lee/OliveTin
1
0
Fork 0
mirror of https://github.com/OliveTin/OliveTin synced 2025-11-02 22:37:01 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: lee:2024.10.02
Branches Tags
lee:main lee:fix-remove-old-websockets lee:next lee:release/2k
lee:3000.3.0 lee:2025.10.30 lee:3000.2.1 lee:3000.2.0 lee:2025.10.27 lee:3000.1.2 lee:3000.1.1 lee:3000.1.0 lee:2025.10.24 lee:3000.0.2 lee:3000.0.1 lee:3000.0.0 lee:2025.7.29 lee:2025.7.28 lee:2025.7.19 lee:2025.7.13 lee:2025.6.22 lee:2025.6.6 lee:2025.6.1 lee:2025.5.26 lee:2025.4.22 lee:2025.4.21 lee:2025.4.14 lee:2025.4.8 lee:2025.3.28 lee:2025.3.23 lee:2025.2.21 lee:2025.2.19 lee:2024.12.11 lee:2024.11.24 lee:2024.11.18 lee:2024.11.09 lee:2024.11.02 lee:2024.10.27 lee:2024.10.26 lee:2024.10.18 lee:2024.10.17 lee:2024.10.14 lee:2024.10.02 lee:2024.10.01 lee:2024.09.16 lee:2024.09.11 lee:2024.09.10 lee:2024.09.02 lee:2024.08.31 lee:2024.08.25 lee:2024.08.14 lee:2024.07.153 lee:2024.07.152 lee:2024.07.16 lee:2024.07.15 lee:2024.07.13 lee:2024.07.07 lee:2024.07.06 lee:2024.07.03 lee:2024.06.04 lee:2024.06.02 lee:2024.05.31 lee:2024.05.51 lee:2024.06.01 lee:2024.05.27 lee:2024.05.24 lee:2024.05.13 lee:2024.04.28 lee:2024.04.261 lee:2024.04.26 lee:2024.04.21.2 lee:2024.04.212 lee:2024.04.021 lee:2024.04.20 lee:2024.04.18 lee:2024.04.14 lee:2024.04.11 lee:2024.04.10 lee:2024.04.09 lee:2024.03.24 lee:2024.03.081 lee:2024.03.08 lee:2024.03.06 lee:2024.03.05 lee:2024.03.01 lee:2024.02.28 lee:2024.02.27 lee:2024.02.01 lee:2023.12.21 lee:2023.12.20 lee:2023.12.17 lee:2023.12.1 lee:2023.10.25 lee:2023.10.24 lee:2023.10.12 lee:2023.10.09 lee:2023.03.25 lee:2023.03.24-4 lee:2023.03.24-3 lee:2023.03.24-2 lee:2023.03.24 lee:2023.03.22 lee:2023.02.16 lee:2022.11.14 lee:2022.11.11 lee:2022-10-19 lee:2022-04-07 lee:2022-01-06 lee:2021-11-19 lee:2021-11-17-2 lee:2021-11-17 lee:2021-11-02.alpha1-task-arguments lee:2021-07-19 lee:2021-07-16 lee:2021-05-28 lee:2021-05-25 lee:2021-05-24.f44 lee:2021-05-19.28
...
compare: lee:2024.04.10
Branches Tags
lee:fix-remove-old-websockets lee:next lee:main lee:release/2k
lee:3000.3.0 lee:2025.10.30 lee:3000.2.1 lee:3000.2.0 lee:2025.10.27 lee:3000.1.2 lee:3000.1.1 lee:3000.1.0 lee:2025.10.24 lee:3000.0.2 lee:3000.0.1 lee:3000.0.0 lee:2025.7.29 lee:2025.7.28 lee:2025.7.19 lee:2025.7.13 lee:2025.6.22 lee:2025.6.6 lee:2025.6.1 lee:2025.5.26 lee:2025.4.22 lee:2025.4.21 lee:2025.4.14 lee:2025.4.8 lee:2025.3.28 lee:2025.3.23 lee:2025.2.21 lee:2025.2.19 lee:2024.12.11 lee:2024.11.24 lee:2024.11.18 lee:2024.11.09 lee:2024.11.02 lee:2024.10.27 lee:2024.10.26 lee:2024.10.18 lee:2024.10.17 lee:2024.10.14 lee:2024.10.02 lee:2024.10.01 lee:2024.09.16 lee:2024.09.11 lee:2024.09.10 lee:2024.09.02 lee:2024.08.31 lee:2024.08.25 lee:2024.08.14 lee:2024.07.153 lee:2024.07.152 lee:2024.07.16 lee:2024.07.15 lee:2024.07.13 lee:2024.07.07 lee:2024.07.06 lee:2024.07.03 lee:2024.06.04 lee:2024.06.02 lee:2024.05.31 lee:2024.05.51 lee:2024.06.01 lee:2024.05.27 lee:2024.05.24 lee:2024.05.13 lee:2024.04.28 lee:2024.04.261 lee:2024.04.26 lee:2024.04.21.2 lee:2024.04.212 lee:2024.04.021 lee:2024.04.20 lee:2024.04.18 lee:2024.04.14 lee:2024.04.11 lee:2024.04.10 lee:2024.04.09 lee:2024.03.24 lee:2024.03.081 lee:2024.03.08 lee:2024.03.06 lee:2024.03.05 lee:2024.03.01 lee:2024.02.28 lee:2024.02.27 lee:2024.02.01 lee:2023.12.21 lee:2023.12.20 lee:2023.12.17 lee:2023.12.1 lee:2023.10.25 lee:2023.10.24 lee:2023.10.12 lee:2023.10.09 lee:2023.03.25 lee:2023.03.24-4 lee:2023.03.24-3 lee:2023.03.24-2 lee:2023.03.24 lee:2023.03.22 lee:2023.02.16 lee:2022.11.14 lee:2022.11.11 lee:2022-10-19 lee:2022-04-07 lee:2022-01-06 lee:2021-11-19 lee:2021-11-17-2 lee:2021-11-17 lee:2021-11-02.alpha1-task-arguments lee:2021-07-19 lee:2021-07-16 lee:2021-05-28 lee:2021-05-25 lee:2021-05-24.f44 lee:2021-05-19.28

1 Commits
2024.10.02 ... 2024.04.10

Author SHA1 Message Date
jamesread
5701bbc148 feature: JWT Validation wip for Cloudflare 2024-04-10 23:10:25 +01:00
6 changed files with 99 additions and 4 deletions
Expand all files Collapse all files

8
go.mod
View File

@@ -1,6 +1,8 @@
module github.com/OliveTin/OliveTin
go 1.18
go 1.21
toolchain go1.21.9
require (
github.com/bufbuild/buf v1.29.0
@@ -35,6 +37,7 @@ require (
github.com/bufbuild/protoyaml-go v0.1.8 // indirect
github.com/cenkalti/backoff/v4 v4.2.1 // indirect
github.com/containerd/stargz-snapshotter/estargz v0.15.1 // indirect
github.com/coreos/go-oidc/v3 v3.10.0 // indirect
github.com/cpuguy83/go-md2man/v2 v2.0.3 // indirect
github.com/cristalhq/acmd v0.11.2 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
@@ -48,6 +51,7 @@ require (
github.com/felixge/fgprof v0.9.3 // indirect
github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/go-chi/chi/v5 v5.0.12 // indirect
github.com/go-jose/go-jose/v4 v4.0.1 // indirect
github.com/go-logr/logr v1.4.1 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/go-toolsmith/astcast v1.1.0 // indirect
@@ -112,11 +116,13 @@ require (
golang.org/x/exp/typeparams v0.0.0-20240222234643-814bf88cf225 // indirect
golang.org/x/mod v0.15.0 // indirect
golang.org/x/net v0.21.0 // indirect
golang.org/x/oauth2 v0.16.0 // indirect
golang.org/x/sync v0.6.0 // indirect
golang.org/x/sys v0.17.0 // indirect
golang.org/x/term v0.17.0 // indirect
golang.org/x/text v0.14.0 // indirect
golang.org/x/tools v0.18.0 // indirect
google.golang.org/appengine v1.6.8 // indirect
google.golang.org/genproto v0.0.0-20240221002015-b0ce06bbee7c // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20240221002015-b0ce06bbee7c // indirect
gopkg.in/ini.v1 v1.67.0 // indirect

20
go.sum
View File

@@ -71,6 +71,8 @@ github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnht
github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I=
github.com/containerd/stargz-snapshotter/estargz v0.15.1 h1:eXJjw9RbkLFgioVaTG+G/ZW/0kEe2oEKCdS/ZxIyoCU=
github.com/containerd/stargz-snapshotter/estargz v0.15.1/go.mod h1:gr2RNwukQ/S9Nv33Lt6UC7xEx58C+LHRdoqbEKjz1Kk=
github.com/coreos/go-oidc/v3 v3.10.0 h1:tDnXHnLyiTVyT/2zLDGj09pFPkhND8Gl8lnTRhoEaJU=
github.com/coreos/go-oidc/v3 v3.10.0/go.mod h1:5j11xcw0D3+SGxn6Z/WFADsgcWVMyNAlSQupk0KK3ac=
github.com/cpuguy83/go-md2man/v2 v2.0.3 h1:qMCsGGgs+MAzDFyp9LpAe1Lqy/fY/qCovCm0qnXZOBM=
github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY=
@@ -116,6 +118,8 @@ github.com/go-critic/go-critic v0.11.1/go.mod h1:aZVQR7+gazH6aDEQx4356SD7d8ez8Mi
github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
github.com/go-jose/go-jose/v4 v4.0.1 h1:QVEPDE3OluqXBQZDcnNvQrInro2h0e4eqNbnZSWqS6U=
github.com/go-jose/go-jose/v4 v4.0.1/go.mod h1:WVf9LFMHh/QVrmqrOfqun0C45tMe3RoiKJMPvgWwLfY=
github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ=
github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
@@ -173,6 +177,7 @@ github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QD
github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
@@ -328,6 +333,7 @@ github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
@@ -363,6 +369,7 @@ golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8U
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.19.0 h1:ENy+Az/9Y1vSrlrvBSyna3PITt4tiZLf7sgCjZBX7Wo=
golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
@@ -405,6 +412,7 @@ golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
golang.org/x/mod v0.15.0 h1:SernR4v+D55NyBH2QiEQrlBAnj1ECL6AGrA5+dPaMY8=
golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -438,6 +446,7 @@ golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwY
golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4=
golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
@@ -449,6 +458,8 @@ golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ
golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.16.0 h1:aDkGMBSYxElaoP81NpoUoz2oo2R2wHdZpGToUxfyQrQ=
golang.org/x/oauth2 v0.16.0/go.mod h1:hqZ+0LWXsiVoZpeld6jVt06P3adbS2Uu911W1SsJv2o=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -459,6 +470,7 @@ golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJ
golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ=
golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -497,12 +509,15 @@ golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y=
golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U=
golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -511,6 +526,8 @@ golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@@ -566,6 +583,7 @@ golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4f
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0=
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
golang.org/x/tools v0.18.0 h1:k8NLag8AGHnn+PHbl7g43CtqZAwG60vZkLqgyZgIHgQ=
golang.org/x/tools v0.18.0/go.mod h1:GL7B4CwcLLeo59yx/9UWWuNOW1n3VZ4f5axWfML7Lcg=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -598,6 +616,8 @@ google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww
google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM=
google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds=
google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=

10
internal/config/config.go
View File

@@ -74,6 +74,7 @@ type Config struct {
ListenAddressGrpcActions string
ExternalRestAddress string
LogLevel string
LogDebugOptions LogDebugOptions
Actions []*Action `mapstructure:"actions"`
Entities []*EntityFile `mapstructure:"entities"`
Dashboards []*DashboardComponent `mapstructure:"dashboards"`
@@ -83,6 +84,10 @@ type Config struct {
ShowNavigation bool
ShowNewVersions bool
AuthJwtCookieName string
AuthJwtHeaderName string
AuthJwtAud string
AuthJwtDomain string
AuthJwtCertsURL string
AuthJwtSecret string // mutually exclusive with pub key config fields
AuthJwtClaimUsername string
AuthJwtClaimUserGroup string
@@ -102,6 +107,11 @@ type Config struct {
usedConfigDir string
}
type LogDebugOptions struct {
SingleFrontendRequests bool
SingleFrontendRequestHeaders bool
}
type DashboardComponent struct {
Title string
Type string

4
internal/httpservers/restapi.go
View File

@@ -49,6 +49,10 @@ func parseRequestMetadata(ctx context.Context, req *http.Request) metadata.MD {
username := ""
usergroup := ""
if cfg.AuthJwtHeaderName != "" {
username, usergroup = parseJwtHeader(req.Header.Get(cfg.AuthJwtHeaderName))
}
if cfg.AuthJwtCookieName != "" {
username, usergroup = parseJwtCookie(req)
}

40
internal/httpservers/restapi_auth_jwt.go
View File

@@ -1,6 +1,7 @@
package httpservers
import (
"context"
"crypto/rsa"
"errors"
"fmt"
@@ -8,13 +9,33 @@ import (
log "github.com/sirupsen/logrus"
"net/http"
"os"
"github.com/coreos/go-oidc/v3/oidc"
)
var (
pubKeyBytes []byte = nil
pubKey *rsa.PublicKey
verifier *oidc.IDTokenVerifier
)
func getVerifier() *oidc.IDTokenVerifier {
if verifier == nil {
ctx := context.TODO()
config := &oidc.Config{
ClientID: cfg.AuthJwtAud,
}
keySet := oidc.NewRemoteKeySet(ctx, cfg.AuthJwtCertsURL)
verifier = oidc.NewVerifier(cfg.AuthJwtDomain, keySet, config)
}
return verifier
}
func readPublicKey() error {
if pubKeyBytes != nil {
return nil // Already read.
@@ -117,3 +138,22 @@ func parseJwtCookie(request *http.Request) (string, string) {
return username, usergroup
}
func parseJwtHeader(headerValue string) (string, string) {
if headerValue == "" {
log.Warnf("JWT Header is configured, but got a request with an empty JWT auth header value")
return "", ""
}
_, err := verifier.Verify(context.TODO(), headerValue)
if err != nil {
log.Errorf("JWT Header verification error: %v", err)
return "", ""
}
log.Debugf("JWT Header validation succeeded!")
return "", ""
}

21
internal/httpservers/singleFrontend.go
View File

@@ -17,6 +17,18 @@ import (
"net/url"
)
func logDebugRequest(cfg *config.Config, source string, r *http.Request) {
if cfg.LogDebugOptions.SingleFrontendRequests {
log.Debugf("SingleFrontend HTTP Req URL %v: %q", source, r.URL)
if cfg.LogDebugOptions.SingleFrontendRequestHeaders {
for name, values := range r.Header {
log.Debugf("SingleFrontend HTTP Req Hdr: %v = %v", name, values)
}
}
}
}
// StartSingleHTTPFrontend will create a reverse proxy that proxies the API
// and webui internally.
func StartSingleHTTPFrontend(cfg *config.Config) {
@@ -33,17 +45,20 @@ func StartSingleHTTPFrontend(cfg *config.Config) {
mux := http.NewServeMux()
mux.HandleFunc("/api/", func(w http.ResponseWriter, r *http.Request) {
log.Debugf("api req: %q", r.URL)
logDebugRequest(cfg, "api ", r)
apiProxy.ServeHTTP(w, r)
})
mux.HandleFunc("/websocket", func(w http.ResponseWriter, r *http.Request) {
log.Debugf("ws req: %q", r.URL)
logDebugRequest(cfg, "ws ", r)
websocket.HandleWebsocket(w, r)
})
mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
log.Debugf("ui req: %q", r.URL)
logDebugRequest(cfg, "ui ", r)
webuiProxy.ServeHTTP(w, r)
})