConnectorPort = o.GetIntDefault("AUTH_CONNECTOR_PORT", 4444) + conf.GetConfig().AuthConnectorAdminPort = o.GetIntDefault("AUTH_CONNECTOR_ADMIN_PORT", 4445) + conf.GetConfig().PermissionConnectorHost = o.GetStringDefault("PERMISSION_CONNECTOR_HOST", "keto") + conf.GetConfig().PermissionConnectorPort = o.GetIntDefault("PERMISSION_CONNECTOR_PORT", 4466) + conf.GetConfig().PermissionConnectorAdminPort = o.GetIntDefault("PERMISSION_CONNECTOR_ADMIN_PORT", 4467) + // config LDAP + conf.GetConfig().LDAPEndpoints = o.GetStringDefault("LDAP_ENDPOINTS", "ldap:389") + conf.GetConfig().LDAPBindDN = o.GetStringDefault("LDAP_BINDDN", "cn=admin,dc=example,dc=com") + conf.GetConfig().LDAPBindPW = o.GetStringDefault("LDAP_BINDPW", "password") + conf.GetConfig().LDAPBaseDN = o.GetStringDefault("LDAP_BASEDN", "dc=example,dc=com") + conf.GetConfig().LDAPRoleBaseDN = o.GetStringDefault("LDAP_ROLE_BASEDN", "ou=AppRoles,dc=example,dc=com") + + Discovery() beego.Run() - +} +func Discovery() { + fmt.Println("Discovered") + api := tools.API{} + addPermissions := func(m map[string]interface{}) { + conn := infrastructure.GetPermissionConnector() + for k, v := range m { + for _, p := range v.([]interface{}) { + conn.CreatePermission(k, p.(string), true) + } + } + } + api.ListenRouter(addPermissions) + tools.NewNATSCaller().SetNATSPub("api", tools.DISCOVERY, map[string]interface{}{}) } diff --git a/models/application.go b/models/application.go deleted file mode 100644 index 5558fe3..0000000 --- a/models/application.go +++ /dev/null @@ -1,10 +0,0 @@ -package models - -// OpenId application -type Application struct { - ClientId string `json:"client_id,omitempty"` - ClientName string `json:"client_name,omitempty"` - ClientSecret string `json:"client_secret,omitempty"` - AccessToken string `json:"access_token,omitempty"` - CallbackUrl string `json:"callback_url,omitempty"` -} diff --git a/models/auth.go b/models/auth.go deleted file mode 100644 index bd1aeb8..0000000 --- a/models/auth.go +++ /dev/null @@ -1,12 +0,0 @@ -package models - -import ( - "fmt" - "oc-auth/conf" -) - -func init() { - c := conf.GetConfig() - // configure storage - fmt.Println(c.NatsUrl) -} diff --git a/models/registration.go b/models/registration.go deleted file mode 100644 index b63ebcc..0000000 --- a/models/registration.go +++ /dev/null @@ -1,137 +0,0 @@ -package models - -import ( - "context" - "fmt" - "os" - - client "github.com/ory/hydra-client-go" - "golang.org/x/oauth2" - "golang.org/x/oauth2/clientcredentials" -) - -func CreateClient(clientId string, clientName string, clientSecret string) (string, string, error) { - tokenAuthMethod := "client_secret_post" - oAuth2Client := *client.NewOAuth2Client() // OAuth2Client | - oAuth2Client.SetClientId(clientId) - oAuth2Client.SetClientName(clientName) - oAuth2Client.SetClientSecret(clientSecret) - oAuth2Client.SetGrantTypes([]string{"client_credentials"}) - oAuth2Client.TokenEndpointAuthMethod = &tokenAuthMethod - - config := client.NewConfiguration() - config.Servers = client.ServerConfigurations{{URL: "http://127.0.0.1:4445"}} - client := client.NewAPIClient(config) - - resp, _, err := client.AdminApi.CreateOAuth2Client(context.Background()).OAuth2Client(oAuth2Client).Execute() - if err != nil { - return "", "", err - } - return resp.GetClientId(), resp.GetClientSecret(), nil -} - -func GetAccessToken(clientID, clientSecret string) (string, error) { - config := clientcredentials.Config{ - ClientID: clientID, - ClientSecret: clientSecret, - TokenURL: "http://127.0.0.1:4444/oauth2/token", - AuthStyle: oauth2.AuthStyleInParams, - } - - token, err := config.Token(context.Background()) - if err != nil { - fmt.Println("Error obtaining token:", err) - return "", err - } - - return token.AccessToken, nil -} - -func ListClients() { - configuration := client.NewConfiguration() - configuration.Servers = []client.ServerConfiguration{ - { - URL: "http://localhost:4445", // Public API URL - }, - } - apiClient := client.NewAPIClient(configuration) - - limit := int64(20) - offset := int64(0) - clients, r, err := apiClient.AdminApi.ListOAuth2Clients(context.Background()).Limit(limit).Offset(offset).Execute() - if err != nil { - fmt.Fprintf(os.Stderr, "Error when calling `OAuth2Api.ListOAuth2Clients``: %v\n", err) - fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) - } - for i, c := range clients { - fmt.Fprintf(os.Stdout, " %d : %s %s %s\n", i, *c.ClientId, c.GetClientName(), c.GetClientSecret()) - } - fmt.Fprintf(os.Stdout, "We have %d clients\n", len(clients)) -} - -func DeleteClient(clientId string) { - configuration := client.NewConfiguration() - configuration.Servers = []client.ServerConfiguration{ - { - URL: "http://localhost:4445", // Public API URL - }, - } - apiClient := client.NewAPIClient(configuration) - r, err := apiClient.AdminApi.DeleteOAuth2Client(context.Background(), clientId).Execute() - if err != nil { - fmt.Fprintf(os.Stderr, "Error when calling `OAuth2Api.DeleteOAuth2Client``: %v\n", err) - fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) - } - -} - -func DeleteClients() { - configuration := client.NewConfiguration() - configuration.Servers = []client.ServerConfiguration{ - { - URL: "http://localhost:4445", // Public API URL - }, - } - apiClient := client.NewAPIClient(configuration) - - limit := int64(20) - offset := int64(0) - clients, r, err := apiClient.AdminApi.ListOAuth2Clients(context.Background()).Limit(limit).Offset(offset).Execute() - if err != nil { - fmt.Fprintf(os.Stderr, "Error when calling `OAuth2Api.ListOAuth2Clients``: %v\n", err) - fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) - } - for _, c := range clients { - fmt.Fprintf(os.Stdout, " Deleting : %s %s %s\n", c.GetClientId(), c.GetClientName(), c.GetClientSecret()) - r, err := apiClient.AdminApi.DeleteOAuth2Client(context.Background(), c.GetClientId()).Execute() - if err != nil { - fmt.Fprintf(os.Stderr, "Error when calling `OAuth2Api.DeleteOAuth2Client``: %v\n", err) - fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) - } - fmt.Fprintf(os.Stdout, " Deleted: %s\n", c.GetClientId()) - } - fmt.Fprintf(os.Stdout, "We deleted %d clients\n", len(clients)) -} - -func CreateCodeClient(clientId string) (string, string, error) { - config := client.NewConfiguration() - config.Servers = client.ServerConfigurations{{URL: "http://127.0.0.1:4445"}} - tokenAuthMethod := "client_secret_post" - - oAuth2Client := *client.NewOAuth2Client() // OAuth2Client | - oAuth2Client.SetClientId(clientId + "_api") - oAuth2Client.SetGrantTypes([]string{"authorization_code", "refresh_token"}) - oAuth2Client.SetResponseTypes([]string{"code", "id_token"}) - oAuth2Client.SetScope("openid offline") - oAuth2Client.SetRedirectUris([]string{"http://127.0.0.1:5555/callback"}) - oAuth2Client.TokenEndpointAuthMethod = &tokenAuthMethod - - client := client.NewAPIClient(config) - - resp, _, err := client.AdminApi.CreateOAuth2Client(context.Background()).OAuth2Client(oAuth2Client).Execute() - if err != nil { - return "", "", err - } - - return resp.GetClientId(), resp.GetClientSecret(), nil -} diff --git a/oc-auth b/oc-auth index e646add..cdda6c4 100755 Binary files a/oc-auth and b/oc-auth differ diff --git a/relation-tuples b/relation-tuples new file mode 100644 index 0000000..7ba19c1 --- /dev/null +++ b/relation-tuples @@ -0,0 +1 @@ +{"namespace":"open-cloud","object":"test-role","relation":"-","subject_id":"oc-auth"} diff --git a/routers/commentsRouter.go b/routers/commentsRouter.go index d853486..a2c5057 100644 --- a/routers/commentsRouter.go +++ b/routers/commentsRouter.go @@ -7,51 +7,195 @@ import ( func init() { - beego.GlobalControllerRouter["oc-auth/controllers:AuthController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:AuthController"], + beego.GlobalControllerRouter["oc-auth/controllers:OAuthController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:OAuthController"], beego.ControllerComments{ - Method: "Post", - Router: `/`, + Method: "Claims", + Router: `/claims`, AllowHTTPMethods: []string{"post"}, MethodParams: param.Make(), Filters: nil, Params: nil}) - beego.GlobalControllerRouter["oc-auth/controllers:AuthController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:AuthController"], + beego.GlobalControllerRouter["oc-auth/controllers:OAuthController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:OAuthController"], beego.ControllerComments{ - Method: "Get", - Router: `/:authId`, + Method: "InternalAuthForward", + Router: `/forward`, AllowHTTPMethods: []string{"get"}, MethodParams: param.Make(), Filters: nil, Params: nil}) - beego.GlobalControllerRouter["oc-auth/controllers:AuthController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:AuthController"], + beego.GlobalControllerRouter["oc-auth/controllers:OAuthController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:OAuthController"], beego.ControllerComments{ - Method: "Delete", - Router: `/:authId`, + Method: "Introspect", + Router: `/introspect`, + AllowHTTPMethods: []string{"get"}, + MethodParams: param.Make(), + Filters: nil, + Params: nil}) + + beego.GlobalControllerRouter["oc-auth/controllers:OAuthController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:OAuthController"], + beego.ControllerComments{ + Method: "LoginLDAP", + Router: `/ldap/login`, + AllowHTTPMethods: []string{"post"}, + MethodParams: param.Make(), + Filters: nil, + Params: nil}) + + beego.GlobalControllerRouter["oc-auth/controllers:OAuthController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:OAuthController"], + beego.ControllerComments{ + Method: "LogOutLDAP", + Router: `/ldap/logout`, AllowHTTPMethods: []string{"delete"}, MethodParams: param.Make(), Filters: nil, Params: nil}) - beego.GlobalControllerRouter["oc-auth/controllers:AuthController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:AuthController"], + beego.GlobalControllerRouter["oc-auth/controllers:OAuthController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:OAuthController"], beego.ControllerComments{ - Method: "Find", - Router: `/find/:query`, + Method: "Refresh", + Router: `/refresh`, + AllowHTTPMethods: []string{"post"}, + MethodParams: param.Make(), + Filters: nil, + Params: nil}) + + beego.GlobalControllerRouter["oc-auth/controllers:PermissionController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:PermissionController"], + beego.ControllerComments{ + Method: "GetAll", + Router: `/`, AllowHTTPMethods: []string{"get"}, MethodParams: param.Make(), Filters: nil, Params: nil}) - beego.GlobalControllerRouter["oc-auth/controllers:RegistrationController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:RegistrationController"], + beego.GlobalControllerRouter["oc-auth/controllers:PermissionController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:PermissionController"], + beego.ControllerComments{ + Method: "Get", + Router: `/:id/:relation[get]`, + AllowHTTPMethods: []string{"get"}, + MethodParams: param.Make(), + Filters: nil, + Params: nil}) + + beego.GlobalControllerRouter["oc-auth/controllers:PermissionController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:PermissionController"], + beego.ControllerComments{ + Method: "Bind", + Router: `/:permission_id/:role_id/:relation`, + AllowHTTPMethods: []string{"post"}, + MethodParams: param.Make(), + Filters: nil, + Params: nil}) + + beego.GlobalControllerRouter["oc-auth/controllers:PermissionController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:PermissionController"], + beego.ControllerComments{ + Method: "UnBind", + Router: `/:permission_id/:role_id/:relation`, + AllowHTTPMethods: []string{"delete"}, + MethodParams: param.Make(), + Filters: nil, + Params: nil}) + + beego.GlobalControllerRouter["oc-auth/controllers:PermissionController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:PermissionController"], + beego.ControllerComments{ + Method: "Clear", + Router: `/clear`, + AllowHTTPMethods: []string{"delete"}, + MethodParams: param.Make(), + Filters: nil, + Params: nil}) + + beego.GlobalControllerRouter["oc-auth/controllers:PermissionController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:PermissionController"], + beego.ControllerComments{ + Method: "GetByRole", + Router: `/role/:id`, + AllowHTTPMethods: []string{"get"}, + MethodParams: param.Make(), + Filters: nil, + Params: nil}) + + beego.GlobalControllerRouter["oc-auth/controllers:PermissionController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:PermissionController"], + beego.ControllerComments{ + Method: "GetByUser", + Router: `/user/:id`, + AllowHTTPMethods: []string{"get"}, + MethodParams: param.Make(), + Filters: nil, + Params: nil}) + + beego.GlobalControllerRouter["oc-auth/controllers:RoleController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:RoleController"], + beego.ControllerComments{ + Method: "GetAll", + Router: `/`, + AllowHTTPMethods: []string{"get"}, + MethodParams: param.Make(), + Filters: nil, + Params: nil}) + + beego.GlobalControllerRouter["oc-auth/controllers:RoleController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:RoleController"], beego.ControllerComments{ Method: "Post", - Router: `/`, + Router: `/:id`, AllowHTTPMethods: []string{"post"}, MethodParams: param.Make(), Filters: nil, Params: nil}) + beego.GlobalControllerRouter["oc-auth/controllers:RoleController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:RoleController"], + beego.ControllerComments{ + Method: "Get", + Router: `/:id`, + AllowHTTPMethods: []string{"get"}, + MethodParams: param.Make(), + Filters: nil, + Params: nil}) + + beego.GlobalControllerRouter["oc-auth/controllers:RoleController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:RoleController"], + beego.ControllerComments{ + Method: "Delete", + Router: `/:id`, + AllowHTTPMethods: []string{"delete"}, + MethodParams: param.Make(), + Filters: nil, + Params: nil}) + + beego.GlobalControllerRouter["oc-auth/controllers:RoleController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:RoleController"], + beego.ControllerComments{ + Method: "Bind", + Router: `/:user_id/:role_id`, + AllowHTTPMethods: []string{"post"}, + MethodParams: param.Make(), + Filters: nil, + Params: nil}) + + beego.GlobalControllerRouter["oc-auth/controllers:RoleController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:RoleController"], + beego.ControllerComments{ + Method: "UnBind", + Router: `/:user_id/:role_id`, + AllowHTTPMethods: []string{"delete"}, + MethodParams: param.Make(), + Filters: nil, + Params: nil}) + + beego.GlobalControllerRouter["oc-auth/controllers:RoleController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:RoleController"], + beego.ControllerComments{ + Method: "Clear", + Router: `/clear`, + AllowHTTPMethods: []string{"delete"}, + MethodParams: param.Make(), + Filters: nil, + Params: nil}) + + beego.GlobalControllerRouter["oc-auth/controllers:RoleController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:RoleController"], + beego.ControllerComments{ + Method: "GetByUser", + Router: `/user/:id`, + AllowHTTPMethods: []string{"get"}, + MethodParams: param.Make(), + Filters: nil, + Params: nil}) + beego.GlobalControllerRouter["oc-auth/controllers:VersionController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:VersionController"], beego.ControllerComments{ Method: "GetAll", @@ -61,4 +205,13 @@ func init() { Filters: nil, Params: nil}) + beego.GlobalControllerRouter["oc-auth/controllers:VersionController"] = append(beego.GlobalControllerRouter["oc-auth/controllers:VersionController"], + beego.ControllerComments{ + Method: "Get", + Router: `/discovery`, + AllowHTTPMethods: []string{"get"}, + MethodParams: param.Make(), + Filters: nil, + Params: nil}) + } diff --git a/routers/router.go b/routers/router.go index 336cf36..fbd2eb0 100644 --- a/routers/router.go +++ b/routers/router.go @@ -17,12 +17,17 @@ func init() { ns := beego.NewNamespace("/oc", beego.NSNamespace("/auth", beego.NSInclude( - &controllers.AuthController{}, + &controllers.OAuthController{}, ), ), - beego.NSNamespace("/registration", + beego.NSNamespace("/role", beego.NSInclude( - &controllers.RegistrationController{}, + &controllers.RoleController{}, + ), + ), + beego.NSNamespace("/permission", + beego.NSInclude( + &controllers.PermissionController{}, ), ), beego.NSNamespace("/version", @@ -31,6 +36,5 @@ func init() { ), ), ) - beego.AddNamespace(ns) } diff --git a/swagger/swagger.json b/swagger/swagger.json index 00975ad..545d2f0 100644 --- a/swagger/swagger.json +++ b/swagger/swagger.json @@ -9,55 +9,248 @@ "email": "admin@o-cloud.io" }, "license": { - "name": "MIT", - "url": "https://opensource.org/license/mit" + "name": "AGPL", + "url": "https://www.gnu.org/licenses/agpl-3.0.html" } }, "basePath": "/oc", "paths": { - "/auth/": { + "/auth/claims": { "post": { "tags": [ "auth" ], - "description": "create auths\n\u003cbr\u003e", - "operationId": "AuthController.Create", + "description": "enrich token with claims\n\u003cbr\u003e", + "operationId": "OAuthController.Claims", "parameters": [ { "in": "body", "name": "body", - "description": "The auth content", + "description": "The token info", "required": true, "schema": { - "type": "array", - "items": { - "$ref": "#/definitions/models.auth" - } + "$ref": "#/definitions/models.Token" } } ], "responses": { "200": { - "description": "{string} models.auth.Id" - }, - "403": { - "description": "body is empty" + "description": "{string}" } } } }, - "/auth/discover/{url}": { + "/auth/forward": { "get": { "tags": [ "auth" ], - "description": "find auth by authid\n\u003cbr\u003e", - "operationId": "AuthController.Get", + "description": "auth forward\n\u003cbr\u003e", + "operationId": "OAuthController.AuthForward", + "parameters": [ + { + "in": "header", + "name": "Authorization", + "description": "auth token", + "type": "string" + }, + { + "in": "body", + "name": "body", + "description": "The workflow content", + "required": true, + "schema": { + "$ref": "#/definitions/models.workflow" + } + } + ], + "responses": { + "200": { + "description": "{string}" + } + } + } + }, + "/auth/introspect": { + "get": { + "tags": [ + "auth" + ], + "description": "introspect token\n\u003cbr\u003e", + "operationId": "OAuthController.Introspection", + "parameters": [ + { + "in": "header", + "name": "Authorization", + "description": "auth token", + "type": "string" + } + ], + "responses": { + "200": { + "description": "{string}" + } + } + } + }, + "/auth/ldap/login": { + "post": { + "tags": [ + "auth" + ], + "description": "authenticate user\n\u003cbr\u003e", + "operationId": "OAuthController.Login", + "parameters": [ + { + "in": "body", + "name": "body", + "description": "The workflow content", + "required": true, + "schema": { + "$ref": "#/definitions/models.workflow" + } + } + ], + "responses": { + "200": { + "description": "{string}" + } + } + } + }, + "/auth/ldap/logout": { + "delete": { + "tags": [ + "auth" + ], + "description": "unauthenticate user\n\u003cbr\u003e", + "operationId": "OAuthController.Logout", + "parameters": [ + { + "in": "header", + "name": "Authorization", + "description": "auth token", + "type": "string" + } + ], + "responses": { + "200": { + "description": "{string}" + } + } + } + }, + "/auth/refresh": { + "post": { + "tags": [ + "auth" + ], + "description": "introspect token\n\u003cbr\u003e", + "operationId": "OAuthController.Introspection", + "parameters": [ + { + "in": "body", + "name": "body", + "description": "The token info", + "required": true, + "schema": { + "$ref": "#/definitions/models.Token" + } + } + ], + "responses": { + "200": { + "description": "{string}" + } + } + } + }, + "/permission/": { + "get": { + "tags": [ + "permission" + ], + "description": "find permissions\n\u003cbr\u003e", + "operationId": "PermissionController.GetAll", + "responses": { + "200": { + "description": "{permission} string" + } + } + } + }, + "/permission/clear": { + "delete": { + "tags": [ + "permission" + ], + "description": "clear the permission\n\u003cbr\u003e", + "operationId": "PermissionController.Clear", + "responses": { + "200": { + "description": "{string} delete success!" + } + } + } + }, + "/permission/role/{id}": { + "get": { + "tags": [ + "permission" + ], + "description": "find permission by role id\n\u003cbr\u003e", + "operationId": "PermissionController.GetByRole", "parameters": [ { "in": "path", - "name": "authId", - "description": "the authid you want to get", + "name": "id", + "description": "the id you want to get", + "required": true, + "type": "string" + } + ], + "responses": { + "200": { + "description": "{auth} string" + } + } + } + }, + "/permission/user/{id}": { + "get": { + "tags": [ + "permission" + ], + "description": "find permission by user id\n\u003cbr\u003e", + "operationId": "PermissionController.GetByUser", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "the id you want to get", + "required": true, + "type": "string" + } + ], + "responses": { + "200": { + "description": "{auth} string" + } + } + } + }, + "/permission/{id}/{relation[get]}": { + "get": { + "tags": [ + "permission" + ], + "description": "find auth by permission\n\u003cbr\u003e", + "operationId": "PermissionController.Get", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "the permission you want to get", "required": true, "type": "string" } @@ -65,75 +258,187 @@ "responses": { "200": { "description": "{auth} models.auth" - }, - "403": { - "description": ":authId is empty" } } } }, - "/auth/find/{query}": { - "get": { + "/permission/{permission_id}/{role_id}/{relation}": { + "post": { "tags": [ - "auth" + "permission" ], - "description": "find auths with query\n\u003cbr\u003e", - "operationId": "AuthController.Find", + "description": "bind the permission to role\n\u003cbr\u003e", + "operationId": "PermissionController.Bind", "parameters": [ { "in": "path", - "name": "query", - "description": "the keywords you need", + "name": "role_id", + "description": "The role_id you want to bind", + "required": true, + "type": "string" + }, + { + "in": "path", + "name": "method", + "description": "The method you want to relate role \u0026 permission", + "required": true, + "type": "string" + }, + { + "in": "path", + "name": "permission_id", + "description": "The permission_id you want to bind", "required": true, "type": "string" } ], "responses": { "200": { - "description": "{auths} []models.auth" - }, - "403": { - "description": "" - } - } - } - }, - "/auth/{authId}": { - "get": { - "tags": [ - "auth" - ], - "description": "find auth by authid\n\u003cbr\u003e", - "operationId": "AuthController.Get", - "parameters": [ - { - "in": "path", - "name": "authId", - "description": "the authid you want to get", - "required": true, - "type": "string" - } - ], - "responses": { - "200": { - "description": "{auth} models.auth" - }, - "403": { - "description": ":authId is empty" + "description": "{string} bind success!" } } }, "delete": { "tags": [ - "auth" + "permission" ], - "description": "delete the auth\n\u003cbr\u003e", - "operationId": "AuthController.Delete", + "description": "unbind the permission to role\n\u003cbr\u003e", + "operationId": "PermissionController.UnBind", "parameters": [ { "in": "path", - "name": "authId", - "description": "The authId you want to delete", + "name": "role_id", + "description": "The role_id you want to unbind", + "required": true, + "type": "string" + }, + { + "in": "path", + "name": "relation", + "description": "The method you want to unrelate role \u0026 permission", + "required": true, + "type": "string" + }, + { + "in": "path", + "name": "permission_id", + "description": "The permission_id you want to unbind", + "required": true, + "type": "string" + } + ], + "responses": { + "200": { + "description": "{string} bind success!" + } + } + } + }, + "/role/": { + "get": { + "tags": [ + "role" + ], + "description": "find roles\n\u003cbr\u003e", + "operationId": "RoleController.GetAll", + "responses": { + "200": { + "description": "{role} string" + } + } + } + }, + "/role/clear": { + "delete": { + "tags": [ + "role" + ], + "description": "clear the role\n\u003cbr\u003e", + "operationId": "RoleController.Clear", + "responses": { + "200": { + "description": "{string} delete success!" + } + } + } + }, + "/role/user/{id}": { + "get": { + "tags": [ + "role" + ], + "description": "find role by user id\n\u003cbr\u003e", + "operationId": "RoleController.GetByUser", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "the id you want to get", + "required": true, + "type": "string" + } + ], + "responses": { + "200": { + "description": "{auth} string" + } + } + } + }, + "/role/{id}": { + "get": { + "tags": [ + "role" + ], + "description": "find role by id\n\u003cbr\u003e", + "operationId": "RoleController.Get", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "the id you want to get", + "required": true, + "type": "string" + } + ], + "responses": { + "200": { + "description": "{role} string" + } + } + }, + "post": { + "tags": [ + "role" + ], + "description": "create role\n\u003cbr\u003e", + "operationId": "RoleController.Create", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "the id you want to get", + "required": true, + "type": "string" + } + ], + "responses": { + "200": { + "description": "{auth} create success!" + } + } + }, + "delete": { + "tags": [ + "role" + ], + "description": "delete the role\n\u003cbr\u003e", + "operationId": "RoleController.Delete", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "The id you want to delete", "required": true, "type": "string" } @@ -141,37 +446,64 @@ "responses": { "200": { "description": "{string} delete success!" - }, - "403": { - "description": "authId is empty" } } } }, - "/registration/": { + "/role/{user_id}/{role_id}": { "post": { "tags": [ - "registration" + "role" ], - "description": "create auths\n\u003cbr\u003e", - "operationId": "RegistrationController.Create", + "description": "bind the role to user\n\u003cbr\u003e", + "operationId": "RoleController.Bind", "parameters": [ { - "in": "body", - "name": "body", - "description": "The app info", + "in": "path", + "name": "user_id", + "description": "The user_id you want to bind", "required": true, - "schema": { - "$ref": "#/definitions/models.Application" - } + "type": "string" + }, + { + "in": "path", + "name": "role_id", + "description": "The role_id you want to bind", + "required": true, + "type": "string" } ], "responses": { "200": { - "description": "{string} models.auth.Id" + "description": "{string} bind success!" + } + } + }, + "delete": { + "tags": [ + "role" + ], + "description": "unbind the role to user\n\u003cbr\u003e", + "operationId": "RoleController.UnBind", + "parameters": [ + { + "in": "path", + "name": "role_id", + "description": "The role_id you want to unbind", + "required": true, + "type": "string" }, - "403": { - "description": "body is empty" + { + "in": "path", + "name": "user_id", + "description": "The user_id you want to unbind", + "required": true, + "type": "string" + } + ], + "responses": { + "200": { + "description": "{string} bind success!" } } } @@ -189,32 +521,29 @@ } } } + }, + "/version/discovery": { + "get": { + "tags": [ + "version" + ], + "description": "get version\n\u003cbr\u003e", + "operationId": "VersionController.Get", + "responses": { + "200": { + "description": "" + } + } + } } }, "definitions": { - "models.Application": { - "title": "Application", - "type": "object", - "properties": { - "access_token": { - "type": "string" - }, - "callback_url": { - "type": "string" - }, - "client_id": { - "type": "string" - }, - "client_name": { - "type": "string" - }, - "client_secret": { - "type": "string" - } - } + "models.Token": { + "title": "Token", + "type": "object" }, - "models.auth": { - "title": "auth", + "models.workflow": { + "title": "workflow", "type": "object" } }, @@ -224,7 +553,11 @@ "description": "Operations about auth\n" }, { - "name": "registration", + "name": "role", + "description": "Operations about auth\n" + }, + { + "name": "permission", "description": "Operations about auth\n" }, { diff --git a/swagger/swagger.yml b/swagger/swagger.yml index 1c3bf65..162131b 100644 --- a/swagger/swagger.yml +++ b/swagger/swagger.yml @@ -8,127 +8,375 @@ info: contact: email: admin@o-cloud.io license: - name: MIT - url: https://opensource.org/license/mit + name: AGPL + url: https://www.gnu.org/licenses/agpl-3.0.html basePath: /oc paths: - /auth/: + /auth/claims: post: tags: - auth description: |- - create auths + enrich token with claims
- operationId: AuthController.Create + operationId: OAuthController.Claims parameters: - in: body name: body - description: The auth content + description: The token info required: true schema: - type: array - items: - $ref: '#/definitions/models.auth' + $ref: '#/definitions/models.Token' responses: "200": - description: '{string} models.auth.Id' - "403": - description: body is empty - /auth/{authId}: + description: '{string}' + /auth/forward: get: tags: - auth description: |- - find auth by authid + auth forward
- operationId: AuthController.Get + operationId: OAuthController.AuthForward + parameters: + - in: header + name: Authorization + description: auth token + type: string + - in: body + name: body + description: The workflow content + required: true + schema: + $ref: '#/definitions/models.workflow' + responses: + "200": + description: '{string}' + /auth/introspect: + get: + tags: + - auth + description: |- + introspect token +
+ operationId: OAuthController.Introspection + parameters: + - in: header + name: Authorization + description: auth token + type: string + responses: + "200": + description: '{string}' + /auth/ldap/login: + post: + tags: + - auth + description: |- + authenticate user +
+ operationId: OAuthController.Login + parameters: + - in: body + name: body + description: The workflow content + required: true + schema: + $ref: '#/definitions/models.workflow' + responses: + "200": + description: '{string}' + /auth/ldap/logout: + delete: + tags: + - auth + description: |- + unauthenticate user +
+ operationId: OAuthController.Logout + parameters: + - in: header + name: Authorization + description: auth token + type: string + responses: + "200": + description: '{string}' + /auth/refresh: + post: + tags: + - auth + description: |- + introspect token +
+ operationId: OAuthController.Introspection + parameters: + - in: body + name: body + description: The token info + required: true + schema: + $ref: '#/definitions/models.Token' + responses: + "200": + description: '{string}' + /permission/: + get: + tags: + - permission + description: |- + find permissions +
+ operationId: PermissionController.GetAll + responses: + "200": + description: '{permission} string' + /permission/{id}/{relation[get]}: + get: + tags: + - permission + description: |- + find auth by permission +
+ operationId: PermissionController.Get parameters: - in: path - name: authId - description: the authid you want to get + name: id + description: the permission you want to get required: true type: string responses: "200": description: '{auth} models.auth' - "403": - description: :authId is empty - delete: + /permission/{permission_id}/{role_id}/{relation}: + post: tags: - - auth + - permission description: |- - delete the auth + bind the permission to role
- operationId: AuthController.Delete + operationId: PermissionController.Bind parameters: - in: path - name: authId - description: The authId you want to delete + name: role_id + description: The role_id you want to bind + required: true + type: string + - in: path + name: method + description: The method you want to relate role & permission + required: true + type: string + - in: path + name: permission_id + description: The permission_id you want to bind + required: true + type: string + responses: + "200": + description: '{string} bind success!' + delete: + tags: + - permission + description: |- + unbind the permission to role +
+ operationId: PermissionController.UnBind + parameters: + - in: path + name: role_id + description: The role_id you want to unbind + required: true + type: string + - in: path + name: relation + description: The method you want to unrelate role & permission + required: true + type: string + - in: path + name: permission_id + description: The permission_id you want to unbind + required: true + type: string + responses: + "200": + description: '{string} bind success!' + /permission/clear: + delete: + tags: + - permission + description: |- + clear the permission +
+ operationId: PermissionController.Clear + responses: + "200": + description: '{string} delete success!' + /permission/role/{id}: + get: + tags: + - permission + description: |- + find permission by role id +
+ operationId: PermissionController.GetByRole + parameters: + - in: path + name: id + description: the id you want to get + required: true + type: string + responses: + "200": + description: '{auth} string' + /permission/user/{id}: + get: + tags: + - permission + description: |- + find permission by user id +
+ operationId: PermissionController.GetByUser + parameters: + - in: path + name: id + description: the id you want to get + required: true + type: string + responses: + "200": + description: '{auth} string' + /role/: + get: + tags: + - role + description: |- + find roles +
+ operationId: RoleController.GetAll + responses: + "200": + description: '{role} string' + /role/{id}: + get: + tags: + - role + description: |- + find role by id +
+ operationId: RoleController.Get + parameters: + - in: path + name: id + description: the id you want to get + required: true + type: string + responses: + "200": + description: '{role} string' + post: + tags: + - role + description: |- + create role +
+ operationId: RoleController.Create + parameters: + - in: path + name: id + description: the id you want to get + required: true + type: string + responses: + "200": + description: '{auth} create success!' + delete: + tags: + - role + description: |- + delete the role +
+ operationId: RoleController.Delete + parameters: + - in: path + name: id + description: The id you want to delete required: true type: string responses: "200": description: '{string} delete success!' - "403": - description: authId is empty - /auth/discover/{url}: - get: - tags: - - auth - description: |- - find auth by authid -
- operationId: AuthController.Get - parameters: - - in: path - name: authId - description: the authid you want to get - required: true - type: string - responses: - "200": - description: '{auth} models.auth' - "403": - description: :authId is empty - /auth/find/{query}: - get: - tags: - - auth - description: |- - find auths with query -
- operationId: AuthController.Find - parameters: - - in: path - name: query - description: the keywords you need - required: true - type: string - responses: - "200": - description: '{auths} []models.auth' - "403": - description: "" - /registration/: + /role/{user_id}/{role_id}: post: tags: - - registration + - role description: |- - create auths + bind the role to user
- operationId: RegistrationController.Create + operationId: RoleController.Bind parameters: - - in: body - name: body - description: The app info + - in: path + name: user_id + description: The user_id you want to bind required: true - schema: - $ref: '#/definitions/models.Application' + type: string + - in: path + name: role_id + description: The role_id you want to bind + required: true + type: string responses: "200": - description: '{string} models.auth.Id' - "403": - description: body is empty + description: '{string} bind success!' + delete: + tags: + - role + description: |- + unbind the role to user +
+ operationId: RoleController.UnBind + parameters: + - in: path + name: role_id + description: The role_id you want to unbind + required: true + type: string + - in: path + name: user_id + description: The user_id you want to unbind + required: true + type: string + responses: + "200": + description: '{string} bind success!' + /role/clear: + delete: + tags: + - role + description: |- + clear the role +
+ operationId: RoleController.Clear + responses: + "200": + description: '{string} delete success!' + /role/user/{id}: + get: + tags: + - role + description: |- + find role by user id +
+ operationId: RoleController.GetByUser + parameters: + - in: path + name: id + description: the id you want to get + required: true + type: string + responses: + "200": + description: '{auth} string' /version/: get: tags: @@ -140,29 +388,32 @@ paths: responses: "200": description: "" + /version/discovery: + get: + tags: + - version + description: |- + get version +
+ operationId: VersionController.Get + responses: + "200": + description: "" definitions: - models.Application: - title: Application + models.Token: + title: Token type: object - properties: - access_token: - type: string - callback_url: - type: string - client_id: - type: string - client_name: - type: string - client_secret: - type: string - models.auth: - title: auth + models.workflow: + title: workflow type: object tags: - name: auth description: | Operations about auth -- name: registration +- name: role + description: | + Operations about auth +- name: permission description: | Operations about auth - name: version