From 239572e11c1cdbf38012322eb566af11db08ed1f Mon Sep 17 00:00:00 2001 From: Eric Searcy Date: Wed, 5 Jun 2024 11:49:08 -0700 Subject: [PATCH 1/2] Add MegaLinter; module updates Signed-off-by: Eric Searcy --- .github/workflows/license-header-check.yaml | 3 + .github/workflows/mega-linter.yml | 33 ++++++ .github/workflows/publish.yaml | 6 + .gitignore | 7 +- .mega-linter.yml | 15 +++ .trivyignore | 6 + 0_config.go | 1 + Dockerfile | 6 + Makefile | 9 ++ README.md | 69 +++++++++--- auth0_clients.go | 1 + cas.go | 17 +++ go.mod | 42 ++++--- go.sum | 118 +++++++------------- main.go | 1 + responses.go | 1 + tracing.go | 1 + 17 files changed, 218 insertions(+), 118 deletions(-) create mode 100644 .github/workflows/mega-linter.yml create mode 100644 .mega-linter.yml create mode 100644 .trivyignore diff --git a/.github/workflows/license-header-check.yaml b/.github/workflows/license-header-check.yaml index 49a9dff..915e58f 100644 --- a/.github/workflows/license-header-check.yaml +++ b/.github/workflows/license-header-check.yaml @@ -11,6 +11,9 @@ name: License Header Check branches: - main +permissions: + contents: read + jobs: license-header-check: name: License Header Check diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml new file mode 100644 index 0000000..2ea5b6c --- /dev/null +++ b/.github/workflows/mega-linter.yml @@ -0,0 +1,33 @@ +--- +# Copyright The Linux Foundation and each contributor to LFX. +# SPDX-License-Identifier: MIT + +name: MegaLinter + +"on": + pull_request: null + +permissions: + contents: read + +concurrency: + group: ${{ github.ref }}-${{ github.workflow }} + cancel-in-progress: true + +jobs: + megalinter: + name: MegaLinter + runs-on: ubuntu-latest + + steps: + # Git Checkout + - name: Checkout Code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + # MegaLinter + - name: MegaLinter + id: ml + # Use the Go flavor. + uses: oxsecurity/megalinter/flavors/go@v7 diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 71ae900..1ba94f0 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -9,10 +9,16 @@ name: Publish - main workflow_dispatch: +permissions: + contents: read + jobs: publish: name: Publish runs-on: ubuntu-latest + permissions: + contents: read + packages: write steps: - uses: actions/checkout@v4 - uses: actions/setup-go@v4 diff --git a/.gitignore b/.gitignore index cf2d19e..0807ef1 100644 --- a/.gitignore +++ b/.gitignore @@ -2,5 +2,8 @@ # SPDX-License-Identifier: MIT .env -bin/ -sbom/ +go.work +/bin/ +/sbom/ + +/megalinter-reports/ diff --git a/.mega-linter.yml b/.mega-linter.yml new file mode 100644 index 0000000..31ff231 --- /dev/null +++ b/.mega-linter.yml @@ -0,0 +1,15 @@ +--- +DISABLE_LINTERS: + # Revive covers this, plus golangci-lint has trouble with newer go toolchains + # in go.mod. + - GO_GOLANGCI_LINT + # cspell is laughably bad at code/comments/etc. + - SPELL_CSPELL + # Link checking more likely to cause false positives than be useful for us. + - SPELL_LYCHEE + # yamllint is sufficient for us. + - YAML_PRETTIER +DISABLE_ERRORS_LINTERS: + # These are informative but don't need to break the build. + - COPYPASTE_JSCPD +GITHUB_COMMENT_REPORTER: false diff --git a/.trivyignore b/.trivyignore new file mode 100644 index 0000000..537b329 --- /dev/null +++ b/.trivyignore @@ -0,0 +1,6 @@ +# No free access to Chainguard versioned labels. +AVD-DS-0001 + +# Allow no health check: Docker-built container is for local development only +# (ko-build is used for build artifact). +AVD-DS-0026 diff --git a/0_config.go b/0_config.go index 4c8aa0b..75547fe 100644 --- a/0_config.go +++ b/0_config.go @@ -1,6 +1,7 @@ // Copyright The Linux Foundation and its contributors. // SPDX-License-Identifier: MIT +// The auth0-cas-service-go service. package main import ( diff --git a/Dockerfile b/Dockerfile index 472fda4..e603140 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,9 @@ # Copyright The Linux Foundation and its contributors. # SPDX-License-Identifier: MIT +# checkov:skip=CKV_DOCKER_7:No free access to Chainguard versioned labels. +# hadolint global ignore=DL3007 + FROM --platform=$BUILDPLATFORM cgr.dev/chainguard/go:latest AS builder # Set necessary environment variables needed for our image. Allow building to @@ -24,6 +27,9 @@ RUN go build -o /go/bin/auth0-cas-server-go -trimpath -ldflags="-w -s" github.co # Run our go binary standalone FROM cgr.dev/chainguard/static:latest +# Implicit with base image: setting explicitly for linters. +USER nonroot + EXPOSE 8080 COPY --from=builder /go/bin/auth0-cas-server-go /auth0-cas-server-go diff --git a/Makefile b/Makefile index 6f7d3fc..ce0cc27 100644 --- a/Makefile +++ b/Makefile @@ -12,6 +12,15 @@ bin/auth0-cas-server-go: *.go go.mod go.sum @mkdir -p bin go build -o bin/auth0-cas-server-go github.com/linuxfoundation/auth0-cas-server-go +all: bin/auth0-cas-server-go docker-build + +lint: + docker pull --platform linux/amd64 oxsecurity/megalinter-go:v7 + docker run --rm --platform linux/amd64 -v '$(CURDIR):/tmp/lint:rw' oxsecurity/megalinter-go:v7 + +test: + @echo "No tests to run ... would you like to 'make lint'?" + # Build and label a local Docker container of auth0-cas-server-go. docker-build: docker build -t $(IMAGE_NAME):$(GIT_HASH) -t $(IMAGE_NAME):latest . diff --git a/README.md b/README.md index 372d1ce..d98bac0 100644 --- a/README.md +++ b/README.md @@ -2,37 +2,58 @@ ## Overview -This service was inspired by Auth0, through their example at https://github.com/auth0-samples/auth0-cas-server. It is a simple authentication redirector which wraps an OpenID Connect authentication flow to expose it as server implementing the Central Authentication Service (CAS) SSO protocol. The service leverages configuration stored within Auth0 client metadata, which it reads using a privileged connection to the Auth0 API, in order to emulate multiple different clients dynamically per login session. +This service was inspired by Auth0, through their example at +[auth0-samples/auth0-cas-server](https://github.com/auth0-samples/auth0-cas-server). +It is a simple authentication redirector which wraps an OpenID Connect +authentication flow to expose it as server implementing the Central +Authentication Service (CAS) SSO protocol. The service leverages configuration +stored within Auth0 client metadata, which it reads using a privileged +connection to the Auth0 API, in order to emulate multiple different clients +dynamically per login session. Notable differeces with this implementation: -- Rewritten in Go, including OpenTelemetry instrumentation and multi-arch build outputs including SPDX SBOMs. -- Supports several additional CAS protocol endpoints implementing multiple CAS versions. +- Rewritten in Go, including OpenTelemetry instrumentation and multi-arch build + outputs including SPDX SBOMs. +- Supports several additional CAS protocol endpoints implementing multiple CAS + versions. - Implements CAS single-logout. -- Implements CAS "gateway mode" to test for authentication without prompting the user. +- Implements CAS "gateway mode" to test for authentication without prompting + the user. - Supports both XML and JSON CAS response formats. -- Allows for path wildcards and multiple, comma-separated CAS service definitions in `client_metadata.cas_service` configuration. +- Allows for path wildcards and multiple, comma-separated CAS service + definitions in `client_metadata.cas_service` configuration. ## Linux Foundation specific changes -The following hardcoded behavior is specific to the Linux Foundation's Auth0 environment: +The following hardcoded behavior is specific to the Linux Foundation's Auth0 +environment: -- LF-namespaced OIDC claims used for username and group attributes coming from IdP. -- Custom CAS attributes: `uid`, `field_lf_*` and `profile_name_*` added to match our reference implementation. +- LF-namespaced OIDC claims used for username and group attributes coming from + IdP. +- Custom CAS attributes: `uid`, `field_lf_*` and `profile_name_*` added to + match our reference implementation. -Porting these into a dynamic configuration system would be useful for generalizing this tool. For instance, a toml file could map upstream OIDC claims to both required CAS fields as well as optional additional CAS attributes, and provide per-attribute customization of the mb4-filtering feature. +Porting these into a dynamic configuration system would be useful for +generalizing this tool. For instance, a toml file could map upstream OIDC +claims to both required CAS fields as well as optional additional CAS +attributes, and provide per-attribute customization of the mb4-filtering +feature. ## Deploying and running the server You can pull the latest image from the GitHub Container Registry: -``` +```bash docker pull ghcr.io/linuxfoundation/auth0-cas-server-go:latest ``` -Pinning your deployments to a release label (rather than ":latest") is recommended for production use. +Pinning your deployments to a release label (rather than ":latest") is +recommended for production use. -Please see `env-example` for a list of required and optional environment variables that can be used to configure the server. For local development, you can copy this file to `.env` and modify it to suit your needs. +Please see `env-example` for a list of required and optional environment +variables that can be used to configure the server. For local development, you +can copy this file to `.env` and modify it to suit your needs. ## Auth0 client configuration @@ -40,18 +61,30 @@ To create a CAS-enabled Auth0 application, specify the follow settings: - Application Type: Regular Web Application - Allowed Callback URLs: `https:///cas/oidc_callback` -- Allowed Logout URLs (optional): the CAS logout return URL of your application, if passed by the CAS client ("service" for v3 logout, or "url" for v2 logout). -- Advanced -> Application Metadata: add Key "cas\_service" with Value of one-or-more (comma-separated) URLs which match the "service" parameter of the CAS application's login request. A `*` will match any subdomain or a single path component, while `**` matches anything (including `/`). +- Allowed Logout URLs (optional): the CAS logout return URL of your + application, if passed by the CAS client ("service" for v3 logout, or "url" + for v2 logout). +- Advanced -> Application Metadata: add Key "cas\_service" with Value of + one-or-more (comma-separated) URLs which match the "service" parameter of the + CAS application's login request. A `*` will match any subdomain or a single + path component, while `**` matches anything (including `/`). - Advanced -> OAuth -> OIDC Conformant: Enabled -Multiple apps CAS can be created for different sites: each will have the same callback URL, but they will have different `cas_service` URLs (and logout URLs, if needed). +Multiple apps CAS can be created for different sites: each will have the same +callback URL, but they will have different `cas_service` URLs (and logout URLs, +if needed). -Auth0 client configurations read by this service are cached for performance. New apps should work automatically, but changes to `cas_service` URL patterns for existing apps may require a restart of the service to take effect. +Auth0 client configurations read by this service are cached for performance. +New apps should work automatically, but changes to `cas_service` URL patterns +for existing apps may require a restart of the service to take effect. ## License Copyright The Linux Foundation and its contributors. -This project's source code is licensed under the MIT License. A copy of the license is available in LICENSE. +This project's source code is licensed under the MIT License. A copy of the +license is available in LICENSE. -This project's documentation is licensed under the Creative Commons Attribution 4.0 International License (CC-BY-4.0). A copy of the license is available in LICENSE-docs. +This project's documentation is licensed under the Creative Commons Attribution +4.0 International License (CC-BY-4.0). A copy of the license is available in +LICENSE-docs. diff --git a/auth0_clients.go b/auth0_clients.go index 34e656a..4ab2abf 100644 --- a/auth0_clients.go +++ b/auth0_clients.go @@ -1,6 +1,7 @@ // Copyright The Linux Foundation and its contributors. // SPDX-License-Identifier: MIT +// The auth0-cas-service-go service. package main import ( diff --git a/cas.go b/cas.go index 62e2826..b59c833 100644 --- a/cas.go +++ b/cas.go @@ -1,6 +1,7 @@ // Copyright The Linux Foundation and its contributors. // SPDX-License-Identifier: MIT +// The auth0-cas-service-go service. package main import ( @@ -233,6 +234,22 @@ func casServiceValidate(w http.ResponseWriter, r *http.Request) { appLogger(r.Context()).WithField("auth0_client", casClient).Debug("found client") + // Construct an OAuth2 config that lets us complete the authorization code + // handshake to to get an access token. + // + // TODO: Currently, this service uses the access_token retrieved at this + // point to make a request to the OIDC userinfo endpoint to get the user's + // profile. HOWEVER, we might consider instead capturing the id_token + // returned from the token URL. If we do this, we also would then validate + // the id_token DIFFERENTLY based on whether the client was configured with + // HS256 or RS256 token signing (similar to how we read the + // token_endpoint_auth_method from the Auth0 client configuration). Since + // RSA/JWKS type validation is more complex, we might only do id_token + // parsing for HS256-configured clients, and fall back to the simpler + // userinfo endpoint for RS256-configured clients. This gives us the + // capability to skip the userinfo endpoint for performance gains (provided + // the client is configured for it), without significantly increasing the + // complexity of the codebase. config := oauth2CfgFromAuth0Client(*casClient, r.Host) appLogger(r.Context()).WithFields(logrus.Fields{ "client_id": config.ClientID, diff --git a/go.mod b/go.mod index 5d0175a..754d528 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/linuxfoundation/auth0-cas-server-go -go 1.22 +go 1.22.4 require ( github.com/bmatcuk/doublestar/v4 v4.6.1 @@ -12,35 +12,33 @@ require ( github.com/joho/godotenv v1.5.1 github.com/patrickmn/go-cache v2.1.0+incompatible github.com/sirupsen/logrus v1.9.3 - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 - go.opentelemetry.io/otel v1.24.0 - go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.24.0 - go.opentelemetry.io/otel/sdk v1.24.0 - go.opentelemetry.io/otel/trace v1.24.0 - golang.org/x/oauth2 v0.17.0 - golang.org/x/text v0.14.0 + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.52.0 + go.opentelemetry.io/otel v1.27.0 + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.27.0 + go.opentelemetry.io/otel/sdk v1.27.0 + go.opentelemetry.io/otel/trace v1.27.0 + golang.org/x/oauth2 v0.21.0 + golang.org/x/text v0.16.0 ) require ( github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 // indirect - github.com/cenkalti/backoff/v4 v4.2.1 // indirect + github.com/cenkalti/backoff/v4 v4.3.0 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect github.com/fluent/fluent-logger-golang v1.9.0 // indirect - github.com/go-logr/logr v1.4.1 // indirect + github.com/go-logr/logr v1.4.2 // indirect github.com/go-logr/stdr v1.2.2 // indirect - github.com/golang/protobuf v1.5.3 // indirect github.com/gorilla/securecookie v1.1.2 // indirect - github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1 // indirect + github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect github.com/philhofer/fwd v1.1.2 // indirect github.com/tinylib/msgp v1.1.9 // indirect - go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0 // indirect - go.opentelemetry.io/otel/metric v1.24.0 // indirect - go.opentelemetry.io/proto/otlp v1.1.0 // indirect - golang.org/x/net v0.21.0 // indirect - golang.org/x/sys v0.17.0 // indirect - google.golang.org/appengine v1.6.8 // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20240228224816-df926f6c8641 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20240228224816-df926f6c8641 // indirect - google.golang.org/grpc v1.62.0 // indirect - google.golang.org/protobuf v1.33.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.27.0 // indirect + go.opentelemetry.io/otel/metric v1.27.0 // indirect + go.opentelemetry.io/proto/otlp v1.2.0 // indirect + golang.org/x/net v0.26.0 // indirect + golang.org/x/sys v0.21.0 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20240604185151-ef581f913117 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20240604185151-ef581f913117 // indirect + google.golang.org/grpc v1.64.0 // indirect + google.golang.org/protobuf v1.34.1 // indirect ) diff --git a/go.sum b/go.sum index 4b162f2..06ca8ab 100644 --- a/go.sum +++ b/go.sum @@ -2,8 +2,8 @@ github.com/bmatcuk/doublestar/v4 v4.6.1 h1:FH9SifrbvJhnlQpztAx++wlkk70QBf0iBWDwN github.com/bmatcuk/doublestar/v4 v4.6.1/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTSPVIjEY1Wr7jzc= github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 h1:DDGfHa7BWjL4YnC6+E63dPcxHo2sUxDIu8g3QgEJdRY= github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= -github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM= -github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= +github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= +github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -14,15 +14,10 @@ github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSw github.com/fluent/fluent-logger-golang v1.9.0 h1:zUdY44CHX2oIUc7VTNZc+4m+ORuO/mldQDA7czhWXEg= github.com/fluent/fluent-logger-golang v1.9.0/go.mod h1:2/HCT/jTy78yGyeNGQLGQsjF3zzzAuy6Xlk6FCMV5eU= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= -github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= +github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= -github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= @@ -31,8 +26,8 @@ github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kX github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo= github.com/gorilla/sessions v1.2.2 h1:lqzMYz6bOfvn2WriPUjNByzeXIlVzURcPmgMczkmTjY= github.com/gorilla/sessions v1.2.2/go.mod h1:ePLdVu+jbEgHH+KWw8I1z2wqd0BAdAQh/8LRvBeoNcQ= -github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1 h1:/c3QmbOGMGTOumP2iT/rCwB7b0QDGLKzqOmktBjT+Is= -github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1/go.mod h1:5SN9VR2LTsRFsrEC6FHgRbTWrTHu6tqPeKxEQv15giM= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 h1:bkypFPDjIYGfCYD5mRBvpqxfYX1YCS1PXdKYWi8FsN0= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0/go.mod h1:P+Lt/0by1T8bfcF3z737NnSbmxQAppXMRziHUxPOC8k= github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0= github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= @@ -45,80 +40,51 @@ github.com/philhofer/fwd v1.1.2 h1:bnDivRJ1EWPjUIRXV5KfORO897HTbpFAQddBdE8t7Gw= github.com/philhofer/fwd v1.1.2/go.mod h1:qkPdfjR2SIEbspLqpe1tO4n5yICnr2DY7mqEx2tUTP0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= -github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= +github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= +github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/tinylib/msgp v1.1.9 h1:SHf3yoO2sGA0veCJeCBYLHuttAVFHGm2RHgNodW7wQU= github.com/tinylib/msgp v1.1.9/go.mod h1:BCXGB54lDD8qUEPmiG0cQQUANC4IUQyB2ItS2UDlO/k= -github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 h1:jq9TW8u3so/bN+JPT166wjOI6/vQPF6Xe7nMNIltagk= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0/go.mod h1:p8pYQP+m5XfbZm9fxtSKAbM6oIllS7s2AfxrChvc7iw= -go.opentelemetry.io/otel v1.24.0 h1:0LAOdjNmQeSTzGBzduGe/rU4tZhMwL5rWgtp9Ku5Jfo= -go.opentelemetry.io/otel v1.24.0/go.mod h1:W7b9Ozg4nkF5tWI5zsXkaKKDjdVjpD4oAt9Qi/MArHo= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0 h1:t6wl9SPayj+c7lEIFgm4ooDBZVb01IhLB4InpomhRw8= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0/go.mod h1:iSDOcsnSA5INXzZtwaBPrKp/lWu/V14Dd+llD0oI2EA= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.24.0 h1:Mw5xcxMwlqoJd97vwPxA8isEaIoxsta9/Q51+TTJLGE= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.24.0/go.mod h1:CQNu9bj7o7mC6U7+CA/schKEYakYXWr79ucDHTMGhCM= -go.opentelemetry.io/otel/metric v1.24.0 h1:6EhoGWWK28x1fbpA4tYTOWBkPefTDQnb8WSGXlc88kI= -go.opentelemetry.io/otel/metric v1.24.0/go.mod h1:VYhLe1rFfxuTXLgj4CBiyz+9WYBA8pNGJgDcSFRKBco= -go.opentelemetry.io/otel/sdk v1.24.0 h1:YMPPDNymmQN3ZgczicBY3B6sf9n62Dlj9pWD3ucgoDw= -go.opentelemetry.io/otel/sdk v1.24.0/go.mod h1:KVrIYw6tEubO9E96HQpcmpTKDVn9gdv35HoYiQWGDFg= -go.opentelemetry.io/otel/trace v1.24.0 h1:CsKnnL4dUAr/0llH9FKuc698G04IrpWV0MQA/Y1YELI= -go.opentelemetry.io/otel/trace v1.24.0/go.mod h1:HPc3Xr/cOApsBI154IU0OI0HJexz+aw5uPdbs3UCjNU= -go.opentelemetry.io/proto/otlp v1.1.0 h1:2Di21piLrCqJ3U3eXGCTPHE9R8Nh+0uglSnOyxikMeI= -go.opentelemetry.io/proto/otlp v1.1.0/go.mod h1:GpBHCBWiqvVLDqmHZsoMM3C5ySeKTC7ej/RNTae6MdY= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.52.0 h1:9l89oX4ba9kHbBol3Xin3leYJ+252h0zszDtBwyKe2A= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.52.0/go.mod h1:XLZfZboOJWHNKUv7eH0inh0E9VV6eWDFB/9yJyTLPp0= +go.opentelemetry.io/otel v1.27.0 h1:9BZoF3yMK/O1AafMiQTVu0YDj5Ea4hPhxCs7sGva+cg= +go.opentelemetry.io/otel v1.27.0/go.mod h1:DMpAK8fzYRzs+bi3rS5REupisuqTheUlSZJ1WnZaPAQ= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.27.0 h1:R9DE4kQ4k+YtfLI2ULwX82VtNQ2J8yZmA7ZIF/D+7Mc= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.27.0/go.mod h1:OQFyQVrDlbe+R7xrEyDr/2Wr67Ol0hRUgsfA+V5A95s= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.27.0 h1:qFffATk0X+HD+f1Z8lswGiOQYKHRlzfmdJm0wEaVrFA= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.27.0/go.mod h1:MOiCmryaYtc+V0Ei+Tx9o5S1ZjA7kzLucuVuyzBZloQ= +go.opentelemetry.io/otel/metric v1.27.0 h1:hvj3vdEKyeCi4YaYfNjv2NUje8FqKqUY8IlF0FxV/ik= +go.opentelemetry.io/otel/metric v1.27.0/go.mod h1:mVFgmRlhljgBiuk/MP/oKylr4hs85GZAylncepAX/ak= +go.opentelemetry.io/otel/sdk v1.27.0 h1:mlk+/Y1gLPLn84U4tI8d3GNJmGT/eXe3ZuOXN9kTWmI= +go.opentelemetry.io/otel/sdk v1.27.0/go.mod h1:Ha9vbLwJE6W86YstIywK2xFfPjbWlCuwPtMkKdz/Y4A= +go.opentelemetry.io/otel/trace v1.27.0 h1:IqYb813p7cmbHk0a5y6pD5JPakbVfftRXABGt5/Rscw= +go.opentelemetry.io/otel/trace v1.27.0/go.mod h1:6RiD1hkAprV4/q+yd2ln1HG9GoPx39SuvvstaLBl+l4= +go.opentelemetry.io/proto/otlp v1.2.0 h1:pVeZGk7nXDC9O2hncA6nHldxEjm6LByfA2aN8IOkz94= +go.opentelemetry.io/proto/otlp v1.2.0/go.mod h1:gGpR8txAl5M03pDhMC79G6SdqNV26naRm/KDsgaHD8A= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4= -golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= -golang.org/x/oauth2 v0.17.0 h1:6m3ZPmLEFdVxKKWnKq4VqZ60gutO35zm+zrAHVmHyDQ= -golang.org/x/oauth2 v0.17.0/go.mod h1:OzPDGQiuQMguemayvdylqddI7qcD9lnSDb+1FiwQ5HA= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ= +golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE= +golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs= +golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y= -golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= -google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= -google.golang.org/genproto/googleapis/api v0.0.0-20240228224816-df926f6c8641 h1:SO1wX9btGFrwj9EzH3ocqfwiPVOxfv4ggAJajzlHA5s= -google.golang.org/genproto/googleapis/api v0.0.0-20240228224816-df926f6c8641/go.mod h1:wLupoVsUfYPgOMwjzhYFbaVklw/INms+dqTp0tc1fv8= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240228224816-df926f6c8641 h1:DKU1r6Tj5s1vlU/moGhuGz7E3xRfwjdAfDzbsaQJtEY= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240228224816-df926f6c8641/go.mod h1:UCOku4NytXMJuLQE5VuqA5lX3PcHCBo8pxNyvkf4xBs= -google.golang.org/grpc v1.62.0 h1:HQKZ/fa1bXkX1oFOvSjmZEUL8wLSaZTjCcLAlmZRtdk= -google.golang.org/grpc v1.62.0/go.mod h1:IWTG0VlJLCh1SkC58F7np9ka9mx/WNkjl4PGJaiq+QE= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= -google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws= +golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4= +golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= +google.golang.org/genproto/googleapis/api v0.0.0-20240604185151-ef581f913117 h1:+rdxYoE3E5htTEWIe15GlN6IfvbURM//Jt0mmkmm6ZU= +google.golang.org/genproto/googleapis/api v0.0.0-20240604185151-ef581f913117/go.mod h1:OimBR/bc1wPO9iV4NC2bpyjy3VnAwZh5EBPQdtaE5oo= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240604185151-ef581f913117 h1:1GBuWVLM/KMVUv1t1En5Gs+gFZCNd360GGb4sSxtrhU= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240604185151-ef581f913117/go.mod h1:EfXuqaE1J41VCDicxHzUDm+8rk+7ZdXzHV0IhO/I6s0= +google.golang.org/grpc v1.64.0 h1:KH3VH9y/MgNQg1dE7b3XfVK0GsPSIzJwdF617gUSbvY= +google.golang.org/grpc v1.64.0/go.mod h1:oxjF8E3FBnjp+/gVFYdWacaLDx9na1aqy9oovLpxQYg= +google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg= +google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= diff --git a/main.go b/main.go index 2f6e7ce..c91b597 100644 --- a/main.go +++ b/main.go @@ -1,6 +1,7 @@ // Copyright The Linux Foundation and its contributors. // SPDX-License-Identifier: MIT +// The auth0-cas-service-go service. package main import ( diff --git a/responses.go b/responses.go index 60a1294..47b4154 100644 --- a/responses.go +++ b/responses.go @@ -1,6 +1,7 @@ // Copyright The Linux Foundation and its contributors. // SPDX-License-Identifier: MIT +// The auth0-cas-service-go service. package main import ( diff --git a/tracing.go b/tracing.go index acacac6..bf501cc 100644 --- a/tracing.go +++ b/tracing.go @@ -1,6 +1,7 @@ // Copyright The Linux Foundation and its contributors. // SPDX-License-Identifier: MIT +// The auth0-cas-service-go service. package main import ( From e8211085363afc48e268ba7d6a4de2470a041476 Mon Sep 17 00:00:00 2001 From: Eric Searcy Date: Wed, 5 Jun 2024 14:09:29 -0700 Subject: [PATCH 2/2] Add missing license header Signed-off-by: Eric Searcy --- .mega-linter.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.mega-linter.yml b/.mega-linter.yml index 31ff231..79afc0b 100644 --- a/.mega-linter.yml +++ b/.mega-linter.yml @@ -1,3 +1,5 @@ +# Copyright The Linux Foundation and each contributor to LFX. +# SPDX-License-Identifier: MIT --- DISABLE_LINTERS: # Revive covers this, plus golangci-lint has trouble with newer go toolchains