Arsharth/dex
1
0
Fork 0
forked from mystiq/dex
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #556 from ericchiang/bump-go-oidc-to-remove-capnslog-dependency

Browse source 
*: update go-oidc to remove dependency on capnslog
This commit is contained in:
Eric Chiang 2016-08-16 12:54:23 -07:00 committed by GitHub
commit b33227bcd4
8 changed files with 31 additions and 54 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
glide.lock generated
View file

@ -1,10 +1,10 @@
hash: 2e6ef5ae85fe17d9b695b37ba6875b438a617692cc1f6fefc682c4e405a4dcf1
updated: 2016-06-28T10:36:39.146887182-07:00
hash: 9e02d162b5001e9ba3028f5cac8b8a85f73be2e7546a4add488b446821e13da6
updated: 2016-08-16T12:24:59.701803152-07:00
imports:
- name: github.com/andybalholm/cascadia
version: 6122e68c2642b7b75c538a63b15168c6c80fb757
- name: github.com/coreos/go-oidc
version: 5aa9381f6e998aa16cc96b4347d33dcc29792864
version: 1efe0e1303a62da553fcb6beb8bd2aa9250c0ca8
subpackages:
- http
- jose
@ -14,7 +14,6 @@ imports:
- name: github.com/coreos/pkg
version: fa94270d4bac0d8ae5dc6b71894e251aada93f74
subpackages:
- capnslog
- flagutil
- health
- httputil

3
glide.yaml
View file

@ -5,7 +5,7 @@ import:
- package: github.com/andybalholm/cascadia
version: 6122e68c2642b7b75c538a63b15168c6c80fb757
- package: github.com/coreos/go-oidc
version: 5aa9381f6e998aa16cc96b4347d33dcc29792864
version: 1efe0e1303a62da553fcb6beb8bd2aa9250c0ca8
subpackages:
- http
- jose
@ -15,7 +15,6 @@ import:
- package: github.com/coreos/pkg
version: fa94270d4bac0d8ae5dc6b71894e251aada93f74
subpackages:
- capnslog
- flagutil
- health
- httputil

11
vendor/github.com/coreos/go-oidc/http/http.go generated vendored
View file

@ -4,18 +4,13 @@ import (
"encoding/base64"
"encoding/json"
"errors"
"log"
"net/http"
"net/url"
"path"
"strconv"
"strings"
"time"
"github.com/coreos/pkg/capnslog"
)
var (
log = capnslog.NewPackageLogger("github.com/coreos/go-oidc", "http")
)
func WriteError(w http.ResponseWriter, code int, msg string) {
@ -26,7 +21,9 @@ func WriteError(w http.ResponseWriter, code int, msg string) {
}
b, err := json.Marshal(e)
if err != nil {
log.Errorf("Failed marshaling %#v to JSON: %v", e, err)
log.Printf("go-oidc: failed to marshal %#v: %v", e, err)
code = http.StatusInternalServerError
b = []byte(`{"error":"server_error"}`)
}
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(code)

14
vendor/github.com/coreos/go-oidc/http/middleware.go generated vendored
View file

@ -1,14 +0,0 @@
package http
import (
"net/http"
)
type LoggingMiddleware struct {
Next http.Handler
}
func (l *LoggingMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request) {
log.Infof("HTTP %s %v", r.Method, r.URL)
l.Next.ServeHTTP(w, r)
}

14
vendor/github.com/coreos/go-oidc/key/rotate.go generated vendored
View file

@ -2,16 +2,14 @@ package key
import (
"errors"
"log"
"time"
"github.com/coreos/pkg/capnslog"
ptime "github.com/coreos/pkg/timeutil"
"github.com/jonboulle/clockwork"
)
var (
log = capnslog.NewPackageLogger("github.com/coreos/go-oidc", "key")
ErrorPrivateKeysExpired = errors.New("private keys have expired")
)
@ -67,7 +65,6 @@ func (r *PrivateKeyRotator) privateKeySet() (*PrivateKeySet, error) {
func (r *PrivateKeyRotator) nextRotation() (time.Duration, error) {
pks, err := r.privateKeySet()
if err == ErrorNoKeys {
log.Infof("No keys in private key set; must rotate immediately")
return 0, nil
}
if err != nil {
@ -94,17 +91,15 @@ func (r *PrivateKeyRotator) Run() chan struct{} {
attempt := func() {
k, err := r.generateKey()
if err != nil {
log.Errorf("Failed generating signing key: %v", err)
log.Printf("go-oidc: failed generating signing key: %v", err)
return
}
exp := r.expiresAt()
if err := rotatePrivateKeys(r.repo, k, r.keep, exp); err != nil {
log.Errorf("Failed key rotation: %v", err)
log.Printf("go-oidc: key rotation failed: %v", err)
return
}
log.Infof("Rotated signing keys: id=%s expiresAt=%s", k.ID(), exp)
}
stop := make(chan struct{})
@ -118,11 +113,10 @@ func (r *PrivateKeyRotator) Run() chan struct{} {
break
}
sleep = ptime.ExpBackoff(sleep, time.Minute)
log.Errorf("error getting nextRotation, retrying in %v: %v", sleep, err)
log.Printf("go-oidc: error getting nextRotation, retrying in %v: %v", sleep, err)
time.Sleep(sleep)
}
log.Infof("will rotate keys in %v", nextRotation)
select {
case <-r.clock.After(nextRotation):
attempt()

6
vendor/github.com/coreos/go-oidc/key/rotate_test.go generated vendored
View file

@ -92,7 +92,7 @@ func TestRotate(t *testing.T) {
if tt.start != nil {
err := repo.Set(tt.start)
if err != nil {
log.Fatalf("case %d: unexpected error: %v", i, err)
t.Fatalf("case %d: unexpected error: %v", i, err)
}
}
@ -242,7 +242,7 @@ func TestNextRotation(t *testing.T) {
}
err := kRepo.Set(pks)
if err != nil {
log.Fatalf("case %d: unexpected error: %v", i, err)
t.Fatalf("case %d: unexpected error: %v", i, err)
}
}
@ -300,7 +300,7 @@ func TestHealthy(t *testing.T) {
}
err := kRepo.Set(pks)
if err != nil {
log.Fatalf("case %d: unexpected error: %v", i, err)
t.Fatalf("case %d: unexpected error: %v", i, err)
}
}

6
vendor/github.com/coreos/go-oidc/key/sync.go generated vendored
View file

@ -2,6 +2,7 @@ package key
import (
"errors"
"log"
"time"
"github.com/jonboulle/clockwork"
@ -38,15 +39,14 @@ func (s *KeySetSyncer) Run() chan struct{} {
next = timeutil.ExpBackoff(next, time.Minute)
}
if exp == 0 {
log.Errorf("Synced to already expired key set, retrying in %v: %v", next, err)
log.Printf("Synced to already expired key set, retrying in %v: %v", next, err)
} else {
log.Errorf("Failed syncing key set, retrying in %v: %v", next, err)
log.Printf("Failed syncing key set, retrying in %v: %v", next, err)
}
} else {
failing = false
next = exp / 2
log.Infof("Synced key set, checking again in %v", next)
}
select {

24
vendor/github.com/coreos/go-oidc/oidc/provider.go generated vendored
View file

@ -4,13 +4,13 @@ import (
"encoding/json"
"errors"
"fmt"
"log"
"net/http"
"net/url"
"strings"
"sync"
"time"
"github.com/coreos/pkg/capnslog"
"github.com/coreos/pkg/timeutil"
"github.com/jonboulle/clockwork"
@ -18,10 +18,6 @@ import (
"github.com/coreos/go-oidc/oauth2"
)
var (
log = capnslog.NewPackageLogger("github.com/coreos/go-oidc", "http")
)
const (
// Subject Identifier types defined by the OIDC spec. Specifies if the provider
// should provide the same sub claim value to all clients (public) or a unique
@ -69,6 +65,8 @@ type ProviderConfig struct {
UserInfoEndpoint *url.URL
KeysEndpoint *url.URL // Required
RegistrationEndpoint *url.URL
EndSessionEndpoint *url.URL
CheckSessionIFrame *url.URL
// Servers MAY choose not to advertise some supported scope values even when this
// parameter is used, although those defined in OpenID Core SHOULD be listed, if supported.
@ -170,6 +168,8 @@ type encodableProviderConfig struct {
UserInfoEndpoint string `json:"userinfo_endpoint,omitempty"`
KeysEndpoint string `json:"jwks_uri"`
RegistrationEndpoint string `json:"registration_endpoint,omitempty"`
EndSessionEndpoint string `json:"end_session_endpoint,omitempty"`
CheckSessionIFrame string `json:"check_session_iframe,omitempty"`
// Use 'omitempty' for all slices as per OIDC spec:
// "Claims that return multiple values are represented as JSON arrays.
@ -219,6 +219,8 @@ func (cfg ProviderConfig) toEncodableStruct() encodableProviderConfig {
UserInfoEndpoint: uriToString(cfg.UserInfoEndpoint),
KeysEndpoint: uriToString(cfg.KeysEndpoint),
RegistrationEndpoint: uriToString(cfg.RegistrationEndpoint),
EndSessionEndpoint: uriToString(cfg.EndSessionEndpoint),
CheckSessionIFrame: uriToString(cfg.CheckSessionIFrame),
ScopesSupported: cfg.ScopesSupported,
ResponseTypesSupported: cfg.ResponseTypesSupported,
ResponseModesSupported: cfg.ResponseModesSupported,
@ -260,6 +262,8 @@ func (e encodableProviderConfig) toStruct() (ProviderConfig, error) {
UserInfoEndpoint: p.parseURI(e.UserInfoEndpoint, "userinfo_endpoint"),
KeysEndpoint: p.parseURI(e.KeysEndpoint, "jwks_uri"),
RegistrationEndpoint: p.parseURI(e.RegistrationEndpoint, "registration_endpoint"),
EndSessionEndpoint: p.parseURI(e.EndSessionEndpoint, "end_session_endpoint"),
CheckSessionIFrame: p.parseURI(e.CheckSessionIFrame, "check_session_iframe"),
ScopesSupported: e.ScopesSupported,
ResponseTypesSupported: e.ResponseTypesSupported,
ResponseModesSupported: e.ResponseModesSupported,
@ -364,6 +368,8 @@ func (p ProviderConfig) Valid() error {
{p.UserInfoEndpoint, "userinfo_endpoint", false},
{p.KeysEndpoint, "jwks_uri", true},
{p.RegistrationEndpoint, "registration_endpoint", false},
{p.EndSessionEndpoint, "end_session_endpoint", false},
{p.CheckSessionIFrame, "check_session_iframe", false},
{p.ServiceDocs, "service_documentation", false},
{p.Policy, "op_policy_uri", false},
{p.TermsOfService, "op_tos_uri", false},
@ -537,8 +543,6 @@ func (s *ProviderConfigSyncer) sync() (time.Duration, error) {
s.initialSyncDone = true
}
log.Debugf("Updating provider config: config=%#v", cfg)
return nextSyncAfter(cfg.ExpiresAt, s.clock), nil
}
@ -561,10 +565,9 @@ func (n *pcsStepNext) step(fn pcsStepFunc) (next pcsStepper) {
ttl, err := fn()
if err == nil {
next = &pcsStepNext{aft: ttl}
log.Debugf("Synced provider config, next attempt in %v", next.after())
} else {
next = &pcsStepRetry{aft: time.Second}
log.Errorf("Provider config sync failed, retrying in %v: %v", next.after(), err)
log.Printf("go-oidc: provider config sync falied, retyring in %v: %v", next.after(), err)
}
return
}
@ -581,10 +584,9 @@ func (r *pcsStepRetry) step(fn pcsStepFunc) (next pcsStepper) {
ttl, err := fn()
if err == nil {
next = &pcsStepNext{aft: ttl}
log.Infof("Provider config sync no longer failing")
} else {
next = &pcsStepRetry{aft: timeutil.ExpBackoff(r.aft, time.Minute)}
log.Errorf("Provider config sync still failing, retrying in %v: %v", next.after(), err)
log.Printf("go-oidc: provider config sync falied, retyring in %v: %v", next.after(), err)
}
return
}