mystiq
/
dex
Archived
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

*: update go-oidc and use standard library's context package

This commit is contained in:
Eric Chiang 2017-03-08 10:33:19 -08:00
parent 3e5480a859
commit 777eeafabc
16 changed files with 33 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/dex/serve.go
View File

@ -1,6 +1,7 @@
package main
import (
"context"
"crypto/tls"
"crypto/x509"
"errors"
@ -15,7 +16,6 @@ import (
"github.com/Sirupsen/logrus"
"github.com/ghodss/yaml"
"github.com/spf13/cobra"
"golang.org/x/net/context"
"google.golang.org/grpc"
"google.golang.org/grpc/credentials"

4
cmd/example-app/main.go
View File

@ -2,6 +2,7 @@ package main
import (
"bytes"
"context"
"crypto/tls"
"crypto/x509"
"encoding/json"
@ -19,7 +20,6 @@ import (
"github.com/coreos/go-oidc"
"github.com/spf13/cobra"
"golang.org/x/net/context"
"golang.org/x/oauth2"
)
@ -175,7 +175,7 @@ func cmd() *cobra.Command {
}
a.provider = provider
a.verifier = provider.Verifier(oidc.VerifyAudience(a.clientID))
a.verifier = provider.Verifier(&oidc.Config{ClientID: a.clientID})
http.HandleFunc("/", a.handleIndex)
http.HandleFunc("/login", a.handleLogin)

3
connector/connector.go
View File

@ -2,9 +2,8 @@
package connector
import (
"context"
"net/http"
"golang.org/x/net/context"
)
// Connector is a mechanism for federating login to a remote identity service.

2
connector/github/github.go
View File

@ -2,6 +2,7 @@
package github
import (
"context"
"encoding/json"
"errors"
"fmt"
@ -10,7 +11,6 @@ import (
"regexp"
"strconv"
"golang.org/x/net/context"
"golang.org/x/oauth2"
"golang.org/x/oauth2/github"

2
connector/gitlab/gitlab.go
View File

@ -2,6 +2,7 @@
package gitlab
import (
"context"
"encoding/json"
"errors"
"fmt"
@ -12,7 +13,6 @@ import (
"github.com/Sirupsen/logrus"
"github.com/coreos/dex/connector"
"golang.org/x/net/context"
"golang.org/x/oauth2"
)

2
connector/ldap/ldap.go
View File

@ -2,6 +2,7 @@
package ldap
import (
"context"
"crypto/tls"
"crypto/x509"
"encoding/json"
@ -9,7 +10,6 @@ import (
"io/ioutil"
"net"
"golang.org/x/net/context"
"gopkg.in/ldap.v2"
"github.com/Sirupsen/logrus"

3
connector/mock/connectortest.go
View File

@ -2,13 +2,12 @@
package mock
import (
"context"
"errors"
"fmt"
"net/http"
"net/url"
"golang.org/x/net/context"
"github.com/Sirupsen/logrus"
"github.com/coreos/dex/connector"
)

6
connector/oidc/oidc.go
View File

@ -2,13 +2,13 @@
package oidc
import (
"context"
"errors"
"fmt"
"net/http"
"github.com/Sirupsen/logrus"
"github.com/coreos/go-oidc"
"golang.org/x/net/context"
"golang.org/x/oauth2"
"github.com/coreos/dex/connector"
@ -53,10 +53,10 @@ func (c *Config) Open(logger logrus.FieldLogger) (conn connector.Connector, err
RedirectURL: c.RedirectURI,
},
verifier: provider.Verifier(
oidc.VerifyExpiry(),
oidc.VerifyAudience(clientID),
&oidc.Config{ClientID: clientID},
),
logger: logger,
cancel: cancel,
}, nil
}

3
glide.yaml
View File

@ -35,7 +35,6 @@ import:
version: 6a513affb38dc9788b449d59ffed099b8de18fa0
subpackages:
- context
- context/ctxhttp
- http2
- http2/hpack
- internal/timeseries
@ -68,7 +67,7 @@ import:
# Used for server integration tests and OpenID Connect connector.
- package: github.com/coreos/go-oidc
version: 2b5d73091ea4b7ddb15e3ac00077f153120b5b61
version: be73733bb8cc830d0205609b95d125215f8e9c70
- package: github.com/pquerna/cachecontrol
version: c97913dcbd76de40b051a9b4cd827f7eaeb7a868
- package: golang.org/x/oauth2

3
server/api.go
View File

@ -5,6 +5,9 @@ import (
"fmt"
"golang.org/x/crypto/bcrypt"
// go-grpc doesn't use the standard library's context.
// https://github.com/grpc/grpc-go/issues/711
"golang.org/x/net/context"
"github.com/Sirupsen/logrus"

3
server/handlers_test.go
View File

@ -1,11 +1,10 @@
package server
import (
"context"
"net/http"
"net/http/httptest"
"testing"
"golang.org/x/net/context"
)
func TestHandleHealth(t *testing.T) {

2
server/rotation.go
View File

@ -1,6 +1,7 @@
package server
import (
"context"
"crypto/rand"
"crypto/rsa"
"encoding/hex"
@ -9,7 +10,6 @@ import (
"io"
"time"
"golang.org/x/net/context"
"gopkg.in/square/go-jose.v2"
"github.com/Sirupsen/logrus"

2
server/server.go
View File

@ -1,6 +1,7 @@
package server
import (
"context"
"errors"
"fmt"
"net/http"
@ -10,7 +11,6 @@ import (
"time"
"golang.org/x/crypto/bcrypt"
"golang.org/x/net/context"
"github.com/Sirupsen/logrus"
"github.com/gorilla/handlers"

19
server/server_test.go
View File

@ -1,6 +1,7 @@
package server
import (
"context"
"crypto/rsa"
"crypto/x509"
"encoding/json"
@ -24,7 +25,6 @@ import (
oidc "github.com/coreos/go-oidc"
"github.com/kylelemons/godebug/pretty"
"golang.org/x/crypto/bcrypt"
"golang.org/x/net/context"
"golang.org/x/oauth2"
jose "gopkg.in/square/go-jose.v2"
@ -175,6 +175,8 @@ func TestOAuth2CodeFlow(t *testing.T) {
// Connector used by the tests.
var conn *mock.Callback
oidcConfig := &oidc.Config{SkipClientIDCheck: true}
tests := []struct {
name string
// If specified these set of scopes will be used during the test case.
@ -189,7 +191,7 @@ func TestOAuth2CodeFlow(t *testing.T) {
if !ok {
return fmt.Errorf("no id token found")
}
if _, err := p.Verifier().Verify(ctx, idToken); err != nil {
if _, err := p.Verifier(oidcConfig).Verify(ctx, idToken); err != nil {
return fmt.Errorf("failed to verify id token: %v", err)
}
return nil
@ -212,7 +214,7 @@ func TestOAuth2CodeFlow(t *testing.T) {
if !ok {
return fmt.Errorf("no id token found")
}
idToken, err := p.Verifier().Verify(ctx, rawIDToken)
idToken, err := p.Verifier(oidcConfig).Verify(ctx, rawIDToken)
if err != nil {
return fmt.Errorf("failed to verify id token: %v", err)
}
@ -229,7 +231,7 @@ func TestOAuth2CodeFlow(t *testing.T) {
if !ok {
return fmt.Errorf("no id token found")
}
idToken, err := p.Verifier().Verify(ctx, rawIDToken)
idToken, err := p.Verifier(oidcConfig).Verify(ctx, rawIDToken)
if err != nil {
return fmt.Errorf("failed to verify id token: %v", err)
}
@ -391,7 +393,7 @@ func TestOAuth2CodeFlow(t *testing.T) {
if !ok {
return fmt.Errorf("no id_token in refreshed token")
}
idToken, err := p.Verifier().Verify(ctx, rawIDToken)
idToken, err := p.Verifier(oidcConfig).Verify(ctx, rawIDToken)
if err != nil {
return fmt.Errorf("failed to verify id token: %v", err)
}
@ -632,7 +634,10 @@ func TestOAuth2ImplicitFlow(t *testing.T) {
src := &nonceSource{nonce: nonce}
idTokenVerifier := p.Verifier(oidc.VerifyAudience(client.ID), oidc.VerifyNonce(src))
idTokenVerifier := p.Verifier(&oidc.Config{
ClientID: client.ID,
ClaimNonce: src.ClaimNonce,
})
oauth2Config = &oauth2.Config{
ClientID: client.ID,
@ -749,7 +754,7 @@ func TestCrossClientScopes(t *testing.T) {
t.Errorf("no id token found: %v", err)
return
}
idToken, err := p.Verifier().Verify(ctx, rawIDToken)
idToken, err := p.Verifier(&oidc.Config{ClientID: testClientID}).Verify(ctx, rawIDToken)
if err != nil {
t.Errorf("failed to parse ID Token: %v", err)
return

2
storage/kubernetes/client.go
View File

@ -2,6 +2,7 @@ package kubernetes
import (
"bytes"
"context"
"crypto/tls"
"crypto/x509"
"encoding/base32"
@ -24,7 +25,6 @@ import (
"github.com/Sirupsen/logrus"
"github.com/ghodss/yaml"
"github.com/gtank/cryptopasta"
"golang.org/x/net/context"
"golang.org/x/net/http2"
"github.com/coreos/dex/storage"

4
storage/kubernetes/storage.go
View File

@ -1,13 +1,12 @@
package kubernetes
import (
"context"
"errors"
"fmt"
"strings"
"time"
"golang.org/x/net/context"
"github.com/Sirupsen/logrus"
"github.com/coreos/dex/storage"
"github.com/coreos/dex/storage/kubernetes/k8sapi"
@ -85,6 +84,7 @@ func (c *Config) open(logger logrus.FieldLogger, errOnTPRs bool) (*client, error
if !cli.createThirdPartyResources() {
if errOnTPRs {
cancel()
return nil, fmt.Errorf("failed creating third party resources")
}