*: revendor

glide.lock

@@ -1,10 +1,10 @@
-hash: 2e6ef5ae85fe17d9b695b37ba6875b438a617692cc1f6fefc682c4e405a4dcf1
+hash: 9e02d162b5001e9ba3028f5cac8b8a85f73be2e7546a4add488b446821e13da6
-updated: 2016-06-28T10:36:39.146887182-07:00
+updated: 2016-08-16T12:24:59.701803152-07:00
 imports:
 - name: github.com/andybalholm/cascadia
   version: 6122e68c2642b7b75c538a63b15168c6c80fb757
 - name: github.com/coreos/go-oidc
-  version: 5aa9381f6e998aa16cc96b4347d33dcc29792864
+  version: 1efe0e1303a62da553fcb6beb8bd2aa9250c0ca8
   subpackages:
   - http
   - jose
@@ -14,7 +14,6 @@ imports:
 - name: github.com/coreos/pkg
   version: fa94270d4bac0d8ae5dc6b71894e251aada93f74
   subpackages:
-  - capnslog
   - flagutil
   - health
   - httputil

vendor/github.com/coreos/go-oidc/http/http.go

@@ -4,18 +4,13 @@ import (
 	"encoding/base64"
 	"encoding/json"
 	"errors"
+	"log"
 	"net/http"
 	"net/url"
 	"path"
 	"strconv"
 	"strings"
 	"time"
-
-	"github.com/coreos/pkg/capnslog"
-)
-
-var (
-	log = capnslog.NewPackageLogger("github.com/coreos/go-oidc", "http")
 )
 
 func WriteError(w http.ResponseWriter, code int, msg string) {
@@ -26,7 +21,9 @@ func WriteError(w http.ResponseWriter, code int, msg string) {
 	}
 	b, err := json.Marshal(e)
 	if err != nil {
-		log.Errorf("Failed marshaling %#v to JSON: %v", e, err)
+		log.Printf("go-oidc: failed to marshal %#v: %v", e, err)
+		code = http.StatusInternalServerError
+		b = []byte(`{"error":"server_error"}`)
 	}
 	w.Header().Set("Content-Type", "application/json")
 	w.WriteHeader(code)

vendor/github.com/coreos/go-oidc/http/middleware.go

@@ -1,14 +0,0 @@
-package http
-
-import (
-	"net/http"
-)
-
-type LoggingMiddleware struct {
-	Next http.Handler
-}
-
-func (l *LoggingMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request) {
-	log.Infof("HTTP %s %v", r.Method, r.URL)
-	l.Next.ServeHTTP(w, r)
-}

vendor/github.com/coreos/go-oidc/key/rotate.go

@@ -2,16 +2,14 @@ package key
 
 import (
 	"errors"
+	"log"
 	"time"
 
-	"github.com/coreos/pkg/capnslog"
 	ptime "github.com/coreos/pkg/timeutil"
 	"github.com/jonboulle/clockwork"
 )
 
 var (
-	log = capnslog.NewPackageLogger("github.com/coreos/go-oidc", "key")
-
 	ErrorPrivateKeysExpired = errors.New("private keys have expired")
 )
 
@@ -67,7 +65,6 @@ func (r *PrivateKeyRotator) privateKeySet() (*PrivateKeySet, error) {
 func (r *PrivateKeyRotator) nextRotation() (time.Duration, error) {
 	pks, err := r.privateKeySet()
 	if err == ErrorNoKeys {
-		log.Infof("No keys in private key set; must rotate immediately")
 		return 0, nil
 	}
 	if err != nil {
@@ -94,17 +91,15 @@ func (r *PrivateKeyRotator) Run() chan struct{} {
 	attempt := func() {
 		k, err := r.generateKey()
 		if err != nil {
-			log.Errorf("Failed generating signing key: %v", err)
+			log.Printf("go-oidc: failed generating signing key: %v", err)
 			return
 		}
 
 		exp := r.expiresAt()
 		if err := rotatePrivateKeys(r.repo, k, r.keep, exp); err != nil {
-			log.Errorf("Failed key rotation: %v", err)
+			log.Printf("go-oidc: key rotation failed: %v", err)
 			return
 		}
-
-		log.Infof("Rotated signing keys: id=%s expiresAt=%s", k.ID(), exp)
 	}
 
 	stop := make(chan struct{})
@@ -118,11 +113,10 @@ func (r *PrivateKeyRotator) Run() chan struct{} {
 					break
 				}
 				sleep = ptime.ExpBackoff(sleep, time.Minute)
-				log.Errorf("error getting nextRotation, retrying in %v: %v", sleep, err)
+				log.Printf("go-oidc: error getting nextRotation, retrying in %v: %v", sleep, err)
 				time.Sleep(sleep)
 			}
 
-			log.Infof("will rotate keys in %v", nextRotation)
 			select {
 			case <-r.clock.After(nextRotation):
 				attempt()

vendor/github.com/coreos/go-oidc/key/rotate_test.go

@@ -92,7 +92,7 @@ func TestRotate(t *testing.T) {
 		if tt.start != nil {
 			err := repo.Set(tt.start)
 			if err != nil {
-				log.Fatalf("case %d: unexpected error: %v", i, err)
+				t.Fatalf("case %d: unexpected error: %v", i, err)
 			}
 		}
 
@@ -242,7 +242,7 @@ func TestNextRotation(t *testing.T) {
 			}
 			err := kRepo.Set(pks)
 			if err != nil {
-				log.Fatalf("case %d: unexpected error: %v", i, err)
+				t.Fatalf("case %d: unexpected error: %v", i, err)
 			}
 
 		}
@@ -300,7 +300,7 @@ func TestHealthy(t *testing.T) {
 			}
 			err := kRepo.Set(pks)
 			if err != nil {
-				log.Fatalf("case %d: unexpected error: %v", i, err)
+				t.Fatalf("case %d: unexpected error: %v", i, err)
 			}
 
 		}

vendor/github.com/coreos/go-oidc/key/sync.go

@@ -2,6 +2,7 @@ package key
 
 import (
 	"errors"
+	"log"
 	"time"
 
 	"github.com/jonboulle/clockwork"
@@ -38,15 +39,14 @@ func (s *KeySetSyncer) Run() chan struct{} {
 					next = timeutil.ExpBackoff(next, time.Minute)
 				}
 				if exp == 0 {
-					log.Errorf("Synced to already expired key set, retrying in %v: %v", next, err)
+					log.Printf("Synced to already expired key set, retrying in %v: %v", next, err)
 
 				} else {
-					log.Errorf("Failed syncing key set, retrying in %v: %v", next, err)
+					log.Printf("Failed syncing key set, retrying in %v: %v", next, err)
 				}
 			} else {
 				failing = false
 				next = exp / 2
-				log.Infof("Synced key set, checking again in %v", next)
 			}
 
 			select {

vendor/github.com/coreos/go-oidc/oidc/provider.go

@@ -4,13 +4,13 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"log"
 	"net/http"
 	"net/url"
 	"strings"
 	"sync"
 	"time"
 
-	"github.com/coreos/pkg/capnslog"
 	"github.com/coreos/pkg/timeutil"
 	"github.com/jonboulle/clockwork"
 
@@ -18,10 +18,6 @@ import (
 	"github.com/coreos/go-oidc/oauth2"
 )
 
-var (
-	log = capnslog.NewPackageLogger("github.com/coreos/go-oidc", "http")
-)
-
 const (
 	// Subject Identifier types defined by the OIDC spec. Specifies if the provider
 	// should provide the same sub claim value to all clients (public) or a unique
@@ -69,6 +65,8 @@ type ProviderConfig struct {
 	UserInfoEndpoint     *url.URL
 	KeysEndpoint         *url.URL // Required
 	RegistrationEndpoint *url.URL
+	EndSessionEndpoint   *url.URL
+	CheckSessionIFrame   *url.URL
 
 	// Servers MAY choose not to advertise some supported scope values even when this
 	// parameter is used, although those defined in OpenID Core SHOULD be listed, if supported.
@@ -170,6 +168,8 @@ type encodableProviderConfig struct {
 	UserInfoEndpoint     string `json:"userinfo_endpoint,omitempty"`
 	KeysEndpoint         string `json:"jwks_uri"`
 	RegistrationEndpoint string `json:"registration_endpoint,omitempty"`
+	EndSessionEndpoint   string `json:"end_session_endpoint,omitempty"`
+	CheckSessionIFrame   string `json:"check_session_iframe,omitempty"`
 
 	// Use 'omitempty' for all slices as per OIDC spec:
 	// "Claims that return multiple values are represented as JSON arrays.
@@ -219,6 +219,8 @@ func (cfg ProviderConfig) toEncodableStruct() encodableProviderConfig {
 		UserInfoEndpoint:                           uriToString(cfg.UserInfoEndpoint),
 		KeysEndpoint:                               uriToString(cfg.KeysEndpoint),
 		RegistrationEndpoint:                       uriToString(cfg.RegistrationEndpoint),
+		EndSessionEndpoint:                         uriToString(cfg.EndSessionEndpoint),
+		CheckSessionIFrame:                         uriToString(cfg.CheckSessionIFrame),
 		ScopesSupported:                            cfg.ScopesSupported,
 		ResponseTypesSupported:                     cfg.ResponseTypesSupported,
 		ResponseModesSupported:                     cfg.ResponseModesSupported,
@@ -260,6 +262,8 @@ func (e encodableProviderConfig) toStruct() (ProviderConfig, error) {
 		UserInfoEndpoint:                           p.parseURI(e.UserInfoEndpoint, "userinfo_endpoint"),
 		KeysEndpoint:                               p.parseURI(e.KeysEndpoint, "jwks_uri"),
 		RegistrationEndpoint:                       p.parseURI(e.RegistrationEndpoint, "registration_endpoint"),
+		EndSessionEndpoint:                         p.parseURI(e.EndSessionEndpoint, "end_session_endpoint"),
+		CheckSessionIFrame:                         p.parseURI(e.CheckSessionIFrame, "check_session_iframe"),
 		ScopesSupported:                            e.ScopesSupported,
 		ResponseTypesSupported:                     e.ResponseTypesSupported,
 		ResponseModesSupported:                     e.ResponseModesSupported,
@@ -364,6 +368,8 @@ func (p ProviderConfig) Valid() error {
 		{p.UserInfoEndpoint, "userinfo_endpoint", false},
 		{p.KeysEndpoint, "jwks_uri", true},
 		{p.RegistrationEndpoint, "registration_endpoint", false},
+		{p.EndSessionEndpoint, "end_session_endpoint", false},
+		{p.CheckSessionIFrame, "check_session_iframe", false},
 		{p.ServiceDocs, "service_documentation", false},
 		{p.Policy, "op_policy_uri", false},
 		{p.TermsOfService, "op_tos_uri", false},
@@ -537,8 +543,6 @@ func (s *ProviderConfigSyncer) sync() (time.Duration, error) {
 		s.initialSyncDone = true
 	}
 
-	log.Debugf("Updating provider config: config=%#v", cfg)
-
 	return nextSyncAfter(cfg.ExpiresAt, s.clock), nil
 }
 
@@ -561,10 +565,9 @@ func (n *pcsStepNext) step(fn pcsStepFunc) (next pcsStepper) {
 	ttl, err := fn()
 	if err == nil {
 		next = &pcsStepNext{aft: ttl}
-		log.Debugf("Synced provider config, next attempt in %v", next.after())
 	} else {
 		next = &pcsStepRetry{aft: time.Second}
-		log.Errorf("Provider config sync failed, retrying in %v: %v", next.after(), err)
+		log.Printf("go-oidc: provider config sync falied, retyring in %v: %v", next.after(), err)
 	}
 	return
 }
@@ -581,10 +584,9 @@ func (r *pcsStepRetry) step(fn pcsStepFunc) (next pcsStepper) {
 	ttl, err := fn()
 	if err == nil {
 		next = &pcsStepNext{aft: ttl}
-		log.Infof("Provider config sync no longer failing")
 	} else {
 		next = &pcsStepRetry{aft: timeutil.ExpBackoff(r.aft, time.Minute)}
-		log.Errorf("Provider config sync still failing, retrying in %v: %v", next.after(), err)
+		log.Printf("go-oidc: provider config sync falied, retyring in %v: %v", next.after(), err)
 	}
 	return
 }