go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2024-11-28 09:08:44 +02:00
Code Issues Releases Activity
2e9c30ac12
oauth2-proxy/go.mod

86 lines
3.7 KiB
Modula-2
Raw Normal View History

Fix import path for v7 (#800) * fix import path for v7 find ./ -name "*.go" | xargs sed -i -e 's|"github.com/oauth2-proxy/oauth2-proxy|"github.com/oauth2-proxy/oauth2-proxy/v7|' * fix module path * go mod tidy * fix installation docs * update CHANGELOG * Update CHANGELOG.md Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2020-09-29 18:44:42 +02:00
module github.com/oauth2-proxy/oauth2-proxy/v7
Switch from dep to go mod Update modules to avoid issues with golangci-lint
2019-07-13 22:24:40 +02:00
Update go version to 1.17 This includes the change to the pruned module graph with the converted go.mod for Go 1.17 https://go.dev/doc/go1.17#go-command
2021-12-17 17:37:43 +02:00
go 1.17
Switch from dep to go mod Update modules to avoid issues with golangci-lint
2019-07-13 22:24:40 +02:00
require (
Parse Redis cluster and sentinel urls (#573) * Parse Redis cluster and sentinel urls * Add changelog entry for #573 * Add unit tests for redis session store * Use %v for error fmt Co-authored-by: Amnay Mokhtari <amnay.mokhtari@adevinta.com> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2020-05-27 19:40:50 +02:00
github.com/Bose/minisentinel v0.0.0-20200130220412-917c5a9223bb
Move SessionStore tests to independent package
2020-05-10 17:59:17 +02:00
github.com/alicebob/miniredis/v2 v2.13.0
Add a clock package for better time mocking (#1136) * Add a clock package for better time mocking * Make Clock a struct so it doesn't need initialization * Test clock package * Use atomic for live time tests * Refer to same clock.Mock throughout methods
2021-04-18 19:25:57 +02:00
github.com/benbjohnson/clock v1.1.1-0.20210213131748-c97fc7b6bee0
Switch from dep to go mod Update modules to avoid issues with golangci-lint
2019-07-13 22:24:40 +02:00
github.com/bitly/go-simplejson v0.5.0
Add redis lock feature (#1063) * Add sensible logging flag to default setup for logger * Add Redis lock * Fix default value flag for sensitive logging * Split RefreshSessionIfNeeded in two methods and use Redis lock * Small adjustments to doc and code * Remove sensible logging * Fix method names in ticket.go * Revert "Fix method names in ticket.go" This reverts commit 408ba1a1a5c55a3cad507a0be8634af1977769cb. * Fix methods name in ticket.go * Remove block in Redis client get * Increase lock time to 1 second * Perform retries, if session store is locked * Reverse if condition, because it should return if session does not have to be refreshed * Update go.sum * Update MockStore * Return error if loading session fails * Fix and update tests * Change validSession to session in docs and strings * Change validSession to session in docs and strings * Fix docs * Fix wrong field name * Fix linting * Fix imports for linting * Revert changes except from locking functionality * Add lock feature on session state * Update from master * Remove errors package, because it is not used * Only pass context instead of request to lock * Use lock key * By default use NoOpLock * Remove debug output * Update ticket_test.go * Map internal error to sessions error * Add ErrLockNotObtained * Enable lock peek for all redis clients * Use lock key prefix consistent * Fix imports * Use exists method for peek lock * Fix imports * Fix imports * Fix imports * Remove own Dockerfile * Fix imports * Fix tests for ticket and session store * Fix session store test * Update pkg/apis/sessions/interfaces.go Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> * Do not wrap lock method Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> * Use errors package for lock constants * Use better naming for initLock function * Add comments * Add session store lock test * Fix tests * Fix tests * Fix tests * Fix tests * Add cookies after saving session * Add mock lock * Fix imports for mock_lock.go * Store mock lock for key * Apply elapsed time on mock lock * Check if lock is initially applied * Reuse existing lock * Test all lock methods * Update CHANGELOG.md * Use redis client methods in redis.lock for release an refresh * Use lock key suffix instead of prefix for lock key * Add comments for Lock interface * Update comment for Lock interface * Update CHANGELOG.md * Change LockSuffix to const * Check lock on already loaded session * Use global var for loadedSession in lock tests * Use lock instance for refreshing and releasing of lock * Update possible error type for Refresh Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2021-06-02 20:08:19 +02:00
github.com/bsm/redislock v0.7.0
Upgrade go-oidc to v3 (#1264)
2021-07-17 18:55:05 +02:00
github.com/coreos/go-oidc/v3 v3.0.0
Add DiscoveryProvider to perform OIDC discovery
2022-02-16 15:25:59 +02:00
github.com/dgrijalva/jwt-go v3.2.0+incompatible
Implement graceful shutdown and propagate request context (#468) * feature: Implement graceful shutdown Propagate the request context to the Redis client. It is possible to propagate a context cancel to Redis client if the connection is closed by the HTTP client. The redis.Cmdable cannot use WithContext, so added the Client interface to handle redis.Client and redis.ClusterClient transparently. Added handling of Unix signals to http server. Upgrade go-redis/redis to v7. * Update dependencies - Upgrade golang/x/* and google-api-go - Migrate fsnotify import from gopkg.in to github.com - Replace bmizerany/assert with stretchr/testify/assert * add doc for wrapper interface * Update CHANGELOG.md * fix: upgrade fsnotify to v1.4.9 * fix: remove unnessary logging * fix: wait until all connections have been closed * refactor: move chan to main for testing * add assert to check if stop chan is empty * add an idiomatic for sync.WaitGroup with timeout
2020-04-04 17:12:38 +02:00
github.com/fsnotify/fsnotify v1.4.9
Introduce alpha configuration loading
2020-11-09 22:17:43 +02:00
github.com/ghodss/yaml v1.0.1-0.20190212211648-25d852aebe32
Update go-redis/redis to v8 (#801) * update go-redis/redis to v8 testify, ginko and gomega have also been updated. * update changelog * Update pkg/sessions/redis/redis_store_test.go Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2020-10-07 12:49:27 +02:00
github.com/go-redis/redis/v8 v8.2.3
Updated dependency versions which include CVE fixes (#1276) * switched to github.com/golang-jwt/jwt and updated golang.org/x/crypto to include CVE fixes * added #1276 to changelog Co-authored-by: Joshua Vécsei <git@vecsei.me>
2021-07-29 18:45:41 +02:00
github.com/golang-jwt/jwt v3.2.1+incompatible
Request ID Logging (#1087) * Add RequestID to the RequestScope * Expose RequestID to auth & request loggers * Use the RequestID in templated HTML pages * Allow customizing the RequestID header * Document new Request ID support * Add more cases to scope/requestID tests * Split Get vs Generate RequestID funtionality * Add {{.RequestID}} to the request logger tests * Move RequestID management to RequestScope * Use HTML escape instead of sanitization for Request ID rendering
2021-03-21 20:20:57 +02:00
github.com/google/uuid v1.2.0
Replace standard serve mux with gorilla mux
2021-02-22 17:55:08 +02:00
github.com/gorilla/mux v1.8.0
Add HealthCheck middleware
2020-06-14 17:42:05 +02:00
github.com/justinas/alice v1.2.0
Support Go 1.13.x and allow to override REGISTRY (#273) Signed-off-by: Dhi Aurrahman <dio@tetrate.io>
2019-10-07 22:53:46 +02:00
github.com/mbland/hmacauth v0.0.0-20170912233209-44256dfd4bfa
Add Viper based config loader
2020-04-12 22:13:52 +02:00
github.com/mitchellh/mapstructure v1.1.2
Add DiscoveryProvider to perform OIDC discovery
2022-02-16 15:25:59 +02:00
github.com/oauth2-proxy/mockoidc v0.0.0-20210703044157-382d3faf2671
Generate reference page in configuration
2020-11-07 18:30:00 +02:00
github.com/oauth2-proxy/tools/reference-gen v0.0.0-20210118095127-56ffd7384404
Update go-redis/redis to v8 (#801) * update go-redis/redis to v8 testify, ginko and gomega have also been updated. * update changelog * Update pkg/sessions/redis/redis_store_test.go Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2020-10-07 12:49:27 +02:00
github.com/onsi/ginkgo v1.14.1
github.com/onsi/gomega v1.10.2
Reduce SessionState size better with MessagePack + LZ4 (#632) * Encode sessions with MsgPack + LZ4 Assumes ciphers are now mandatory per #414. Cookie & Redis sessions can fallback to V5 style JSON in error cases. TODO: session_state.go unit tests & new unit tests for Legacy fallback scenarios. * Only compress encoded sessions with Cookie Store * Cleanup msgpack + lz4 error handling * Change NewBase64Cipher to take in an existing Cipher * Add msgpack & lz4 session state tests * Add required options for oauthproxy tests More aggressively assert.NoError on all validation.Validate(opts) calls to enforce legal options in all our tests. Add additional NoError checks wherever error return values were ignored. * Remove support for uncompressed session state fields * Improve error verbosity & add session state tests * Ensure all marshalled sessions are valid Invalid CFB decryptions can result in garbage data that 1/100 times might cause message pack unmarshal to not fail and instead return an empty session. This adds more rigor to make sure legacy sessions cause appropriate errors. * Add tests for legacy V5 session decoding Refactor common legacy JSON test cases to a legacy helpers area under session store tests. * Make ValidateSession a struct method & add CHANGELOG entry * Improve SessionState error & comments verbosity * Move legacy session test helpers to sessions pkg Placing these helpers under the sessions pkg removed all the circular import uses in housing it under the session store area. * Improve SignatureAuthenticator test helper formatting * Make redis.legacyV5DecodeSession internal * Make LegacyV5TestCase test table public for linter
2020-07-13 21:56:05 +02:00
github.com/pierrec/lz4 v2.5.2+incompatible
Add Prometheus metrics endpoint Add the Prometheus http.Handler to serve metrics at MetricsPath ("/metrics" by default). This allows Prometheus to scrape metrics from OAuth2 Proxy. Add a new middleware NewRequestMetrics and attach it to the preAuth chain. This will collect metrics on all requests made to OAuth2 Proxy Collapse some calls to Prinf() and os.Exit(1) to Fatalf as they are equivalent. main() has a strict 50 lines limit so brevity in these calls appreciated
2021-01-07 13:52:50 +02:00
github.com/prometheus/client_golang v1.9.0
Add claim extractor provider util
2021-06-26 12:48:49 +02:00
github.com/spf13/cast v1.3.0
Aggregate error logging on JWT chain failures
2020-10-24 08:43:27 +02:00
github.com/spf13/pflag v1.0.5
Add Viper based config loader
2020-04-12 22:13:52 +02:00
github.com/spf13/viper v1.6.3
Add DiscoveryProvider to perform OIDC discovery
2022-02-16 15:25:59 +02:00
github.com/stretchr/testify v1.7.0
Reduce SessionState size better with MessagePack + LZ4 (#632) * Encode sessions with MsgPack + LZ4 Assumes ciphers are now mandatory per #414. Cookie & Redis sessions can fallback to V5 style JSON in error cases. TODO: session_state.go unit tests & new unit tests for Legacy fallback scenarios. * Only compress encoded sessions with Cookie Store * Cleanup msgpack + lz4 error handling * Change NewBase64Cipher to take in an existing Cipher * Add msgpack & lz4 session state tests * Add required options for oauthproxy tests More aggressively assert.NoError on all validation.Validate(opts) calls to enforce legal options in all our tests. Add additional NoError checks wherever error return values were ignored. * Remove support for uncompressed session state fields * Improve error verbosity & add session state tests * Ensure all marshalled sessions are valid Invalid CFB decryptions can result in garbage data that 1/100 times might cause message pack unmarshal to not fail and instead return an empty session. This adds more rigor to make sure legacy sessions cause appropriate errors. * Add tests for legacy V5 session decoding Refactor common legacy JSON test cases to a legacy helpers area under session store tests. * Make ValidateSession a struct method & add CHANGELOG entry * Improve SessionState error & comments verbosity * Move legacy session test helpers to sessions pkg Placing these helpers under the sessions pkg removed all the circular import uses in housing it under the session store area. * Improve SignatureAuthenticator test helper formatting * Make redis.legacyV5DecodeSession internal * Make LegacyV5TestCase test table public for linter
2020-07-13 21:56:05 +02:00
github.com/vmihailenco/msgpack/v4 v4.3.11
Updated dependency versions which include CVE fixes (#1276) * switched to github.com/golang-jwt/jwt and updated golang.org/x/crypto to include CVE fixes * added #1276 to changelog Co-authored-by: Joshua Vécsei <git@vecsei.me>
2021-07-29 18:45:41 +02:00
golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110
Support Go 1.14 (#419) * Upgrade base image tags and golangci-lint * Upgrade golang and golangci-lint in travis-ci * fix: tests, pointed out by golangci-lint and format files * Upgrade dependencies * update changelog * fix: tests related to https://github.com/pusher/oauth2_proxy/pull/418 * Separate tests using go version build tags * Update CHANGELOG * Revert "Separate tests using go version build tags" This reverts commit 9b7e65eb90cae954dc7b6316345d3207205d488a. * fix test to support go1.14 and go1.13 Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2020-03-14 12:14:15 +02:00
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
Add new http server implementation
2021-02-14 15:50:35 +02:00
golang.org/x/sync v0.0.0-20201207232520-09787c993a3a
Implement graceful shutdown and propagate request context (#468) * feature: Implement graceful shutdown Propagate the request context to the Redis client. It is possible to propagate a context cancel to Redis client if the connection is closed by the HTTP client. The redis.Cmdable cannot use WithContext, so added the Client interface to handle redis.Client and redis.ClusterClient transparently. Added handling of Unix signals to http server. Upgrade go-redis/redis to v7. * Update dependencies - Upgrade golang/x/* and google-api-go - Migrate fsnotify import from gopkg.in to github.com - Replace bmizerany/assert with stretchr/testify/assert * add doc for wrapper interface * Update CHANGELOG.md * fix: upgrade fsnotify to v1.4.9 * fix: remove unnessary logging * fix: wait until all connections have been closed * refactor: move chan to main for testing * add assert to check if stop chan is empty * add an idiomatic for sync.WaitGroup with timeout
2020-04-04 17:12:38 +02:00
google.golang.org/api v0.20.0
Support Go 1.13.x and allow to override REGISTRY (#273) Signed-off-by: Dhi Aurrahman <dio@tetrate.io>
2019-10-07 22:53:46 +02:00
gopkg.in/natefinch/lumberjack.v2 v2.0.0
Upgrade go-oidc to v3 (#1264)
2021-07-17 18:55:05 +02:00
gopkg.in/square/go-jose.v2 v2.5.1
Aggregate error logging on JWT chain failures
2020-10-24 08:43:27 +02:00
k8s.io/apimachinery v0.19.3
Switch from dep to go mod Update modules to avoid issues with golangci-lint
2019-07-13 22:24:40 +02:00
)
Update go version to 1.17 This includes the change to the pruned module graph with the converted go.mod for Go 1.17 https://go.dev/doc/go1.17#go-command
2021-12-17 17:37:43 +02:00
require (
cloud.google.com/go v0.38.0 // indirect
github.com/alicebob/gopher-json v0.0.0-20200520072559-a9ecdc9d1d3a // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 // indirect
github.com/cespare/xxhash/v2 v2.1.1 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
github.com/frankban/quicktest v1.10.0 // indirect
github.com/go-logr/logr v0.2.0 // indirect
github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7 // indirect
github.com/golang/protobuf v1.4.3 // indirect
github.com/googleapis/gax-go/v2 v2.0.5 // indirect
github.com/hashicorp/hcl v1.0.0 // indirect
github.com/magiconair/properties v1.8.1 // indirect
github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
github.com/nxadm/tail v1.4.4 // indirect
github.com/pelletier/go-toml v1.2.0 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/prometheus/client_model v0.2.0 // indirect
github.com/prometheus/common v0.15.0 // indirect
github.com/prometheus/procfs v0.2.0 // indirect
github.com/spf13/afero v1.1.2 // indirect
github.com/spf13/jwalterweatherman v1.0.0 // indirect
github.com/subosito/gotenv v1.2.0 // indirect
github.com/vmihailenco/tagparser v0.1.1 // indirect
github.com/yuin/gopher-lua v0.0.0-20191220021717-ab39c6098bdb // indirect
go.opencensus.io v0.22.2 // indirect
go.opentelemetry.io/otel v0.11.0 // indirect
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1 // indirect
golang.org/x/text v0.3.3 // indirect
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 // indirect
google.golang.org/appengine v1.6.5 // indirect
google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013 // indirect
google.golang.org/grpc v1.27.0 // indirect
google.golang.org/protobuf v1.24.0 // indirect
gopkg.in/ini.v1 v1.51.0 // indirect
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
gopkg.in/yaml.v2 v2.3.0 // indirect
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c // indirect
k8s.io/gengo v0.0.0-20201113003025-83324d819ded // indirect
k8s.io/klog/v2 v2.4.0 // indirect
)
Reference in New Issue Copy Permalink