oauth2-proxy/go.mod

module github.com/oauth2-proxy/oauth2-proxy/v7

go 1.15

require (
	github.com/Bose/minisentinel v0.0.0-20200130220412-917c5a9223bb
	github.com/alicebob/miniredis/v2 v2.13.0
	github.com/bitly/go-simplejson v0.5.0
	github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 // indirect
	github.com/coreos/go-oidc v2.2.1+incompatible
	github.com/dgrijalva/jwt-go v3.2.0+incompatible
	github.com/frankban/quicktest v1.10.0 // indirect
	github.com/fsnotify/fsnotify v1.4.9
	github.com/go-redis/redis/v8 v8.2.3
	github.com/justinas/alice v1.2.0
	github.com/mbland/hmacauth v0.0.0-20170912233209-44256dfd4bfa
	github.com/mitchellh/mapstructure v1.1.2
	github.com/onsi/ginkgo v1.14.1
	github.com/onsi/gomega v1.10.2
	github.com/pierrec/lz4 v2.5.2+incompatible
	github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 // indirect
	github.com/spf13/pflag v1.0.5
	github.com/spf13/viper v1.6.3
	github.com/stretchr/testify v1.6.1
	github.com/vmihailenco/msgpack/v4 v4.3.11
	github.com/yhat/wsutil v0.0.0-20170731153501-1d66fa95c997
	golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9
	golang.org/x/net v0.0.0-20200707034311-ab3426394381
	golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
	google.golang.org/api v0.20.0
	gopkg.in/natefinch/lumberjack.v2 v2.0.0
	gopkg.in/square/go-jose.v2 v2.4.1
	k8s.io/apimachinery v0.19.3
)
Fix import path for v7 (#800) * fix import path for v7 find ./ -name ".go" \| xargs sed -i -e 's\|"github.com/oauth2-proxy/oauth2-proxy\|"github.com/oauth2-proxy/oauth2-proxy/v7\|' fix module path * go mod tidy * fix installation docs * update CHANGELOG * Update CHANGELOG.md Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> 2020-09-29 18:44:42 +02:00			`module github.com/oauth2-proxy/oauth2-proxy/v7`
Switch from dep to go mod Update modules to avoid issues with golangci-lint 2019-07-13 22:24:40 +02:00
Update Go to 1.15 2020-09-12 06:47:42 +02:00			`go 1.15`
Switch from dep to go mod Update modules to avoid issues with golangci-lint 2019-07-13 22:24:40 +02:00
			`require (`
Parse Redis cluster and sentinel urls (#573) * Parse Redis cluster and sentinel urls * Add changelog entry for #573 * Add unit tests for redis session store * Use %v for error fmt Co-authored-by: Amnay Mokhtari <amnay.mokhtari@adevinta.com> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> 2020-05-27 19:40:50 +02:00			`github.com/Bose/minisentinel v0.0.0-20200130220412-917c5a9223bb`
Move SessionStore tests to independent package 2020-05-10 17:59:17 +02:00			`github.com/alicebob/miniredis/v2 v2.13.0`
Switch from dep to go mod Update modules to avoid issues with golangci-lint 2019-07-13 22:24:40 +02:00			`github.com/bitly/go-simplejson v0.5.0`
Implement graceful shutdown and propagate request context (#468) * feature: Implement graceful shutdown Propagate the request context to the Redis client. It is possible to propagate a context cancel to Redis client if the connection is closed by the HTTP client. The redis.Cmdable cannot use WithContext, so added the Client interface to handle redis.Client and redis.ClusterClient transparently. Added handling of Unix signals to http server. Upgrade go-redis/redis to v7. * Update dependencies - Upgrade golang/x/* and google-api-go - Migrate fsnotify import from gopkg.in to github.com - Replace bmizerany/assert with stretchr/testify/assert * add doc for wrapper interface * Update CHANGELOG.md * fix: upgrade fsnotify to v1.4.9 * fix: remove unnessary logging * fix: wait until all connections have been closed * refactor: move chan to main for testing * add assert to check if stop chan is empty * add an idiomatic for sync.WaitGroup with timeout 2020-04-04 17:12:38 +02:00			`github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 // indirect`
Support Go 1.14 (#419) * Upgrade base image tags and golangci-lint * Upgrade golang and golangci-lint in travis-ci * fix: tests, pointed out by golangci-lint and format files * Upgrade dependencies * update changelog * fix: tests related to https://github.com/pusher/oauth2_proxy/pull/418 * Separate tests using go version build tags * Update CHANGELOG * Revert "Separate tests using go version build tags" This reverts commit 9b7e65eb90cae954dc7b6316345d3207205d488a. * fix test to support go1.14 and go1.13 Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> 2020-03-14 12:14:15 +02:00			`github.com/coreos/go-oidc v2.2.1+incompatible`
Switch from dep to go mod Update modules to avoid issues with golangci-lint 2019-07-13 22:24:40 +02:00			`github.com/dgrijalva/jwt-go v3.2.0+incompatible`
Reduce SessionState size better with MessagePack + LZ4 (#632) * Encode sessions with MsgPack + LZ4 Assumes ciphers are now mandatory per #414. Cookie & Redis sessions can fallback to V5 style JSON in error cases. TODO: session_state.go unit tests & new unit tests for Legacy fallback scenarios. * Only compress encoded sessions with Cookie Store * Cleanup msgpack + lz4 error handling * Change NewBase64Cipher to take in an existing Cipher * Add msgpack & lz4 session state tests * Add required options for oauthproxy tests More aggressively assert.NoError on all validation.Validate(opts) calls to enforce legal options in all our tests. Add additional NoError checks wherever error return values were ignored. * Remove support for uncompressed session state fields * Improve error verbosity & add session state tests * Ensure all marshalled sessions are valid Invalid CFB decryptions can result in garbage data that 1/100 times might cause message pack unmarshal to not fail and instead return an empty session. This adds more rigor to make sure legacy sessions cause appropriate errors. * Add tests for legacy V5 session decoding Refactor common legacy JSON test cases to a legacy helpers area under session store tests. * Make ValidateSession a struct method & add CHANGELOG entry * Improve SessionState error & comments verbosity * Move legacy session test helpers to sessions pkg Placing these helpers under the sessions pkg removed all the circular import uses in housing it under the session store area. * Improve SignatureAuthenticator test helper formatting * Make redis.legacyV5DecodeSession internal * Make LegacyV5TestCase test table public for linter 2020-07-13 21:56:05 +02:00			`github.com/frankban/quicktest v1.10.0 // indirect`
Implement graceful shutdown and propagate request context (#468) * feature: Implement graceful shutdown Propagate the request context to the Redis client. It is possible to propagate a context cancel to Redis client if the connection is closed by the HTTP client. The redis.Cmdable cannot use WithContext, so added the Client interface to handle redis.Client and redis.ClusterClient transparently. Added handling of Unix signals to http server. Upgrade go-redis/redis to v7. * Update dependencies - Upgrade golang/x/* and google-api-go - Migrate fsnotify import from gopkg.in to github.com - Replace bmizerany/assert with stretchr/testify/assert * add doc for wrapper interface * Update CHANGELOG.md * fix: upgrade fsnotify to v1.4.9 * fix: remove unnessary logging * fix: wait until all connections have been closed * refactor: move chan to main for testing * add assert to check if stop chan is empty * add an idiomatic for sync.WaitGroup with timeout 2020-04-04 17:12:38 +02:00			`github.com/fsnotify/fsnotify v1.4.9`
Update go-redis/redis to v8 (#801) * update go-redis/redis to v8 testify, ginko and gomega have also been updated. * update changelog * Update pkg/sessions/redis/redis_store_test.go Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> 2020-10-07 12:49:27 +02:00			`github.com/go-redis/redis/v8 v8.2.3`
Add HealthCheck middleware 2020-06-14 17:42:05 +02:00			`github.com/justinas/alice v1.2.0`
Support Go 1.13.x and allow to override REGISTRY (#273) Signed-off-by: Dhi Aurrahman <dio@tetrate.io> 2019-10-07 22:53:46 +02:00			`github.com/mbland/hmacauth v0.0.0-20170912233209-44256dfd4bfa`
Add Viper based config loader 2020-04-12 22:13:52 +02:00			`github.com/mitchellh/mapstructure v1.1.2`
Update go-redis/redis to v8 (#801) * update go-redis/redis to v8 testify, ginko and gomega have also been updated. * update changelog * Update pkg/sessions/redis/redis_store_test.go Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> 2020-10-07 12:49:27 +02:00			`github.com/onsi/ginkgo v1.14.1`
			`github.com/onsi/gomega v1.10.2`
Reduce SessionState size better with MessagePack + LZ4 (#632) * Encode sessions with MsgPack + LZ4 Assumes ciphers are now mandatory per #414. Cookie & Redis sessions can fallback to V5 style JSON in error cases. TODO: session_state.go unit tests & new unit tests for Legacy fallback scenarios. * Only compress encoded sessions with Cookie Store * Cleanup msgpack + lz4 error handling * Change NewBase64Cipher to take in an existing Cipher * Add msgpack & lz4 session state tests * Add required options for oauthproxy tests More aggressively assert.NoError on all validation.Validate(opts) calls to enforce legal options in all our tests. Add additional NoError checks wherever error return values were ignored. * Remove support for uncompressed session state fields * Improve error verbosity & add session state tests * Ensure all marshalled sessions are valid Invalid CFB decryptions can result in garbage data that 1/100 times might cause message pack unmarshal to not fail and instead return an empty session. This adds more rigor to make sure legacy sessions cause appropriate errors. * Add tests for legacy V5 session decoding Refactor common legacy JSON test cases to a legacy helpers area under session store tests. * Make ValidateSession a struct method & add CHANGELOG entry * Improve SessionState error & comments verbosity * Move legacy session test helpers to sessions pkg Placing these helpers under the sessions pkg removed all the circular import uses in housing it under the session store area. * Improve SignatureAuthenticator test helper formatting * Make redis.legacyV5DecodeSession internal * Make LegacyV5TestCase test table public for linter 2020-07-13 21:56:05 +02:00			`github.com/pierrec/lz4 v2.5.2+incompatible`
Support Go 1.13.x and allow to override REGISTRY (#273) Signed-off-by: Dhi Aurrahman <dio@tetrate.io> 2019-10-07 22:53:46 +02:00			`github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 // indirect`
Aggregate error logging on JWT chain failures 2020-10-24 08:43:27 +02:00			`github.com/spf13/pflag v1.0.5`
Add Viper based config loader 2020-04-12 22:13:52 +02:00			`github.com/spf13/viper v1.6.3`
Update go-redis/redis to v8 (#801) * update go-redis/redis to v8 testify, ginko and gomega have also been updated. * update changelog * Update pkg/sessions/redis/redis_store_test.go Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> 2020-10-07 12:49:27 +02:00			`github.com/stretchr/testify v1.6.1`
Reduce SessionState size better with MessagePack + LZ4 (#632) * Encode sessions with MsgPack + LZ4 Assumes ciphers are now mandatory per #414. Cookie & Redis sessions can fallback to V5 style JSON in error cases. TODO: session_state.go unit tests & new unit tests for Legacy fallback scenarios. * Only compress encoded sessions with Cookie Store * Cleanup msgpack + lz4 error handling * Change NewBase64Cipher to take in an existing Cipher * Add msgpack & lz4 session state tests * Add required options for oauthproxy tests More aggressively assert.NoError on all validation.Validate(opts) calls to enforce legal options in all our tests. Add additional NoError checks wherever error return values were ignored. * Remove support for uncompressed session state fields * Improve error verbosity & add session state tests * Ensure all marshalled sessions are valid Invalid CFB decryptions can result in garbage data that 1/100 times might cause message pack unmarshal to not fail and instead return an empty session. This adds more rigor to make sure legacy sessions cause appropriate errors. * Add tests for legacy V5 session decoding Refactor common legacy JSON test cases to a legacy helpers area under session store tests. * Make ValidateSession a struct method & add CHANGELOG entry * Improve SessionState error & comments verbosity * Move legacy session test helpers to sessions pkg Placing these helpers under the sessions pkg removed all the circular import uses in housing it under the session store area. * Improve SignatureAuthenticator test helper formatting * Make redis.legacyV5DecodeSession internal * Make LegacyV5TestCase test table public for linter 2020-07-13 21:56:05 +02:00			`github.com/vmihailenco/msgpack/v4 v4.3.11`
Switch from dep to go mod Update modules to avoid issues with golangci-lint 2019-07-13 22:24:40 +02:00			`github.com/yhat/wsutil v0.0.0-20170731153501-1d66fa95c997`
Aggregate error logging on JWT chain failures 2020-10-24 08:43:27 +02:00			`golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9`
			`golang.org/x/net v0.0.0-20200707034311-ab3426394381`
Support Go 1.14 (#419) * Upgrade base image tags and golangci-lint * Upgrade golang and golangci-lint in travis-ci * fix: tests, pointed out by golangci-lint and format files * Upgrade dependencies * update changelog * fix: tests related to https://github.com/pusher/oauth2_proxy/pull/418 * Separate tests using go version build tags * Update CHANGELOG * Revert "Separate tests using go version build tags" This reverts commit 9b7e65eb90cae954dc7b6316345d3207205d488a. * fix test to support go1.14 and go1.13 Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> 2020-03-14 12:14:15 +02:00			`golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d`
Implement graceful shutdown and propagate request context (#468) * feature: Implement graceful shutdown Propagate the request context to the Redis client. It is possible to propagate a context cancel to Redis client if the connection is closed by the HTTP client. The redis.Cmdable cannot use WithContext, so added the Client interface to handle redis.Client and redis.ClusterClient transparently. Added handling of Unix signals to http server. Upgrade go-redis/redis to v7. * Update dependencies - Upgrade golang/x/* and google-api-go - Migrate fsnotify import from gopkg.in to github.com - Replace bmizerany/assert with stretchr/testify/assert * add doc for wrapper interface * Update CHANGELOG.md * fix: upgrade fsnotify to v1.4.9 * fix: remove unnessary logging * fix: wait until all connections have been closed * refactor: move chan to main for testing * add assert to check if stop chan is empty * add an idiomatic for sync.WaitGroup with timeout 2020-04-04 17:12:38 +02:00			`google.golang.org/api v0.20.0`
Support Go 1.13.x and allow to override REGISTRY (#273) Signed-off-by: Dhi Aurrahman <dio@tetrate.io> 2019-10-07 22:53:46 +02:00			`gopkg.in/natefinch/lumberjack.v2 v2.0.0`
Support Go 1.14 (#419) * Upgrade base image tags and golangci-lint * Upgrade golang and golangci-lint in travis-ci * fix: tests, pointed out by golangci-lint and format files * Upgrade dependencies * update changelog * fix: tests related to https://github.com/pusher/oauth2_proxy/pull/418 * Separate tests using go version build tags * Update CHANGELOG * Revert "Separate tests using go version build tags" This reverts commit 9b7e65eb90cae954dc7b6316345d3207205d488a. * fix test to support go1.14 and go1.13 Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> 2020-03-14 12:14:15 +02:00			`gopkg.in/square/go-jose.v2 v2.4.1`
Aggregate error logging on JWT chain failures 2020-10-24 08:43:27 +02:00			`k8s.io/apimachinery v0.19.3`
Switch from dep to go mod Update modules to avoid issues with golangci-lint 2019-07-13 22:24:40 +02:00			`)`