*: revendor

10 years ago · 2e57dde3c4
7 changed files with 30 additions and 52 deletions
--- a/glide.lock
+++ b/glide.lock
@ -1,10 +1,10 @@
-hash: 2e6ef5ae85fe17d9b695b37ba6875b438a617692cc1f6fefc682c4e405a4dcf1
-updated: 2016-06-28T10:36:39.146887182-07:00
+hash: 9e02d162b5001e9ba3028f5cac8b8a85f73be2e7546a4add488b446821e13da6
+updated: 2016-08-16T12:24:59.701803152-07:00
 imports:
 - name: github.com/andybalholm/cascadia
  version: 6122e68c2642b7b75c538a63b15168c6c80fb757
 - name: github.com/coreos/go-oidc
-  version: 5aa9381f6e998aa16cc96b4347d33dcc29792864
+  version: 1efe0e1303a62da553fcb6beb8bd2aa9250c0ca8
  subpackages:
  - http
  - jose
@ -14,7 +14,6 @@ imports:
 - name: github.com/coreos/pkg
  version: fa94270d4bac0d8ae5dc6b71894e251aada93f74
  subpackages:
-  - capnslog
  - flagutil
  - health
  - httputil
--- a/vendor/github.com/coreos/go-oidc/http/http.go
+++ b/vendor/github.com/coreos/go-oidc/http/http.go
@ -4,18 +4,13 @@ import (
 	"encoding/base64"
 	"encoding/json"
 	"errors"
+	"log"
 	"net/http"
 	"net/url"
 	"path"
 	"strconv"
 	"strings"
 	"time"
-
-	"github.com/coreos/pkg/capnslog"
-)
-
-var (
-	log = capnslog.NewPackageLogger("github.com/coreos/go-oidc", "http")
 )

 func WriteError(w http.ResponseWriter, code int, msg string) {
@ -26,7 +21,9 @@ func WriteError(w http.ResponseWriter, code int, msg string) {
 	}
 	b, err := json.Marshal(e)
 	if err != nil {
-		log.Errorf("Failed marshaling %#v to JSON: %v", e, err)
+		log.Printf("go-oidc: failed to marshal %#v: %v", e, err)
+		code = http.StatusInternalServerError
+		b = []byte(`{"error":"server_error"}`)
 	}
 	w.Header().Set("Content-Type", "application/json")
 	w.WriteHeader(code)
--- a/vendor/github.com/coreos/go-oidc/http/middleware.go
+++ b/vendor/github.com/coreos/go-oidc/http/middleware.go
@ -1,14 +0,0 @@
-package http
-
-import (
-	"net/http"
-)
-
-type LoggingMiddleware struct {
-	Next http.Handler
-}
-
-func (l *LoggingMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request) {
-	log.Infof("HTTP %s %v", r.Method, r.URL)
-	l.Next.ServeHTTP(w, r)
-}
--- a/vendor/github.com/coreos/go-oidc/key/rotate.go
+++ b/vendor/github.com/coreos/go-oidc/key/rotate.go
@ -2,16 +2,14 @@ package key

 import (
 	"errors"
+	"log"
 	"time"

-	"github.com/coreos/pkg/capnslog"
 	ptime "github.com/coreos/pkg/timeutil"
 	"github.com/jonboulle/clockwork"
 )

 var (
-	log = capnslog.NewPackageLogger("github.com/coreos/go-oidc", "key")
-
 	ErrorPrivateKeysExpired = errors.New("private keys have expired")
 )

@ -67,7 +65,6 @@ func (r *PrivateKeyRotator) privateKeySet() (*PrivateKeySet, error) {
 func (r *PrivateKeyRotator) nextRotation() (time.Duration, error) {
 	pks, err := r.privateKeySet()
 	if err == ErrorNoKeys {
-		log.Infof("No keys in private key set; must rotate immediately")
 		return 0, nil
 	}
 	if err != nil {
@ -94,17 +91,15 @@ func (r *PrivateKeyRotator) Run() chan struct{} {
 	attempt := func() {
 		k, err := r.generateKey()
 		if err != nil {
-			log.Errorf("Failed generating signing key: %v", err)
+			log.Printf("go-oidc: failed generating signing key: %v", err)
 			return
 		}

 		exp := r.expiresAt()
 		if err := rotatePrivateKeys(r.repo, k, r.keep, exp); err != nil {
-			log.Errorf("Failed key rotation: %v", err)
+			log.Printf("go-oidc: key rotation failed: %v", err)
 			return
 		}
-
-		log.Infof("Rotated signing keys: id=%s expiresAt=%s", k.ID(), exp)
 	}

 	stop := make(chan struct{})
@ -118,11 +113,10 @@ func (r *PrivateKeyRotator) Run() chan struct{} {
 					break
 				}
 				sleep = ptime.ExpBackoff(sleep, time.Minute)
-				log.Errorf("error getting nextRotation, retrying in %v: %v", sleep, err)
+				log.Printf("go-oidc: error getting nextRotation, retrying in %v: %v", sleep, err)
 				time.Sleep(sleep)
 			}

-			log.Infof("will rotate keys in %v", nextRotation)
 			select {
 			case <-r.clock.After(nextRotation):
 				attempt()
--- a/vendor/github.com/coreos/go-oidc/key/rotate_test.go
+++ b/vendor/github.com/coreos/go-oidc/key/rotate_test.go
@ -92,7 +92,7 @@ func TestRotate(t *testing.T) {
 		if tt.start != nil {
 			err := repo.Set(tt.start)
 			if err != nil {
-				log.Fatalf("case %d: unexpected error: %v", i, err)
+				t.Fatalf("case %d: unexpected error: %v", i, err)
 			}
 		}

@ -242,7 +242,7 @@ func TestNextRotation(t *testing.T) {
 			}
 			err := kRepo.Set(pks)
 			if err != nil {
-				log.Fatalf("case %d: unexpected error: %v", i, err)
+				t.Fatalf("case %d: unexpected error: %v", i, err)
 			}

 		}
@ -300,7 +300,7 @@ func TestHealthy(t *testing.T) {
 			}
 			err := kRepo.Set(pks)
 			if err != nil {
-				log.Fatalf("case %d: unexpected error: %v", i, err)
+				t.Fatalf("case %d: unexpected error: %v", i, err)
 			}

 		}
--- a/vendor/github.com/coreos/go-oidc/key/sync.go
+++ b/vendor/github.com/coreos/go-oidc/key/sync.go
@ -2,6 +2,7 @@ package key

 import (
 	"errors"
+	"log"
 	"time"

 	"github.com/jonboulle/clockwork"
@ -38,15 +39,14 @@ func (s *KeySetSyncer) Run() chan struct{} {
 					next = timeutil.ExpBackoff(next, time.Minute)
 				}
 				if exp == 0 {
-					log.Errorf("Synced to already expired key set, retrying in %v: %v", next, err)
+					log.Printf("Synced to already expired key set, retrying in %v: %v", next, err)

 				} else {
-					log.Errorf("Failed syncing key set, retrying in %v: %v", next, err)
+					log.Printf("Failed syncing key set, retrying in %v: %v", next, err)
 				}
 			} else {
 				failing = false
 				next = exp / 2
-				log.Infof("Synced key set, checking again in %v", next)
 			}

 			select {
--- a/vendor/github.com/coreos/go-oidc/oidc/provider.go
+++ b/vendor/github.com/coreos/go-oidc/oidc/provider.go
@ -4,13 +4,13 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"log"
 	"net/http"
 	"net/url"
 	"strings"
 	"sync"
 	"time"

-	"github.com/coreos/pkg/capnslog"
 	"github.com/coreos/pkg/timeutil"
 	"github.com/jonboulle/clockwork"

@ -18,10 +18,6 @@ import (
 	"github.com/coreos/go-oidc/oauth2"
 )

-var (
-	log = capnslog.NewPackageLogger("github.com/coreos/go-oidc", "http")
-)
-
 const (
 	// Subject Identifier types defined by the OIDC spec. Specifies if the provider
 	// should provide the same sub claim value to all clients (public) or a unique
@ -69,6 +65,8 @@ type ProviderConfig struct {
 	UserInfoEndpoint     *url.URL
 	KeysEndpoint         *url.URL // Required
 	RegistrationEndpoint *url.URL
+	EndSessionEndpoint   *url.URL
+	CheckSessionIFrame   *url.URL

 	// Servers MAY choose not to advertise some supported scope values even when this
 	// parameter is used, although those defined in OpenID Core SHOULD be listed, if supported.
@ -170,6 +168,8 @@ type encodableProviderConfig struct {
 	UserInfoEndpoint     string `json:"userinfo_endpoint,omitempty"`
 	KeysEndpoint         string `json:"jwks_uri"`
 	RegistrationEndpoint string `json:"registration_endpoint,omitempty"`
+	EndSessionEndpoint   string `json:"end_session_endpoint,omitempty"`
+	CheckSessionIFrame   string `json:"check_session_iframe,omitempty"`

 	// Use 'omitempty' for all slices as per OIDC spec:
 	// "Claims that return multiple values are represented as JSON arrays.
@ -219,6 +219,8 @@ func (cfg ProviderConfig) toEncodableStruct() encodableProviderConfig {
 		UserInfoEndpoint:                           uriToString(cfg.UserInfoEndpoint),
 		KeysEndpoint:                               uriToString(cfg.KeysEndpoint),
 		RegistrationEndpoint:                       uriToString(cfg.RegistrationEndpoint),
+		EndSessionEndpoint:                         uriToString(cfg.EndSessionEndpoint),
+		CheckSessionIFrame:                         uriToString(cfg.CheckSessionIFrame),
 		ScopesSupported:                            cfg.ScopesSupported,
 		ResponseTypesSupported:                     cfg.ResponseTypesSupported,
 		ResponseModesSupported:                     cfg.ResponseModesSupported,
@ -260,6 +262,8 @@ func (e encodableProviderConfig) toStruct() (ProviderConfig, error) {
 		UserInfoEndpoint:                           p.parseURI(e.UserInfoEndpoint, "userinfo_endpoint"),
 		KeysEndpoint:                               p.parseURI(e.KeysEndpoint, "jwks_uri"),
 		RegistrationEndpoint:                       p.parseURI(e.RegistrationEndpoint, "registration_endpoint"),
+		EndSessionEndpoint:                         p.parseURI(e.EndSessionEndpoint, "end_session_endpoint"),
+		CheckSessionIFrame:                         p.parseURI(e.CheckSessionIFrame, "check_session_iframe"),
 		ScopesSupported:                            e.ScopesSupported,
 		ResponseTypesSupported:                     e.ResponseTypesSupported,
 		ResponseModesSupported:                     e.ResponseModesSupported,
@ -364,6 +368,8 @@ func (p ProviderConfig) Valid() error {
 		{p.UserInfoEndpoint, "userinfo_endpoint", false},
 		{p.KeysEndpoint, "jwks_uri", true},
 		{p.RegistrationEndpoint, "registration_endpoint", false},
+		{p.EndSessionEndpoint, "end_session_endpoint", false},
+		{p.CheckSessionIFrame, "check_session_iframe", false},
 		{p.ServiceDocs, "service_documentation", false},
 		{p.Policy, "op_policy_uri", false},
 		{p.TermsOfService, "op_tos_uri", false},
@ -537,8 +543,6 @@ func (s *ProviderConfigSyncer) sync() (time.Duration, error) {
 		s.initialSyncDone = true
 	}

-	log.Debugf("Updating provider config: config=%#v", cfg)
-
 	return nextSyncAfter(cfg.ExpiresAt, s.clock), nil
 }

@ -561,10 +565,9 @@ func (n *pcsStepNext) step(fn pcsStepFunc) (next pcsStepper) {
 	ttl, err := fn()
 	if err == nil {
 		next = &pcsStepNext{aft: ttl}
-		log.Debugf("Synced provider config, next attempt in %v", next.after())
 	} else {
 		next = &pcsStepRetry{aft: time.Second}
-		log.Errorf("Provider config sync failed, retrying in %v: %v", next.after(), err)
+		log.Printf("go-oidc: provider config sync falied, retyring in %v: %v", next.after(), err)
 	}
 	return
 }
@ -581,10 +584,9 @@ func (r *pcsStepRetry) step(fn pcsStepFunc) (next pcsStepper) {
 	ttl, err := fn()
 	if err == nil {
 		next = &pcsStepNext{aft: ttl}
-		log.Infof("Provider config sync no longer failing")
 	} else {
 		next = &pcsStepRetry{aft: timeutil.ExpBackoff(r.aft, time.Minute)}
-		log.Errorf("Provider config sync still failing, retrying in %v: %v", next.after(), err)
+		log.Printf("go-oidc: provider config sync falied, retyring in %v: %v", next.after(), err)
 	}
 	return
 }