├── .gitignore ├── vendor ├── github.com │ ├── openshift │ │ ├── osincli │ │ │ ├── .gitignore │ │ │ ├── response.go │ │ │ ├── config.go │ │ │ ├── pkce.go │ │ │ ├── error.go │ │ │ ├── custom.go │ │ │ ├── client.go │ │ │ ├── LICENSE │ │ │ ├── util.go │ │ │ ├── README.md │ │ │ └── authorize.go │ │ └── build-machinery-go │ │ │ ├── go.mod │ │ │ ├── make │ │ │ ├── lib │ │ │ │ ├── tmp.mk │ │ │ │ ├── doc.go │ │ │ │ ├── version.mk │ │ │ │ └── golang.mk │ │ │ ├── doc.go │ │ │ ├── targets │ │ │ │ ├── doc.go │ │ │ │ ├── golang │ │ │ │ │ ├── doc.go │ │ │ │ │ ├── test-unit.mk │ │ │ │ │ ├── build.mk │ │ │ │ │ └── verify-update.mk │ │ │ │ ├── openshift │ │ │ │ │ ├── doc.go │ │ │ │ │ ├── operator │ │ │ │ │ │ ├── doc.go │ │ │ │ │ │ ├── release.mk │ │ │ │ │ │ └── telepresence.mk │ │ │ │ │ ├── deps.mk │ │ │ │ │ ├── images.mk │ │ │ │ │ ├── yq.mk │ │ │ │ │ ├── codegen.mk │ │ │ │ │ ├── yaml-patch.mk │ │ │ │ │ ├── controller-gen.mk │ │ │ │ │ ├── rpm.mk │ │ │ │ │ ├── deps-glide.mk │ │ │ │ │ ├── bindata.mk │ │ │ │ │ ├── deps-gomod.mk │ │ │ │ │ └── crd-schema-gen.mk │ │ │ │ └── help.mk │ │ │ ├── golang.example.mk.help.log │ │ │ ├── operator.mk │ │ │ ├── default.example.mk.help.log │ │ │ ├── golang.example.mk │ │ │ ├── operator.example.mk.help.log │ │ │ ├── golang.mk │ │ │ ├── default.mk │ │ │ ├── default.example.mk │ │ │ └── operator.example.mk │ │ │ ├── scripts │ │ │ ├── doc.go │ │ │ └── update-deps.sh │ │ │ ├── OWNERS │ │ │ ├── doc.go │ │ │ ├── README.md │ │ │ └── Makefile │ ├── dgrijalva │ │ └── jwt-go │ │ │ ├── .gitignore │ │ │ ├── doc.go │ │ │ ├── .travis.yml │ │ │ ├── LICENSE │ │ │ ├── signing_method.go │ │ │ ├── ecdsa_utils.go │ │ │ ├── none.go │ │ │ ├── errors.go │ │ │ ├── hmac.go │ │ │ ├── rsa_utils.go │ │ │ ├── rsa.go │ │ │ └── map_claims.go │ ├── pborman │ │ └── uuid │ │ │ ├── CONTRIBUTORS │ │ │ ├── go.mod │ │ │ ├── .travis.yml │ │ │ ├── go.sum │ │ │ ├── CONTRIBUTING.md │ │ │ ├── doc.go │ │ │ ├── README.md │ │ │ ├── version1.go │ │ │ ├── version4.go │ │ │ ├── LICENSE │ │ │ ├── node.go │ │ │ ├── util.go │ │ │ ├── hash.go │ │ │ ├── sql.go │ │ │ ├── marshal.go │ │ │ ├── time.go │ │ │ └── dce.go │ ├── google │ │ └── uuid │ │ │ ├── .travis.yml │ │ │ ├── CONTRIBUTORS │ │ │ ├── CONTRIBUTING.md │ │ │ ├── doc.go │ │ │ ├── node_js.go │ │ │ ├── README.md │ │ │ ├── marshal.go │ │ │ ├── node_net.go │ │ │ ├── version4.go │ │ │ ├── version1.go │ │ │ ├── LICENSE │ │ │ ├── sql.go │ │ │ ├── hash.go │ │ │ ├── util.go │ │ │ ├── dce.go │ │ │ └── node.go │ └── golang │ │ └── protobuf │ │ ├── AUTHORS │ │ ├── CONTRIBUTORS │ │ └── LICENSE ├── gopkg.in │ └── square │ │ └── go-jose.v1 │ │ ├── .gitignore │ │ ├── .gitcookies.sh.enc │ │ ├── BUG-BOUNTY.md │ │ ├── json │ │ ├── README.md │ │ ├── tags.go │ │ └── LICENSE │ │ ├── CONTRIBUTING.md │ │ ├── doc.go │ │ ├── .travis.yml │ │ ├── utils.go │ │ └── cipher │ │ ├── concat_kdf.go │ │ ├── ecdh_es.go │ │ └── key_wrap.go ├── golang.org │ └── x │ │ ├── net │ │ ├── AUTHORS │ │ ├── CONTRIBUTORS │ │ ├── context │ │ │ ├── go19.go │ │ │ ├── ctxhttp │ │ │ │ └── ctxhttp.go │ │ │ ├── context.go │ │ │ └── go17.go │ │ ├── PATENTS │ │ └── LICENSE │ │ └── oauth2 │ │ ├── AUTHORS │ │ ├── CONTRIBUTORS │ │ ├── internal │ │ ├── doc.go │ │ ├── client_appengine.go │ │ ├── transport.go │ │ └── oauth2.go │ │ ├── go.mod │ │ ├── .travis.yml │ │ ├── CONTRIBUTING.md │ │ ├── go.sum │ │ ├── README.md │ │ ├── LICENSE │ │ └── transport.go ├── google.golang.org │ └── appengine │ │ └── internal │ │ ├── identity_flex.go │ │ ├── main_common.go │ │ ├── main.go │ │ ├── base │ │ └── api_base.proto │ │ ├── app_id.go │ │ ├── remote_api │ │ └── remote_api.proto │ │ ├── regen.sh │ │ ├── net.go │ │ ├── metadata.go │ │ ├── identity_classic.go │ │ ├── urlfetch │ │ └── urlfetch_service.proto │ │ ├── main_vm.go │ │ └── identity.go └── modules.txt ├── .travis.yml ├── OWNERS ├── dependencymagnet └── doc.go ├── log.go ├── go.mod ├── client_test.go ├── Makefile ├── server.go ├── response_json.go ├── tokengen.go ├── log_test.go ├── CHANGELOG ├── LICENSE ├── example ├── helper.go └── teststorage.go ├── client.go ├── info_test.go ├── storage.go ├── go.sum ├── response_test.go ├── info.go ├── config.go └── error.go /.gitignore: -------------------------------------------------------------------------------- 1 | *.exe 2 | /src 3 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/osincli/.gitignore: -------------------------------------------------------------------------------- 1 | *.exe 2 | /src 3 | -------------------------------------------------------------------------------- /vendor/github.com/dgrijalva/jwt-go/.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | bin 3 | 4 | 5 | -------------------------------------------------------------------------------- /vendor/github.com/pborman/uuid/CONTRIBUTORS: -------------------------------------------------------------------------------- 1 | Paul Borman 2 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | language: go 2 | 3 | go: 4 | - 1.1 5 | - 1.2 6 | - 1.3 7 | - tip 8 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/openshift/build-machinery-go 2 | 3 | go 1.13 4 | -------------------------------------------------------------------------------- /vendor/github.com/pborman/uuid/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/pborman/uuid 2 | 3 | require github.com/google/uuid v1.0.0 4 | -------------------------------------------------------------------------------- /OWNERS: -------------------------------------------------------------------------------- 1 | reviewers: 2 | - sttts 3 | - stlaz 4 | - sanchezl 5 | 6 | approvers: 7 | - stlaz 8 | - sttts 9 | - deads2k 10 | -------------------------------------------------------------------------------- /vendor/gopkg.in/square/go-jose.v1/.gitignore: -------------------------------------------------------------------------------- 1 | *~ 2 | .*.swp 3 | *.out 4 | *.test 5 | *.pem 6 | *.cov 7 | jose-util/jose-util 8 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/lib/tmp.mk: -------------------------------------------------------------------------------- 1 | PERMANENT_TMP :=_output 2 | PERMANENT_TMP_GOPATH :=$(PERMANENT_TMP)/tools 3 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/doc.go: -------------------------------------------------------------------------------- 1 | // required for gomod to pull in packages. 2 | 3 | package alpha_build_machinery 4 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/lib/doc.go: -------------------------------------------------------------------------------- 1 | // required for gomod to pull in packages. 2 | 3 | package alpha_build_machinery 4 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/scripts/doc.go: -------------------------------------------------------------------------------- 1 | // required for gomod to pull in packages. 2 | 3 | package alpha_build_machinery 4 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/targets/doc.go: -------------------------------------------------------------------------------- 1 | // required for gomod to pull in packages. 2 | 3 | package alpha_build_machinery 4 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/osincli/response.go: -------------------------------------------------------------------------------- 1 | package osincli 2 | 3 | // Data for response output 4 | type ResponseData map[string]interface{} 5 | -------------------------------------------------------------------------------- /vendor/gopkg.in/square/go-jose.v1/.gitcookies.sh.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/openshift/osin/HEAD/vendor/gopkg.in/square/go-jose.v1/.gitcookies.sh.enc -------------------------------------------------------------------------------- /vendor/github.com/google/uuid/.travis.yml: -------------------------------------------------------------------------------- 1 | language: go 2 | 3 | go: 4 | - 1.4.3 5 | - 1.5.3 6 | - tip 7 | 8 | script: 9 | - go test -v ./... 10 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/targets/golang/doc.go: -------------------------------------------------------------------------------- 1 | // required for gomod to pull in packages. 2 | 3 | package alpha_build_machinery 4 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/targets/openshift/doc.go: -------------------------------------------------------------------------------- 1 | // required for gomod to pull in packages. 2 | 3 | package alpha_build_machinery 4 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/targets/openshift/operator/doc.go: -------------------------------------------------------------------------------- 1 | // required for gomod to pull in packages. 2 | 3 | package alpha_build_machinery 4 | -------------------------------------------------------------------------------- /vendor/github.com/pborman/uuid/.travis.yml: -------------------------------------------------------------------------------- 1 | language: go 2 | 3 | go: 4 | - "1.9" 5 | - "1.10" 6 | - "1.11" 7 | - tip 8 | 9 | script: 10 | - go test -v ./... 11 | -------------------------------------------------------------------------------- /vendor/github.com/google/uuid/CONTRIBUTORS: -------------------------------------------------------------------------------- 1 | Paul Borman 2 | bmatsuo 3 | shawnps 4 | theory 5 | jboverfelt 6 | dsymonds 7 | cd1 8 | wallclockbuilder 9 | dansouza 10 | -------------------------------------------------------------------------------- /vendor/github.com/pborman/uuid/go.sum: -------------------------------------------------------------------------------- 1 | github.com/google/uuid v1.0.0 h1:b4Gk+7WdP/d3HZH8EJsZpvV7EtDOgaZLtnaNGIu1adA= 2 | github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= 3 | -------------------------------------------------------------------------------- /vendor/golang.org/x/net/AUTHORS: -------------------------------------------------------------------------------- 1 | # This source code refers to The Go Authors for copyright purposes. 2 | # The master list of authors is in the main Go distribution, 3 | # visible at http://tip.golang.org/AUTHORS. 4 | -------------------------------------------------------------------------------- /vendor/golang.org/x/net/CONTRIBUTORS: -------------------------------------------------------------------------------- 1 | # This source code was written by the Go contributors. 2 | # The master list of contributors is in the main Go distribution, 3 | # visible at http://tip.golang.org/CONTRIBUTORS. 4 | -------------------------------------------------------------------------------- /vendor/github.com/dgrijalva/jwt-go/doc.go: -------------------------------------------------------------------------------- 1 | // Package jwt is a Go implementation of JSON Web Tokens: http://self-issued.info/docs/draft-jones-json-web-token.html 2 | // 3 | // See README.md for more info. 4 | package jwt 5 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/OWNERS: -------------------------------------------------------------------------------- 1 | reviewers: 2 | - tnozicka 3 | - sttts 4 | - mfojtik 5 | - soltysh 6 | approvers: 7 | - tnozicka 8 | - sttts 9 | - mfojtik 10 | - soltysh 11 | -------------------------------------------------------------------------------- /vendor/golang.org/x/oauth2/AUTHORS: -------------------------------------------------------------------------------- 1 | # This source code refers to The Go Authors for copyright purposes. 2 | # The master list of authors is in the main Go distribution, 3 | # visible at http://tip.golang.org/AUTHORS. 4 | -------------------------------------------------------------------------------- /vendor/golang.org/x/oauth2/CONTRIBUTORS: -------------------------------------------------------------------------------- 1 | # This source code was written by the Go contributors. 2 | # The master list of contributors is in the main Go distribution, 3 | # visible at http://tip.golang.org/CONTRIBUTORS. 4 | -------------------------------------------------------------------------------- /vendor/github.com/golang/protobuf/AUTHORS: -------------------------------------------------------------------------------- 1 | # This source code refers to The Go Authors for copyright purposes. 2 | # The master list of authors is in the main Go distribution, 3 | # visible at http://tip.golang.org/AUTHORS. 4 | -------------------------------------------------------------------------------- /vendor/github.com/golang/protobuf/CONTRIBUTORS: -------------------------------------------------------------------------------- 1 | # This source code was written by the Go contributors. 2 | # The master list of contributors is in the main Go distribution, 3 | # visible at http://tip.golang.org/CONTRIBUTORS. 4 | -------------------------------------------------------------------------------- /vendor/github.com/dgrijalva/jwt-go/.travis.yml: -------------------------------------------------------------------------------- 1 | language: go 2 | 3 | script: 4 | - go vet ./... 5 | - go test -v ./... 6 | 7 | go: 8 | - 1.3 9 | - 1.4 10 | - 1.5 11 | - 1.6 12 | - 1.7 13 | - tip 14 | -------------------------------------------------------------------------------- /dependencymagnet/doc.go: -------------------------------------------------------------------------------- 1 | // +build tools 2 | 3 | // go mod won't pull in code that isn't depended upon, but we have some code we don't depend on from code that must be included 4 | // for our build to work. 5 | package dependencymagnet 6 | 7 | import _ "github.com/openshift/build-machinery-go" 8 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/golang.example.mk.help.log: -------------------------------------------------------------------------------- 1 | The following make targets are available: 2 | all 3 | build 4 | clean 5 | clean-binaries 6 | help 7 | test 8 | test-unit 9 | update 10 | update-gofmt 11 | verify 12 | verify-gofmt 13 | verify-golint 14 | verify-govet 15 | -------------------------------------------------------------------------------- /vendor/golang.org/x/oauth2/internal/doc.go: -------------------------------------------------------------------------------- 1 | // Copyright 2017 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // Package internal contains support packages for oauth2 package. 6 | package internal 7 | -------------------------------------------------------------------------------- /vendor/golang.org/x/oauth2/go.mod: -------------------------------------------------------------------------------- 1 | module golang.org/x/oauth2 2 | 3 | go 1.11 4 | 5 | require ( 6 | cloud.google.com/go v0.34.0 7 | golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e 8 | golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4 // indirect 9 | google.golang.org/appengine v1.4.0 10 | ) 11 | -------------------------------------------------------------------------------- /vendor/google.golang.org/appengine/internal/identity_flex.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 Google LLC. All rights reserved. 2 | // Use of this source code is governed by the Apache 2.0 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build appenginevm 6 | 7 | package internal 8 | 9 | func init() { 10 | appengineFlex = true 11 | } 12 | -------------------------------------------------------------------------------- /vendor/golang.org/x/oauth2/.travis.yml: -------------------------------------------------------------------------------- 1 | language: go 2 | 3 | go: 4 | - tip 5 | 6 | install: 7 | - export GOPATH="$HOME/gopath" 8 | - mkdir -p "$GOPATH/src/golang.org/x" 9 | - mv "$TRAVIS_BUILD_DIR" "$GOPATH/src/golang.org/x/oauth2" 10 | - go get -v -t -d golang.org/x/oauth2/... 11 | 12 | script: 13 | - go test -v golang.org/x/oauth2/... 14 | -------------------------------------------------------------------------------- /log.go: -------------------------------------------------------------------------------- 1 | package osin 2 | 3 | // Logger creates a formatted log event. 4 | // NOTE: Log is meant for internal use only and may contain sensitive info. 5 | type Logger interface { 6 | Printf(format string, v ...interface{}) 7 | } 8 | 9 | type LoggerDefault struct { 10 | } 11 | 12 | func (l LoggerDefault) Printf(format string, v ...interface{}) { 13 | } 14 | -------------------------------------------------------------------------------- /vendor/google.golang.org/appengine/internal/main_common.go: -------------------------------------------------------------------------------- 1 | package internal 2 | 3 | // MainPath stores the file path of the main package. On App Engine Standard 4 | // using Go version 1.9 and below, this will be unset. On App Engine Flex and 5 | // App Engine Standard second-gen (Go 1.11 and above), this will be the 6 | // filepath to package main. 7 | var MainPath string 8 | -------------------------------------------------------------------------------- /vendor/github.com/google/uuid/CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # How to contribute 2 | 3 | We definitely welcome patches and contribution to this project! 4 | 5 | ### Legal requirements 6 | 7 | In order to protect both you and ourselves, you will need to sign the 8 | [Contributor License Agreement](https://cla.developers.google.com/clas). 9 | 10 | You may have already signed it for other Google projects. 11 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/targets/openshift/operator/release.mk: -------------------------------------------------------------------------------- 1 | # If we need unified behaviour specific to operators, this folder is the place. 2 | 3 | # It seems that our previous origin-release jq based replacement is suppose to be done 4 | # with `oc adm release new` so it might drop this target. 5 | #origin-release: 6 | # $(error Not implemented.) 7 | #.PHONY: origin-release 8 | -------------------------------------------------------------------------------- /vendor/github.com/pborman/uuid/CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # How to contribute 2 | 3 | We definitely welcome patches and contribution to this project! 4 | 5 | ### Legal requirements 6 | 7 | In order to protect both you and ourselves, you will need to sign the 8 | [Contributor License Agreement](https://cla.developers.google.com/clas). 9 | 10 | You may have already signed it for other Google projects. 11 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/targets/help.mk: -------------------------------------------------------------------------------- 1 | help: 2 | $(info The following make targets are available:) 3 | @$(MAKE) -f $(firstword $(MAKEFILE_LIST)) --print-data-base --question no-such-target 2>&1 | grep -v 'no-such-target' | \ 4 | grep -v -e '^no-such-target' -e '^makefile' | \ 5 | awk '/^[^.%][-A-Za-z0-9_]*:/ { print substr($$1, 1, length($$1)-1) }' | sort -u 6 | .PHONY: help 7 | -------------------------------------------------------------------------------- /vendor/golang.org/x/oauth2/internal/client_appengine.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build appengine 6 | 7 | package internal 8 | 9 | import "google.golang.org/appengine/urlfetch" 10 | 11 | func init() { 12 | appengineClientHook = urlfetch.Client 13 | } 14 | -------------------------------------------------------------------------------- /vendor/google.golang.org/appengine/internal/main.go: -------------------------------------------------------------------------------- 1 | // Copyright 2011 Google Inc. All rights reserved. 2 | // Use of this source code is governed by the Apache 2.0 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build appengine 6 | 7 | package internal 8 | 9 | import ( 10 | "appengine_internal" 11 | ) 12 | 13 | func Main() { 14 | MainPath = "" 15 | appengine_internal.Main() 16 | } 17 | -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module github.com/openshift/osin 2 | 3 | go 1.15 4 | 5 | require ( 6 | github.com/dgrijalva/jwt-go v3.2.0+incompatible 7 | github.com/openshift/build-machinery-go v0.0.0-20200917070002-f171684f77ab 8 | github.com/openshift/osincli v0.0.0-20160924135400-fababb0555f2 9 | github.com/pborman/uuid v1.2.0 10 | golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d 11 | gopkg.in/square/go-jose.v1 v1.1.2 12 | ) 13 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/targets/openshift/deps.mk: -------------------------------------------------------------------------------- 1 | self_dir :=$(dir $(lastword $(MAKEFILE_LIST))) 2 | 3 | deps_gomod_mkfile := $(self_dir)/deps-gomod.mk 4 | deps_glide_mkfile := $(self_dir)/deps-glide.mk 5 | include $(addprefix $(self_dir), \ 6 | ../../lib/golang.mk \ 7 | ) 8 | 9 | ifneq "$(GO) list $(GO_MOD_FLAGS) -m" "" 10 | include $(deps_gomod_mkfile) 11 | else 12 | include $(deps_glide_mkfile) 13 | endif 14 | -------------------------------------------------------------------------------- /vendor/gopkg.in/square/go-jose.v1/BUG-BOUNTY.md: -------------------------------------------------------------------------------- 1 | Serious about security 2 | ====================== 3 | 4 | Square recognizes the important contributions the security research community 5 | can make. We therefore encourage reporting security issues with the code 6 | contained in this repository. 7 | 8 | If you believe you have discovered a security vulnerability, please follow the 9 | guidelines at . 10 | 11 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/operator.mk: -------------------------------------------------------------------------------- 1 | self_dir := $(dir $(lastword $(MAKEFILE_LIST))) 2 | 3 | 4 | # We need to be careful to expand all the paths before any include is done 5 | # or self_dir could be modified for the next include by the included file. 6 | # Also doing this at the end of the file allows us to use self_dir before it could be modified. 7 | include $(addprefix $(self_dir), \ 8 | default.mk \ 9 | targets/openshift/operator/*.mk \ 10 | ) 11 | 12 | -------------------------------------------------------------------------------- /client_test.go: -------------------------------------------------------------------------------- 1 | package osin 2 | 3 | import ( 4 | "testing" 5 | ) 6 | 7 | func TestClientIntfUserData(t *testing.T) { 8 | c := &DefaultClient{ 9 | UserData: make(map[string]interface{}), 10 | } 11 | 12 | // check if the interface{} returned from the method is a reference 13 | c.GetUserData().(map[string]interface{})["test"] = "none" 14 | 15 | if _, ok := c.GetUserData().(map[string]interface{})["test"]; !ok { 16 | t.Error("Returned interface is not a reference") 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /vendor/github.com/google/uuid/doc.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 Google Inc. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // Package uuid generates and inspects UUIDs. 6 | // 7 | // UUIDs are based on RFC 4122 and DCE 1.1: Authentication and Security 8 | // Services. 9 | // 10 | // A UUID is a 16 byte (128 bit) array. UUIDs may be used as keys to 11 | // maps or compared directly. 12 | package uuid 13 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/default.example.mk.help.log: -------------------------------------------------------------------------------- 1 | The following make targets are available: 2 | all 3 | build 4 | clean 5 | clean-binaries 6 | help 7 | image-ocp-cli 8 | images 9 | test 10 | test-unit 11 | update 12 | update-bindata 13 | update-codegen 14 | update-deps-overrides 15 | update-generated 16 | update-gofmt 17 | verify 18 | verify-bindata 19 | verify-codegen 20 | verify-deps 21 | verify-generated 22 | verify-gofmt 23 | verify-golint 24 | verify-govet 25 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/golang.example.mk: -------------------------------------------------------------------------------- 1 | all: build 2 | .PHONY: all 3 | 4 | 5 | # You can customize go tools depending on the directory layout. 6 | # example: 7 | GO_BUILD_PACKAGES :=./pkg/... 8 | # You can list all the golang related variables by: 9 | # $ make -n --print-data-base | grep ^GO 10 | 11 | # Include the library makefile 12 | include ./golang.mk 13 | # All the available targets are listed in .help 14 | # or you can list it live by using `make help` 15 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | GO_BUILD_PACKAGES := . 2 | 3 | include $(addprefix ./vendor/github.com/openshift/build-machinery-go/make/, \ 4 | golang.mk \ 5 | targets/openshift/deps.mk \ 6 | ) 7 | 8 | build-examples: 9 | @ for d in `find ./example -maxdepth 1 -mindepth 1 -type d`; do \ 10 | echo "building $$d" ; \ 11 | go build -race "$$d" ; \ 12 | done 13 | 14 | clean: 15 | @ for d in `find ./example -maxdepth 1 -mindepth 1 -type d -exec basename {} \; `; do \ 16 | echo "removing $$d" ; \ 17 | rm -f "$$d" ; \ 18 | done 19 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/operator.example.mk.help.log: -------------------------------------------------------------------------------- 1 | The following make targets are available: 2 | all 3 | build 4 | clean 5 | clean-binaries 6 | help 7 | image-ocp-openshift-apiserver-operator 8 | images 9 | telepresence 10 | test 11 | test-unit 12 | update 13 | update-bindata 14 | update-codegen 15 | update-deps-overrides 16 | update-generated 17 | update-gofmt 18 | verify 19 | verify-bindata 20 | verify-codegen 21 | verify-deps 22 | verify-generated 23 | verify-gofmt 24 | verify-golint 25 | verify-govet 26 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/osincli/config.go: -------------------------------------------------------------------------------- 1 | package osincli 2 | 3 | type ClientConfig struct { 4 | ClientId string 5 | ClientSecret string 6 | AuthorizeUrl string 7 | TokenUrl string 8 | RedirectUrl string 9 | Scope string 10 | ErrorsInStatusCode bool 11 | SendClientSecretInParams bool 12 | UseGetAccessRequest bool 13 | 14 | // PKCE / RFC7636 fields 15 | CodeChallenge string 16 | CodeChallengeMethod string 17 | CodeVerifier string 18 | } 19 | -------------------------------------------------------------------------------- /vendor/github.com/google/uuid/node_js.go: -------------------------------------------------------------------------------- 1 | // Copyright 2017 Google Inc. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build js 6 | 7 | package uuid 8 | 9 | // getHardwareInterface returns nil values for the JS version of the code. 10 | // This remvoves the "net" dependency, because it is not used in the browser. 11 | // Using the "net" library inflates the size of the transpiled JS code by 673k bytes. 12 | func getHardwareInterface(name string) (string, []byte) { return "", nil } 13 | -------------------------------------------------------------------------------- /vendor/github.com/pborman/uuid/doc.go: -------------------------------------------------------------------------------- 1 | // Copyright 2011 Google Inc. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // The uuid package generates and inspects UUIDs. 6 | // 7 | // UUIDs are based on RFC 4122 and DCE 1.1: Authentication and Security 8 | // Services. 9 | // 10 | // This package is a partial wrapper around the github.com/google/uuid package. 11 | // This package represents a UUID as []byte while github.com/google/uuid 12 | // represents a UUID as [16]byte. 13 | package uuid 14 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/lib/version.mk: -------------------------------------------------------------------------------- 1 | # $1 - required version 2 | # $2 - current version 3 | define is_equal_or_higher_version 4 | $(strip $(filter $(2),$(firstword $(shell set -euo pipefail && printf '%s\n%s' '$(1)' '$(2)' | sort -V -r -b)))) 5 | endef 6 | 7 | # $1 - program name 8 | # $2 - required version variable name 9 | # $3 - current version string 10 | define require_minimal_version 11 | $(if $($(2)),\ 12 | $(if $(strip $(call is_equal_or_higher_version,$($(2)),$(3))),,$(error `$(1)` is required with minimal version "$($(2))", detected version "$(3)". You can override this check by using `make $(2):=`)),\ 13 | ) 14 | endef 15 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/targets/openshift/operator/telepresence.mk: -------------------------------------------------------------------------------- 1 | self_dir :=$(dir $(lastword $(MAKEFILE_LIST))) 2 | scripts_dir :=$(shell realpath $(self_dir)../../../../scripts) 3 | 4 | telepresence: 5 | $(info Running operator locally against a remote cluster using telepresence (https://telepresence.io)) 6 | $(info ) 7 | $(info To override the operator log level, set TP_VERBOSITY=) 8 | $(info To debug the operator, set TP_DEBUG=y (requires the delve debugger)) 9 | $(info See the run-telepresence.sh script for more usage and configuration details) 10 | $(info ) 11 | bash $(scripts_dir)/run-telepresence.sh 12 | .PHONY: telepresence 13 | -------------------------------------------------------------------------------- /vendor/google.golang.org/appengine/internal/base/api_base.proto: -------------------------------------------------------------------------------- 1 | // Built-in base types for API calls. Primarily useful as return types. 2 | 3 | syntax = "proto2"; 4 | option go_package = "base"; 5 | 6 | package appengine.base; 7 | 8 | message StringProto { 9 | required string value = 1; 10 | } 11 | 12 | message Integer32Proto { 13 | required int32 value = 1; 14 | } 15 | 16 | message Integer64Proto { 17 | required int64 value = 1; 18 | } 19 | 20 | message BoolProto { 21 | required bool value = 1; 22 | } 23 | 24 | message DoubleProto { 25 | required double value = 1; 26 | } 27 | 28 | message BytesProto { 29 | required bytes value = 1 [ctype=CORD]; 30 | } 31 | 32 | message VoidProto { 33 | } 34 | -------------------------------------------------------------------------------- /vendor/gopkg.in/square/go-jose.v1/json/README.md: -------------------------------------------------------------------------------- 1 | # Safe JSON 2 | 3 | This repository contains a fork of the `encoding/json` package from Go 1.6. 4 | 5 | The following changes were made: 6 | 7 | * Object deserialization uses case-sensitive member name matching instead of 8 | [case-insensitive matching](https://www.ietf.org/mail-archive/web/json/current/msg03763.html). 9 | This is to avoid differences in the interpretation of JOSE messages between 10 | go-jose and libraries written in other languages. 11 | * When deserializing a JSON object, we check for duplicate keys and reject the 12 | input whenever we detect a duplicate. Rather than trying to work with malformed 13 | data, we prefer to reject it right away. 14 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/doc.go: -------------------------------------------------------------------------------- 1 | // required for gomod to pull in packages. 2 | 3 | package alpha_build_machinery 4 | 5 | // this is a dependency magnet to make it easier to pull in the build-machinery. We want a single import to pull all of it in. 6 | import ( 7 | _ "github.com/openshift/build-machinery-go/make" 8 | _ "github.com/openshift/build-machinery-go/make/lib" 9 | _ "github.com/openshift/build-machinery-go/make/targets" 10 | _ "github.com/openshift/build-machinery-go/make/targets/golang" 11 | _ "github.com/openshift/build-machinery-go/make/targets/openshift" 12 | _ "github.com/openshift/build-machinery-go/make/targets/openshift/operator" 13 | _ "github.com/openshift/build-machinery-go/scripts" 14 | ) 15 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/golang.mk: -------------------------------------------------------------------------------- 1 | all: build 2 | .PHONY: all 3 | 4 | self_dir := $(dir $(lastword $(MAKEFILE_LIST))) 5 | 6 | 7 | verify: verify-gofmt 8 | verify: verify-govet 9 | .PHONY: verify 10 | 11 | update: update-gofmt 12 | .PHONY: update 13 | 14 | 15 | test: test-unit 16 | .PHONY: test 17 | 18 | clean: clean-binaries 19 | .PHONY: clean 20 | 21 | 22 | # We need to be careful to expand all the paths before any include is done 23 | # or self_dir could be modified for the next include by the included file. 24 | # Also doing this at the end of the file allows us to use self_dir before it could be modified. 25 | include $(addprefix $(self_dir), \ 26 | targets/help.mk \ 27 | targets/golang/*.mk \ 28 | ) 29 | -------------------------------------------------------------------------------- /vendor/gopkg.in/square/go-jose.v1/CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing 2 | 3 | If you would like to contribute code to go-jose you can do so through GitHub by 4 | forking the repository and sending a pull request. 5 | 6 | When submitting code, please make every effort to follow existing conventions 7 | and style in order to keep the code as readable as possible. Please also make 8 | sure all tests pass by running `go test`, and format your code with `go fmt`. 9 | We also recommend using `golint` and `errcheck`. 10 | 11 | Before your code can be accepted into the project you must also sign the 12 | [Individual Contributor License Agreement][1]. 13 | 14 | [1]: https://spreadsheets.google.com/spreadsheet/viewform?formkey=dDViT2xzUHAwRkI3X3k5Z0lQM091OGc6MQ&ndplr=1 15 | -------------------------------------------------------------------------------- /vendor/golang.org/x/net/context/go19.go: -------------------------------------------------------------------------------- 1 | // Copyright 2017 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build go1.9 6 | 7 | package context 8 | 9 | import "context" // standard library's context, as of Go 1.7 10 | 11 | // A Context carries a deadline, a cancelation signal, and other values across 12 | // API boundaries. 13 | // 14 | // Context's methods may be called by multiple goroutines simultaneously. 15 | type Context = context.Context 16 | 17 | // A CancelFunc tells an operation to abandon its work. 18 | // A CancelFunc does not wait for the work to stop. 19 | // After the first call, subsequent calls to a CancelFunc do nothing. 20 | type CancelFunc = context.CancelFunc 21 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/default.mk: -------------------------------------------------------------------------------- 1 | self_dir := $(dir $(lastword $(MAKEFILE_LIST))) 2 | 3 | # We extend the default verify/update for Golang 4 | 5 | verify: verify-codegen 6 | verify: verify-bindata 7 | .PHONY: verify 8 | 9 | update: update-codegen 10 | update: update-bindata 11 | .PHONY: update 12 | 13 | 14 | # We need to be careful to expand all the paths before any include is done 15 | # or self_dir could be modified for the next include by the included file. 16 | # Also doing this at the end of the file allows us to use self_dir before it could be modified. 17 | include $(addprefix $(self_dir), \ 18 | targets/openshift/deps.mk \ 19 | targets/openshift/images.mk \ 20 | targets/openshift/bindata.mk \ 21 | targets/openshift/codegen.mk \ 22 | golang.mk \ 23 | ) 24 | -------------------------------------------------------------------------------- /vendor/google.golang.org/appengine/internal/app_id.go: -------------------------------------------------------------------------------- 1 | // Copyright 2011 Google Inc. All rights reserved. 2 | // Use of this source code is governed by the Apache 2.0 3 | // license that can be found in the LICENSE file. 4 | 5 | package internal 6 | 7 | import ( 8 | "strings" 9 | ) 10 | 11 | func parseFullAppID(appid string) (partition, domain, displayID string) { 12 | if i := strings.Index(appid, "~"); i != -1 { 13 | partition, appid = appid[:i], appid[i+1:] 14 | } 15 | if i := strings.Index(appid, ":"); i != -1 { 16 | domain, appid = appid[:i], appid[i+1:] 17 | } 18 | return partition, domain, appid 19 | } 20 | 21 | // appID returns "appid" or "domain.com:appid". 22 | func appID(fullAppID string) string { 23 | _, dom, dis := parseFullAppID(fullAppID) 24 | if dom != "" { 25 | return dom + ":" + dis 26 | } 27 | return dis 28 | } 29 | -------------------------------------------------------------------------------- /vendor/github.com/pborman/uuid/README.md: -------------------------------------------------------------------------------- 1 | This project was automatically exported from code.google.com/p/go-uuid 2 | 3 | # uuid ![build status](https://travis-ci.org/pborman/uuid.svg?branch=master) 4 | The uuid package generates and inspects UUIDs based on [RFC 4122](http://tools.ietf.org/html/rfc4122) and DCE 1.1: Authentication and Security Services. 5 | 6 | This package now leverages the github.com/google/uuid package (which is based off an earlier version of this package). 7 | 8 | ###### Install 9 | `go get github.com/pborman/uuid` 10 | 11 | ###### Documentation 12 | [![GoDoc](https://godoc.org/github.com/pborman/uuid?status.svg)](http://godoc.org/github.com/pborman/uuid) 13 | 14 | Full `go doc` style documentation for the package can be viewed online without installing this package by using the GoDoc site here: 15 | http://godoc.org/github.com/pborman/uuid 16 | -------------------------------------------------------------------------------- /vendor/github.com/pborman/uuid/version1.go: -------------------------------------------------------------------------------- 1 | // Copyright 2011 Google Inc. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package uuid 6 | 7 | import ( 8 | guuid "github.com/google/uuid" 9 | ) 10 | 11 | // NewUUID returns a Version 1 UUID based on the current NodeID and clock 12 | // sequence, and the current time. If the NodeID has not been set by SetNodeID 13 | // or SetNodeInterface then it will be set automatically. If the NodeID cannot 14 | // be set NewUUID returns nil. If clock sequence has not been set by 15 | // SetClockSequence then it will be set automatically. If GetTime fails to 16 | // return the current NewUUID returns nil. 17 | func NewUUID() UUID { 18 | gu, err := guuid.NewUUID() 19 | if err == nil { 20 | return UUID(gu[:]) 21 | } 22 | return nil 23 | } 24 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/targets/openshift/images.mk: -------------------------------------------------------------------------------- 1 | # IMAGE_BUILD_EXTRA_FLAGS lets you add extra flags for imagebuilder 2 | # e.g. to mount secrets and repo information into base image like: 3 | # make images IMAGE_BUILD_EXTRA_FLAGS='-mount ~/projects/origin-repos/4.2/:/etc/yum.repos.d/' 4 | IMAGE_BUILD_DEFAULT_FLAGS ?=--allow-pull 5 | IMAGE_BUILD_EXTRA_FLAGS ?= 6 | 7 | # $1 - target name 8 | # $2 - image ref 9 | # $3 - Dockerfile path 10 | # $4 - context 11 | define build-image-internal 12 | image-$(1): 13 | $(strip \ 14 | imagebuilder \ 15 | $(IMAGE_BUILD_DEFAULT_FLAGS) \ 16 | -t $(2) 17 | -f $(3) \ 18 | $(IMAGE_BUILD_EXTRA_FLAGS) \ 19 | $(4) \ 20 | ) 21 | .PHONY: image-$(1) 22 | 23 | images: image-$(1) 24 | .PHONY: images 25 | endef 26 | 27 | define build-image 28 | $(eval $(call build-image-internal,$(1),$(2),$(3),$(4))) 29 | endef 30 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/targets/golang/test-unit.mk: -------------------------------------------------------------------------------- 1 | self_dir :=$(dir $(lastword $(MAKEFILE_LIST))) 2 | 3 | test-unit: 4 | ifndef JUNITFILE 5 | $(GO) test $(GO_MOD_FLAGS) $(GO_TEST_FLAGS) $(GO_TEST_PACKAGES) 6 | else 7 | ifeq (, $(shell which gotest2junit 2>/dev/null)) 8 | $(error gotest2junit not found! Get it by `go get -mod='' -u github.com/openshift/release/tools/gotest2junit`.) 9 | endif 10 | set -o pipefail; $(GO) test $(GO_MOD_FLAGS) $(GO_TEST_FLAGS) -json $(GO_TEST_PACKAGES) | gotest2junit > $(JUNITFILE) 11 | endif 12 | .PHONY: test-unit 13 | 14 | # We need to be careful to expand all the paths before any include is done 15 | # or self_dir could be modified for the next include by the included file. 16 | # Also doing this at the end of the file allows us to use self_dir before it could be modified. 17 | include $(addprefix $(self_dir), \ 18 | ../../lib/golang.mk \ 19 | ) 20 | -------------------------------------------------------------------------------- /server.go: -------------------------------------------------------------------------------- 1 | package osin 2 | 3 | import ( 4 | "time" 5 | ) 6 | 7 | // Server is an OAuth2 implementation 8 | type Server struct { 9 | Config *ServerConfig 10 | Storage Storage 11 | AuthorizeTokenGen AuthorizeTokenGen 12 | AccessTokenGen AccessTokenGen 13 | Now func() time.Time 14 | Logger Logger 15 | } 16 | 17 | // NewServer creates a new server instance 18 | func NewServer(config *ServerConfig, storage Storage) *Server { 19 | return &Server{ 20 | Config: config, 21 | Storage: storage, 22 | AuthorizeTokenGen: &AuthorizeTokenGenDefault{}, 23 | AccessTokenGen: &AccessTokenGenDefault{}, 24 | Now: time.Now, 25 | Logger: &LoggerDefault{}, 26 | } 27 | } 28 | 29 | // NewResponse creates a new response for the server 30 | func (s *Server) NewResponse() *Response { 31 | r := NewResponse(s.Storage) 32 | r.ErrorStatusCode = s.Config.ErrorStatusCode 33 | return r 34 | } 35 | -------------------------------------------------------------------------------- /vendor/github.com/google/uuid/README.md: -------------------------------------------------------------------------------- 1 | # uuid ![build status](https://travis-ci.org/google/uuid.svg?branch=master) 2 | The uuid package generates and inspects UUIDs based on 3 | [RFC 4122](http://tools.ietf.org/html/rfc4122) 4 | and DCE 1.1: Authentication and Security Services. 5 | 6 | This package is based on the github.com/pborman/uuid package (previously named 7 | code.google.com/p/go-uuid). It differs from these earlier packages in that 8 | a UUID is a 16 byte array rather than a byte slice. One loss due to this 9 | change is the ability to represent an invalid UUID (vs a NIL UUID). 10 | 11 | ###### Install 12 | `go get github.com/google/uuid` 13 | 14 | ###### Documentation 15 | [![GoDoc](https://godoc.org/github.com/google/uuid?status.svg)](http://godoc.org/github.com/google/uuid) 16 | 17 | Full `go doc` style documentation for the package can be viewed online without 18 | installing this package by using the GoDoc site here: 19 | http://godoc.org/github.com/google/uuid 20 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/osincli/pkce.go: -------------------------------------------------------------------------------- 1 | package osincli 2 | 3 | import ( 4 | "crypto/rand" 5 | "crypto/sha256" 6 | "encoding/base64" 7 | ) 8 | 9 | const ( 10 | pkce_s256 = "S256" 11 | code_verifier_len = 96 // 96 8-bit values (ASCII) == 128 6-bit values (base64) 12 | ) 13 | 14 | func GeneratePKCE() (string, string, string, error) { 15 | random := make([]byte, code_verifier_len) 16 | if _, err := rand.Read(random); err != nil { 17 | return "", "", "", err 18 | } 19 | verifier := base64.RawURLEncoding.EncodeToString(random) 20 | hash := sha256.Sum256([]byte(verifier)) 21 | challenge := base64.RawURLEncoding.EncodeToString(hash[:]) 22 | return challenge, pkce_s256, verifier, nil 23 | } 24 | 25 | func PopulatePKCE(c *ClientConfig) error { 26 | challenge, method, verifier, err := GeneratePKCE() 27 | if err != nil { 28 | return err 29 | } 30 | c.CodeChallenge = challenge 31 | c.CodeChallengeMethod = method 32 | c.CodeVerifier = verifier 33 | return nil 34 | } 35 | -------------------------------------------------------------------------------- /vendor/github.com/pborman/uuid/version4.go: -------------------------------------------------------------------------------- 1 | // Copyright 2011 Google Inc. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package uuid 6 | 7 | import guuid "github.com/google/uuid" 8 | 9 | // Random returns a Random (Version 4) UUID or panics. 10 | // 11 | // The strength of the UUIDs is based on the strength of the crypto/rand 12 | // package. 13 | // 14 | // A note about uniqueness derived from the UUID Wikipedia entry: 15 | // 16 | // Randomly generated UUIDs have 122 random bits. One's annual risk of being 17 | // hit by a meteorite is estimated to be one chance in 17 billion, that 18 | // means the probability is about 0.00000000006 (6 × 10−11), 19 | // equivalent to the odds of creating a few tens of trillions of UUIDs in a 20 | // year and having one duplicate. 21 | func NewRandom() UUID { 22 | if gu, err := guuid.NewRandom(); err == nil { 23 | return UUID(gu[:]) 24 | } 25 | return nil 26 | } 27 | -------------------------------------------------------------------------------- /response_json.go: -------------------------------------------------------------------------------- 1 | package osin 2 | 3 | import ( 4 | "encoding/json" 5 | "net/http" 6 | ) 7 | 8 | // OutputJSON encodes the Response to JSON and writes to the http.ResponseWriter 9 | func OutputJSON(rs *Response, w http.ResponseWriter, r *http.Request) error { 10 | // Add headers 11 | for i, k := range rs.Headers { 12 | for _, v := range k { 13 | w.Header().Add(i, v) 14 | } 15 | } 16 | 17 | if rs.Type == REDIRECT { 18 | // Output redirect with parameters 19 | u, err := rs.GetRedirectUrl() 20 | if err != nil { 21 | return err 22 | } 23 | w.Header().Add("Location", u) 24 | w.WriteHeader(302) 25 | } else { 26 | // set content type if the response doesn't already have one associated with it 27 | if w.Header().Get("Content-Type") == "" { 28 | w.Header().Set("Content-Type", "application/json") 29 | } 30 | w.WriteHeader(rs.StatusCode) 31 | 32 | encoder := json.NewEncoder(w) 33 | err := encoder.Encode(rs.Output) 34 | if err != nil { 35 | return err 36 | } 37 | } 38 | return nil 39 | } 40 | -------------------------------------------------------------------------------- /vendor/golang.org/x/oauth2/CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing to Go 2 | 3 | Go is an open source project. 4 | 5 | It is the work of hundreds of contributors. We appreciate your help! 6 | 7 | ## Filing issues 8 | 9 | When [filing an issue](https://github.com/golang/oauth2/issues), make sure to answer these five questions: 10 | 11 | 1. What version of Go are you using (`go version`)? 12 | 2. What operating system and processor architecture are you using? 13 | 3. What did you do? 14 | 4. What did you expect to see? 15 | 5. What did you see instead? 16 | 17 | General questions should go to the [golang-nuts mailing list](https://groups.google.com/group/golang-nuts) instead of the issue tracker. 18 | The gophers there will answer or ask you to file an issue if you've tripped over a bug. 19 | 20 | ## Contributing code 21 | 22 | Please read the [Contribution Guidelines](https://golang.org/doc/contribute.html) 23 | before sending patches. 24 | 25 | Unless otherwise noted, the Go source files are distributed under 26 | the BSD-style license found in the LICENSE file. 27 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/scripts/update-deps.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | readonly GLIDE_MINOR_VERSION="13" 4 | readonly REQUIRED_GLIDE_VERSION="0.$GLIDE_MINOR_VERSION" 5 | 6 | function verify_glide_version() { 7 | if ! command -v glide &> /dev/null; then 8 | echo "[FATAL] Glide was not found in \$PATH. Please install version ${REQUIRED_GLIDE_VERSION} or newer." 9 | exit 1 10 | fi 11 | 12 | local glide_version 13 | glide_version=($(glide --version)) 14 | if ! echo "${glide_version[2]#v}" | awk -F. -v min=$GLIDE_MINOR_VERSION '{ exit $2 < min }'; then 15 | echo "Detected glide version: ${glide_version[*]}." 16 | echo "Please install Glide version ${REQUIRED_GLIDE_VERSION} or newer." 17 | exit 1 18 | fi 19 | } 20 | 21 | verify_glide_version 22 | 23 | glide update --strip-vendor 24 | 25 | # glide doesn't handle mercurial properly and leaves internal files (equivalent of .git/) laying around 26 | # Given those files differ by mercurial version it was cloned with, verify-deps would break 27 | find ./vendor -name '.hg_archival.txt' -delete 28 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/targets/openshift/yq.mk: -------------------------------------------------------------------------------- 1 | self_dir :=$(dir $(lastword $(MAKEFILE_LIST))) 2 | 3 | YQ ?=$(PERMANENT_TMP_GOPATH)/bin/yq 4 | yq_dir :=$(dir $(YQ)) 5 | 6 | 7 | ensure-yq: 8 | ifeq "" "$(wildcard $(YQ))" 9 | $(info Installing yq into '$(YQ)') 10 | mkdir -p '$(yq_dir)' 11 | curl -s -f -L https://github.com/mikefarah/yq/releases/download/2.4.0/yq_$(GOHOSTOS)_$(GOHOSTARCH) -o '$(YQ)' 12 | chmod +x '$(YQ)'; 13 | else 14 | $(info Using existing yq from "$(YQ)") 15 | endif 16 | .PHONY: ensure-yq 17 | 18 | clean-yq: 19 | $(RM) '$(YQ)' 20 | if [ -d '$(yq_dir)' ]; then rmdir --ignore-fail-on-non-empty -p '$(yq_dir)'; fi 21 | .PHONY: clean-yq 22 | 23 | clean: clean-yq 24 | 25 | 26 | # We need to be careful to expand all the paths before any include is done 27 | # or self_dir could be modified for the next include by the included file. 28 | # Also doing this at the end of the file allows us to use self_dir before it could be modified. 29 | include $(addprefix $(self_dir), \ 30 | ../../lib/golang.mk \ 31 | ../../lib/tmp.mk \ 32 | ) 33 | -------------------------------------------------------------------------------- /vendor/github.com/google/uuid/marshal.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 Google Inc. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package uuid 6 | 7 | import "fmt" 8 | 9 | // MarshalText implements encoding.TextMarshaler. 10 | func (uuid UUID) MarshalText() ([]byte, error) { 11 | var js [36]byte 12 | encodeHex(js[:], uuid) 13 | return js[:], nil 14 | } 15 | 16 | // UnmarshalText implements encoding.TextUnmarshaler. 17 | func (uuid *UUID) UnmarshalText(data []byte) error { 18 | id, err := ParseBytes(data) 19 | if err == nil { 20 | *uuid = id 21 | } 22 | return err 23 | } 24 | 25 | // MarshalBinary implements encoding.BinaryMarshaler. 26 | func (uuid UUID) MarshalBinary() ([]byte, error) { 27 | return uuid[:], nil 28 | } 29 | 30 | // UnmarshalBinary implements encoding.BinaryUnmarshaler. 31 | func (uuid *UUID) UnmarshalBinary(data []byte) error { 32 | if len(data) != 16 { 33 | return fmt.Errorf("invalid UUID (got %d bytes)", len(data)) 34 | } 35 | copy(uuid[:], data) 36 | return nil 37 | } 38 | -------------------------------------------------------------------------------- /vendor/github.com/dgrijalva/jwt-go/LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2012 Dave Grijalva 2 | 3 | Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: 4 | 5 | The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. 6 | 7 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 8 | 9 | -------------------------------------------------------------------------------- /vendor/golang.org/x/oauth2/internal/transport.go: -------------------------------------------------------------------------------- 1 | // Copyright 2014 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package internal 6 | 7 | import ( 8 | "context" 9 | "net/http" 10 | ) 11 | 12 | // HTTPClient is the context key to use with golang.org/x/net/context's 13 | // WithValue function to associate an *http.Client value with a context. 14 | var HTTPClient ContextKey 15 | 16 | // ContextKey is just an empty struct. It exists so HTTPClient can be 17 | // an immutable public variable with a unique type. It's immutable 18 | // because nobody else can create a ContextKey, being unexported. 19 | type ContextKey struct{} 20 | 21 | var appengineClientHook func(context.Context) *http.Client 22 | 23 | func ContextClient(ctx context.Context) *http.Client { 24 | if ctx != nil { 25 | if hc, ok := ctx.Value(HTTPClient).(*http.Client); ok { 26 | return hc 27 | } 28 | } 29 | if appengineClientHook != nil { 30 | return appengineClientHook(ctx) 31 | } 32 | return http.DefaultClient 33 | } 34 | -------------------------------------------------------------------------------- /vendor/github.com/google/uuid/node_net.go: -------------------------------------------------------------------------------- 1 | // Copyright 2017 Google Inc. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build !js 6 | 7 | package uuid 8 | 9 | import "net" 10 | 11 | var interfaces []net.Interface // cached list of interfaces 12 | 13 | // getHardwareInterface returns the name and hardware address of interface name. 14 | // If name is "" then the name and hardware address of one of the system's 15 | // interfaces is returned. If no interfaces are found (name does not exist or 16 | // there are no interfaces) then "", nil is returned. 17 | // 18 | // Only addresses of at least 6 bytes are returned. 19 | func getHardwareInterface(name string) (string, []byte) { 20 | if interfaces == nil { 21 | var err error 22 | interfaces, err = net.Interfaces() 23 | if err != nil { 24 | return "", nil 25 | } 26 | } 27 | for _, ifs := range interfaces { 28 | if len(ifs.HardwareAddr) >= 6 && (name == "" || name == ifs.Name) { 29 | return ifs.Name, ifs.HardwareAddr 30 | } 31 | } 32 | return "", nil 33 | } 34 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/osincli/error.go: -------------------------------------------------------------------------------- 1 | package osincli 2 | 3 | const ( 4 | E_INVALID_REQUEST string = "invalid_request" 5 | E_UNAUTHORIZED_CLIENT = "unauthorized_client" 6 | E_ACCESS_DENIED = "access_denied" 7 | E_UNSUPPORTED_RESPONSE_TYPE = "unsupported_response_type" 8 | E_INVALID_SCOPE = "invalid_scope" 9 | E_SERVER_ERROR = "server_error" 10 | E_TEMPORARILY_UNAVAILABLE = "temporarily_unavailable" 11 | E_UNSUPPORTED_GRANT_TYPE = "unsupported_grant_type" 12 | E_INVALID_GRANT = "invalid_grant" 13 | E_INVALID_CLIENT = "invalid_client" 14 | ) 15 | 16 | // OAuth2 error base 17 | type Error struct { 18 | Id string 19 | Description string 20 | URI string 21 | State string 22 | } 23 | 24 | func (e *Error) Error() string { 25 | return e.Description 26 | } 27 | 28 | func NewError(id, description, uri, state string) *Error { 29 | return &Error{ 30 | Id: id, 31 | Description: description, 32 | URI: uri, 33 | State: state, 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /tokengen.go: -------------------------------------------------------------------------------- 1 | package osin 2 | 3 | import ( 4 | "encoding/base64" 5 | 6 | "github.com/pborman/uuid" 7 | ) 8 | 9 | // AuthorizeTokenGenDefault is the default authorization token generator 10 | type AuthorizeTokenGenDefault struct { 11 | } 12 | 13 | // GenerateAuthorizeToken generates a base64-encoded UUID code 14 | func (a *AuthorizeTokenGenDefault) GenerateAuthorizeToken(data *AuthorizeData) (ret string, err error) { 15 | token := uuid.NewRandom() 16 | return base64.RawURLEncoding.EncodeToString([]byte(token)), nil 17 | } 18 | 19 | // AccessTokenGenDefault is the default authorization token generator 20 | type AccessTokenGenDefault struct { 21 | } 22 | 23 | // GenerateAccessToken generates base64-encoded UUID access and refresh tokens 24 | func (a *AccessTokenGenDefault) GenerateAccessToken(data *AccessData, generaterefresh bool) (accesstoken string, refreshtoken string, err error) { 25 | token := uuid.NewRandom() 26 | accesstoken = base64.RawURLEncoding.EncodeToString([]byte(token)) 27 | 28 | if generaterefresh { 29 | rtoken := uuid.NewRandom() 30 | refreshtoken = base64.RawURLEncoding.EncodeToString([]byte(rtoken)) 31 | } 32 | return 33 | } 34 | -------------------------------------------------------------------------------- /vendor/gopkg.in/square/go-jose.v1/doc.go: -------------------------------------------------------------------------------- 1 | /*- 2 | * Copyright 2014 Square Inc. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | /* 18 | 19 | Package jose aims to provide an implementation of the Javascript Object Signing 20 | and Encryption set of standards. For the moment, it mainly focuses on 21 | encryption and signing based on the JSON Web Encryption and JSON Web Signature 22 | standards. The library supports both the compact and full serialization 23 | formats, and has optional support for multiple recipients. 24 | 25 | */ 26 | package jose // import "gopkg.in/square/go-jose.v1" 27 | -------------------------------------------------------------------------------- /vendor/golang.org/x/oauth2/go.sum: -------------------------------------------------------------------------------- 1 | cloud.google.com/go v0.34.0 h1:eOI3/cP2VTU6uZLDYAoic+eyzzB9YyGmJ7eIjl8rOPg= 2 | cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= 3 | github.com/golang/protobuf v1.2.0 h1:P3YflyNX/ehuJFLhxviNdFxQPkGK5cDcApsge1SqnvM= 4 | github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= 5 | golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 6 | golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e h1:bRhVy7zSSasaqNksaRZiA5EEI+Ei4I1nO5Jh72wfHlg= 7 | golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 8 | golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4 h1:YUO/7uOKsKeq9UokNS62b8FYywz3ker1l1vDZRCRefw= 9 | golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 10 | golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= 11 | google.golang.org/appengine v1.4.0 h1:/wp5JvzpHIxhs/dumFmF7BXTf3Z+dd4uXta4kVyO508= 12 | google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= 13 | -------------------------------------------------------------------------------- /log_test.go: -------------------------------------------------------------------------------- 1 | package osin 2 | 3 | import ( 4 | "errors" 5 | "fmt" 6 | "reflect" 7 | "testing" 8 | ) 9 | 10 | type testLogger struct { 11 | Result string 12 | } 13 | 14 | func (l *testLogger) Printf(format string, v ...interface{}) { 15 | l.Result = fmt.Sprintf(format, v...) 16 | } 17 | 18 | func TestServerErrorLogger(t *testing.T) { 19 | sconfig := NewServerConfig() 20 | server := NewServer(sconfig, NewTestingStorage()) 21 | 22 | tl := &testLogger{} 23 | server.Logger = tl 24 | 25 | r := server.NewResponse() 26 | r.ErrorStatusCode = 404 27 | 28 | server.setErrorAndLog(r, E_INVALID_GRANT, errors.New("foo"), "foo=%s, bar=%s", "bar", "baz") 29 | 30 | if r.ErrorId != E_INVALID_GRANT { 31 | t.Errorf("expected error to be set to %s", E_INVALID_GRANT) 32 | } 33 | if r.StatusText != deferror.Get(E_INVALID_GRANT) { 34 | t.Errorf("expected status text to be %s, got %s", deferror.Get(E_INVALID_GRANT), r.StatusText) 35 | } 36 | 37 | expectedResult := `error=invalid_grant, internal_error=&errors.errorString{s:"foo"} foo=bar, bar=baz` 38 | if !reflect.DeepEqual(tl.Result, expectedResult) { 39 | t.Errorf("expected %v, got %v", expectedResult, tl.Result) 40 | } 41 | } -------------------------------------------------------------------------------- /vendor/google.golang.org/appengine/internal/remote_api/remote_api.proto: -------------------------------------------------------------------------------- 1 | syntax = "proto2"; 2 | option go_package = "remote_api"; 3 | 4 | package remote_api; 5 | 6 | message Request { 7 | required string service_name = 2; 8 | required string method = 3; 9 | required bytes request = 4; 10 | optional string request_id = 5; 11 | } 12 | 13 | message ApplicationError { 14 | required int32 code = 1; 15 | required string detail = 2; 16 | } 17 | 18 | message RpcError { 19 | enum ErrorCode { 20 | UNKNOWN = 0; 21 | CALL_NOT_FOUND = 1; 22 | PARSE_ERROR = 2; 23 | SECURITY_VIOLATION = 3; 24 | OVER_QUOTA = 4; 25 | REQUEST_TOO_LARGE = 5; 26 | CAPABILITY_DISABLED = 6; 27 | FEATURE_DISABLED = 7; 28 | BAD_REQUEST = 8; 29 | RESPONSE_TOO_LARGE = 9; 30 | CANCELLED = 10; 31 | REPLAY_ERROR = 11; 32 | DEADLINE_EXCEEDED = 12; 33 | } 34 | required int32 code = 1; 35 | optional string detail = 2; 36 | } 37 | 38 | message Response { 39 | optional bytes response = 1; 40 | optional bytes exception = 2; 41 | optional ApplicationError application_error = 3; 42 | optional bytes java_exception = 4; 43 | optional RpcError rpc_error = 5; 44 | } 45 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/targets/golang/build.mk: -------------------------------------------------------------------------------- 1 | self_dir :=$(dir $(lastword $(MAKEFILE_LIST))) 2 | 3 | define build-package 4 | $(if $(GO_BUILD_BINDIR),mkdir -p '$(GO_BUILD_BINDIR)',) 5 | $(strip $(GO) build $(GO_MOD_FLAGS) $(GO_BUILD_FLAGS) $(GO_LD_FLAGS) \ 6 | $(if $(GO_BUILD_BINDIR),-o '$(GO_BUILD_BINDIR)/$(notdir $(1))$(GOEXE)',) \ 7 | $(1)) 8 | 9 | endef 10 | 11 | # We need to build each package separately so go build creates appropriate binaries 12 | build: 13 | $(if $(strip $(GO_BUILD_PACKAGES_EXPANDED)),,$(error no packages to build: GO_BUILD_PACKAGES_EXPANDED var is empty)) 14 | $(foreach package,$(GO_BUILD_PACKAGES_EXPANDED),$(call build-package,$(package))) 15 | .PHONY: build 16 | 17 | clean-binaries: 18 | $(RM) $(go_build_binaries) 19 | .PHONY: clean-binaries 20 | 21 | clean: clean-binaries 22 | .PHONY: clean 23 | 24 | # We need to be careful to expand all the paths before any include is done 25 | # or self_dir could be modified for the next include by the included file. 26 | # Also doing this at the end of the file allows us to use self_dir before it could be modified. 27 | include $(addprefix $(self_dir), \ 28 | ../../lib/golang.mk \ 29 | ) 30 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/osincli/custom.go: -------------------------------------------------------------------------------- 1 | package osincli 2 | 3 | import ( 4 | "net/url" 5 | ) 6 | 7 | // Custom request information 8 | type CustomRequest struct { 9 | client *Client 10 | CustomParameters map[string]string 11 | } 12 | 13 | // Custom data 14 | type CustomData struct { 15 | ResponseData ResponseData 16 | } 17 | 18 | func (c *Client) NewCustomRequest() *CustomRequest { 19 | return &CustomRequest{ 20 | client: c, 21 | } 22 | } 23 | 24 | // Send a custom request 25 | // On OAuth2 error, and osincli.Error is returned as error 26 | func (c *CustomRequest) GetRequest(url *url.URL) (*CustomData, error) { 27 | var ba *BasicAuth 28 | if !c.client.config.SendClientSecretInParams { 29 | ba = &BasicAuth{Username: c.client.config.ClientId, Password: c.client.config.ClientSecret} 30 | } 31 | 32 | // return value 33 | ret := &CustomData{ 34 | ResponseData: make(ResponseData), 35 | } 36 | 37 | // download data 38 | m := "POST" 39 | if c.client.config.UseGetAccessRequest { 40 | m = "GET" 41 | } 42 | err := downloadData(m, url, ba, c.client.Transport, ret.ResponseData) 43 | if err != nil { 44 | return nil, err 45 | } 46 | 47 | return ret, nil 48 | } 49 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/targets/openshift/codegen.mk: -------------------------------------------------------------------------------- 1 | CODEGEN_PKG ?=./vendor/k8s.io/code-generator/ 2 | CODEGEN_GENERATORS ?=all 3 | CODEGEN_OUTPUT_BASE ?=../../.. 4 | CODEGEN_GO_HEADER_FILE ?=/dev/null 5 | 6 | CODEGEN_API_PACKAGE ?=$(error CODEGEN_API_PACKAGE is required) 7 | CODEGEN_GROUPS_VERSION ?=$(error CODEGEN_GROUPS_VERSION is required) 8 | CODEGEN_OUTPUT_PACKAGE ?=$(error CODEGEN_OUTPUT_PACKAGE is required) 9 | 10 | define run-codegen 11 | $(CODEGEN_PKG)/generate-groups.sh \ 12 | "$(CODEGEN_GENERATORS)" \ 13 | "$(CODEGEN_OUTPUT_PACKAGE)" \ 14 | "$(CODEGEN_API_PACKAGE)" \ 15 | "$(CODEGEN_GROUPS_VERSION)" \ 16 | --output-base $(CODEGEN_OUTPUT_BASE) \ 17 | --go-header-file $(CODEGEN_GO_HEADER_FILE) \ 18 | $1 19 | endef 20 | 21 | 22 | verify-codegen: 23 | $(call run-codegen,--verify-only) 24 | .PHONY: verify-codegen 25 | 26 | verify-generated: verify-codegen 27 | .PHONY: verify-generated 28 | 29 | verify: verify-generated 30 | .PHONY: verify 31 | 32 | 33 | update-codegen: 34 | $(call run-codegen) 35 | .PHONY: update-codegen 36 | 37 | update-generated: update-codegen 38 | .PHONY: update-generated 39 | 40 | update: update-generated 41 | .PHONY: update 42 | -------------------------------------------------------------------------------- /CHANGELOG: -------------------------------------------------------------------------------- 1 | 2019-05-13 2 | ========== 3 | * NON-BREAKING CHANGES 4 | - Updated imports in examples to use github.com/openshift/osin instead of github.com/RangelReale/osin 5 | 6 | 2014-06-25 7 | ========== 8 | * BREAKING CHANGES: 9 | - Storage interface has 2 new methods, Clone and Close, to better support storages 10 | that need to clone / close in each connection (mgo) 11 | - Client was changed to be an interface instead of an struct. Because of that, 12 | the Storage interface also had to change, as interface is already a pointer. 13 | 14 | - HOW TO FIX YOUR CODE: 15 | + In your Storage, add a Clone function returning itself, and a do nothing Close. 16 | + In your Storage, replace all *osin.Client with osin.Client (remove the pointer reference) 17 | + If you used the osin.Client struct directly in your code, change it to osin.DefaultClient, 18 | which is a struct with the same fields that implements the interface. 19 | + Change all accesses using osin.Client to use the methods instead of the fields directly. 20 | + You MUST defer Response.Close in all your http handlers, otherwise some 21 | Storages may not clean correctly. 22 | 23 | resp := server.NewResponse() 24 | defer resp.Close() 25 | -------------------------------------------------------------------------------- /vendor/golang.org/x/oauth2/internal/oauth2.go: -------------------------------------------------------------------------------- 1 | // Copyright 2014 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package internal 6 | 7 | import ( 8 | "crypto/rsa" 9 | "crypto/x509" 10 | "encoding/pem" 11 | "errors" 12 | "fmt" 13 | ) 14 | 15 | // ParseKey converts the binary contents of a private key file 16 | // to an *rsa.PrivateKey. It detects whether the private key is in a 17 | // PEM container or not. If so, it extracts the the private key 18 | // from PEM container before conversion. It only supports PEM 19 | // containers with no passphrase. 20 | func ParseKey(key []byte) (*rsa.PrivateKey, error) { 21 | block, _ := pem.Decode(key) 22 | if block != nil { 23 | key = block.Bytes 24 | } 25 | parsedKey, err := x509.ParsePKCS8PrivateKey(key) 26 | if err != nil { 27 | parsedKey, err = x509.ParsePKCS1PrivateKey(key) 28 | if err != nil { 29 | return nil, fmt.Errorf("private key should be a PEM or plain PKCS1 or PKCS8; parse error: %v", err) 30 | } 31 | } 32 | parsed, ok := parsedKey.(*rsa.PrivateKey) 33 | if !ok { 34 | return nil, errors.New("private key is invalid") 35 | } 36 | return parsed, nil 37 | } 38 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/targets/openshift/yaml-patch.mk: -------------------------------------------------------------------------------- 1 | self_dir :=$(dir $(lastword $(MAKEFILE_LIST))) 2 | 3 | YAML_PATCH ?=$(PERMANENT_TMP_GOPATH)/bin/yaml-patch 4 | yaml_patch_dir :=$(dir $(YAML_PATCH)) 5 | 6 | 7 | ensure-yaml-patch: 8 | ifeq "" "$(wildcard $(YAML_PATCH))" 9 | $(info Installing yaml-patch into '$(YAML_PATCH)') 10 | mkdir -p '$(yaml_patch_dir)' 11 | curl -s -f -L https://github.com/krishicks/yaml-patch/releases/download/v0.0.10/yaml_patch_$(GOHOSTOS) -o '$(YAML_PATCH)' 12 | chmod +x '$(YAML_PATCH)'; 13 | else 14 | $(info Using existing yaml-patch from "$(YAML_PATCH)") 15 | endif 16 | .PHONY: ensure-yaml-patch 17 | 18 | clean-yaml-patch: 19 | $(RM) '$(YAML_PATCH)' 20 | if [ -d '$(yaml_patch_dir)' ]; then rmdir --ignore-fail-on-non-empty -p '$(yaml_patch_dir)'; fi 21 | .PHONY: clean-yaml-patch 22 | 23 | clean: clean-yaml-patch 24 | 25 | 26 | # We need to be careful to expand all the paths before any include is done 27 | # or self_dir could be modified for the next include by the included file. 28 | # Also doing this at the end of the file allows us to use self_dir before it could be modified. 29 | include $(addprefix $(self_dir), \ 30 | ../../lib/golang.mk \ 31 | ../../lib/tmp.mk \ 32 | ) 33 | -------------------------------------------------------------------------------- /vendor/gopkg.in/square/go-jose.v1/json/tags.go: -------------------------------------------------------------------------------- 1 | // Copyright 2011 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package json 6 | 7 | import ( 8 | "strings" 9 | ) 10 | 11 | // tagOptions is the string following a comma in a struct field's "json" 12 | // tag, or the empty string. It does not include the leading comma. 13 | type tagOptions string 14 | 15 | // parseTag splits a struct field's json tag into its name and 16 | // comma-separated options. 17 | func parseTag(tag string) (string, tagOptions) { 18 | if idx := strings.Index(tag, ","); idx != -1 { 19 | return tag[:idx], tagOptions(tag[idx+1:]) 20 | } 21 | return tag, tagOptions("") 22 | } 23 | 24 | // Contains reports whether a comma-separated list of options 25 | // contains a particular substr flag. substr must be surrounded by a 26 | // string boundary or commas. 27 | func (o tagOptions) Contains(optionName string) bool { 28 | if len(o) == 0 { 29 | return false 30 | } 31 | s := string(o) 32 | for s != "" { 33 | var next string 34 | i := strings.Index(s, ",") 35 | if i >= 0 { 36 | s, next = s[:i], s[i+1:] 37 | } 38 | if s == optionName { 39 | return true 40 | } 41 | s = next 42 | } 43 | return false 44 | } 45 | -------------------------------------------------------------------------------- /vendor/github.com/dgrijalva/jwt-go/signing_method.go: -------------------------------------------------------------------------------- 1 | package jwt 2 | 3 | import ( 4 | "sync" 5 | ) 6 | 7 | var signingMethods = map[string]func() SigningMethod{} 8 | var signingMethodLock = new(sync.RWMutex) 9 | 10 | // Implement SigningMethod to add new methods for signing or verifying tokens. 11 | type SigningMethod interface { 12 | Verify(signingString, signature string, key interface{}) error // Returns nil if signature is valid 13 | Sign(signingString string, key interface{}) (string, error) // Returns encoded signature or error 14 | Alg() string // returns the alg identifier for this method (example: 'HS256') 15 | } 16 | 17 | // Register the "alg" name and a factory function for signing method. 18 | // This is typically done during init() in the method's implementation 19 | func RegisterSigningMethod(alg string, f func() SigningMethod) { 20 | signingMethodLock.Lock() 21 | defer signingMethodLock.Unlock() 22 | 23 | signingMethods[alg] = f 24 | } 25 | 26 | // Get a signing method from an "alg" string 27 | func GetSigningMethod(alg string) (method SigningMethod) { 28 | signingMethodLock.RLock() 29 | defer signingMethodLock.RUnlock() 30 | 31 | if methodF, ok := signingMethods[alg]; ok { 32 | method = methodF() 33 | } 34 | return 35 | } 36 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/osincli/client.go: -------------------------------------------------------------------------------- 1 | package osincli 2 | 3 | import ( 4 | "errors" 5 | "net/http" 6 | "net/url" 7 | ) 8 | 9 | // Caches configuration URLs 10 | type clientconfigCache struct { 11 | authorizeUrl *url.URL 12 | tokenUrl *url.URL 13 | } 14 | 15 | type Client struct { 16 | // caches urls 17 | configcache clientconfigCache 18 | 19 | // Client configuration 20 | config *ClientConfig 21 | 22 | // Transport is the HTTP transport to use when making requests. 23 | // It will default to http.DefaultTransport if nil. 24 | Transport http.RoundTripper 25 | } 26 | 27 | // Creates a new client 28 | func NewClient(config *ClientConfig) (*Client, error) { 29 | c := &Client{ 30 | config: config, 31 | } 32 | return c, c.initialize() 33 | } 34 | 35 | func (c *Client) initialize() error { 36 | if c.config.ClientId == "" || c.config.AuthorizeUrl == "" || 37 | c.config.TokenUrl == "" || c.config.RedirectUrl == "" { 38 | return errors.New("Missing configuration") 39 | } 40 | 41 | var err error 42 | 43 | // cache configurations 44 | c.configcache.authorizeUrl, err = url.Parse(c.config.AuthorizeUrl) 45 | if err != nil { 46 | return err 47 | } 48 | 49 | c.configcache.tokenUrl, err = url.Parse(c.config.TokenUrl) 50 | if err != nil { 51 | return err 52 | } 53 | 54 | return nil 55 | } 56 | -------------------------------------------------------------------------------- /vendor/github.com/google/uuid/version4.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 Google Inc. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package uuid 6 | 7 | import "io" 8 | 9 | // New creates a new random UUID or panics. New is equivalent to 10 | // the expression 11 | // 12 | // uuid.Must(uuid.NewRandom()) 13 | func New() UUID { 14 | return Must(NewRandom()) 15 | } 16 | 17 | // NewRandom returns a Random (Version 4) UUID. 18 | // 19 | // The strength of the UUIDs is based on the strength of the crypto/rand 20 | // package. 21 | // 22 | // A note about uniqueness derived from the UUID Wikipedia entry: 23 | // 24 | // Randomly generated UUIDs have 122 random bits. One's annual risk of being 25 | // hit by a meteorite is estimated to be one chance in 17 billion, that 26 | // means the probability is about 0.00000000006 (6 × 10−11), 27 | // equivalent to the odds of creating a few tens of trillions of UUIDs in a 28 | // year and having one duplicate. 29 | func NewRandom() (UUID, error) { 30 | var uuid UUID 31 | _, err := io.ReadFull(rander, uuid[:]) 32 | if err != nil { 33 | return Nil, err 34 | } 35 | uuid[6] = (uuid[6] & 0x0f) | 0x40 // Version 4 36 | uuid[8] = (uuid[8] & 0x3f) | 0x80 // Variant is 10 37 | return uuid, nil 38 | } 39 | -------------------------------------------------------------------------------- /vendor/google.golang.org/appengine/internal/regen.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | # 3 | # This script rebuilds the generated code for the protocol buffers. 4 | # To run this you will need protoc and goprotobuf installed; 5 | # see https://github.com/golang/protobuf for instructions. 6 | 7 | PKG=google.golang.org/appengine 8 | 9 | function die() { 10 | echo 1>&2 $* 11 | exit 1 12 | } 13 | 14 | # Sanity check that the right tools are accessible. 15 | for tool in go protoc protoc-gen-go; do 16 | q=$(which $tool) || die "didn't find $tool" 17 | echo 1>&2 "$tool: $q" 18 | done 19 | 20 | echo -n 1>&2 "finding package dir... " 21 | pkgdir=$(go list -f '{{.Dir}}' $PKG) 22 | echo 1>&2 $pkgdir 23 | base=$(echo $pkgdir | sed "s,/$PKG\$,,") 24 | echo 1>&2 "base: $base" 25 | cd $base 26 | 27 | # Run protoc once per package. 28 | for dir in $(find $PKG/internal -name '*.proto' | xargs dirname | sort | uniq); do 29 | echo 1>&2 "* $dir" 30 | protoc --go_out=. $dir/*.proto 31 | done 32 | 33 | for f in $(find $PKG/internal -name '*.pb.go'); do 34 | # Remove proto.RegisterEnum calls. 35 | # These cause duplicate registration panics when these packages 36 | # are used on classic App Engine. proto.RegisterEnum only affects 37 | # parsing the text format; we don't care about that. 38 | # https://code.google.com/p/googleappengine/issues/detail?id=11670#c17 39 | sed -i '/proto.RegisterEnum/d' $f 40 | done 41 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/targets/golang/verify-update.mk: -------------------------------------------------------------------------------- 1 | self_dir :=$(dir $(lastword $(MAKEFILE_LIST))) 2 | 3 | go_files_count :=$(words $(GO_FILES)) 4 | 5 | verify-gofmt: 6 | $(info Running `$(GOFMT) $(GOFMT_FLAGS)` on $(go_files_count) file(s).) 7 | @TMP=$$( mktemp ); \ 8 | $(GOFMT) $(GOFMT_FLAGS) $(GO_FILES) | tee $${TMP}; \ 9 | if [ -s $${TMP} ]; then \ 10 | echo "$@ failed - please run \`make update-gofmt\`"; \ 11 | exit 1; \ 12 | fi; 13 | .PHONY: verify-gofmt 14 | 15 | update-gofmt: 16 | $(info Running `$(GOFMT) $(GOFMT_FLAGS) -w` on $(go_files_count) file(s).) 17 | @$(GOFMT) $(GOFMT_FLAGS) -w $(GO_FILES) 18 | .PHONY: update-gofmt 19 | 20 | 21 | # FIXME: go vet needs to use $(GO_MOD_FLAGS) when this is fixed https://github.com/golang/go/issues/35955 22 | # It will be enforced in CI by setting the env var there, so this remains to fix the dev experience 23 | verify-govet: 24 | $(GO) vet $(GO_MOD_FLAGS) $(GO_PACKAGES) 25 | .PHONY: verify-govet 26 | 27 | verify-golint: 28 | $(GOLINT) $(GO_PACKAGES) 29 | .PHONY: verify-govet 30 | 31 | # We need to be careful to expand all the paths before any include is done 32 | # or self_dir could be modified for the next include by the included file. 33 | # Also doing this at the end of the file allows us to use self_dir before it could be modified. 34 | include $(addprefix $(self_dir), \ 35 | ../../lib/golang.mk \ 36 | ) 37 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/targets/openshift/controller-gen.mk: -------------------------------------------------------------------------------- 1 | self_dir :=$(dir $(lastword $(MAKEFILE_LIST))) 2 | 3 | CONTROLLER_GEN_VERSION ?=v0.2.5 4 | CONTROLLER_GEN ?=$(PERMANENT_TMP_GOPATH)/bin/controller-gen 5 | controller_gen_dir :=$(dir $(CONTROLLER_GEN)) 6 | 7 | ensure-controller-gen: 8 | ifeq "" "$(wildcard $(CONTROLLER_GEN))" 9 | $(info Installing controller-gen into '$(CONTROLLER_GEN)') 10 | mkdir -p '$(controller_gen_dir)' 11 | curl -s -f -L https://github.com/openshift/kubernetes-sigs-controller-tools/releases/download/$(CONTROLLER_GEN_VERSION)/controller-gen-$(GOHOSTOS)-$(GOHOSTARCH) -o '$(CONTROLLER_GEN)' 12 | chmod +x '$(CONTROLLER_GEN)'; 13 | else 14 | $(info Using existing controller-gen from "$(CONTROLLER_GEN)") 15 | endif 16 | .PHONY: ensure-controller-gen 17 | 18 | clean-controller-gen: 19 | $(RM) '$(CONTROLLER_GEN)' 20 | if [ -d '$(controller_gen_dir)' ]; then rmdir --ignore-fail-on-non-empty -p '$(controller_gen_dir)'; fi 21 | .PHONY: clean-controller-gen 22 | 23 | clean: clean-controller-gen 24 | 25 | # We need to be careful to expand all the paths before any include is done 26 | # or self_dir could be modified for the next include by the included file. 27 | # Also doing this at the end of the file allows us to use self_dir before it could be modified. 28 | include $(addprefix $(self_dir), \ 29 | ../../lib/golang.mk \ 30 | ../../lib/tmp.mk \ 31 | ) 32 | -------------------------------------------------------------------------------- /vendor/golang.org/x/net/PATENTS: -------------------------------------------------------------------------------- 1 | Additional IP Rights Grant (Patents) 2 | 3 | "This implementation" means the copyrightable works distributed by 4 | Google as part of the Go project. 5 | 6 | Google hereby grants to You a perpetual, worldwide, non-exclusive, 7 | no-charge, royalty-free, irrevocable (except as stated in this section) 8 | patent license to make, have made, use, offer to sell, sell, import, 9 | transfer and otherwise run, modify and propagate the contents of this 10 | implementation of Go, where such license applies only to those patent 11 | claims, both currently owned or controlled by Google and acquired in 12 | the future, licensable by Google that are necessarily infringed by this 13 | implementation of Go. This grant does not include claims that would be 14 | infringed only as a consequence of further modification of this 15 | implementation. If you or your agent or exclusive licensee institute or 16 | order or agree to the institution of patent litigation against any 17 | entity (including a cross-claim or counterclaim in a lawsuit) alleging 18 | that this implementation of Go or any code incorporated within this 19 | implementation of Go constitutes direct or contributory patent 20 | infringement, or inducement of patent infringement, then any patent 21 | rights granted to you under this License for this implementation of Go 22 | shall terminate as of the date such litigation is filed. 23 | -------------------------------------------------------------------------------- /vendor/golang.org/x/oauth2/README.md: -------------------------------------------------------------------------------- 1 | # OAuth2 for Go 2 | 3 | [![Build Status](https://travis-ci.org/golang/oauth2.svg?branch=master)](https://travis-ci.org/golang/oauth2) 4 | [![GoDoc](https://godoc.org/golang.org/x/oauth2?status.svg)](https://godoc.org/golang.org/x/oauth2) 5 | 6 | oauth2 package contains a client implementation for OAuth 2.0 spec. 7 | 8 | ## Installation 9 | 10 | ~~~~ 11 | go get golang.org/x/oauth2 12 | ~~~~ 13 | 14 | Or you can manually git clone the repository to 15 | `$(go env GOPATH)/src/golang.org/x/oauth2`. 16 | 17 | See godoc for further documentation and examples. 18 | 19 | * [godoc.org/golang.org/x/oauth2](https://godoc.org/golang.org/x/oauth2) 20 | * [godoc.org/golang.org/x/oauth2/google](https://godoc.org/golang.org/x/oauth2/google) 21 | 22 | ## Policy for new packages 23 | 24 | We no longer accept new provider-specific packages in this repo if all 25 | they do is add a single endpoint variable. If you just want to add a 26 | single endpoint, add it to the 27 | [godoc.org/golang.org/x/oauth2/endpoints](https://godoc.org/golang.org/x/oauth2/endpoints) 28 | package. 29 | 30 | ## Report Issues / Send Patches 31 | 32 | This repository uses Gerrit for code changes. To learn how to submit changes to 33 | this repository, see https://golang.org/doc/contribute.html. 34 | 35 | The main issue tracker for the oauth2 repository is located at 36 | https://github.com/golang/oauth2/issues. 37 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2013, Rangel Reale 2 | All rights reserved. 3 | 4 | Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 5 | 6 | Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 7 | Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 8 | Neither the name of the SIB IT nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. 9 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- /vendor/gopkg.in/square/go-jose.v1/.travis.yml: -------------------------------------------------------------------------------- 1 | language: go 2 | 3 | sudo: false 4 | 5 | matrix: 6 | fast_finish: true 7 | allow_failures: 8 | - go: tip 9 | 10 | go: 11 | - '1.5.x' 12 | - '1.6.x' 13 | - '1.7.x' 14 | - '1.8.x' 15 | - '1.9.x' 16 | - '1.10.x' 17 | 18 | go_import_path: gopkg.in/square/go-jose.v1 19 | 20 | before_script: 21 | - export PATH=$HOME/.local/bin:$PATH 22 | 23 | before_install: 24 | # Install encrypted gitcookies to get around bandwidth-limits 25 | # that is causing Travis-CI builds to fail. For more info, see 26 | # https://github.com/golang/go/issues/12933 27 | - openssl aes-256-cbc -K $encrypted_1528c3c2cafd_key -iv $encrypted_1528c3c2cafd_iv -in .gitcookies.sh.enc -out .gitcookies.sh -d || true 28 | - bash .gitcookies.sh || true 29 | - go get github.com/wadey/gocovmerge 30 | - go get github.com/mattn/goveralls 31 | - go get golang.org/x/tools/cmd/cover || true 32 | - go get code.google.com/p/go.tools/cmd/cover || true 33 | - pip install cram --user 34 | 35 | script: 36 | - go test . -v -covermode=count -coverprofile=profile.cov 37 | - go test ./cipher -v -covermode=count -coverprofile=cipher/profile.cov 38 | - go test ./json -v # no coverage for forked encoding/json package 39 | - cd jose-util && go build && PATH=$PWD:$PATH cram -v jose-util.t 40 | - cd .. 41 | 42 | after_success: 43 | - gocovmerge *.cov */*.cov > merged.coverprofile 44 | - $HOME/gopath/bin/goveralls -coverprofile merged.coverprofile -service=travis-ci 45 | 46 | -------------------------------------------------------------------------------- /vendor/github.com/google/uuid/version1.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 Google Inc. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package uuid 6 | 7 | import ( 8 | "encoding/binary" 9 | ) 10 | 11 | // NewUUID returns a Version 1 UUID based on the current NodeID and clock 12 | // sequence, and the current time. If the NodeID has not been set by SetNodeID 13 | // or SetNodeInterface then it will be set automatically. If the NodeID cannot 14 | // be set NewUUID returns nil. If clock sequence has not been set by 15 | // SetClockSequence then it will be set automatically. If GetTime fails to 16 | // return the current NewUUID returns nil and an error. 17 | // 18 | // In most cases, New should be used. 19 | func NewUUID() (UUID, error) { 20 | nodeMu.Lock() 21 | if nodeID == zeroID { 22 | setNodeInterface("") 23 | } 24 | nodeMu.Unlock() 25 | 26 | var uuid UUID 27 | now, seq, err := GetTime() 28 | if err != nil { 29 | return uuid, err 30 | } 31 | 32 | timeLow := uint32(now & 0xffffffff) 33 | timeMid := uint16((now >> 32) & 0xffff) 34 | timeHi := uint16((now >> 48) & 0x0fff) 35 | timeHi |= 0x1000 // Version 1 36 | 37 | binary.BigEndian.PutUint32(uuid[0:], timeLow) 38 | binary.BigEndian.PutUint16(uuid[4:], timeMid) 39 | binary.BigEndian.PutUint16(uuid[6:], timeHi) 40 | binary.BigEndian.PutUint16(uuid[8:], seq) 41 | copy(uuid[10:], nodeID[:]) 42 | 43 | return uuid, nil 44 | } 45 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/osincli/LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2013, Rangel Reale 2 | All rights reserved. 3 | 4 | Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 5 | 6 | Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 7 | Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 8 | Neither the name of the SIB IT nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. 9 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/targets/openshift/rpm.mk: -------------------------------------------------------------------------------- 1 | RPM_OUTPUT_DIR ?=_output 2 | RPM_TOPDIR ?=$(abspath ./) 3 | RPM_BUILDDIR ?=$(RPM_TOPDIR) 4 | RPM_BUILDROOT ?=$(RPM_TOPDIR) 5 | RPM_SOURCEDIR ?=$(RPM_TOPDIR) 6 | RPM_SPECDIR ?=$(RPM_TOPDIR) 7 | RPM_RPMDIR ?=$(RPM_TOPDIR)/$(RPM_OUTPUT_DIR)/rpms 8 | RPM_SRCRPMDIR ?=$(RPM_TOPDIR)/$(RPM_OUTPUT_DIR)/srpms 9 | 10 | RPM_SPECFILES ?=$(wildcard *.spec) 11 | RPM_BUILDFLAGS ?=-ba 12 | RPM_EXTRAFLAGS ?= 13 | 14 | rpm-build: 15 | $(strip \ 16 | rpmbuild $(RPM_BUILDFLAGS) \ 17 | --define "_topdir $(RPM_TOPDIR)" \ 18 | --define "_builddir $(RPM_BUILDDIR)" \ 19 | --define "_buildrootdir $(RPM_BUILDROOT)" \ 20 | --define "_rpmdir $(RPM_RPMDIR)" \ 21 | --define "_srcrpmdir $(RPM_SRCRPMDIR)" \ 22 | --define "_specdir $(RPM_SPECDIR)" \ 23 | --define "_sourcedir $(RPM_SOURCEDIR)" \ 24 | --define "go_package $(GO_PACKAGE)" \ 25 | $(RPM_EXTRAFLAGS) \ 26 | $(RPM_SPECFILES) \ 27 | ) 28 | 29 | clean-rpms: 30 | $(RM) -r '$(RPM_RPMDIR)' '$(RPM_SRCRPMDIR)' 31 | if [ -d '$(RPM_OUTPUT_DIR)' ]; then rmdir --ignore-fail-on-non-empty '$(RPM_OUTPUT_DIR)'; fi 32 | .PHONY: clean-rpms 33 | 34 | clean: clean-rpms 35 | 36 | # We need to be careful to expand all the paths before any include is done 37 | # or self_dir could be modified for the next include by the included file. 38 | # Also doing this at the end of the file allows us to use self_dir before it could be modified. 39 | include $(addprefix $(self_dir), \ 40 | ../../lib/golang.mk \ 41 | ) 42 | -------------------------------------------------------------------------------- /vendor/google.golang.org/appengine/internal/net.go: -------------------------------------------------------------------------------- 1 | // Copyright 2014 Google Inc. All rights reserved. 2 | // Use of this source code is governed by the Apache 2.0 3 | // license that can be found in the LICENSE file. 4 | 5 | package internal 6 | 7 | // This file implements a network dialer that limits the number of concurrent connections. 8 | // It is only used for API calls. 9 | 10 | import ( 11 | "log" 12 | "net" 13 | "runtime" 14 | "sync" 15 | "time" 16 | ) 17 | 18 | var limitSem = make(chan int, 100) // TODO(dsymonds): Use environment variable. 19 | 20 | func limitRelease() { 21 | // non-blocking 22 | select { 23 | case <-limitSem: 24 | default: 25 | // This should not normally happen. 26 | log.Print("appengine: unbalanced limitSem release!") 27 | } 28 | } 29 | 30 | func limitDial(network, addr string) (net.Conn, error) { 31 | limitSem <- 1 32 | 33 | // Dial with a timeout in case the API host is MIA. 34 | // The connection should normally be very fast. 35 | conn, err := net.DialTimeout(network, addr, 500*time.Millisecond) 36 | if err != nil { 37 | limitRelease() 38 | return nil, err 39 | } 40 | lc := &limitConn{Conn: conn} 41 | runtime.SetFinalizer(lc, (*limitConn).Close) // shouldn't usually be required 42 | return lc, nil 43 | } 44 | 45 | type limitConn struct { 46 | close sync.Once 47 | net.Conn 48 | } 49 | 50 | func (lc *limitConn) Close() error { 51 | defer lc.close.Do(func() { 52 | limitRelease() 53 | runtime.SetFinalizer(lc, nil) 54 | }) 55 | return lc.Conn.Close() 56 | } 57 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/targets/openshift/deps-glide.mk: -------------------------------------------------------------------------------- 1 | self_dir :=$(dir $(lastword $(MAKEFILE_LIST))) 2 | scripts_dir :=$(self_dir)/../../../scripts 3 | 4 | # We need to force localle so different envs sort files the same way for recursive traversals 5 | deps_diff :=LC_COLLATE=C diff --no-dereference -N 6 | 7 | update-deps: 8 | $(scripts_dir)/$@.sh 9 | .PHONY: update-deps 10 | 11 | # $1 - temporary directory to restore vendor dependencies from glide.lock 12 | define restore-deps 13 | ln -s $(abspath ./) "$(1)"/current 14 | cp -R -H ./ "$(1)"/updated 15 | $(RM) -r "$(1)"/updated/vendor 16 | cd "$(1)"/updated && glide install --strip-vendor && find ./vendor -name '.hg_archival.txt' -delete 17 | cd "$(1)" && $(deps_diff) -r {current,updated}/vendor/ > updated/glide.diff || true 18 | endef 19 | 20 | verify-deps: tmp_dir:=$(shell mktemp -d) 21 | verify-deps: 22 | $(call restore-deps,$(tmp_dir)) 23 | @echo $(deps_diff) '$(tmp_dir)'/{current,updated}/glide.diff 24 | @ $(deps_diff) '$(tmp_dir)'/{current,updated}/glide.diff || ( \ 25 | echo "ERROR: Content of 'vendor/' directory doesn't match 'glide.lock' and the overrides in 'glide.diff'!" && \ 26 | echo "If this is an intentional change (a carry patch) please update the 'glide.diff' using 'make update-deps-overrides'." && \ 27 | exit 1 \ 28 | ) 29 | .PHONY: verify-deps 30 | 31 | update-deps-overrides: tmp_dir:=$(shell mktemp -d) 32 | update-deps-overrides: 33 | $(call restore-deps,$(tmp_dir)) 34 | cp "$(tmp_dir)"/{updated,current}/glide.diff 35 | .PHONY: update-deps-overrides 36 | -------------------------------------------------------------------------------- /vendor/golang.org/x/net/LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2009 The Go Authors. All rights reserved. 2 | 3 | Redistribution and use in source and binary forms, with or without 4 | modification, are permitted provided that the following conditions are 5 | met: 6 | 7 | * Redistributions of source code must retain the above copyright 8 | notice, this list of conditions and the following disclaimer. 9 | * Redistributions in binary form must reproduce the above 10 | copyright notice, this list of conditions and the following disclaimer 11 | in the documentation and/or other materials provided with the 12 | distribution. 13 | * Neither the name of Google Inc. nor the names of its 14 | contributors may be used to endorse or promote products derived from 15 | this software without specific prior written permission. 16 | 17 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 20 | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 21 | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 22 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 23 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | -------------------------------------------------------------------------------- /vendor/github.com/google/uuid/LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2009,2014 Google Inc. All rights reserved. 2 | 3 | Redistribution and use in source and binary forms, with or without 4 | modification, are permitted provided that the following conditions are 5 | met: 6 | 7 | * Redistributions of source code must retain the above copyright 8 | notice, this list of conditions and the following disclaimer. 9 | * Redistributions in binary form must reproduce the above 10 | copyright notice, this list of conditions and the following disclaimer 11 | in the documentation and/or other materials provided with the 12 | distribution. 13 | * Neither the name of Google Inc. nor the names of its 14 | contributors may be used to endorse or promote products derived from 15 | this software without specific prior written permission. 16 | 17 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 20 | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 21 | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 22 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 23 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | -------------------------------------------------------------------------------- /vendor/golang.org/x/oauth2/LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2009 The Go Authors. All rights reserved. 2 | 3 | Redistribution and use in source and binary forms, with or without 4 | modification, are permitted provided that the following conditions are 5 | met: 6 | 7 | * Redistributions of source code must retain the above copyright 8 | notice, this list of conditions and the following disclaimer. 9 | * Redistributions in binary form must reproduce the above 10 | copyright notice, this list of conditions and the following disclaimer 11 | in the documentation and/or other materials provided with the 12 | distribution. 13 | * Neither the name of Google Inc. nor the names of its 14 | contributors may be used to endorse or promote products derived from 15 | this software without specific prior written permission. 16 | 17 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 20 | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 21 | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 22 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 23 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | -------------------------------------------------------------------------------- /vendor/github.com/pborman/uuid/LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2009,2014 Google Inc. All rights reserved. 2 | 3 | Redistribution and use in source and binary forms, with or without 4 | modification, are permitted provided that the following conditions are 5 | met: 6 | 7 | * Redistributions of source code must retain the above copyright 8 | notice, this list of conditions and the following disclaimer. 9 | * Redistributions in binary form must reproduce the above 10 | copyright notice, this list of conditions and the following disclaimer 11 | in the documentation and/or other materials provided with the 12 | distribution. 13 | * Neither the name of Google Inc. nor the names of its 14 | contributors may be used to endorse or promote products derived from 15 | this software without specific prior written permission. 16 | 17 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 20 | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 21 | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 22 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 23 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | -------------------------------------------------------------------------------- /vendor/github.com/golang/protobuf/LICENSE: -------------------------------------------------------------------------------- 1 | Copyright 2010 The Go Authors. All rights reserved. 2 | 3 | Redistribution and use in source and binary forms, with or without 4 | modification, are permitted provided that the following conditions are 5 | met: 6 | 7 | * Redistributions of source code must retain the above copyright 8 | notice, this list of conditions and the following disclaimer. 9 | * Redistributions in binary form must reproduce the above 10 | copyright notice, this list of conditions and the following disclaimer 11 | in the documentation and/or other materials provided with the 12 | distribution. 13 | * Neither the name of Google Inc. nor the names of its 14 | contributors may be used to endorse or promote products derived from 15 | this software without specific prior written permission. 16 | 17 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 20 | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 21 | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 22 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 23 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | 29 | -------------------------------------------------------------------------------- /vendor/gopkg.in/square/go-jose.v1/json/LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2012 The Go Authors. All rights reserved. 2 | 3 | Redistribution and use in source and binary forms, with or without 4 | modification, are permitted provided that the following conditions are 5 | met: 6 | 7 | * Redistributions of source code must retain the above copyright 8 | notice, this list of conditions and the following disclaimer. 9 | * Redistributions in binary form must reproduce the above 10 | copyright notice, this list of conditions and the following disclaimer 11 | in the documentation and/or other materials provided with the 12 | distribution. 13 | * Neither the name of Google Inc. nor the names of its 14 | contributors may be used to endorse or promote products derived from 15 | this software without specific prior written permission. 16 | 17 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 20 | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 21 | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 22 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 23 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | -------------------------------------------------------------------------------- /example/helper.go: -------------------------------------------------------------------------------- 1 | package example 2 | 3 | import ( 4 | "encoding/json" 5 | "errors" 6 | "fmt" 7 | "net/http" 8 | 9 | "github.com/openshift/osin" 10 | ) 11 | 12 | func HandleLoginPage(ar *osin.AuthorizeRequest, w http.ResponseWriter, r *http.Request) bool { 13 | r.ParseForm() 14 | if r.Method == "POST" && r.FormValue("login") == "test" && r.FormValue("password") == "test" { 15 | return true 16 | } 17 | 18 | w.Write([]byte("")) 19 | 20 | w.Write([]byte(fmt.Sprintf("LOGIN %s (use test/test)
", ar.Client.GetId()))) 21 | w.Write([]byte(fmt.Sprintf("
", r.URL.RawQuery))) 22 | 23 | w.Write([]byte("Login:
")) 24 | w.Write([]byte("Password:
")) 25 | w.Write([]byte("")) 26 | 27 | w.Write([]byte("
")) 28 | 29 | w.Write([]byte("")) 30 | 31 | return false 32 | } 33 | 34 | func DownloadAccessToken(url string, auth *osin.BasicAuth, output map[string]interface{}) error { 35 | // download access token 36 | preq, err := http.NewRequest("POST", url, nil) 37 | if err != nil { 38 | return err 39 | } 40 | if auth != nil { 41 | preq.SetBasicAuth(auth.Username, auth.Password) 42 | } 43 | 44 | pclient := &http.Client{} 45 | presp, err := pclient.Do(preq) 46 | if err != nil { 47 | return err 48 | } 49 | defer presp.Body.Close() 50 | 51 | if presp.StatusCode != 200 { 52 | return errors.New("Invalid status code") 53 | } 54 | 55 | jdec := json.NewDecoder(presp.Body) 56 | err = jdec.Decode(&output) 57 | return err 58 | } 59 | -------------------------------------------------------------------------------- /vendor/google.golang.org/appengine/internal/metadata.go: -------------------------------------------------------------------------------- 1 | // Copyright 2014 Google Inc. All rights reserved. 2 | // Use of this source code is governed by the Apache 2.0 3 | // license that can be found in the LICENSE file. 4 | 5 | package internal 6 | 7 | // This file has code for accessing metadata. 8 | // 9 | // References: 10 | // https://cloud.google.com/compute/docs/metadata 11 | 12 | import ( 13 | "fmt" 14 | "io/ioutil" 15 | "net/http" 16 | "net/url" 17 | ) 18 | 19 | const ( 20 | metadataHost = "metadata" 21 | metadataPath = "/computeMetadata/v1/" 22 | ) 23 | 24 | var ( 25 | metadataRequestHeaders = http.Header{ 26 | "Metadata-Flavor": []string{"Google"}, 27 | } 28 | ) 29 | 30 | // TODO(dsymonds): Do we need to support default values, like Python? 31 | func mustGetMetadata(key string) []byte { 32 | b, err := getMetadata(key) 33 | if err != nil { 34 | panic(fmt.Sprintf("Metadata fetch failed for '%s': %v", key, err)) 35 | } 36 | return b 37 | } 38 | 39 | func getMetadata(key string) ([]byte, error) { 40 | // TODO(dsymonds): May need to use url.Parse to support keys with query args. 41 | req := &http.Request{ 42 | Method: "GET", 43 | URL: &url.URL{ 44 | Scheme: "http", 45 | Host: metadataHost, 46 | Path: metadataPath + key, 47 | }, 48 | Header: metadataRequestHeaders, 49 | Host: metadataHost, 50 | } 51 | resp, err := http.DefaultClient.Do(req) 52 | if err != nil { 53 | return nil, err 54 | } 55 | defer resp.Body.Close() 56 | if resp.StatusCode != 200 { 57 | return nil, fmt.Errorf("metadata server returned HTTP %d", resp.StatusCode) 58 | } 59 | return ioutil.ReadAll(resp.Body) 60 | } 61 | -------------------------------------------------------------------------------- /client.go: -------------------------------------------------------------------------------- 1 | package osin 2 | 3 | import "crypto/subtle" 4 | 5 | // Client information 6 | type Client interface { 7 | // Client id 8 | GetId() string 9 | 10 | // Client secret 11 | GetSecret() string 12 | 13 | // Base client uri 14 | GetRedirectUri() string 15 | 16 | // Data to be passed to storage. Not used by the library. 17 | GetUserData() interface{} 18 | } 19 | 20 | // ClientSecretMatcher is an optional interface clients can implement 21 | // which allows them to be the one to determine if a secret matches. 22 | // If a Client implements ClientSecretMatcher, the framework will never call GetSecret 23 | type ClientSecretMatcher interface { 24 | // SecretMatches returns true if the given secret matches 25 | ClientSecretMatches(secret string) bool 26 | } 27 | 28 | // DefaultClient stores all data in struct variables 29 | type DefaultClient struct { 30 | Id string 31 | Secret string 32 | RedirectUri string 33 | UserData interface{} 34 | } 35 | 36 | func (d *DefaultClient) GetId() string { 37 | return d.Id 38 | } 39 | 40 | func (d *DefaultClient) GetSecret() string { 41 | return d.Secret 42 | } 43 | 44 | func (d *DefaultClient) GetRedirectUri() string { 45 | return d.RedirectUri 46 | } 47 | 48 | func (d *DefaultClient) GetUserData() interface{} { 49 | return d.UserData 50 | } 51 | 52 | // Implement the ClientSecretMatcher interface 53 | func (d *DefaultClient) ClientSecretMatches(secret string) bool { 54 | return subtle.ConstantTimeCompare([]byte(d.Secret), []byte(secret)) == 1 55 | } 56 | 57 | func (d *DefaultClient) CopyFrom(client Client) { 58 | d.Id = client.GetId() 59 | d.Secret = client.GetSecret() 60 | d.RedirectUri = client.GetRedirectUri() 61 | d.UserData = client.GetUserData() 62 | } 63 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/targets/openshift/bindata.mk: -------------------------------------------------------------------------------- 1 | TMP_GOPATH :=$(shell mktemp -d) 2 | 3 | 4 | .ensure-go-bindata: 5 | ln -s $(abspath ./vendor) "$(TMP_GOPATH)/src" 6 | export GO111MODULE=off && export GOPATH=$(TMP_GOPATH) && export GOBIN=$(TMP_GOPATH)/bin && go install "./vendor/github.com/go-bindata/go-bindata/..." 7 | 8 | # $1 - input dirs 9 | # $2 - prefix 10 | # $3 - pkg 11 | # $4 - output 12 | # $5 - output prefix 13 | define run-bindata 14 | $(TMP_GOPATH)/bin/go-bindata -nocompress -nometadata \ 15 | -prefix "$(2)" \ 16 | -pkg "$(3)" \ 17 | -o "$(5)$(4)" \ 18 | -ignore "OWNERS" \ 19 | $(1) && \ 20 | gofmt -s -w "$(5)$(4)" 21 | endef 22 | 23 | # $1 - name 24 | # $2 - input dirs 25 | # $3 - prefix 26 | # $4 - pkg 27 | # $5 - output 28 | define add-bindata-internal 29 | update-bindata-$(1): .ensure-go-bindata 30 | $(call run-bindata,$(2),$(3),$(4),$(5),) 31 | .PHONY: update-bindata-$(1) 32 | 33 | update-bindata: update-bindata-$(1) 34 | .PHONY: update-bindata 35 | 36 | 37 | verify-bindata-$(1): .ensure-go-bindata 38 | verify-bindata-$(1): TMP_DIR := $$(shell mktemp -d) 39 | verify-bindata-$(1): 40 | $(call run-bindata,$(2),$(3),$(4),$(5),$$(TMP_DIR)/) && \ 41 | diff -Naup {.,$$(TMP_DIR)}/$(5) 42 | .PHONY: verify-bindata-$(1) 43 | 44 | verify-bindata: verify-bindata-$(1) 45 | .PHONY: verify-bindata 46 | endef 47 | 48 | 49 | update-generated: update-bindata 50 | .PHONY: update-bindata 51 | 52 | update: update-generated 53 | .PHONY: update 54 | 55 | 56 | verify-generated: verify-bindata 57 | .PHONY: verify-bindata 58 | 59 | verify: verify-generated 60 | .PHONY: verify 61 | 62 | 63 | define add-bindata 64 | $(eval $(call add-bindata-internal,$(1),$(2),$(3),$(4),$(5))) 65 | endef 66 | -------------------------------------------------------------------------------- /vendor/github.com/google/uuid/sql.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 Google Inc. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package uuid 6 | 7 | import ( 8 | "database/sql/driver" 9 | "fmt" 10 | ) 11 | 12 | // Scan implements sql.Scanner so UUIDs can be read from databases transparently 13 | // Currently, database types that map to string and []byte are supported. Please 14 | // consult database-specific driver documentation for matching types. 15 | func (uuid *UUID) Scan(src interface{}) error { 16 | switch src := src.(type) { 17 | case nil: 18 | return nil 19 | 20 | case string: 21 | // if an empty UUID comes from a table, we return a null UUID 22 | if src == "" { 23 | return nil 24 | } 25 | 26 | // see Parse for required string format 27 | u, err := Parse(src) 28 | if err != nil { 29 | return fmt.Errorf("Scan: %v", err) 30 | } 31 | 32 | *uuid = u 33 | 34 | case []byte: 35 | // if an empty UUID comes from a table, we return a null UUID 36 | if len(src) == 0 { 37 | return nil 38 | } 39 | 40 | // assumes a simple slice of bytes if 16 bytes 41 | // otherwise attempts to parse 42 | if len(src) != 16 { 43 | return uuid.Scan(string(src)) 44 | } 45 | copy((*uuid)[:], src) 46 | 47 | default: 48 | return fmt.Errorf("Scan: unable to scan type %T into UUID", src) 49 | } 50 | 51 | return nil 52 | } 53 | 54 | // Value implements sql.Valuer so that UUIDs can be written to databases 55 | // transparently. Currently, UUIDs map to strings. Please consult 56 | // database-specific driver documentation for matching types. 57 | func (uuid UUID) Value() (driver.Value, error) { 58 | return uuid.String(), nil 59 | } 60 | -------------------------------------------------------------------------------- /vendor/github.com/pborman/uuid/node.go: -------------------------------------------------------------------------------- 1 | // Copyright 2011 Google Inc. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package uuid 6 | 7 | import ( 8 | guuid "github.com/google/uuid" 9 | ) 10 | 11 | // NodeInterface returns the name of the interface from which the NodeID was 12 | // derived. The interface "user" is returned if the NodeID was set by 13 | // SetNodeID. 14 | func NodeInterface() string { 15 | return guuid.NodeInterface() 16 | } 17 | 18 | // SetNodeInterface selects the hardware address to be used for Version 1 UUIDs. 19 | // If name is "" then the first usable interface found will be used or a random 20 | // Node ID will be generated. If a named interface cannot be found then false 21 | // is returned. 22 | // 23 | // SetNodeInterface never fails when name is "". 24 | func SetNodeInterface(name string) bool { 25 | return guuid.SetNodeInterface(name) 26 | } 27 | 28 | // NodeID returns a slice of a copy of the current Node ID, setting the Node ID 29 | // if not already set. 30 | func NodeID() []byte { 31 | return guuid.NodeID() 32 | } 33 | 34 | // SetNodeID sets the Node ID to be used for Version 1 UUIDs. The first 6 bytes 35 | // of id are used. If id is less than 6 bytes then false is returned and the 36 | // Node ID is not set. 37 | func SetNodeID(id []byte) bool { 38 | return guuid.SetNodeID(id) 39 | } 40 | 41 | // NodeID returns the 6 byte node id encoded in uuid. It returns nil if uuid is 42 | // not valid. The NodeID is only well defined for version 1 and 2 UUIDs. 43 | func (uuid UUID) NodeID() []byte { 44 | if len(uuid) != 16 { 45 | return nil 46 | } 47 | node := make([]byte, 6) 48 | copy(node, uuid[10:]) 49 | return node 50 | } 51 | -------------------------------------------------------------------------------- /vendor/google.golang.org/appengine/internal/identity_classic.go: -------------------------------------------------------------------------------- 1 | // Copyright 2015 Google Inc. All rights reserved. 2 | // Use of this source code is governed by the Apache 2.0 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build appengine 6 | 7 | package internal 8 | 9 | import ( 10 | "appengine" 11 | 12 | netcontext "golang.org/x/net/context" 13 | ) 14 | 15 | func init() { 16 | appengineStandard = true 17 | } 18 | 19 | func DefaultVersionHostname(ctx netcontext.Context) string { 20 | c := fromContext(ctx) 21 | if c == nil { 22 | panic(errNotAppEngineContext) 23 | } 24 | return appengine.DefaultVersionHostname(c) 25 | } 26 | 27 | func Datacenter(_ netcontext.Context) string { return appengine.Datacenter() } 28 | func ServerSoftware() string { return appengine.ServerSoftware() } 29 | func InstanceID() string { return appengine.InstanceID() } 30 | func IsDevAppServer() bool { return appengine.IsDevAppServer() } 31 | 32 | func RequestID(ctx netcontext.Context) string { 33 | c := fromContext(ctx) 34 | if c == nil { 35 | panic(errNotAppEngineContext) 36 | } 37 | return appengine.RequestID(c) 38 | } 39 | 40 | func ModuleName(ctx netcontext.Context) string { 41 | c := fromContext(ctx) 42 | if c == nil { 43 | panic(errNotAppEngineContext) 44 | } 45 | return appengine.ModuleName(c) 46 | } 47 | func VersionID(ctx netcontext.Context) string { 48 | c := fromContext(ctx) 49 | if c == nil { 50 | panic(errNotAppEngineContext) 51 | } 52 | return appengine.VersionID(c) 53 | } 54 | 55 | func fullyQualifiedAppID(ctx netcontext.Context) string { 56 | c := fromContext(ctx) 57 | if c == nil { 58 | panic(errNotAppEngineContext) 59 | } 60 | return c.FullyQualifiedAppID() 61 | } 62 | -------------------------------------------------------------------------------- /vendor/github.com/dgrijalva/jwt-go/ecdsa_utils.go: -------------------------------------------------------------------------------- 1 | package jwt 2 | 3 | import ( 4 | "crypto/ecdsa" 5 | "crypto/x509" 6 | "encoding/pem" 7 | "errors" 8 | ) 9 | 10 | var ( 11 | ErrNotECPublicKey = errors.New("Key is not a valid ECDSA public key") 12 | ErrNotECPrivateKey = errors.New("Key is not a valid ECDSA private key") 13 | ) 14 | 15 | // Parse PEM encoded Elliptic Curve Private Key Structure 16 | func ParseECPrivateKeyFromPEM(key []byte) (*ecdsa.PrivateKey, error) { 17 | var err error 18 | 19 | // Parse PEM block 20 | var block *pem.Block 21 | if block, _ = pem.Decode(key); block == nil { 22 | return nil, ErrKeyMustBePEMEncoded 23 | } 24 | 25 | // Parse the key 26 | var parsedKey interface{} 27 | if parsedKey, err = x509.ParseECPrivateKey(block.Bytes); err != nil { 28 | return nil, err 29 | } 30 | 31 | var pkey *ecdsa.PrivateKey 32 | var ok bool 33 | if pkey, ok = parsedKey.(*ecdsa.PrivateKey); !ok { 34 | return nil, ErrNotECPrivateKey 35 | } 36 | 37 | return pkey, nil 38 | } 39 | 40 | // Parse PEM encoded PKCS1 or PKCS8 public key 41 | func ParseECPublicKeyFromPEM(key []byte) (*ecdsa.PublicKey, error) { 42 | var err error 43 | 44 | // Parse PEM block 45 | var block *pem.Block 46 | if block, _ = pem.Decode(key); block == nil { 47 | return nil, ErrKeyMustBePEMEncoded 48 | } 49 | 50 | // Parse the key 51 | var parsedKey interface{} 52 | if parsedKey, err = x509.ParsePKIXPublicKey(block.Bytes); err != nil { 53 | if cert, err := x509.ParseCertificate(block.Bytes); err == nil { 54 | parsedKey = cert.PublicKey 55 | } else { 56 | return nil, err 57 | } 58 | } 59 | 60 | var pkey *ecdsa.PublicKey 61 | var ok bool 62 | if pkey, ok = parsedKey.(*ecdsa.PublicKey); !ok { 63 | return nil, ErrNotECPublicKey 64 | } 65 | 66 | return pkey, nil 67 | } 68 | -------------------------------------------------------------------------------- /vendor/google.golang.org/appengine/internal/urlfetch/urlfetch_service.proto: -------------------------------------------------------------------------------- 1 | syntax = "proto2"; 2 | option go_package = "urlfetch"; 3 | 4 | package appengine; 5 | 6 | message URLFetchServiceError { 7 | enum ErrorCode { 8 | OK = 0; 9 | INVALID_URL = 1; 10 | FETCH_ERROR = 2; 11 | UNSPECIFIED_ERROR = 3; 12 | RESPONSE_TOO_LARGE = 4; 13 | DEADLINE_EXCEEDED = 5; 14 | SSL_CERTIFICATE_ERROR = 6; 15 | DNS_ERROR = 7; 16 | CLOSED = 8; 17 | INTERNAL_TRANSIENT_ERROR = 9; 18 | TOO_MANY_REDIRECTS = 10; 19 | MALFORMED_REPLY = 11; 20 | CONNECTION_ERROR = 12; 21 | } 22 | } 23 | 24 | message URLFetchRequest { 25 | enum RequestMethod { 26 | GET = 1; 27 | POST = 2; 28 | HEAD = 3; 29 | PUT = 4; 30 | DELETE = 5; 31 | PATCH = 6; 32 | } 33 | required RequestMethod Method = 1; 34 | required string Url = 2; 35 | repeated group Header = 3 { 36 | required string Key = 4; 37 | required string Value = 5; 38 | } 39 | optional bytes Payload = 6 [ctype=CORD]; 40 | 41 | optional bool FollowRedirects = 7 [default=true]; 42 | 43 | optional double Deadline = 8; 44 | 45 | optional bool MustValidateServerCertificate = 9 [default=true]; 46 | } 47 | 48 | message URLFetchResponse { 49 | optional bytes Content = 1; 50 | required int32 StatusCode = 2; 51 | repeated group Header = 3 { 52 | required string Key = 4; 53 | required string Value = 5; 54 | } 55 | optional bool ContentWasTruncated = 6 [default=false]; 56 | optional int64 ExternalBytesSent = 7; 57 | optional int64 ExternalBytesReceived = 8; 58 | 59 | optional string FinalUrl = 9; 60 | 61 | optional int64 ApiCpuMilliseconds = 10 [default=0]; 62 | optional int64 ApiBytesSent = 11 [default=0]; 63 | optional int64 ApiBytesReceived = 12 [default=0]; 64 | } 65 | -------------------------------------------------------------------------------- /vendor/modules.txt: -------------------------------------------------------------------------------- 1 | # github.com/dgrijalva/jwt-go v3.2.0+incompatible 2 | ## explicit 3 | github.com/dgrijalva/jwt-go 4 | # github.com/golang/protobuf v1.2.0 5 | github.com/golang/protobuf/proto 6 | # github.com/google/uuid v1.0.0 7 | github.com/google/uuid 8 | # github.com/openshift/build-machinery-go v0.0.0-20200917070002-f171684f77ab 9 | ## explicit 10 | github.com/openshift/build-machinery-go 11 | github.com/openshift/build-machinery-go/make 12 | github.com/openshift/build-machinery-go/make/lib 13 | github.com/openshift/build-machinery-go/make/targets 14 | github.com/openshift/build-machinery-go/make/targets/golang 15 | github.com/openshift/build-machinery-go/make/targets/openshift 16 | github.com/openshift/build-machinery-go/make/targets/openshift/operator 17 | github.com/openshift/build-machinery-go/scripts 18 | # github.com/openshift/osincli v0.0.0-20160924135400-fababb0555f2 19 | ## explicit 20 | github.com/openshift/osincli 21 | # github.com/pborman/uuid v1.2.0 22 | ## explicit 23 | github.com/pborman/uuid 24 | # golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e 25 | golang.org/x/net/context 26 | golang.org/x/net/context/ctxhttp 27 | # golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d 28 | ## explicit 29 | golang.org/x/oauth2 30 | golang.org/x/oauth2/internal 31 | # google.golang.org/appengine v1.4.0 32 | google.golang.org/appengine/internal 33 | google.golang.org/appengine/internal/base 34 | google.golang.org/appengine/internal/datastore 35 | google.golang.org/appengine/internal/log 36 | google.golang.org/appengine/internal/remote_api 37 | google.golang.org/appengine/internal/urlfetch 38 | google.golang.org/appengine/urlfetch 39 | # gopkg.in/square/go-jose.v1 v1.1.2 40 | ## explicit 41 | gopkg.in/square/go-jose.v1 42 | gopkg.in/square/go-jose.v1/cipher 43 | gopkg.in/square/go-jose.v1/json 44 | -------------------------------------------------------------------------------- /vendor/google.golang.org/appengine/internal/main_vm.go: -------------------------------------------------------------------------------- 1 | // Copyright 2011 Google Inc. All rights reserved. 2 | // Use of this source code is governed by the Apache 2.0 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build !appengine 6 | 7 | package internal 8 | 9 | import ( 10 | "io" 11 | "log" 12 | "net/http" 13 | "net/url" 14 | "os" 15 | "path/filepath" 16 | "runtime" 17 | ) 18 | 19 | func Main() { 20 | MainPath = filepath.Dir(findMainPath()) 21 | installHealthChecker(http.DefaultServeMux) 22 | 23 | port := "8080" 24 | if s := os.Getenv("PORT"); s != "" { 25 | port = s 26 | } 27 | 28 | host := "" 29 | if IsDevAppServer() { 30 | host = "127.0.0.1" 31 | } 32 | if err := http.ListenAndServe(host+":"+port, http.HandlerFunc(handleHTTP)); err != nil { 33 | log.Fatalf("http.ListenAndServe: %v", err) 34 | } 35 | } 36 | 37 | // Find the path to package main by looking at the root Caller. 38 | func findMainPath() string { 39 | pc := make([]uintptr, 100) 40 | n := runtime.Callers(2, pc) 41 | frames := runtime.CallersFrames(pc[:n]) 42 | for { 43 | frame, more := frames.Next() 44 | // Tests won't have package main, instead they have testing.tRunner 45 | if frame.Function == "main.main" || frame.Function == "testing.tRunner" { 46 | return frame.File 47 | } 48 | if !more { 49 | break 50 | } 51 | } 52 | return "" 53 | } 54 | 55 | func installHealthChecker(mux *http.ServeMux) { 56 | // If no health check handler has been installed by this point, add a trivial one. 57 | const healthPath = "/_ah/health" 58 | hreq := &http.Request{ 59 | Method: "GET", 60 | URL: &url.URL{ 61 | Path: healthPath, 62 | }, 63 | } 64 | if _, pat := mux.Handler(hreq); pat != healthPath { 65 | mux.HandleFunc(healthPath, func(w http.ResponseWriter, r *http.Request) { 66 | io.WriteString(w, "ok") 67 | }) 68 | } 69 | } 70 | -------------------------------------------------------------------------------- /vendor/github.com/pborman/uuid/util.go: -------------------------------------------------------------------------------- 1 | // Copyright 2011 Google Inc. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package uuid 6 | 7 | // xvalues returns the value of a byte as a hexadecimal digit or 255. 8 | var xvalues = [256]byte{ 9 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 10 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 11 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 12 | 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 255, 255, 255, 255, 255, 255, 13 | 255, 10, 11, 12, 13, 14, 15, 255, 255, 255, 255, 255, 255, 255, 255, 255, 14 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 15 | 255, 10, 11, 12, 13, 14, 15, 255, 255, 255, 255, 255, 255, 255, 255, 255, 16 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 17 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 18 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 19 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 20 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 21 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 22 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 23 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 24 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 25 | } 26 | 27 | // xtob converts the the first two hex bytes of x into a byte. 28 | func xtob(x string) (byte, bool) { 29 | b1 := xvalues[x[0]] 30 | b2 := xvalues[x[1]] 31 | return (b1 << 4) | b2, b1 != 255 && b2 != 255 32 | } 33 | -------------------------------------------------------------------------------- /info_test.go: -------------------------------------------------------------------------------- 1 | package osin 2 | 3 | import ( 4 | "net/http" 5 | "net/url" 6 | "testing" 7 | ) 8 | 9 | func TestInfo(t *testing.T) { 10 | sconfig := NewServerConfig() 11 | server := NewServer(sconfig, NewTestingStorage()) 12 | resp := server.NewResponse() 13 | 14 | req, err := http.NewRequest("GET", "http://localhost:14000/appauth", nil) 15 | if err != nil { 16 | t.Fatal(err) 17 | } 18 | req.Form = make(url.Values) 19 | req.Form.Set("code", "9999") 20 | 21 | if ar := server.HandleInfoRequest(resp, req); ar != nil { 22 | server.FinishInfoRequest(resp, req, ar) 23 | } 24 | 25 | if resp.IsError && resp.InternalError != nil { 26 | t.Fatalf("Error in response: %s", resp.InternalError) 27 | } 28 | 29 | if resp.IsError { 30 | t.Fatalf("Should not be an error") 31 | } 32 | 33 | if resp.Type != DATA { 34 | t.Fatalf("Response should be data") 35 | } 36 | 37 | if d := resp.Output["access_token"]; d != "9999" { 38 | t.Fatalf("Unexpected authorization code: %s", d) 39 | } 40 | } 41 | 42 | func TestInfoWhenCodeIsOnHeader(t *testing.T) { 43 | sconfig := NewServerConfig() 44 | server := NewServer(sconfig, NewTestingStorage()) 45 | resp := server.NewResponse() 46 | 47 | req, err := http.NewRequest("GET", "http://localhost:14000/appauth", nil) 48 | if err != nil { 49 | t.Fatal(err) 50 | } 51 | req.Header.Set("Authorization", "Bearer 9999") 52 | 53 | if ar := server.HandleInfoRequest(resp, req); ar != nil { 54 | server.FinishInfoRequest(resp, req, ar) 55 | } 56 | 57 | if resp.IsError && resp.InternalError != nil { 58 | t.Fatalf("Error in response: %s", resp.InternalError) 59 | } 60 | 61 | if resp.IsError { 62 | t.Fatalf("Should not be an error") 63 | } 64 | 65 | if resp.Type != DATA { 66 | t.Fatalf("Response should be data") 67 | } 68 | 69 | if d := resp.Output["access_token"]; d != "9999" { 70 | t.Fatalf("Unexpected authorization code: %s", d) 71 | } 72 | } 73 | -------------------------------------------------------------------------------- /vendor/github.com/dgrijalva/jwt-go/none.go: -------------------------------------------------------------------------------- 1 | package jwt 2 | 3 | // Implements the none signing method. This is required by the spec 4 | // but you probably should never use it. 5 | var SigningMethodNone *signingMethodNone 6 | 7 | const UnsafeAllowNoneSignatureType unsafeNoneMagicConstant = "none signing method allowed" 8 | 9 | var NoneSignatureTypeDisallowedError error 10 | 11 | type signingMethodNone struct{} 12 | type unsafeNoneMagicConstant string 13 | 14 | func init() { 15 | SigningMethodNone = &signingMethodNone{} 16 | NoneSignatureTypeDisallowedError = NewValidationError("'none' signature type is not allowed", ValidationErrorSignatureInvalid) 17 | 18 | RegisterSigningMethod(SigningMethodNone.Alg(), func() SigningMethod { 19 | return SigningMethodNone 20 | }) 21 | } 22 | 23 | func (m *signingMethodNone) Alg() string { 24 | return "none" 25 | } 26 | 27 | // Only allow 'none' alg type if UnsafeAllowNoneSignatureType is specified as the key 28 | func (m *signingMethodNone) Verify(signingString, signature string, key interface{}) (err error) { 29 | // Key must be UnsafeAllowNoneSignatureType to prevent accidentally 30 | // accepting 'none' signing method 31 | if _, ok := key.(unsafeNoneMagicConstant); !ok { 32 | return NoneSignatureTypeDisallowedError 33 | } 34 | // If signing method is none, signature must be an empty string 35 | if signature != "" { 36 | return NewValidationError( 37 | "'none' signing method with non-empty signature", 38 | ValidationErrorSignatureInvalid, 39 | ) 40 | } 41 | 42 | // Accept 'none' signing method. 43 | return nil 44 | } 45 | 46 | // Only allow 'none' signing if UnsafeAllowNoneSignatureType is specified as the key 47 | func (m *signingMethodNone) Sign(signingString string, key interface{}) (string, error) { 48 | if _, ok := key.(unsafeNoneMagicConstant); ok { 49 | return "", nil 50 | } 51 | return "", NoneSignatureTypeDisallowedError 52 | } 53 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/README.md: -------------------------------------------------------------------------------- 1 | # library-go/build-machinery-go 2 | These are the building blocks for this and many of our other repositories to share code for Makefiles, helper scripts and other build related machinery. 3 | 4 | ## Makefiles 5 | `make/` directory contains several predefined makefiles `(*.mk)` to choose from and include one of them as a base in your final `Makefile`. These are the predefined flows providing you with e.g. `build`, `test` or `verify` targets. To start with it is recommended you base Makefile on the corresponding `*.example.mk` using copy&paste. 6 | 7 | As some advanced targets are generated, every Makefile contains `make help` target listing all the available ones. All of the "example" makefiles have a corresponding `.help` file listing all the targets available there. 8 | 9 | Also for advanced use and if none of the predefined flows doesn't fit your needs, you can compose the flow from modules in similar way to how the predefined flows do, 10 | 11 | ### Golang 12 | Standard makefile for building pure Golang projects. 13 | - [make/golang.mk](make/golang.mk) 14 | - [make/golang.example.mk](make/golang.example.mk) 15 | - [make/golang.example.mk.help](make/golang.example.mk.help) 16 | 17 | ### Default 18 | Standard makefile for OpenShift Golang projects. 19 | 20 | Extends [#Golang](). 21 | 22 | - [make/default.mk](make/default.mk) 23 | - [make/default.example.mk](make/default.example.mk) 24 | - [make/default.example.mk.help](make/default.example.mk.help) 25 | 26 | ### Operator 27 | Standard makefile for OpenShift Golang projects. 28 | 29 | Extends [#Default](). 30 | 31 | - [make/operator.mk](make/operator.mk) 32 | - [make/operator.example.mk](make/operator.example.mk) 33 | - [make/operator.example.mk.help](make/operator.example.mk.help) 34 | 35 | 36 | ## Scripts 37 | `scripts` contain more complicated logic that is used in some make targets. 38 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/default.example.mk: -------------------------------------------------------------------------------- 1 | all: build 2 | .PHONY: all 3 | 4 | # You can customize go tools depending on the directory layout. 5 | # example: 6 | GO_BUILD_PACKAGES :=./pkg/... 7 | # You can list all the golang related variables by: 8 | # $ make -n --print-data-base | grep ^GO 9 | 10 | # Include the library makefile 11 | include ./default.mk 12 | # All the available targets are listed in .help 13 | # or you can list it live by using `make help` 14 | 15 | # Codegen module needs setting these required variables 16 | CODEGEN_OUTPUT_PACKAGE :=github.com/openshift/cluster-openshift-apiserver-operator/pkg/generated 17 | CODEGEN_API_PACKAGE :=github.com/openshift/cluster-openshift-apiserver-operator/pkg/apis 18 | CODEGEN_GROUPS_VERSION :=openshiftapiserver:v1alpha1 19 | # You can list all codegen related variables by: 20 | # $ make -n --print-data-base | grep ^CODEGEN 21 | 22 | # This will call a macro called "build-image" which will generate image specific targets based on the parameters: 23 | # $1 - target name 24 | # $2 - image ref 25 | # $3 - Dockerfile path 26 | # $4 - context 27 | # It will generate target "image-$(1)" for builing the image an binding it as a prerequisite to target "images". 28 | $(call build-image,ocp-cli,registry.svc.ci.openshift.org/ocp/4.2:cli,./images/cli/Dockerfile.rhel,.) 29 | 30 | # This will call a macro called "add-bindata" which will generate bindata specific targets based on the parameters: 31 | # $0 - macro name 32 | # $1 - target suffix 33 | # $2 - input dirs 34 | # $3 - prefix 35 | # $4 - pkg 36 | # $5 - output 37 | # It will generate targets {update,verify}-bindata-$(1) logically grouping them in unsuffixed versions of these targets 38 | # and also hooked into {update,verify}-generated for broader integration. 39 | $(call add-bindata,v3.11.0,./bindata/v3.11.0/...,bindata,v311_00_assets,pkg/operator/v311_00_assets/bindata.go) 40 | 41 | -------------------------------------------------------------------------------- /vendor/github.com/pborman/uuid/hash.go: -------------------------------------------------------------------------------- 1 | // Copyright 2011 Google Inc. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package uuid 6 | 7 | import ( 8 | "crypto/md5" 9 | "crypto/sha1" 10 | "hash" 11 | ) 12 | 13 | // Well known Name Space IDs and UUIDs 14 | var ( 15 | NameSpace_DNS = Parse("6ba7b810-9dad-11d1-80b4-00c04fd430c8") 16 | NameSpace_URL = Parse("6ba7b811-9dad-11d1-80b4-00c04fd430c8") 17 | NameSpace_OID = Parse("6ba7b812-9dad-11d1-80b4-00c04fd430c8") 18 | NameSpace_X500 = Parse("6ba7b814-9dad-11d1-80b4-00c04fd430c8") 19 | NIL = Parse("00000000-0000-0000-0000-000000000000") 20 | ) 21 | 22 | // NewHash returns a new UUID derived from the hash of space concatenated with 23 | // data generated by h. The hash should be at least 16 byte in length. The 24 | // first 16 bytes of the hash are used to form the UUID. The version of the 25 | // UUID will be the lower 4 bits of version. NewHash is used to implement 26 | // NewMD5 and NewSHA1. 27 | func NewHash(h hash.Hash, space UUID, data []byte, version int) UUID { 28 | h.Reset() 29 | h.Write(space) 30 | h.Write([]byte(data)) 31 | s := h.Sum(nil) 32 | uuid := make([]byte, 16) 33 | copy(uuid, s) 34 | uuid[6] = (uuid[6] & 0x0f) | uint8((version&0xf)<<4) 35 | uuid[8] = (uuid[8] & 0x3f) | 0x80 // RFC 4122 variant 36 | return uuid 37 | } 38 | 39 | // NewMD5 returns a new MD5 (Version 3) UUID based on the 40 | // supplied name space and data. 41 | // 42 | // NewHash(md5.New(), space, data, 3) 43 | func NewMD5(space UUID, data []byte) UUID { 44 | return NewHash(md5.New(), space, data, 3) 45 | } 46 | 47 | // NewSHA1 returns a new SHA1 (Version 5) UUID based on the 48 | // supplied name space and data. 49 | // 50 | // NewHash(sha1.New(), space, data, 5) 51 | func NewSHA1(space UUID, data []byte) UUID { 52 | return NewHash(sha1.New(), space, data, 5) 53 | } 54 | -------------------------------------------------------------------------------- /vendor/github.com/pborman/uuid/sql.go: -------------------------------------------------------------------------------- 1 | // Copyright 2015 Google Inc. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package uuid 6 | 7 | import ( 8 | "database/sql/driver" 9 | "errors" 10 | "fmt" 11 | ) 12 | 13 | // Scan implements sql.Scanner so UUIDs can be read from databases transparently 14 | // Currently, database types that map to string and []byte are supported. Please 15 | // consult database-specific driver documentation for matching types. 16 | func (uuid *UUID) Scan(src interface{}) error { 17 | switch src.(type) { 18 | case string: 19 | // if an empty UUID comes from a table, we return a null UUID 20 | if src.(string) == "" { 21 | return nil 22 | } 23 | 24 | // see uuid.Parse for required string format 25 | parsed := Parse(src.(string)) 26 | 27 | if parsed == nil { 28 | return errors.New("Scan: invalid UUID format") 29 | } 30 | 31 | *uuid = parsed 32 | case []byte: 33 | b := src.([]byte) 34 | 35 | // if an empty UUID comes from a table, we return a null UUID 36 | if len(b) == 0 { 37 | return nil 38 | } 39 | 40 | // assumes a simple slice of bytes if 16 bytes 41 | // otherwise attempts to parse 42 | if len(b) == 16 { 43 | parsed := make([]byte, 16) 44 | copy(parsed, b) 45 | *uuid = UUID(parsed) 46 | } else { 47 | u := Parse(string(b)) 48 | 49 | if u == nil { 50 | return errors.New("Scan: invalid UUID format") 51 | } 52 | 53 | *uuid = u 54 | } 55 | 56 | default: 57 | return fmt.Errorf("Scan: unable to scan type %T into UUID", src) 58 | } 59 | 60 | return nil 61 | } 62 | 63 | // Value implements sql.Valuer so that UUIDs can be written to databases 64 | // transparently. Currently, UUIDs map to strings. Please consult 65 | // database-specific driver documentation for matching types. 66 | func (uuid UUID) Value() (driver.Value, error) { 67 | return uuid.String(), nil 68 | } 69 | -------------------------------------------------------------------------------- /vendor/github.com/google/uuid/hash.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 Google Inc. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package uuid 6 | 7 | import ( 8 | "crypto/md5" 9 | "crypto/sha1" 10 | "hash" 11 | ) 12 | 13 | // Well known namespace IDs and UUIDs 14 | var ( 15 | NameSpaceDNS = Must(Parse("6ba7b810-9dad-11d1-80b4-00c04fd430c8")) 16 | NameSpaceURL = Must(Parse("6ba7b811-9dad-11d1-80b4-00c04fd430c8")) 17 | NameSpaceOID = Must(Parse("6ba7b812-9dad-11d1-80b4-00c04fd430c8")) 18 | NameSpaceX500 = Must(Parse("6ba7b814-9dad-11d1-80b4-00c04fd430c8")) 19 | Nil UUID // empty UUID, all zeros 20 | ) 21 | 22 | // NewHash returns a new UUID derived from the hash of space concatenated with 23 | // data generated by h. The hash should be at least 16 byte in length. The 24 | // first 16 bytes of the hash are used to form the UUID. The version of the 25 | // UUID will be the lower 4 bits of version. NewHash is used to implement 26 | // NewMD5 and NewSHA1. 27 | func NewHash(h hash.Hash, space UUID, data []byte, version int) UUID { 28 | h.Reset() 29 | h.Write(space[:]) 30 | h.Write(data) 31 | s := h.Sum(nil) 32 | var uuid UUID 33 | copy(uuid[:], s) 34 | uuid[6] = (uuid[6] & 0x0f) | uint8((version&0xf)<<4) 35 | uuid[8] = (uuid[8] & 0x3f) | 0x80 // RFC 4122 variant 36 | return uuid 37 | } 38 | 39 | // NewMD5 returns a new MD5 (Version 3) UUID based on the 40 | // supplied name space and data. It is the same as calling: 41 | // 42 | // NewHash(md5.New(), space, data, 3) 43 | func NewMD5(space UUID, data []byte) UUID { 44 | return NewHash(md5.New(), space, data, 3) 45 | } 46 | 47 | // NewSHA1 returns a new SHA1 (Version 5) UUID based on the 48 | // supplied name space and data. It is the same as calling: 49 | // 50 | // NewHash(sha1.New(), space, data, 5) 51 | func NewSHA1(space UUID, data []byte) UUID { 52 | return NewHash(sha1.New(), space, data, 5) 53 | } 54 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/operator.example.mk: -------------------------------------------------------------------------------- 1 | all: build 2 | .PHONY: all 3 | 4 | 5 | # You can customize go tools depending on the directory layout. 6 | # example: 7 | GO_BUILD_PACKAGES :=./pkg/... 8 | # You can list all the golang related variables by: 9 | # $ make -n --print-data-base | grep ^GO 10 | 11 | # Include the library makefile 12 | include ./operator.mk 13 | # All the available targets are listed in .help 14 | # or you can list it live by using `make help` 15 | 16 | 17 | # Codegen module needs setting these required variables 18 | CODEGEN_OUTPUT_PACKAGE :=github.com/openshift/cluster-openshift-apiserver-operator/pkg/generated 19 | CODEGEN_API_PACKAGE :=github.com/openshift/cluster-openshift-apiserver-operator/pkg/apis 20 | CODEGEN_GROUPS_VERSION :=openshiftapiserver:v1alpha1 21 | # You can list all codegen related variables by: 22 | # $ make -n --print-data-base | grep ^CODEGEN 23 | 24 | # This will call a macro called "build-image" which will generate image specific targets based on the parameters: 25 | # $1 - target name 26 | # $2 - image ref 27 | # $3 - Dockerfile path 28 | # $4 - context 29 | # It will generate target "image-$(1)" for builing the image an binding it as a prerequisite to target "images". 30 | $(call build-image,ocp-openshift-apiserver-operator,registry.svc.ci.openshift.org/ocp/4.2:openshift-apiserver-operator,./Dockerfile.rhel,.) 31 | 32 | # This will call a macro called "add-bindata" which will generate bindata specific targets based on the parameters: 33 | # $0 - macro name 34 | # $1 - target suffix 35 | # $2 - input dirs 36 | # $3 - prefix 37 | # $4 - pkg 38 | # $5 - output 39 | # It will generate targets {update,verify}-bindata-$(1) logically grouping them in unsuffixed versions of these targets 40 | # and also hooked into {update,verify}-generated for broader integration. 41 | $(call add-bindata,v3.11.0,./bindata/v3.11.0/...,bindata,v311_00_assets,pkg/operator/v311_00_assets/bindata.go) 42 | 43 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/targets/openshift/deps-gomod.mk: -------------------------------------------------------------------------------- 1 | self_dir :=$(dir $(lastword $(MAKEFILE_LIST))) 2 | 3 | # We need to force localle so different envs sort files the same way for recursive traversals 4 | deps_diff :=LC_COLLATE=C diff --no-dereference -N 5 | 6 | # $1 - temporary directory 7 | define restore-deps 8 | ln -s $(abspath ./) "$(1)"/current 9 | cp -R -H ./ "$(1)"/updated 10 | $(RM) -r "$(1)"/updated/vendor 11 | cd "$(1)"/updated && $(GO) mod tidy && $(GO) mod vendor && $(GO) mod verify 12 | cd "$(1)" && $(deps_diff) -r {current,updated}/vendor/ > updated/deps.diff || true 13 | endef 14 | 15 | verify-deps: tmp_dir:=$(shell mktemp -d) 16 | verify-deps: 17 | $(call restore-deps,$(tmp_dir)) 18 | $(deps_diff) "$(tmp_dir)"/{current,updated}/go.mod || ( echo '`go.mod` content is incorrect - did you run `go mod tidy`?' && false ) 19 | $(deps_diff) "$(tmp_dir)"/{current,updated}/go.sum || ( echo '`go.sum` content is incorrect - did you run `go mod tidy`?' && false ) 20 | @echo $(deps_diff) '$(tmp_dir)'/{current,updated}/deps.diff 21 | @ $(deps_diff) '$(tmp_dir)'/{current,updated}/deps.diff || ( \ 22 | echo "ERROR: Content of 'vendor/' directory doesn't match 'go.mod' configuration and the overrides in 'deps.diff'!" && \ 23 | echo 'Did you run `go mod vendor`?' && \ 24 | echo "If this is an intentional change (a carry patch) please update the 'deps.diff' using 'make update-deps-overrides'." && \ 25 | false \ 26 | ) 27 | .PHONY: verify-deps 28 | 29 | update-deps-overrides: tmp_dir:=$(shell mktemp -d) 30 | update-deps-overrides: 31 | $(call restore-deps,$(tmp_dir)) 32 | cp "$(tmp_dir)"/{updated,current}/deps.diff 33 | .PHONY: update-deps-overrides 34 | 35 | 36 | # We need to be careful to expand all the paths before any include is done 37 | # or self_dir could be modified for the next include by the included file. 38 | # Also doing this at the end of the file allows us to use self_dir before it could be modified. 39 | include $(addprefix $(self_dir), \ 40 | ../../lib/golang.mk \ 41 | ) 42 | -------------------------------------------------------------------------------- /vendor/github.com/google/uuid/util.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 Google Inc. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package uuid 6 | 7 | import ( 8 | "io" 9 | ) 10 | 11 | // randomBits completely fills slice b with random data. 12 | func randomBits(b []byte) { 13 | if _, err := io.ReadFull(rander, b); err != nil { 14 | panic(err.Error()) // rand should never fail 15 | } 16 | } 17 | 18 | // xvalues returns the value of a byte as a hexadecimal digit or 255. 19 | var xvalues = [256]byte{ 20 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 21 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 22 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 23 | 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 255, 255, 255, 255, 255, 255, 24 | 255, 10, 11, 12, 13, 14, 15, 255, 255, 255, 255, 255, 255, 255, 255, 255, 25 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 26 | 255, 10, 11, 12, 13, 14, 15, 255, 255, 255, 255, 255, 255, 255, 255, 255, 27 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 28 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 29 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 30 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 31 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 32 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 33 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 34 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 35 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 36 | } 37 | 38 | // xtob converts hex characters x1 and x2 into a byte. 39 | func xtob(x1, x2 byte) (byte, bool) { 40 | b1 := xvalues[x1] 41 | b2 := xvalues[x2] 42 | return (b1 << 4) | b2, b1 != 255 && b2 != 255 43 | } 44 | -------------------------------------------------------------------------------- /vendor/github.com/dgrijalva/jwt-go/errors.go: -------------------------------------------------------------------------------- 1 | package jwt 2 | 3 | import ( 4 | "errors" 5 | ) 6 | 7 | // Error constants 8 | var ( 9 | ErrInvalidKey = errors.New("key is invalid") 10 | ErrInvalidKeyType = errors.New("key is of invalid type") 11 | ErrHashUnavailable = errors.New("the requested hash function is unavailable") 12 | ) 13 | 14 | // The errors that might occur when parsing and validating a token 15 | const ( 16 | ValidationErrorMalformed uint32 = 1 << iota // Token is malformed 17 | ValidationErrorUnverifiable // Token could not be verified because of signing problems 18 | ValidationErrorSignatureInvalid // Signature validation failed 19 | 20 | // Standard Claim validation errors 21 | ValidationErrorAudience // AUD validation failed 22 | ValidationErrorExpired // EXP validation failed 23 | ValidationErrorIssuedAt // IAT validation failed 24 | ValidationErrorIssuer // ISS validation failed 25 | ValidationErrorNotValidYet // NBF validation failed 26 | ValidationErrorId // JTI validation failed 27 | ValidationErrorClaimsInvalid // Generic claims validation error 28 | ) 29 | 30 | // Helper for constructing a ValidationError with a string error message 31 | func NewValidationError(errorText string, errorFlags uint32) *ValidationError { 32 | return &ValidationError{ 33 | text: errorText, 34 | Errors: errorFlags, 35 | } 36 | } 37 | 38 | // The error from Parse if token is not valid 39 | type ValidationError struct { 40 | Inner error // stores the error returned by external dependencies, i.e.: KeyFunc 41 | Errors uint32 // bitfield. see ValidationError... constants 42 | text string // errors that do not have a valid error just have text 43 | } 44 | 45 | // Validation error is an error type 46 | func (e ValidationError) Error() string { 47 | if e.Inner != nil { 48 | return e.Inner.Error() 49 | } else if e.text != "" { 50 | return e.text 51 | } else { 52 | return "token is invalid" 53 | } 54 | } 55 | 56 | // No errors 57 | func (e *ValidationError) valid() bool { 58 | return e.Errors == 0 59 | } 60 | -------------------------------------------------------------------------------- /vendor/gopkg.in/square/go-jose.v1/utils.go: -------------------------------------------------------------------------------- 1 | /*- 2 | * Copyright 2014 Square Inc. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | package jose 18 | 19 | import ( 20 | "crypto/x509" 21 | "encoding/pem" 22 | "fmt" 23 | ) 24 | 25 | // LoadPublicKey loads a public key from PEM/DER-encoded data. 26 | func LoadPublicKey(data []byte) (interface{}, error) { 27 | input := data 28 | 29 | block, _ := pem.Decode(data) 30 | if block != nil { 31 | input = block.Bytes 32 | } 33 | 34 | // Try to load SubjectPublicKeyInfo 35 | pub, err0 := x509.ParsePKIXPublicKey(input) 36 | if err0 == nil { 37 | return pub, nil 38 | } 39 | 40 | cert, err1 := x509.ParseCertificate(input) 41 | if err1 == nil { 42 | return cert.PublicKey, nil 43 | } 44 | 45 | return nil, fmt.Errorf("square/go-jose: parse error, got '%s' and '%s'", err0, err1) 46 | } 47 | 48 | // LoadPrivateKey loads a private key from PEM/DER-encoded data. 49 | func LoadPrivateKey(data []byte) (interface{}, error) { 50 | input := data 51 | 52 | block, _ := pem.Decode(data) 53 | if block != nil { 54 | input = block.Bytes 55 | } 56 | 57 | var priv interface{} 58 | priv, err0 := x509.ParsePKCS1PrivateKey(input) 59 | if err0 == nil { 60 | return priv, nil 61 | } 62 | 63 | priv, err1 := x509.ParsePKCS8PrivateKey(input) 64 | if err1 == nil { 65 | return priv, nil 66 | } 67 | 68 | priv, err2 := x509.ParseECPrivateKey(input) 69 | if err2 == nil { 70 | return priv, nil 71 | } 72 | 73 | return nil, fmt.Errorf("square/go-jose: parse error, got '%s', '%s' and '%s'", err0, err1, err2) 74 | } 75 | -------------------------------------------------------------------------------- /vendor/google.golang.org/appengine/internal/identity.go: -------------------------------------------------------------------------------- 1 | // Copyright 2011 Google Inc. All rights reserved. 2 | // Use of this source code is governed by the Apache 2.0 3 | // license that can be found in the LICENSE file. 4 | 5 | package internal 6 | 7 | import ( 8 | "os" 9 | 10 | netcontext "golang.org/x/net/context" 11 | ) 12 | 13 | var ( 14 | // This is set to true in identity_classic.go, which is behind the appengine build tag. 15 | // The appengine build tag is set for the first generation runtimes (<= Go 1.9) but not 16 | // the second generation runtimes (>= Go 1.11), so this indicates whether we're on a 17 | // first-gen runtime. See IsStandard below for the second-gen check. 18 | appengineStandard bool 19 | 20 | // This is set to true in identity_flex.go, which is behind the appenginevm build tag. 21 | appengineFlex bool 22 | ) 23 | 24 | // AppID is the implementation of the wrapper function of the same name in 25 | // ../identity.go. See that file for commentary. 26 | func AppID(c netcontext.Context) string { 27 | return appID(FullyQualifiedAppID(c)) 28 | } 29 | 30 | // IsStandard is the implementation of the wrapper function of the same name in 31 | // ../appengine.go. See that file for commentary. 32 | func IsStandard() bool { 33 | // appengineStandard will be true for first-gen runtimes (<= Go 1.9) but not 34 | // second-gen (>= Go 1.11). 35 | return appengineStandard || IsSecondGen() 36 | } 37 | 38 | // IsStandard is the implementation of the wrapper function of the same name in 39 | // ../appengine.go. See that file for commentary. 40 | func IsSecondGen() bool { 41 | // Second-gen runtimes set $GAE_ENV so we use that to check if we're on a second-gen runtime. 42 | return os.Getenv("GAE_ENV") == "standard" 43 | } 44 | 45 | // IsFlex is the implementation of the wrapper function of the same name in 46 | // ../appengine.go. See that file for commentary. 47 | func IsFlex() bool { 48 | return appengineFlex 49 | } 50 | 51 | // IsAppEngine is the implementation of the wrapper function of the same name in 52 | // ../appengine.go. See that file for commentary. 53 | func IsAppEngine() bool { 54 | return IsStandard() || IsFlex() 55 | } 56 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/osincli/util.go: -------------------------------------------------------------------------------- 1 | package osincli 2 | 3 | import ( 4 | "encoding/json" 5 | "errors" 6 | "fmt" 7 | "io" 8 | "net/http" 9 | "net/url" 10 | "strings" 11 | ) 12 | 13 | // Parse basic authentication header 14 | type BasicAuth struct { 15 | Username string 16 | Password string 17 | } 18 | 19 | // Download and parse OAuth2 JSON access request 20 | func downloadData(method string, u *url.URL, auth *BasicAuth, transport http.RoundTripper, output ResponseData) error { 21 | var postdata url.Values 22 | var body io.Reader 23 | var contenttype string 24 | 25 | if method == "POST" { 26 | // Convert query parameters to post data 27 | postdata = u.Query() 28 | u.RawQuery = "" 29 | body = strings.NewReader(postdata.Encode()) 30 | contenttype = "application/x-www-form-urlencoded" 31 | } 32 | 33 | // Create a new request 34 | preq, err := http.NewRequest(method, u.String(), body) 35 | if err != nil { 36 | return err 37 | } 38 | 39 | if auth != nil { 40 | preq.SetBasicAuth(auth.Username, auth.Password) 41 | } 42 | 43 | // Set content type for post request 44 | if contenttype != "" { 45 | preq.Header.Set("Content-Type", contenttype) 46 | } 47 | 48 | // Explicitly set accept header to JSON 49 | preq.Header.Set("Accept", "application/json") 50 | 51 | // do request 52 | client := &http.Client{} 53 | if transport != nil { 54 | client.Transport = transport 55 | } 56 | presp, err := client.Do(preq) 57 | if err != nil { 58 | return err 59 | } 60 | 61 | // must close body 62 | defer presp.Body.Close() 63 | 64 | // decode JSON and detect OAuth error 65 | jdec := json.NewDecoder(presp.Body) 66 | if err = jdec.Decode(&output); err == nil { 67 | if em, eok := output["error"]; eok { 68 | return NewError(fmt.Sprintf("%v", em), fmt.Sprintf("%v", output["error_description"]), 69 | fmt.Sprintf("%v", output["error_uri"]), fmt.Sprintf("%v", output["state"])) 70 | } 71 | } 72 | 73 | // If no OAuth error was detected, make sure we don't return success in an error case 74 | if err == nil && presp.StatusCode != 200 { 75 | return errors.New(fmt.Sprintf("Invalid status code (%d): %s", presp.StatusCode, presp.Status)) 76 | } 77 | 78 | return err 79 | } 80 | -------------------------------------------------------------------------------- /vendor/github.com/pborman/uuid/marshal.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 Google Inc. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package uuid 6 | 7 | import ( 8 | "errors" 9 | "fmt" 10 | 11 | guuid "github.com/google/uuid" 12 | ) 13 | 14 | // MarshalText implements encoding.TextMarshaler. 15 | func (u UUID) MarshalText() ([]byte, error) { 16 | if len(u) != 16 { 17 | return nil, nil 18 | } 19 | var js [36]byte 20 | encodeHex(js[:], u) 21 | return js[:], nil 22 | } 23 | 24 | // UnmarshalText implements encoding.TextUnmarshaler. 25 | func (u *UUID) UnmarshalText(data []byte) error { 26 | if len(data) == 0 { 27 | return nil 28 | } 29 | id := Parse(string(data)) 30 | if id == nil { 31 | return errors.New("invalid UUID") 32 | } 33 | *u = id 34 | return nil 35 | } 36 | 37 | // MarshalBinary implements encoding.BinaryMarshaler. 38 | func (u UUID) MarshalBinary() ([]byte, error) { 39 | return u[:], nil 40 | } 41 | 42 | // UnmarshalBinary implements encoding.BinaryUnmarshaler. 43 | func (u *UUID) UnmarshalBinary(data []byte) error { 44 | if len(data) == 0 { 45 | return nil 46 | } 47 | if len(data) != 16 { 48 | return fmt.Errorf("invalid UUID (got %d bytes)", len(data)) 49 | } 50 | var id [16]byte 51 | copy(id[:], data) 52 | *u = id[:] 53 | return nil 54 | } 55 | 56 | // MarshalText implements encoding.TextMarshaler. 57 | func (u Array) MarshalText() ([]byte, error) { 58 | var js [36]byte 59 | encodeHex(js[:], u[:]) 60 | return js[:], nil 61 | } 62 | 63 | // UnmarshalText implements encoding.TextUnmarshaler. 64 | func (u *Array) UnmarshalText(data []byte) error { 65 | id, err := guuid.ParseBytes(data) 66 | if err != nil { 67 | return err 68 | } 69 | *u = Array(id) 70 | return nil 71 | } 72 | 73 | // MarshalBinary implements encoding.BinaryMarshaler. 74 | func (u Array) MarshalBinary() ([]byte, error) { 75 | return u[:], nil 76 | } 77 | 78 | // UnmarshalBinary implements encoding.BinaryUnmarshaler. 79 | func (u *Array) UnmarshalBinary(data []byte) error { 80 | if len(data) != 16 { 81 | return fmt.Errorf("invalid UUID (got %d bytes)", len(data)) 82 | } 83 | copy(u[:], data) 84 | return nil 85 | } 86 | -------------------------------------------------------------------------------- /vendor/gopkg.in/square/go-jose.v1/cipher/concat_kdf.go: -------------------------------------------------------------------------------- 1 | /*- 2 | * Copyright 2014 Square Inc. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | package josecipher 18 | 19 | import ( 20 | "crypto" 21 | "encoding/binary" 22 | "hash" 23 | "io" 24 | ) 25 | 26 | type concatKDF struct { 27 | z, info []byte 28 | i uint32 29 | cache []byte 30 | hasher hash.Hash 31 | } 32 | 33 | // NewConcatKDF builds a KDF reader based on the given inputs. 34 | func NewConcatKDF(hash crypto.Hash, z, algID, ptyUInfo, ptyVInfo, supPubInfo, supPrivInfo []byte) io.Reader { 35 | buffer := make([]byte, uint64(len(algID))+uint64(len(ptyUInfo))+uint64(len(ptyVInfo))+uint64(len(supPubInfo))+uint64(len(supPrivInfo))) 36 | n := 0 37 | n += copy(buffer, algID) 38 | n += copy(buffer[n:], ptyUInfo) 39 | n += copy(buffer[n:], ptyVInfo) 40 | n += copy(buffer[n:], supPubInfo) 41 | copy(buffer[n:], supPrivInfo) 42 | 43 | hasher := hash.New() 44 | 45 | return &concatKDF{ 46 | z: z, 47 | info: buffer, 48 | hasher: hasher, 49 | cache: []byte{}, 50 | i: 1, 51 | } 52 | } 53 | 54 | func (ctx *concatKDF) Read(out []byte) (int, error) { 55 | copied := copy(out, ctx.cache) 56 | ctx.cache = ctx.cache[copied:] 57 | 58 | for copied < len(out) { 59 | ctx.hasher.Reset() 60 | 61 | // Write on a hash.Hash never fails 62 | _ = binary.Write(ctx.hasher, binary.BigEndian, ctx.i) 63 | _, _ = ctx.hasher.Write(ctx.z) 64 | _, _ = ctx.hasher.Write(ctx.info) 65 | 66 | hash := ctx.hasher.Sum(nil) 67 | chunkCopied := copy(out[copied:], hash) 68 | copied += chunkCopied 69 | ctx.cache = hash[chunkCopied:] 70 | 71 | ctx.i++ 72 | } 73 | 74 | return copied, nil 75 | } 76 | -------------------------------------------------------------------------------- /storage.go: -------------------------------------------------------------------------------- 1 | package osin 2 | 3 | import ( 4 | "errors" 5 | ) 6 | 7 | var ( 8 | // ErrNotFound is the error returned by Storage Get<...> and Load<...> functions in case 9 | // no entity is found in the storage. E.g. Storage.GetClient() returns ErrNotFound when 10 | // client is not found. All other returned errors must be treated as storage-specific errors, 11 | // like "connection lost", "connection refused", etc. 12 | ErrNotFound = errors.New("Entity not found") 13 | ) 14 | 15 | // Storage interface 16 | type Storage interface { 17 | // Clone the storage if needed. For example, using mgo, you can clone the session with session.Clone 18 | // to avoid concurrent access problems. 19 | // This is to avoid cloning the connection at each method access. 20 | // Can return itself if not a problem. 21 | Clone() Storage 22 | 23 | // Close the resources the Storage potentially holds (using Clone for example) 24 | Close() 25 | 26 | // GetClient loads the client by id (client_id) 27 | GetClient(id string) (Client, error) 28 | 29 | // SaveAuthorize saves authorize data. 30 | SaveAuthorize(*AuthorizeData) error 31 | 32 | // LoadAuthorize looks up AuthorizeData by a code. 33 | // Client information MUST be loaded together. 34 | // Optionally can return error if expired. 35 | LoadAuthorize(code string) (*AuthorizeData, error) 36 | 37 | // RemoveAuthorize revokes or deletes the authorization code. 38 | RemoveAuthorize(code string) error 39 | 40 | // SaveAccess writes AccessData. 41 | // If RefreshToken is not blank, it must save in a way that can be loaded using LoadRefresh. 42 | SaveAccess(*AccessData) error 43 | 44 | // LoadAccess retrieves access data by token. Client information MUST be loaded together. 45 | // AuthorizeData and AccessData DON'T NEED to be loaded if not easily available. 46 | // Optionally can return error if expired. 47 | LoadAccess(token string) (*AccessData, error) 48 | 49 | // RemoveAccess revokes or deletes an AccessData. 50 | RemoveAccess(token string) error 51 | 52 | // LoadRefresh retrieves refresh AccessData. Client information MUST be loaded together. 53 | // AuthorizeData and AccessData DON'T NEED to be loaded if not easily available. 54 | // Optionally can return error if expired. 55 | LoadRefresh(token string) (*AccessData, error) 56 | 57 | // RemoveRefresh revokes or deletes refresh AccessData. 58 | RemoveRefresh(token string) error 59 | } 60 | -------------------------------------------------------------------------------- /vendor/gopkg.in/square/go-jose.v1/cipher/ecdh_es.go: -------------------------------------------------------------------------------- 1 | /*- 2 | * Copyright 2014 Square Inc. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | package josecipher 18 | 19 | import ( 20 | "crypto" 21 | "crypto/ecdsa" 22 | "encoding/binary" 23 | ) 24 | 25 | // DeriveECDHES derives a shared encryption key using ECDH/ConcatKDF as described in JWE/JWA. 26 | // It is an error to call this function with a private/public key that are not on the same 27 | // curve. Callers must ensure that the keys are valid before calling this function. Output 28 | // size may be at most 1<<16 bytes (64 KiB). 29 | func DeriveECDHES(alg string, apuData, apvData []byte, priv *ecdsa.PrivateKey, pub *ecdsa.PublicKey, size int) []byte { 30 | if size > 1<<16 { 31 | panic("ECDH-ES output size too large, must be less than or equal to 1<<16") 32 | } 33 | 34 | // algId, partyUInfo, partyVInfo inputs must be prefixed with the length 35 | algID := lengthPrefixed([]byte(alg)) 36 | ptyUInfo := lengthPrefixed(apuData) 37 | ptyVInfo := lengthPrefixed(apvData) 38 | 39 | // suppPubInfo is the encoded length of the output size in bits 40 | supPubInfo := make([]byte, 4) 41 | binary.BigEndian.PutUint32(supPubInfo, uint32(size)*8) 42 | 43 | if !priv.PublicKey.Curve.IsOnCurve(pub.X, pub.Y) { 44 | panic("public key not on same curve as private key") 45 | } 46 | 47 | z, _ := priv.PublicKey.Curve.ScalarMult(pub.X, pub.Y, priv.D.Bytes()) 48 | reader := NewConcatKDF(crypto.SHA256, z.Bytes(), algID, ptyUInfo, ptyVInfo, supPubInfo, []byte{}) 49 | 50 | key := make([]byte, size) 51 | 52 | // Read on the KDF will never fail 53 | _, _ = reader.Read(key) 54 | return key 55 | } 56 | 57 | func lengthPrefixed(data []byte) []byte { 58 | out := make([]byte, len(data)+4) 59 | binary.BigEndian.PutUint32(out, uint32(len(data))) 60 | copy(out[4:], data) 61 | return out 62 | } 63 | -------------------------------------------------------------------------------- /vendor/github.com/pborman/uuid/time.go: -------------------------------------------------------------------------------- 1 | // Copyright 2014 Google Inc. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package uuid 6 | 7 | import ( 8 | "encoding/binary" 9 | 10 | guuid "github.com/google/uuid" 11 | ) 12 | 13 | // A Time represents a time as the number of 100's of nanoseconds since 15 Oct 14 | // 1582. 15 | type Time = guuid.Time 16 | 17 | // GetTime returns the current Time (100s of nanoseconds since 15 Oct 1582) and 18 | // clock sequence as well as adjusting the clock sequence as needed. An error 19 | // is returned if the current time cannot be determined. 20 | func GetTime() (Time, uint16, error) { return guuid.GetTime() } 21 | 22 | // ClockSequence returns the current clock sequence, generating one if not 23 | // already set. The clock sequence is only used for Version 1 UUIDs. 24 | // 25 | // The uuid package does not use global static storage for the clock sequence or 26 | // the last time a UUID was generated. Unless SetClockSequence a new random 27 | // clock sequence is generated the first time a clock sequence is requested by 28 | // ClockSequence, GetTime, or NewUUID. (section 4.2.1.1) sequence is generated 29 | // for 30 | func ClockSequence() int { return guuid.ClockSequence() } 31 | 32 | // SetClockSeq sets the clock sequence to the lower 14 bits of seq. Setting to 33 | // -1 causes a new sequence to be generated. 34 | func SetClockSequence(seq int) { guuid.SetClockSequence(seq) } 35 | 36 | // Time returns the time in 100s of nanoseconds since 15 Oct 1582 encoded in 37 | // uuid. It returns false if uuid is not valid. The time is only well defined 38 | // for version 1 and 2 UUIDs. 39 | func (uuid UUID) Time() (Time, bool) { 40 | if len(uuid) != 16 { 41 | return 0, false 42 | } 43 | time := int64(binary.BigEndian.Uint32(uuid[0:4])) 44 | time |= int64(binary.BigEndian.Uint16(uuid[4:6])) << 32 45 | time |= int64(binary.BigEndian.Uint16(uuid[6:8])&0xfff) << 48 46 | return Time(time), true 47 | } 48 | 49 | // ClockSequence returns the clock sequence encoded in uuid. It returns false 50 | // if uuid is not valid. The clock sequence is only well defined for version 1 51 | // and 2 UUIDs. 52 | func (uuid UUID) ClockSequence() (int, bool) { 53 | if len(uuid) != 16 { 54 | return 0, false 55 | } 56 | return int(binary.BigEndian.Uint16(uuid[8:10])) & 0x3fff, true 57 | } 58 | -------------------------------------------------------------------------------- /vendor/github.com/google/uuid/dce.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 Google Inc. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package uuid 6 | 7 | import ( 8 | "encoding/binary" 9 | "fmt" 10 | "os" 11 | ) 12 | 13 | // A Domain represents a Version 2 domain 14 | type Domain byte 15 | 16 | // Domain constants for DCE Security (Version 2) UUIDs. 17 | const ( 18 | Person = Domain(0) 19 | Group = Domain(1) 20 | Org = Domain(2) 21 | ) 22 | 23 | // NewDCESecurity returns a DCE Security (Version 2) UUID. 24 | // 25 | // The domain should be one of Person, Group or Org. 26 | // On a POSIX system the id should be the users UID for the Person 27 | // domain and the users GID for the Group. The meaning of id for 28 | // the domain Org or on non-POSIX systems is site defined. 29 | // 30 | // For a given domain/id pair the same token may be returned for up to 31 | // 7 minutes and 10 seconds. 32 | func NewDCESecurity(domain Domain, id uint32) (UUID, error) { 33 | uuid, err := NewUUID() 34 | if err == nil { 35 | uuid[6] = (uuid[6] & 0x0f) | 0x20 // Version 2 36 | uuid[9] = byte(domain) 37 | binary.BigEndian.PutUint32(uuid[0:], id) 38 | } 39 | return uuid, err 40 | } 41 | 42 | // NewDCEPerson returns a DCE Security (Version 2) UUID in the person 43 | // domain with the id returned by os.Getuid. 44 | // 45 | // NewDCESecurity(Person, uint32(os.Getuid())) 46 | func NewDCEPerson() (UUID, error) { 47 | return NewDCESecurity(Person, uint32(os.Getuid())) 48 | } 49 | 50 | // NewDCEGroup returns a DCE Security (Version 2) UUID in the group 51 | // domain with the id returned by os.Getgid. 52 | // 53 | // NewDCESecurity(Group, uint32(os.Getgid())) 54 | func NewDCEGroup() (UUID, error) { 55 | return NewDCESecurity(Group, uint32(os.Getgid())) 56 | } 57 | 58 | // Domain returns the domain for a Version 2 UUID. Domains are only defined 59 | // for Version 2 UUIDs. 60 | func (uuid UUID) Domain() Domain { 61 | return Domain(uuid[9]) 62 | } 63 | 64 | // ID returns the id for a Version 2 UUID. IDs are only defined for Version 2 65 | // UUIDs. 66 | func (uuid UUID) ID() uint32 { 67 | return binary.BigEndian.Uint32(uuid[0:4]) 68 | } 69 | 70 | func (d Domain) String() string { 71 | switch d { 72 | case Person: 73 | return "Person" 74 | case Group: 75 | return "Group" 76 | case Org: 77 | return "Org" 78 | } 79 | return fmt.Sprintf("Domain%d", int(d)) 80 | } 81 | -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- 1 | cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= 2 | github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM= 3 | github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= 4 | github.com/golang/protobuf v1.2.0 h1:P3YflyNX/ehuJFLhxviNdFxQPkGK5cDcApsge1SqnvM= 5 | github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= 6 | github.com/google/uuid v1.0.0 h1:b4Gk+7WdP/d3HZH8EJsZpvV7EtDOgaZLtnaNGIu1adA= 7 | github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= 8 | github.com/openshift/build-machinery-go v0.0.0-20200917070002-f171684f77ab h1:lBrojddP6C9C2p67EMs2vcdpC8eF+H0DDom+fgI2IF0= 9 | github.com/openshift/build-machinery-go v0.0.0-20200917070002-f171684f77ab/go.mod h1:b1BuldmJlbA/xYtdZvKi+7j5YGB44qJUJDZ9zwiNCfE= 10 | github.com/openshift/osincli v0.0.0-20160924135400-fababb0555f2 h1:9oADVMmPa4G60MQtoSjD26aD/vZreqbIAfiUiO220eY= 11 | github.com/openshift/osincli v0.0.0-20160924135400-fababb0555f2/go.mod h1:Riv9DbfKiX3y9ebcS4PHU4zLhVXu971+4jCVwKIue5M= 12 | github.com/pborman/uuid v1.2.0 h1:J7Q5mO4ysT1dv8hyrUGHb9+ooztCXu1D8MY8DZYsu3g= 13 | github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= 14 | golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 15 | golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e h1:bRhVy7zSSasaqNksaRZiA5EEI+Ei4I1nO5Jh72wfHlg= 16 | golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 17 | golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d h1:TzXSXBo42m9gQenoE3b9BGiEpg5IG2JkU5FkPIawgtw= 18 | golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= 19 | golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4 h1:YUO/7uOKsKeq9UokNS62b8FYywz3ker1l1vDZRCRefw= 20 | golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 21 | golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= 22 | google.golang.org/appengine v1.4.0 h1:/wp5JvzpHIxhs/dumFmF7BXTf3Z+dd4uXta4kVyO508= 23 | google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= 24 | gopkg.in/square/go-jose.v1 v1.1.2 h1:/5jmADZB+RiKtZGr4HxsEFOEfbfsjTKsVnqpThUpE30= 25 | gopkg.in/square/go-jose.v1 v1.1.2/go.mod h1:QpYS+a4WhS+DTlyQIi6Ka7MS3SuR9a055rgXNEe6EiA= 26 | -------------------------------------------------------------------------------- /vendor/github.com/pborman/uuid/dce.go: -------------------------------------------------------------------------------- 1 | // Copyright 2011 Google Inc. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package uuid 6 | 7 | import ( 8 | "encoding/binary" 9 | "fmt" 10 | "os" 11 | ) 12 | 13 | // A Domain represents a Version 2 domain 14 | type Domain byte 15 | 16 | // Domain constants for DCE Security (Version 2) UUIDs. 17 | const ( 18 | Person = Domain(0) 19 | Group = Domain(1) 20 | Org = Domain(2) 21 | ) 22 | 23 | // NewDCESecurity returns a DCE Security (Version 2) UUID. 24 | // 25 | // The domain should be one of Person, Group or Org. 26 | // On a POSIX system the id should be the users UID for the Person 27 | // domain and the users GID for the Group. The meaning of id for 28 | // the domain Org or on non-POSIX systems is site defined. 29 | // 30 | // For a given domain/id pair the same token may be returned for up to 31 | // 7 minutes and 10 seconds. 32 | func NewDCESecurity(domain Domain, id uint32) UUID { 33 | uuid := NewUUID() 34 | if uuid != nil { 35 | uuid[6] = (uuid[6] & 0x0f) | 0x20 // Version 2 36 | uuid[9] = byte(domain) 37 | binary.BigEndian.PutUint32(uuid[0:], id) 38 | } 39 | return uuid 40 | } 41 | 42 | // NewDCEPerson returns a DCE Security (Version 2) UUID in the person 43 | // domain with the id returned by os.Getuid. 44 | // 45 | // NewDCEPerson(Person, uint32(os.Getuid())) 46 | func NewDCEPerson() UUID { 47 | return NewDCESecurity(Person, uint32(os.Getuid())) 48 | } 49 | 50 | // NewDCEGroup returns a DCE Security (Version 2) UUID in the group 51 | // domain with the id returned by os.Getgid. 52 | // 53 | // NewDCEGroup(Group, uint32(os.Getgid())) 54 | func NewDCEGroup() UUID { 55 | return NewDCESecurity(Group, uint32(os.Getgid())) 56 | } 57 | 58 | // Domain returns the domain for a Version 2 UUID or false. 59 | func (uuid UUID) Domain() (Domain, bool) { 60 | if v, _ := uuid.Version(); v != 2 { 61 | return 0, false 62 | } 63 | return Domain(uuid[9]), true 64 | } 65 | 66 | // Id returns the id for a Version 2 UUID or false. 67 | func (uuid UUID) Id() (uint32, bool) { 68 | if v, _ := uuid.Version(); v != 2 { 69 | return 0, false 70 | } 71 | return binary.BigEndian.Uint32(uuid[0:4]), true 72 | } 73 | 74 | func (d Domain) String() string { 75 | switch d { 76 | case Person: 77 | return "Person" 78 | case Group: 79 | return "Group" 80 | case Org: 81 | return "Org" 82 | } 83 | return fmt.Sprintf("Domain%d", int(d)) 84 | } 85 | -------------------------------------------------------------------------------- /vendor/golang.org/x/net/context/ctxhttp/ctxhttp.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // Package ctxhttp provides helper functions for performing context-aware HTTP requests. 6 | package ctxhttp // import "golang.org/x/net/context/ctxhttp" 7 | 8 | import ( 9 | "context" 10 | "io" 11 | "net/http" 12 | "net/url" 13 | "strings" 14 | ) 15 | 16 | // Do sends an HTTP request with the provided http.Client and returns 17 | // an HTTP response. 18 | // 19 | // If the client is nil, http.DefaultClient is used. 20 | // 21 | // The provided ctx must be non-nil. If it is canceled or times out, 22 | // ctx.Err() will be returned. 23 | func Do(ctx context.Context, client *http.Client, req *http.Request) (*http.Response, error) { 24 | if client == nil { 25 | client = http.DefaultClient 26 | } 27 | resp, err := client.Do(req.WithContext(ctx)) 28 | // If we got an error, and the context has been canceled, 29 | // the context's error is probably more useful. 30 | if err != nil { 31 | select { 32 | case <-ctx.Done(): 33 | err = ctx.Err() 34 | default: 35 | } 36 | } 37 | return resp, err 38 | } 39 | 40 | // Get issues a GET request via the Do function. 41 | func Get(ctx context.Context, client *http.Client, url string) (*http.Response, error) { 42 | req, err := http.NewRequest("GET", url, nil) 43 | if err != nil { 44 | return nil, err 45 | } 46 | return Do(ctx, client, req) 47 | } 48 | 49 | // Head issues a HEAD request via the Do function. 50 | func Head(ctx context.Context, client *http.Client, url string) (*http.Response, error) { 51 | req, err := http.NewRequest("HEAD", url, nil) 52 | if err != nil { 53 | return nil, err 54 | } 55 | return Do(ctx, client, req) 56 | } 57 | 58 | // Post issues a POST request via the Do function. 59 | func Post(ctx context.Context, client *http.Client, url string, bodyType string, body io.Reader) (*http.Response, error) { 60 | req, err := http.NewRequest("POST", url, body) 61 | if err != nil { 62 | return nil, err 63 | } 64 | req.Header.Set("Content-Type", bodyType) 65 | return Do(ctx, client, req) 66 | } 67 | 68 | // PostForm issues a POST request via the Do function. 69 | func PostForm(ctx context.Context, client *http.Client, url string, data url.Values) (*http.Response, error) { 70 | return Post(ctx, client, url, "application/x-www-form-urlencoded", strings.NewReader(data.Encode())) 71 | } 72 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/Makefile: -------------------------------------------------------------------------------- 1 | SHELL :=/bin/bash 2 | all: verify 3 | .PHONY: all 4 | 5 | makefiles :=$(wildcard ./make/*.example.mk) 6 | examples :=$(wildcard ./make/examples/*/Makefile.test) 7 | 8 | # $1 - makefile name relative to ./make/ folder 9 | # $2 - target 10 | # $3 - output folder 11 | # We need to change dir to the final makefile directory or relative paths won't match. 12 | # Dynamic values are replaced with "" so we can do diff against checkout versions. 13 | # Avoid comparing local paths by stripping the prefix. 14 | # Delete lines referencing temporary files and directories 15 | # Unify make error output between versions 16 | # Ignore old cp errors on centos7 17 | # Ignore different make output with `-k` option 18 | define update-makefile-log 19 | mkdir -p "$(3)" 20 | set -o pipefail; $(MAKE) -j 1 -C "$(dir $(1))" -f "$(notdir $(1))" --no-print-directory --warn-undefined-variables $(2) 2>&1 | \ 21 | sed 's/\.\(buildDate\|versionFromGit\|commitFromGit\|gitTreeState\)="[^"]*" /.\1="" /g' | \ 22 | sed -E 's~/.*/(github.com/openshift/build-machinery-go/.*)~/\1~g' | \ 23 | sed '/\/tmp\/tmp./d' | \ 24 | sed '/git checkout -b/d' | \ 25 | sed -E 's~^[<> ]*((\+\+\+|\-\-\-) \./(testing/)?manifests/.*.yaml).*~\1~' | \ 26 | sed -E 's/^(make\[2\]: \*\*\* \[).*: (.*\] Error 1)/\1\2/' | \ 27 | grep -v 'are the same file' | \ 28 | grep -E -v -e '^make\[2\]: Target `.*'"'"' not remade because of errors\.$$' | \ 29 | tee "$(3)"/"$(notdir $(1))"$(subst ..,.,.$(2).log) 30 | 31 | endef 32 | 33 | 34 | # $1 - makefile name relative to ./make/ folder 35 | # $2 - target 36 | # $3 - output folder 37 | define check-makefile-log 38 | $(call update-makefile-log,$(1),$(2),$(3)) 39 | diff -N "$(1)$(subst ..,.,.$(2).log)" "$(3)/$(notdir $(1))$(subst ..,.,.$(2).log)" 40 | 41 | endef 42 | 43 | update-makefiles: 44 | $(foreach f,$(makefiles),$(call check-makefile-log,$(f),help,$(dir $(f)))) 45 | $(foreach f,$(examples),$(call check-makefile-log,$(f),,$(dir $(f)))) 46 | .PHONY: update-makefiles 47 | 48 | verify-makefiles: tmp_dir:=$(shell mktemp -d) 49 | verify-makefiles: 50 | $(foreach f,$(makefiles),$(call check-makefile-log,$(f),help,$(tmp_dir)/$(dir $(f)))) 51 | $(foreach f,$(examples),$(call check-makefile-log,$(f),,$(tmp_dir)/$(dir $(f)))) 52 | .PHONY: verify-makefiles 53 | 54 | verify: verify-makefiles 55 | .PHONY: verify 56 | 57 | update: update-makefiles 58 | .PHONY: update 59 | 60 | 61 | include ./make/targets/help.mk 62 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/osincli/README.md: -------------------------------------------------------------------------------- 1 | OSIN CLIENT 2 | =========== 3 | 4 | Golang OAuth2 client library 5 | ---------------------------- 6 | 7 | OSINCLI is an OAuth2 client library for the Go language, as specified at 8 | http://tools.ietf.org/html/rfc6749. 9 | 10 | Using it, you can access an OAuth2 authenticated service. 11 | 12 | The library follows the RFC recommendations, but allows some differences, like passing the client secret in the url instead of using the Authorization header. 13 | 14 | ### Example 15 | 16 | import "github.com/RangelReale/osincli" 17 | 18 | config := &osincli.ClientConfig{ 19 | ClientId: "xxxxxxxxxxxx.apps.googleusercontent.com", 20 | ClientSecret: "secret", 21 | AuthorizeUrl: "https://accounts.google.com/o/oauth2/auth", 22 | TokenUrl: "https://accounts.google.com/o/oauth2/token", 23 | RedirectUrl: "http://localhost:14001/appauth", 24 | ErrorsInStatusCode: true, 25 | SendClientSecretInParams: true, 26 | Scope: "https://www.googleapis.com/auth/plus.login", 27 | } 28 | client, err := osincli.NewClient(config) 29 | if err != nil { 30 | panic(err) 31 | } 32 | 33 | // create a new request to generate the url 34 | areq := client.NewAuthorizeRequest(osincli.CODE) 35 | areq.CustomParameters["access_type"] = "online" 36 | areq.CustomParameters["approval_prompt"] = "auto" 37 | 38 | // Home 39 | http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { 40 | u := areq.GetAuthorizeUrl() 41 | w.Write([]byte(fmt.Sprintf("Login", u.String()))) 42 | }) 43 | 44 | // Auth endpoint 45 | http.HandleFunc("/appauth", func(w http.ResponseWriter, r *http.Request) { 46 | // parse a token request 47 | if areqdata, err := areq.HandleRequest(r); err == nil { 48 | treq := client.NewAccessRequest(osincli.AUTHORIZATION_CODE, areqdata) 49 | 50 | // exchange the authorize token for the access token 51 | ad, err := treq.GetToken() 52 | if err == nil { 53 | w.Write([]byte(fmt.Sprintf("Access token: %+v\n\n", ad))) 54 | 55 | // use the token in ad.AccessToken 56 | } else { 57 | w.Write([]byte(fmt.Sprintf("ERROR: %s\n", err))) 58 | } 59 | } else { 60 | w.Write([]byte(fmt.Sprintf("ERROR: %s\n", err))) 61 | } 62 | }) 63 | 64 | http.ListenAndServe(":14001", nil) 65 | 66 | 67 | Load your web browser at: 68 | 69 | http://localhost:14001 70 | 71 | ### License 72 | 73 | The code is licensed using "New BSD" license. 74 | 75 | ### Author 76 | 77 | Rangel Reale 78 | -------------------------------------------------------------------------------- /response_test.go: -------------------------------------------------------------------------------- 1 | package osin 2 | 3 | import ( 4 | "net/url" 5 | "strings" 6 | "testing" 7 | ) 8 | 9 | func TestGetRedirectUrl(t *testing.T) { 10 | // Make sure we can round-trip state parameters containing special URL characters, both as a query param and in an encoded fragment 11 | state := `{"then": "/index.html?a=1&b=%2B#fragment", "nonce": "014f:bff9a07c"}` 12 | 13 | testcases := map[string]struct { 14 | URL string 15 | Output ResponseData 16 | RedirectInFragment bool 17 | 18 | ExpectedURL string 19 | }{ 20 | "query": { 21 | URL: "https://foo.com/path?abc=123", 22 | Output: ResponseData{"access_token": "12345", "state": state}, 23 | ExpectedURL: "https://foo.com/path?abc=123&access_token=12345&state=%7B%22then%22%3A+%22%2Findex.html%3Fa%3D1%26b%3D%252B%23fragment%22%2C+%22nonce%22%3A+%22014f%3Abff9a07c%22%7D", 24 | }, 25 | 26 | // https://tools.ietf.org/html/rfc6749#section-4.2.2 27 | // Fragment should be encoded as application/x-www-form-urlencoded (%-escaped, spaces are represented as '+') 28 | "fragment": { 29 | URL: "https://foo.com/path?abc=123", 30 | Output: ResponseData{"access_token": "12345", "state": state}, 31 | RedirectInFragment: true, 32 | ExpectedURL: "https://foo.com/path?abc=123#access_token=12345&state=%7B%22then%22%3A+%22%2Findex.html%3Fa%3D1%26b%3D%252B%23fragment%22%2C+%22nonce%22%3A+%22014f%3Abff9a07c%22%7D", 33 | }, 34 | } 35 | 36 | for k, tc := range testcases { 37 | resp := &Response{ 38 | Type: REDIRECT, 39 | URL: tc.URL, 40 | Output: tc.Output, 41 | RedirectInFragment: tc.RedirectInFragment, 42 | } 43 | result, err := resp.GetRedirectUrl() 44 | if err != nil { 45 | t.Errorf("%s: %v", k, err) 46 | continue 47 | } 48 | if result != tc.ExpectedURL { 49 | t.Errorf("%s: expected\n\t%v, got\n\t%v", k, tc.ExpectedURL, result) 50 | continue 51 | } 52 | 53 | var params url.Values 54 | if tc.RedirectInFragment { 55 | params, err = url.ParseQuery(strings.SplitN(result, "#", 2)[1]) 56 | if err != nil { 57 | t.Errorf("%s: %v", k, err) 58 | continue 59 | } 60 | } else { 61 | parsedResult, err := url.Parse(result) 62 | if err != nil { 63 | t.Errorf("%s: %v", k, err) 64 | continue 65 | } 66 | params = parsedResult.Query() 67 | } 68 | 69 | if params["state"][0] != state { 70 | t.Errorf("%s: expected\n\t%v, got\n\t%v", k, state, params["state"][0]) 71 | continue 72 | } 73 | } 74 | } 75 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/lib/golang.mk: -------------------------------------------------------------------------------- 1 | include $(addprefix $(dir $(lastword $(MAKEFILE_LIST))), \ 2 | version.mk \ 3 | ) 4 | 5 | GO ?=go 6 | 7 | GOPATH ?=$(shell $(GO) env GOPATH) 8 | GOOS ?=$(shell $(GO) env GOOS) 9 | GOHOSTOS ?=$(shell $(GO) env GOHOSTOS) 10 | GOARCH ?=$(shell $(GO) env GOARCH) 11 | GOHOSTARCH ?=$(shell $(GO) env GOHOSTARCH) 12 | GOEXE ?=$(shell $(GO) env GOEXE) 13 | GOFLAGS ?=$(shell $(GO) env GOFLAGS) 14 | 15 | GOFMT ?=gofmt 16 | GOFMT_FLAGS ?=-s -l 17 | GOLINT ?=golint 18 | 19 | go_version :=$(shell $(GO) version | sed -E -e 's/.*go([0-9]+.[0-9]+.[0-9]+).*/\1/') 20 | GO_REQUIRED_MIN_VERSION ?=1.14.4 21 | ifneq "$(GO_REQUIRED_MIN_VERSION)" "" 22 | $(call require_minimal_version,$(GO),GO_REQUIRED_MIN_VERSION,$(go_version)) 23 | endif 24 | 25 | # Projects not using modules can clear the variable, but by default we want to prevent 26 | # our projects with modules to unknowingly ignore vendor folder until golang is fixed to use 27 | # vendor folder by default if present. 28 | # 29 | # Conditional to avoid Go 1.13 bug on false double flag https://github.com/golang/go/issues/32471 30 | # TODO: Drop the contitional when golang is fixed so we can see the flag being explicitelly set in logs. 31 | ifeq "$(findstring -mod=vendor,$(GOFLAGS))" "-mod=vendor" 32 | GO_MOD_FLAGS ?= 33 | else 34 | GO_MOD_FLAGS ?=-mod=vendor 35 | endif 36 | 37 | GO_PACKAGE ?=$(shell $(GO) list $(GO_MOD_FLAGS) -m -f '{{ .Path }}' || echo 'no_package_detected') 38 | GO_PACKAGES ?=./... 39 | GO_TEST_PACKAGES ?=$(GO_PACKAGES) 40 | GO_FILES ?=$(shell find . -name '*.go' -not -path '*/vendor/*' -not -path '*/_output/*' -print) 41 | 42 | 43 | GO_BUILD_PACKAGES ?=./cmd/... 44 | GO_BUILD_PACKAGES_EXPANDED ?=$(shell $(GO) list $(GO_MOD_FLAGS) $(GO_BUILD_PACKAGES)) 45 | go_build_binaries =$(notdir $(GO_BUILD_PACKAGES_EXPANDED)) 46 | GO_BUILD_FLAGS ?=-trimpath 47 | GO_BUILD_BINDIR ?= 48 | 49 | GO_TEST_FLAGS ?=-race 50 | 51 | GO_LD_EXTRAFLAGS ?= 52 | 53 | SOURCE_GIT_TAG ?=$(shell git describe --long --tags --abbrev=7 --match 'v[0-9]*' || echo 'v0.0.0-unknown') 54 | SOURCE_GIT_COMMIT ?=$(shell git rev-parse --short "HEAD^{commit}" 2>/dev/null) 55 | SOURCE_GIT_TREE_STATE ?=$(shell ( ( [ ! -d ".git/" ] || git diff --quiet ) && echo 'clean' ) || echo 'dirty') 56 | 57 | define version-ldflags 58 | -X $(1).versionFromGit="$(SOURCE_GIT_TAG)" \ 59 | -X $(1).commitFromGit="$(SOURCE_GIT_COMMIT)" \ 60 | -X $(1).gitTreeState="$(SOURCE_GIT_TREE_STATE)" \ 61 | -X $(1).buildDate="$(shell date -u +'%Y-%m-%dT%H:%M:%SZ')" 62 | endef 63 | GO_LD_FLAGS ?=-ldflags "-s -w $(call version-ldflags,$(GO_PACKAGE)/pkg/version) $(GO_LD_EXTRAFLAGS)" 64 | -------------------------------------------------------------------------------- /info.go: -------------------------------------------------------------------------------- 1 | package osin 2 | 3 | import ( 4 | "net/http" 5 | "time" 6 | ) 7 | 8 | // InfoRequest is a request for information about some AccessData 9 | type InfoRequest struct { 10 | Code string // Code to look up 11 | AccessData *AccessData // AccessData associated with Code 12 | } 13 | 14 | // HandleInfoRequest is an http.HandlerFunc for server information 15 | // NOT an RFC specification. 16 | func (s *Server) HandleInfoRequest(w *Response, r *http.Request) *InfoRequest { 17 | r.ParseForm() 18 | bearer := CheckBearerAuth(r) 19 | if bearer == nil { 20 | s.setErrorAndLog(w, E_INVALID_REQUEST, nil, "handle_info_request=%s", "bearer is nil") 21 | return nil 22 | } 23 | 24 | // generate info request 25 | ret := &InfoRequest{ 26 | Code: bearer.Code, 27 | } 28 | 29 | if ret.Code == "" { 30 | s.setErrorAndLog(w, E_INVALID_REQUEST, nil, "handle_info_request=%s", "code is nil") 31 | return nil 32 | } 33 | 34 | var err error 35 | 36 | // load access data 37 | ret.AccessData, err = w.Storage.LoadAccess(ret.Code) 38 | if err != nil { 39 | s.setErrorAndLog(w, E_INVALID_REQUEST, err, "handle_info_request=%s", "failed to load access data") 40 | return nil 41 | } 42 | if ret.AccessData == nil { 43 | s.setErrorAndLog(w, E_INVALID_REQUEST, nil, "handle_info_request=%s", "access data is nil") 44 | return nil 45 | } 46 | if ret.AccessData.Client == nil { 47 | s.setErrorAndLog(w, E_UNAUTHORIZED_CLIENT, nil, "handle_info_request=%s", "access data client is nil") 48 | return nil 49 | } 50 | if ret.AccessData.Client.GetRedirectUri() == "" { 51 | s.setErrorAndLog(w, E_UNAUTHORIZED_CLIENT, nil, "handle_info_request=%s", "access data client redirect uri is empty") 52 | return nil 53 | } 54 | if ret.AccessData.IsExpiredAt(s.Now()) { 55 | s.setErrorAndLog(w, E_INVALID_GRANT, nil, "handle_info_request=%s", "access data is expired") 56 | return nil 57 | } 58 | 59 | return ret 60 | } 61 | 62 | // FinishInfoRequest finalizes the request handled by HandleInfoRequest 63 | func (s *Server) FinishInfoRequest(w *Response, r *http.Request, ir *InfoRequest) { 64 | // don't process if is already an error 65 | if w.IsError { 66 | return 67 | } 68 | 69 | // output data 70 | w.Output["client_id"] = ir.AccessData.Client.GetId() 71 | w.Output["access_token"] = ir.AccessData.AccessToken 72 | w.Output["token_type"] = s.Config.TokenType 73 | w.Output["expires_in"] = ir.AccessData.CreatedAt.Add(time.Duration(ir.AccessData.ExpiresIn)*time.Second).Sub(s.Now()) / time.Second 74 | if ir.AccessData.RefreshToken != "" { 75 | w.Output["refresh_token"] = ir.AccessData.RefreshToken 76 | } 77 | if ir.AccessData.Scope != "" { 78 | w.Output["scope"] = ir.AccessData.Scope 79 | } 80 | } 81 | -------------------------------------------------------------------------------- /vendor/github.com/google/uuid/node.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 Google Inc. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package uuid 6 | 7 | import ( 8 | "sync" 9 | ) 10 | 11 | var ( 12 | nodeMu sync.Mutex 13 | ifname string // name of interface being used 14 | nodeID [6]byte // hardware for version 1 UUIDs 15 | zeroID [6]byte // nodeID with only 0's 16 | ) 17 | 18 | // NodeInterface returns the name of the interface from which the NodeID was 19 | // derived. The interface "user" is returned if the NodeID was set by 20 | // SetNodeID. 21 | func NodeInterface() string { 22 | defer nodeMu.Unlock() 23 | nodeMu.Lock() 24 | return ifname 25 | } 26 | 27 | // SetNodeInterface selects the hardware address to be used for Version 1 UUIDs. 28 | // If name is "" then the first usable interface found will be used or a random 29 | // Node ID will be generated. If a named interface cannot be found then false 30 | // is returned. 31 | // 32 | // SetNodeInterface never fails when name is "". 33 | func SetNodeInterface(name string) bool { 34 | defer nodeMu.Unlock() 35 | nodeMu.Lock() 36 | return setNodeInterface(name) 37 | } 38 | 39 | func setNodeInterface(name string) bool { 40 | iname, addr := getHardwareInterface(name) // null implementation for js 41 | if iname != "" && addr != nil { 42 | ifname = iname 43 | copy(nodeID[:], addr) 44 | return true 45 | } 46 | 47 | // We found no interfaces with a valid hardware address. If name 48 | // does not specify a specific interface generate a random Node ID 49 | // (section 4.1.6) 50 | if name == "" { 51 | randomBits(nodeID[:]) 52 | return true 53 | } 54 | return false 55 | } 56 | 57 | // NodeID returns a slice of a copy of the current Node ID, setting the Node ID 58 | // if not already set. 59 | func NodeID() []byte { 60 | defer nodeMu.Unlock() 61 | nodeMu.Lock() 62 | if nodeID == zeroID { 63 | setNodeInterface("") 64 | } 65 | nid := nodeID 66 | return nid[:] 67 | } 68 | 69 | // SetNodeID sets the Node ID to be used for Version 1 UUIDs. The first 6 bytes 70 | // of id are used. If id is less than 6 bytes then false is returned and the 71 | // Node ID is not set. 72 | func SetNodeID(id []byte) bool { 73 | if len(id) < 6 { 74 | return false 75 | } 76 | defer nodeMu.Unlock() 77 | nodeMu.Lock() 78 | copy(nodeID[:], id) 79 | ifname = "user" 80 | return true 81 | } 82 | 83 | // NodeID returns the 6 byte node id encoded in uuid. It returns nil if uuid is 84 | // not valid. The NodeID is only well defined for version 1 and 2 UUIDs. 85 | func (uuid UUID) NodeID() []byte { 86 | var node [6]byte 87 | copy(node[:], uuid[10:]) 88 | return node[:] 89 | } 90 | -------------------------------------------------------------------------------- /vendor/golang.org/x/net/context/context.go: -------------------------------------------------------------------------------- 1 | // Copyright 2014 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // Package context defines the Context type, which carries deadlines, 6 | // cancelation signals, and other request-scoped values across API boundaries 7 | // and between processes. 8 | // As of Go 1.7 this package is available in the standard library under the 9 | // name context. https://golang.org/pkg/context. 10 | // 11 | // Incoming requests to a server should create a Context, and outgoing calls to 12 | // servers should accept a Context. The chain of function calls between must 13 | // propagate the Context, optionally replacing it with a modified copy created 14 | // using WithDeadline, WithTimeout, WithCancel, or WithValue. 15 | // 16 | // Programs that use Contexts should follow these rules to keep interfaces 17 | // consistent across packages and enable static analysis tools to check context 18 | // propagation: 19 | // 20 | // Do not store Contexts inside a struct type; instead, pass a Context 21 | // explicitly to each function that needs it. The Context should be the first 22 | // parameter, typically named ctx: 23 | // 24 | // func DoSomething(ctx context.Context, arg Arg) error { 25 | // // ... use ctx ... 26 | // } 27 | // 28 | // Do not pass a nil Context, even if a function permits it. Pass context.TODO 29 | // if you are unsure about which Context to use. 30 | // 31 | // Use context Values only for request-scoped data that transits processes and 32 | // APIs, not for passing optional parameters to functions. 33 | // 34 | // The same Context may be passed to functions running in different goroutines; 35 | // Contexts are safe for simultaneous use by multiple goroutines. 36 | // 37 | // See http://blog.golang.org/context for example code for a server that uses 38 | // Contexts. 39 | package context // import "golang.org/x/net/context" 40 | 41 | // Background returns a non-nil, empty Context. It is never canceled, has no 42 | // values, and has no deadline. It is typically used by the main function, 43 | // initialization, and tests, and as the top-level Context for incoming 44 | // requests. 45 | func Background() Context { 46 | return background 47 | } 48 | 49 | // TODO returns a non-nil, empty Context. Code should use context.TODO when 50 | // it's unclear which Context to use or it is not yet available (because the 51 | // surrounding function has not yet been extended to accept a Context 52 | // parameter). TODO is recognized by static analysis tools that determine 53 | // whether Contexts are propagated correctly in a program. 54 | func TODO() Context { 55 | return todo 56 | } 57 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/build-machinery-go/make/targets/openshift/crd-schema-gen.mk: -------------------------------------------------------------------------------- 1 | self_dir :=$(dir $(lastword $(MAKEFILE_LIST))) 2 | 3 | # $1 - crd file 4 | # $2 - patch file 5 | define patch-crd-yq 6 | $(YQ) m -i -x '$(1)' '$(2)' 7 | 8 | endef 9 | 10 | # $1 - crd file 11 | # $2 - patch file 12 | define patch-crd-yaml-patch 13 | $(YAML_PATCH) -o '$(2)' < '$(1)' > '$(1).patched' 14 | mv '$(1).patched' '$(1)' 15 | 16 | endef 17 | 18 | empty := 19 | 20 | define diff-file 21 | diff -Naup '$(1)' '$(2)' 22 | 23 | endef 24 | 25 | # $1 - apis 26 | # $2 - manifests 27 | # $3 - output 28 | define run-crd-gen 29 | '$(CONTROLLER_GEN)' \ 30 | schemapatch:manifests="$(2)" \ 31 | paths="$(subst $(empty) ,;,$(1))" \ 32 | output:dir="$(3)" 33 | $$(foreach p,$$(wildcard $(2)/*.crd.yaml-merge-patch),$$(call patch-crd-yq,$$(subst $(2),$(3),$$(basename $$(p))).yaml,$$(p))) 34 | $$(foreach p,$$(wildcard $(2)/*.crd.yaml-patch),$$(call patch-crd-yaml-patch,$$(subst $(2),$(3),$$(basename $$(p))).yaml,$$(p))) 35 | endef 36 | 37 | 38 | # $1 - target name 39 | # $2 - apis 40 | # $3 - manifests 41 | # $4 - output 42 | define add-crd-gen-internal 43 | 44 | update-codegen-crds-$(1): ensure-controller-gen ensure-yq ensure-yaml-patch 45 | $(call run-crd-gen,$(2),$(3),$(4)) 46 | .PHONY: update-codegen-crds-$(1) 47 | 48 | update-codegen-crds: update-codegen-crds-$(1) 49 | .PHONY: update-codegen-crds 50 | 51 | verify-codegen-crds-$(1): VERIFY_CODEGEN_CRD_TMP_DIR:=$$(shell mktemp -d) 52 | verify-codegen-crds-$(1): ensure-controller-gen ensure-yq ensure-yaml-patch 53 | $(call run-crd-gen,$(2),$(3),$$(VERIFY_CODEGEN_CRD_TMP_DIR)) 54 | $$(foreach p,$$(wildcard $(4)/*crd.yaml),$$(call diff-file,$$(p),$$(subst $(4),$$(VERIFY_CODEGEN_CRD_TMP_DIR),$$(p)))) 55 | .PHONY: verify-codegen-crds-$(1) 56 | 57 | verify-codegen-crds: verify-codegen-crds-$(1) 58 | .PHONY: verify-codegen-crds 59 | 60 | endef 61 | 62 | 63 | update-generated: update-codegen-crds 64 | .PHONY: update-generated 65 | 66 | update: update-generated 67 | .PHONY: update 68 | 69 | verify-generated: verify-codegen-crds 70 | .PHONY: verify-generated 71 | 72 | verify: verify-generated 73 | .PHONY: verify 74 | 75 | 76 | define add-crd-gen 77 | $(eval $(call add-crd-gen-internal,$(1),$(2),$(3),$(4))) 78 | endef 79 | 80 | 81 | # We need to be careful to expand all the paths before any include is done 82 | # or self_dir could be modified for the next include by the included file. 83 | # Also doing this at the end of the file allows us to use self_dir before it could be modified. 84 | include $(addprefix $(self_dir), \ 85 | ../../lib/golang.mk \ 86 | ../../lib/tmp.mk \ 87 | ../../targets/openshift/controller-gen.mk \ 88 | ../../targets/openshift/yq.mk \ 89 | ../../targets/openshift/yaml-patch.mk \ 90 | ) 91 | -------------------------------------------------------------------------------- /config.go: -------------------------------------------------------------------------------- 1 | package osin 2 | 3 | // AllowedAuthorizeType is a collection of allowed auth request types 4 | type AllowedAuthorizeType []AuthorizeRequestType 5 | 6 | // Exists returns true if the auth type exists in the list 7 | func (t AllowedAuthorizeType) Exists(rt AuthorizeRequestType) bool { 8 | for _, k := range t { 9 | if k == rt { 10 | return true 11 | } 12 | } 13 | return false 14 | } 15 | 16 | // AllowedAccessType is a collection of allowed access request types 17 | type AllowedAccessType []AccessRequestType 18 | 19 | // Exists returns true if the access type exists in the list 20 | func (t AllowedAccessType) Exists(rt AccessRequestType) bool { 21 | for _, k := range t { 22 | if k == rt { 23 | return true 24 | } 25 | } 26 | return false 27 | } 28 | 29 | // ServerConfig contains server configuration information 30 | type ServerConfig struct { 31 | // Authorization token expiration in seconds (default 5 minutes) 32 | AuthorizationExpiration int32 33 | 34 | // Access token expiration in seconds (default 1 hour) 35 | AccessExpiration int32 36 | 37 | // Token type to return 38 | TokenType string 39 | 40 | // List of allowed authorize types (only CODE by default) 41 | AllowedAuthorizeTypes AllowedAuthorizeType 42 | 43 | // List of allowed access types (only AUTHORIZATION_CODE by default) 44 | AllowedAccessTypes AllowedAccessType 45 | 46 | // HTTP status code to return for errors - default 200 47 | // Only used if response was created from server 48 | ErrorStatusCode int 49 | 50 | // If true allows client secret also in params, else only in 51 | // Authorization header - default false 52 | AllowClientSecretInParams bool 53 | 54 | // If true allows access request using GET, else only POST - default false 55 | AllowGetAccessRequest bool 56 | 57 | // Require PKCE for code flows for public OAuth clients - default false 58 | RequirePKCEForPublicClients bool 59 | 60 | // Separator to support multiple URIs in Client.GetRedirectUri(). 61 | // If blank (the default), don't allow multiple URIs. 62 | RedirectUriSeparator string 63 | 64 | // RetainTokenAfter Refresh allows the server to retain the access and 65 | // refresh token for re-use - default false 66 | RetainTokenAfterRefresh bool 67 | } 68 | 69 | // NewServerConfig returns a new ServerConfig with default configuration 70 | func NewServerConfig() *ServerConfig { 71 | return &ServerConfig{ 72 | AuthorizationExpiration: 250, 73 | AccessExpiration: 3600, 74 | TokenType: "Bearer", 75 | AllowedAuthorizeTypes: AllowedAuthorizeType{CODE}, 76 | AllowedAccessTypes: AllowedAccessType{AUTHORIZATION_CODE}, 77 | ErrorStatusCode: 200, 78 | AllowClientSecretInParams: false, 79 | AllowGetAccessRequest: false, 80 | RetainTokenAfterRefresh: false, 81 | } 82 | } 83 | -------------------------------------------------------------------------------- /vendor/golang.org/x/oauth2/transport.go: -------------------------------------------------------------------------------- 1 | // Copyright 2014 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package oauth2 6 | 7 | import ( 8 | "errors" 9 | "log" 10 | "net/http" 11 | "sync" 12 | ) 13 | 14 | // Transport is an http.RoundTripper that makes OAuth 2.0 HTTP requests, 15 | // wrapping a base RoundTripper and adding an Authorization header 16 | // with a token from the supplied Sources. 17 | // 18 | // Transport is a low-level mechanism. Most code will use the 19 | // higher-level Config.Client method instead. 20 | type Transport struct { 21 | // Source supplies the token to add to outgoing requests' 22 | // Authorization headers. 23 | Source TokenSource 24 | 25 | // Base is the base RoundTripper used to make HTTP requests. 26 | // If nil, http.DefaultTransport is used. 27 | Base http.RoundTripper 28 | } 29 | 30 | // RoundTrip authorizes and authenticates the request with an 31 | // access token from Transport's Source. 32 | func (t *Transport) RoundTrip(req *http.Request) (*http.Response, error) { 33 | reqBodyClosed := false 34 | if req.Body != nil { 35 | defer func() { 36 | if !reqBodyClosed { 37 | req.Body.Close() 38 | } 39 | }() 40 | } 41 | 42 | if t.Source == nil { 43 | return nil, errors.New("oauth2: Transport's Source is nil") 44 | } 45 | token, err := t.Source.Token() 46 | if err != nil { 47 | return nil, err 48 | } 49 | 50 | req2 := cloneRequest(req) // per RoundTripper contract 51 | token.SetAuthHeader(req2) 52 | 53 | // req.Body is assumed to be closed by the base RoundTripper. 54 | reqBodyClosed = true 55 | return t.base().RoundTrip(req2) 56 | } 57 | 58 | var cancelOnce sync.Once 59 | 60 | // CancelRequest does nothing. It used to be a legacy cancellation mechanism 61 | // but now only it only logs on first use to warn that it's deprecated. 62 | // 63 | // Deprecated: use contexts for cancellation instead. 64 | func (t *Transport) CancelRequest(req *http.Request) { 65 | cancelOnce.Do(func() { 66 | log.Printf("deprecated: golang.org/x/oauth2: Transport.CancelRequest no longer does anything; use contexts") 67 | }) 68 | } 69 | 70 | func (t *Transport) base() http.RoundTripper { 71 | if t.Base != nil { 72 | return t.Base 73 | } 74 | return http.DefaultTransport 75 | } 76 | 77 | // cloneRequest returns a clone of the provided *http.Request. 78 | // The clone is a shallow copy of the struct and its Header map. 79 | func cloneRequest(r *http.Request) *http.Request { 80 | // shallow copy of the struct 81 | r2 := new(http.Request) 82 | *r2 = *r 83 | // deep copy of the Header 84 | r2.Header = make(http.Header, len(r.Header)) 85 | for k, s := range r.Header { 86 | r2.Header[k] = append([]string(nil), s...) 87 | } 88 | return r2 89 | } 90 | -------------------------------------------------------------------------------- /vendor/github.com/openshift/osincli/authorize.go: -------------------------------------------------------------------------------- 1 | package osincli 2 | 3 | import ( 4 | "errors" 5 | "net/http" 6 | "net/url" 7 | ) 8 | 9 | type AuthorizeRequestType string 10 | 11 | const ( 12 | CODE AuthorizeRequestType = "code" 13 | //TOKEN = "token" // token not supported in server applications (uses url fragment) 14 | ) 15 | 16 | // Authorize request information 17 | type AuthorizeRequest struct { 18 | client *Client 19 | Type AuthorizeRequestType 20 | CustomParameters map[string]string 21 | } 22 | 23 | // Authorization data 24 | type AuthorizeData struct { 25 | Code string 26 | State string 27 | 28 | // Resource Owner Password Credentials 29 | Username string 30 | Password string 31 | } 32 | 33 | // Creates a new authorize request 34 | func (c *Client) NewAuthorizeRequest(t AuthorizeRequestType) *AuthorizeRequest { 35 | return &AuthorizeRequest{ 36 | client: c, 37 | Type: t, 38 | CustomParameters: make(map[string]string), 39 | } 40 | } 41 | 42 | // Returns the authorize url 43 | func (c *AuthorizeRequest) GetAuthorizeUrl() *url.URL { 44 | return c.GetAuthorizeUrlWithParams("") 45 | } 46 | 47 | // Returns the authorize url 48 | func (c *AuthorizeRequest) GetAuthorizeUrlWithParams(state string) *url.URL { 49 | u := *c.client.configcache.authorizeUrl 50 | uq := u.Query() 51 | uq.Add("response_type", string(c.Type)) 52 | uq.Add("client_id", c.client.config.ClientId) 53 | uq.Add("redirect_uri", c.client.config.RedirectUrl) 54 | if c.client.config.Scope != "" { 55 | uq.Add("scope", c.client.config.Scope) 56 | } 57 | if c.client.config.CodeChallenge != "" { 58 | uq.Add("code_challenge", c.client.config.CodeChallenge) 59 | } 60 | if c.client.config.CodeChallengeMethod != "" { 61 | uq.Add("code_challenge_method", c.client.config.CodeChallengeMethod) 62 | } 63 | if state != "" { 64 | uq.Add("state", state) 65 | } 66 | if c.CustomParameters != nil { 67 | for pn, pv := range c.CustomParameters { 68 | uq.Add(pn, pv) 69 | } 70 | } 71 | u.RawQuery = uq.Encode() 72 | return &u 73 | } 74 | 75 | // Handle the authorization request 76 | func (c *AuthorizeRequest) HandleRequest(r *http.Request) (*AuthorizeData, error) { 77 | r.ParseForm() 78 | 79 | var ad *AuthorizeData 80 | 81 | if c.Type == CODE { 82 | // detect error parameters 83 | if r.Form.Get("error") != "" { 84 | return nil, NewError(r.Form.Get("error"), r.Form.Get("error_description"), r.Form.Get("error_uri"), r.Form.Get("state")) 85 | } else if r.Form.Get("code") == "" { 86 | return nil, errors.New("Requested parameter not sent") 87 | } 88 | ad = &AuthorizeData{ 89 | Code: r.Form.Get("code"), 90 | State: r.Form.Get("state"), 91 | } 92 | } else { 93 | return nil, errors.New("Unsupported response type") 94 | } 95 | 96 | return ad, nil 97 | } 98 | -------------------------------------------------------------------------------- /vendor/github.com/dgrijalva/jwt-go/hmac.go: -------------------------------------------------------------------------------- 1 | package jwt 2 | 3 | import ( 4 | "crypto" 5 | "crypto/hmac" 6 | "errors" 7 | ) 8 | 9 | // Implements the HMAC-SHA family of signing methods signing methods 10 | // Expects key type of []byte for both signing and validation 11 | type SigningMethodHMAC struct { 12 | Name string 13 | Hash crypto.Hash 14 | } 15 | 16 | // Specific instances for HS256 and company 17 | var ( 18 | SigningMethodHS256 *SigningMethodHMAC 19 | SigningMethodHS384 *SigningMethodHMAC 20 | SigningMethodHS512 *SigningMethodHMAC 21 | ErrSignatureInvalid = errors.New("signature is invalid") 22 | ) 23 | 24 | func init() { 25 | // HS256 26 | SigningMethodHS256 = &SigningMethodHMAC{"HS256", crypto.SHA256} 27 | RegisterSigningMethod(SigningMethodHS256.Alg(), func() SigningMethod { 28 | return SigningMethodHS256 29 | }) 30 | 31 | // HS384 32 | SigningMethodHS384 = &SigningMethodHMAC{"HS384", crypto.SHA384} 33 | RegisterSigningMethod(SigningMethodHS384.Alg(), func() SigningMethod { 34 | return SigningMethodHS384 35 | }) 36 | 37 | // HS512 38 | SigningMethodHS512 = &SigningMethodHMAC{"HS512", crypto.SHA512} 39 | RegisterSigningMethod(SigningMethodHS512.Alg(), func() SigningMethod { 40 | return SigningMethodHS512 41 | }) 42 | } 43 | 44 | func (m *SigningMethodHMAC) Alg() string { 45 | return m.Name 46 | } 47 | 48 | // Verify the signature of HSXXX tokens. Returns nil if the signature is valid. 49 | func (m *SigningMethodHMAC) Verify(signingString, signature string, key interface{}) error { 50 | // Verify the key is the right type 51 | keyBytes, ok := key.([]byte) 52 | if !ok { 53 | return ErrInvalidKeyType 54 | } 55 | 56 | // Decode signature, for comparison 57 | sig, err := DecodeSegment(signature) 58 | if err != nil { 59 | return err 60 | } 61 | 62 | // Can we use the specified hashing method? 63 | if !m.Hash.Available() { 64 | return ErrHashUnavailable 65 | } 66 | 67 | // This signing method is symmetric, so we validate the signature 68 | // by reproducing the signature from the signing string and key, then 69 | // comparing that against the provided signature. 70 | hasher := hmac.New(m.Hash.New, keyBytes) 71 | hasher.Write([]byte(signingString)) 72 | if !hmac.Equal(sig, hasher.Sum(nil)) { 73 | return ErrSignatureInvalid 74 | } 75 | 76 | // No validation errors. Signature is good. 77 | return nil 78 | } 79 | 80 | // Implements the Sign method from SigningMethod for this signing method. 81 | // Key must be []byte 82 | func (m *SigningMethodHMAC) Sign(signingString string, key interface{}) (string, error) { 83 | if keyBytes, ok := key.([]byte); ok { 84 | if !m.Hash.Available() { 85 | return "", ErrHashUnavailable 86 | } 87 | 88 | hasher := hmac.New(m.Hash.New, keyBytes) 89 | hasher.Write([]byte(signingString)) 90 | 91 | return EncodeSegment(hasher.Sum(nil)), nil 92 | } 93 | 94 | return "", ErrInvalidKeyType 95 | } 96 | -------------------------------------------------------------------------------- /error.go: -------------------------------------------------------------------------------- 1 | package osin 2 | 3 | type DefaultErrorId string 4 | 5 | const ( 6 | E_INVALID_REQUEST string = "invalid_request" 7 | E_UNAUTHORIZED_CLIENT = "unauthorized_client" 8 | E_ACCESS_DENIED = "access_denied" 9 | E_UNSUPPORTED_RESPONSE_TYPE = "unsupported_response_type" 10 | E_INVALID_SCOPE = "invalid_scope" 11 | E_SERVER_ERROR = "server_error" 12 | E_TEMPORARILY_UNAVAILABLE = "temporarily_unavailable" 13 | E_UNSUPPORTED_GRANT_TYPE = "unsupported_grant_type" 14 | E_INVALID_GRANT = "invalid_grant" 15 | E_INVALID_CLIENT = "invalid_client" 16 | ) 17 | 18 | var ( 19 | deferror *DefaultErrors = NewDefaultErrors() 20 | ) 21 | 22 | // Default errors and messages 23 | type DefaultErrors struct { 24 | errormap map[string]string 25 | } 26 | 27 | // NewDefaultErrors initializes OAuth2 error codes and descriptions. 28 | // http://tools.ietf.org/html/rfc6749#section-4.1.2.1 29 | // http://tools.ietf.org/html/rfc6749#section-4.2.2.1 30 | // http://tools.ietf.org/html/rfc6749#section-5.2 31 | // http://tools.ietf.org/html/rfc6749#section-7.2 32 | func NewDefaultErrors() *DefaultErrors { 33 | r := &DefaultErrors{errormap: make(map[string]string)} 34 | r.errormap[E_INVALID_REQUEST] = "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed." 35 | r.errormap[E_UNAUTHORIZED_CLIENT] = "The client is not authorized to request a token using this method." 36 | r.errormap[E_ACCESS_DENIED] = "The resource owner or authorization server denied the request." 37 | r.errormap[E_UNSUPPORTED_RESPONSE_TYPE] = "The authorization server does not support obtaining a token using this method." 38 | r.errormap[E_INVALID_SCOPE] = "The requested scope is invalid, unknown, or malformed." 39 | r.errormap[E_SERVER_ERROR] = "The authorization server encountered an unexpected condition that prevented it from fulfilling the request." 40 | r.errormap[E_TEMPORARILY_UNAVAILABLE] = "The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server." 41 | r.errormap[E_UNSUPPORTED_GRANT_TYPE] = "The authorization grant type is not supported by the authorization server." 42 | r.errormap[E_INVALID_GRANT] = "The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client." 43 | r.errormap[E_INVALID_CLIENT] = "Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method)." 44 | return r 45 | } 46 | 47 | func (e *DefaultErrors) Get(id string) string { 48 | if m, ok := e.errormap[id]; ok { 49 | return m 50 | } 51 | return id 52 | } 53 | -------------------------------------------------------------------------------- /vendor/github.com/dgrijalva/jwt-go/rsa_utils.go: -------------------------------------------------------------------------------- 1 | package jwt 2 | 3 | import ( 4 | "crypto/rsa" 5 | "crypto/x509" 6 | "encoding/pem" 7 | "errors" 8 | ) 9 | 10 | var ( 11 | ErrKeyMustBePEMEncoded = errors.New("Invalid Key: Key must be PEM encoded PKCS1 or PKCS8 private key") 12 | ErrNotRSAPrivateKey = errors.New("Key is not a valid RSA private key") 13 | ErrNotRSAPublicKey = errors.New("Key is not a valid RSA public key") 14 | ) 15 | 16 | // Parse PEM encoded PKCS1 or PKCS8 private key 17 | func ParseRSAPrivateKeyFromPEM(key []byte) (*rsa.PrivateKey, error) { 18 | var err error 19 | 20 | // Parse PEM block 21 | var block *pem.Block 22 | if block, _ = pem.Decode(key); block == nil { 23 | return nil, ErrKeyMustBePEMEncoded 24 | } 25 | 26 | var parsedKey interface{} 27 | if parsedKey, err = x509.ParsePKCS1PrivateKey(block.Bytes); err != nil { 28 | if parsedKey, err = x509.ParsePKCS8PrivateKey(block.Bytes); err != nil { 29 | return nil, err 30 | } 31 | } 32 | 33 | var pkey *rsa.PrivateKey 34 | var ok bool 35 | if pkey, ok = parsedKey.(*rsa.PrivateKey); !ok { 36 | return nil, ErrNotRSAPrivateKey 37 | } 38 | 39 | return pkey, nil 40 | } 41 | 42 | // Parse PEM encoded PKCS1 or PKCS8 private key protected with password 43 | func ParseRSAPrivateKeyFromPEMWithPassword(key []byte, password string) (*rsa.PrivateKey, error) { 44 | var err error 45 | 46 | // Parse PEM block 47 | var block *pem.Block 48 | if block, _ = pem.Decode(key); block == nil { 49 | return nil, ErrKeyMustBePEMEncoded 50 | } 51 | 52 | var parsedKey interface{} 53 | 54 | var blockDecrypted []byte 55 | if blockDecrypted, err = x509.DecryptPEMBlock(block, []byte(password)); err != nil { 56 | return nil, err 57 | } 58 | 59 | if parsedKey, err = x509.ParsePKCS1PrivateKey(blockDecrypted); err != nil { 60 | if parsedKey, err = x509.ParsePKCS8PrivateKey(blockDecrypted); err != nil { 61 | return nil, err 62 | } 63 | } 64 | 65 | var pkey *rsa.PrivateKey 66 | var ok bool 67 | if pkey, ok = parsedKey.(*rsa.PrivateKey); !ok { 68 | return nil, ErrNotRSAPrivateKey 69 | } 70 | 71 | return pkey, nil 72 | } 73 | 74 | // Parse PEM encoded PKCS1 or PKCS8 public key 75 | func ParseRSAPublicKeyFromPEM(key []byte) (*rsa.PublicKey, error) { 76 | var err error 77 | 78 | // Parse PEM block 79 | var block *pem.Block 80 | if block, _ = pem.Decode(key); block == nil { 81 | return nil, ErrKeyMustBePEMEncoded 82 | } 83 | 84 | // Parse the key 85 | var parsedKey interface{} 86 | if parsedKey, err = x509.ParsePKIXPublicKey(block.Bytes); err != nil { 87 | if cert, err := x509.ParseCertificate(block.Bytes); err == nil { 88 | parsedKey = cert.PublicKey 89 | } else { 90 | return nil, err 91 | } 92 | } 93 | 94 | var pkey *rsa.PublicKey 95 | var ok bool 96 | if pkey, ok = parsedKey.(*rsa.PublicKey); !ok { 97 | return nil, ErrNotRSAPublicKey 98 | } 99 | 100 | return pkey, nil 101 | } 102 | -------------------------------------------------------------------------------- /vendor/github.com/dgrijalva/jwt-go/rsa.go: -------------------------------------------------------------------------------- 1 | package jwt 2 | 3 | import ( 4 | "crypto" 5 | "crypto/rand" 6 | "crypto/rsa" 7 | ) 8 | 9 | // Implements the RSA family of signing methods signing methods 10 | // Expects *rsa.PrivateKey for signing and *rsa.PublicKey for validation 11 | type SigningMethodRSA struct { 12 | Name string 13 | Hash crypto.Hash 14 | } 15 | 16 | // Specific instances for RS256 and company 17 | var ( 18 | SigningMethodRS256 *SigningMethodRSA 19 | SigningMethodRS384 *SigningMethodRSA 20 | SigningMethodRS512 *SigningMethodRSA 21 | ) 22 | 23 | func init() { 24 | // RS256 25 | SigningMethodRS256 = &SigningMethodRSA{"RS256", crypto.SHA256} 26 | RegisterSigningMethod(SigningMethodRS256.Alg(), func() SigningMethod { 27 | return SigningMethodRS256 28 | }) 29 | 30 | // RS384 31 | SigningMethodRS384 = &SigningMethodRSA{"RS384", crypto.SHA384} 32 | RegisterSigningMethod(SigningMethodRS384.Alg(), func() SigningMethod { 33 | return SigningMethodRS384 34 | }) 35 | 36 | // RS512 37 | SigningMethodRS512 = &SigningMethodRSA{"RS512", crypto.SHA512} 38 | RegisterSigningMethod(SigningMethodRS512.Alg(), func() SigningMethod { 39 | return SigningMethodRS512 40 | }) 41 | } 42 | 43 | func (m *SigningMethodRSA) Alg() string { 44 | return m.Name 45 | } 46 | 47 | // Implements the Verify method from SigningMethod 48 | // For this signing method, must be an *rsa.PublicKey structure. 49 | func (m *SigningMethodRSA) Verify(signingString, signature string, key interface{}) error { 50 | var err error 51 | 52 | // Decode the signature 53 | var sig []byte 54 | if sig, err = DecodeSegment(signature); err != nil { 55 | return err 56 | } 57 | 58 | var rsaKey *rsa.PublicKey 59 | var ok bool 60 | 61 | if rsaKey, ok = key.(*rsa.PublicKey); !ok { 62 | return ErrInvalidKeyType 63 | } 64 | 65 | // Create hasher 66 | if !m.Hash.Available() { 67 | return ErrHashUnavailable 68 | } 69 | hasher := m.Hash.New() 70 | hasher.Write([]byte(signingString)) 71 | 72 | // Verify the signature 73 | return rsa.VerifyPKCS1v15(rsaKey, m.Hash, hasher.Sum(nil), sig) 74 | } 75 | 76 | // Implements the Sign method from SigningMethod 77 | // For this signing method, must be an *rsa.PrivateKey structure. 78 | func (m *SigningMethodRSA) Sign(signingString string, key interface{}) (string, error) { 79 | var rsaKey *rsa.PrivateKey 80 | var ok bool 81 | 82 | // Validate type of key 83 | if rsaKey, ok = key.(*rsa.PrivateKey); !ok { 84 | return "", ErrInvalidKey 85 | } 86 | 87 | // Create the hasher 88 | if !m.Hash.Available() { 89 | return "", ErrHashUnavailable 90 | } 91 | 92 | hasher := m.Hash.New() 93 | hasher.Write([]byte(signingString)) 94 | 95 | // Sign the string and return the encoded bytes 96 | if sigBytes, err := rsa.SignPKCS1v15(rand.Reader, rsaKey, m.Hash, hasher.Sum(nil)); err == nil { 97 | return EncodeSegment(sigBytes), nil 98 | } else { 99 | return "", err 100 | } 101 | } 102 | -------------------------------------------------------------------------------- /vendor/github.com/dgrijalva/jwt-go/map_claims.go: -------------------------------------------------------------------------------- 1 | package jwt 2 | 3 | import ( 4 | "encoding/json" 5 | "errors" 6 | // "fmt" 7 | ) 8 | 9 | // Claims type that uses the map[string]interface{} for JSON decoding 10 | // This is the default claims type if you don't supply one 11 | type MapClaims map[string]interface{} 12 | 13 | // Compares the aud claim against cmp. 14 | // If required is false, this method will return true if the value matches or is unset 15 | func (m MapClaims) VerifyAudience(cmp string, req bool) bool { 16 | aud, _ := m["aud"].(string) 17 | return verifyAud(aud, cmp, req) 18 | } 19 | 20 | // Compares the exp claim against cmp. 21 | // If required is false, this method will return true if the value matches or is unset 22 | func (m MapClaims) VerifyExpiresAt(cmp int64, req bool) bool { 23 | switch exp := m["exp"].(type) { 24 | case float64: 25 | return verifyExp(int64(exp), cmp, req) 26 | case json.Number: 27 | v, _ := exp.Int64() 28 | return verifyExp(v, cmp, req) 29 | } 30 | return req == false 31 | } 32 | 33 | // Compares the iat claim against cmp. 34 | // If required is false, this method will return true if the value matches or is unset 35 | func (m MapClaims) VerifyIssuedAt(cmp int64, req bool) bool { 36 | switch iat := m["iat"].(type) { 37 | case float64: 38 | return verifyIat(int64(iat), cmp, req) 39 | case json.Number: 40 | v, _ := iat.Int64() 41 | return verifyIat(v, cmp, req) 42 | } 43 | return req == false 44 | } 45 | 46 | // Compares the iss claim against cmp. 47 | // If required is false, this method will return true if the value matches or is unset 48 | func (m MapClaims) VerifyIssuer(cmp string, req bool) bool { 49 | iss, _ := m["iss"].(string) 50 | return verifyIss(iss, cmp, req) 51 | } 52 | 53 | // Compares the nbf claim against cmp. 54 | // If required is false, this method will return true if the value matches or is unset 55 | func (m MapClaims) VerifyNotBefore(cmp int64, req bool) bool { 56 | switch nbf := m["nbf"].(type) { 57 | case float64: 58 | return verifyNbf(int64(nbf), cmp, req) 59 | case json.Number: 60 | v, _ := nbf.Int64() 61 | return verifyNbf(v, cmp, req) 62 | } 63 | return req == false 64 | } 65 | 66 | // Validates time based claims "exp, iat, nbf". 67 | // There is no accounting for clock skew. 68 | // As well, if any of the above claims are not in the token, it will still 69 | // be considered a valid claim. 70 | func (m MapClaims) Valid() error { 71 | vErr := new(ValidationError) 72 | now := TimeFunc().Unix() 73 | 74 | if m.VerifyExpiresAt(now, false) == false { 75 | vErr.Inner = errors.New("Token is expired") 76 | vErr.Errors |= ValidationErrorExpired 77 | } 78 | 79 | if m.VerifyIssuedAt(now, false) == false { 80 | vErr.Inner = errors.New("Token used before issued") 81 | vErr.Errors |= ValidationErrorIssuedAt 82 | } 83 | 84 | if m.VerifyNotBefore(now, false) == false { 85 | vErr.Inner = errors.New("Token is not valid yet") 86 | vErr.Errors |= ValidationErrorNotValidYet 87 | } 88 | 89 | if vErr.valid() { 90 | return nil 91 | } 92 | 93 | return vErr 94 | } 95 | -------------------------------------------------------------------------------- /example/teststorage.go: -------------------------------------------------------------------------------- 1 | package example 2 | 3 | import ( 4 | "fmt" 5 | "github.com/openshift/osin" 6 | ) 7 | 8 | type TestStorage struct { 9 | clients map[string]osin.Client 10 | authorize map[string]*osin.AuthorizeData 11 | access map[string]*osin.AccessData 12 | refresh map[string]string 13 | } 14 | 15 | func NewTestStorage() *TestStorage { 16 | r := &TestStorage{ 17 | clients: make(map[string]osin.Client), 18 | authorize: make(map[string]*osin.AuthorizeData), 19 | access: make(map[string]*osin.AccessData), 20 | refresh: make(map[string]string), 21 | } 22 | 23 | r.clients["1234"] = &osin.DefaultClient{ 24 | Id: "1234", 25 | Secret: "aabbccdd", 26 | RedirectUri: "http://localhost:14000/appauth", 27 | } 28 | 29 | return r 30 | } 31 | 32 | func (s *TestStorage) Clone() osin.Storage { 33 | return s 34 | } 35 | 36 | func (s *TestStorage) Close() { 37 | } 38 | 39 | func (s *TestStorage) GetClient(id string) (osin.Client, error) { 40 | fmt.Printf("GetClient: %s\n", id) 41 | if c, ok := s.clients[id]; ok { 42 | return c, nil 43 | } 44 | return nil, osin.ErrNotFound 45 | } 46 | 47 | func (s *TestStorage) SetClient(id string, client osin.Client) error { 48 | fmt.Printf("SetClient: %s\n", id) 49 | s.clients[id] = client 50 | return nil 51 | } 52 | 53 | func (s *TestStorage) SaveAuthorize(data *osin.AuthorizeData) error { 54 | fmt.Printf("SaveAuthorize: %s\n", data.Code) 55 | s.authorize[data.Code] = data 56 | return nil 57 | } 58 | 59 | func (s *TestStorage) LoadAuthorize(code string) (*osin.AuthorizeData, error) { 60 | fmt.Printf("LoadAuthorize: %s\n", code) 61 | if d, ok := s.authorize[code]; ok { 62 | return d, nil 63 | } 64 | return nil, osin.ErrNotFound 65 | } 66 | 67 | func (s *TestStorage) RemoveAuthorize(code string) error { 68 | fmt.Printf("RemoveAuthorize: %s\n", code) 69 | delete(s.authorize, code) 70 | return nil 71 | } 72 | 73 | func (s *TestStorage) SaveAccess(data *osin.AccessData) error { 74 | fmt.Printf("SaveAccess: %s\n", data.AccessToken) 75 | s.access[data.AccessToken] = data 76 | if data.RefreshToken != "" { 77 | s.refresh[data.RefreshToken] = data.AccessToken 78 | } 79 | return nil 80 | } 81 | 82 | func (s *TestStorage) LoadAccess(code string) (*osin.AccessData, error) { 83 | fmt.Printf("LoadAccess: %s\n", code) 84 | if d, ok := s.access[code]; ok { 85 | return d, nil 86 | } 87 | return nil, osin.ErrNotFound 88 | } 89 | 90 | func (s *TestStorage) RemoveAccess(code string) error { 91 | fmt.Printf("RemoveAccess: %s\n", code) 92 | delete(s.access, code) 93 | return nil 94 | } 95 | 96 | func (s *TestStorage) LoadRefresh(code string) (*osin.AccessData, error) { 97 | fmt.Printf("LoadRefresh: %s\n", code) 98 | if d, ok := s.refresh[code]; ok { 99 | return s.LoadAccess(d) 100 | } 101 | return nil, osin.ErrNotFound 102 | } 103 | 104 | func (s *TestStorage) RemoveRefresh(code string) error { 105 | fmt.Printf("RemoveRefresh: %s\n", code) 106 | delete(s.refresh, code) 107 | return nil 108 | } 109 | -------------------------------------------------------------------------------- /vendor/golang.org/x/net/context/go17.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build go1.7 6 | 7 | package context 8 | 9 | import ( 10 | "context" // standard library's context, as of Go 1.7 11 | "time" 12 | ) 13 | 14 | var ( 15 | todo = context.TODO() 16 | background = context.Background() 17 | ) 18 | 19 | // Canceled is the error returned by Context.Err when the context is canceled. 20 | var Canceled = context.Canceled 21 | 22 | // DeadlineExceeded is the error returned by Context.Err when the context's 23 | // deadline passes. 24 | var DeadlineExceeded = context.DeadlineExceeded 25 | 26 | // WithCancel returns a copy of parent with a new Done channel. The returned 27 | // context's Done channel is closed when the returned cancel function is called 28 | // or when the parent context's Done channel is closed, whichever happens first. 29 | // 30 | // Canceling this context releases resources associated with it, so code should 31 | // call cancel as soon as the operations running in this Context complete. 32 | func WithCancel(parent Context) (ctx Context, cancel CancelFunc) { 33 | ctx, f := context.WithCancel(parent) 34 | return ctx, CancelFunc(f) 35 | } 36 | 37 | // WithDeadline returns a copy of the parent context with the deadline adjusted 38 | // to be no later than d. If the parent's deadline is already earlier than d, 39 | // WithDeadline(parent, d) is semantically equivalent to parent. The returned 40 | // context's Done channel is closed when the deadline expires, when the returned 41 | // cancel function is called, or when the parent context's Done channel is 42 | // closed, whichever happens first. 43 | // 44 | // Canceling this context releases resources associated with it, so code should 45 | // call cancel as soon as the operations running in this Context complete. 46 | func WithDeadline(parent Context, deadline time.Time) (Context, CancelFunc) { 47 | ctx, f := context.WithDeadline(parent, deadline) 48 | return ctx, CancelFunc(f) 49 | } 50 | 51 | // WithTimeout returns WithDeadline(parent, time.Now().Add(timeout)). 52 | // 53 | // Canceling this context releases resources associated with it, so code should 54 | // call cancel as soon as the operations running in this Context complete: 55 | // 56 | // func slowOperationWithTimeout(ctx context.Context) (Result, error) { 57 | // ctx, cancel := context.WithTimeout(ctx, 100*time.Millisecond) 58 | // defer cancel() // releases resources if slowOperation completes before timeout elapses 59 | // return slowOperation(ctx) 60 | // } 61 | func WithTimeout(parent Context, timeout time.Duration) (Context, CancelFunc) { 62 | return WithDeadline(parent, time.Now().Add(timeout)) 63 | } 64 | 65 | // WithValue returns a copy of parent in which the value associated with key is 66 | // val. 67 | // 68 | // Use context Values only for request-scoped data that transits processes and 69 | // APIs, not for passing optional parameters to functions. 70 | func WithValue(parent Context, key interface{}, val interface{}) Context { 71 | return context.WithValue(parent, key, val) 72 | } 73 | -------------------------------------------------------------------------------- /vendor/gopkg.in/square/go-jose.v1/cipher/key_wrap.go: -------------------------------------------------------------------------------- 1 | /*- 2 | * Copyright 2014 Square Inc. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | package josecipher 18 | 19 | import ( 20 | "crypto/cipher" 21 | "crypto/subtle" 22 | "encoding/binary" 23 | "errors" 24 | ) 25 | 26 | var defaultIV = []byte{0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6} 27 | 28 | // KeyWrap implements NIST key wrapping; it wraps a content encryption key (cek) with the given block cipher. 29 | func KeyWrap(block cipher.Block, cek []byte) ([]byte, error) { 30 | if len(cek)%8 != 0 { 31 | return nil, errors.New("square/go-jose: key wrap input must be 8 byte blocks") 32 | } 33 | 34 | n := len(cek) / 8 35 | r := make([][]byte, n) 36 | 37 | for i := range r { 38 | r[i] = make([]byte, 8) 39 | copy(r[i], cek[i*8:]) 40 | } 41 | 42 | buffer := make([]byte, 16) 43 | tBytes := make([]byte, 8) 44 | copy(buffer, defaultIV) 45 | 46 | for t := 0; t < 6*n; t++ { 47 | copy(buffer[8:], r[t%n]) 48 | 49 | block.Encrypt(buffer, buffer) 50 | 51 | binary.BigEndian.PutUint64(tBytes, uint64(t+1)) 52 | 53 | for i := 0; i < 8; i++ { 54 | buffer[i] = buffer[i] ^ tBytes[i] 55 | } 56 | copy(r[t%n], buffer[8:]) 57 | } 58 | 59 | out := make([]byte, (n+1)*8) 60 | copy(out, buffer[:8]) 61 | for i := range r { 62 | copy(out[(i+1)*8:], r[i]) 63 | } 64 | 65 | return out, nil 66 | } 67 | 68 | // KeyUnwrap implements NIST key unwrapping; it unwraps a content encryption key (cek) with the given block cipher. 69 | func KeyUnwrap(block cipher.Block, ciphertext []byte) ([]byte, error) { 70 | if len(ciphertext)%8 != 0 { 71 | return nil, errors.New("square/go-jose: key wrap input must be 8 byte blocks") 72 | } 73 | 74 | n := (len(ciphertext) / 8) - 1 75 | r := make([][]byte, n) 76 | 77 | for i := range r { 78 | r[i] = make([]byte, 8) 79 | copy(r[i], ciphertext[(i+1)*8:]) 80 | } 81 | 82 | buffer := make([]byte, 16) 83 | tBytes := make([]byte, 8) 84 | copy(buffer[:8], ciphertext[:8]) 85 | 86 | for t := 6*n - 1; t >= 0; t-- { 87 | binary.BigEndian.PutUint64(tBytes, uint64(t+1)) 88 | 89 | for i := 0; i < 8; i++ { 90 | buffer[i] = buffer[i] ^ tBytes[i] 91 | } 92 | copy(buffer[8:], r[t%n]) 93 | 94 | block.Decrypt(buffer, buffer) 95 | 96 | copy(r[t%n], buffer[8:]) 97 | } 98 | 99 | if subtle.ConstantTimeCompare(buffer[:8], defaultIV) == 0 { 100 | return nil, errors.New("square/go-jose: failed to unwrap key") 101 | } 102 | 103 | out := make([]byte, n*8) 104 | for i := range r { 105 | copy(out[i*8:], r[i]) 106 | } 107 | 108 | return out, nil 109 | } 110 | --------------------------------------------------------------------------------