diff --git a/go.mod b/go.mod index 0aa5d168..2b4c8e27 100644 --- a/go.mod +++ b/go.mod @@ -11,6 +11,7 @@ require ( github.com/elazarl/goproxy v0.0.0-20230808193330-2592e75ae04a github.com/fsnotify/fsnotify v1.7.0 github.com/go-chi/chi/v5 v5.0.4 + github.com/go-jose/go-jose/v3 v3.0.1 github.com/go-resty/resty/v2 v2.7.0 github.com/gofrs/uuid v4.0.0+incompatible github.com/grokify/go-pkce v0.2.0 @@ -30,7 +31,6 @@ require ( golang.org/x/crypto v0.14.0 golang.org/x/net v0.17.0 golang.org/x/oauth2 v0.12.0 - gopkg.in/square/go-jose.v2 v2.6.0 gopkg.in/yaml.v2 v2.4.0 ) @@ -102,6 +102,7 @@ require ( google.golang.org/genproto/googleapis/rpc v0.0.0-20231016165738-49dd2c1f3d0b // indirect google.golang.org/grpc v1.59.0 // indirect google.golang.org/protobuf v1.31.0 // indirect + gopkg.in/square/go-jose.v2 v2.6.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect oras.land/oras-go/v2 v2.3.1 // indirect sigs.k8s.io/yaml v1.4.0 // indirect diff --git a/go.sum b/go.sum index cc8812d2..91e9a119 100644 --- a/go.sum +++ b/go.sum @@ -78,6 +78,8 @@ github.com/go-chi/chi/v5 v5.0.4 h1:5e494iHzsYBiyXQAHHuI4tyJS9M3V84OuX3ufIIGHFo= github.com/go-chi/chi/v5 v5.0.4/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8= github.com/go-ini/ini v1.67.0 h1:z6ZrTEZqSWOTyH2FlglNbNgARyHG8oLW9gMELqKr06A= github.com/go-ini/ini v1.67.0/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= +github.com/go-jose/go-jose/v3 v3.0.1 h1:pWmKFVtt+Jl0vBZTIpz/eAKwsm6LkIxDVVbFHKkchhA= +github.com/go-jose/go-jose/v3 v3.0.1/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= @@ -108,6 +110,7 @@ github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= github.com/google/flatbuffers v23.5.26+incompatible h1:M9dgRyhJemaM4Sw8+66GHBu8ioaQmyPLg1b8VwK5WJg= github.com/google/flatbuffers v23.5.26+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= @@ -245,6 +248,7 @@ go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9i go.uber.org/zap v1.19.0 h1:mZQZefskPPCMIBCSEH0v2/iUqqLrYtaeqwD6FUGUnFE= go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= @@ -254,6 +258,7 @@ golang.org/x/mod v0.11.0 h1:bUO06HqtnRcc/7l71XBe4WcqTZ+3AH1J59zWDDwLKgU= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200505041828-1ed23360d12c/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= @@ -274,6 +279,7 @@ golang.org/x/sync v0.4.0 h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ= golang.org/x/sync v0.4.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= golang.org/x/sys v0.0.0-20190204203706-41f3e6584952/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= diff --git a/pkg/keycloak/proxy/handlers.go b/pkg/keycloak/proxy/handlers.go index a139833c..1da60a72 100644 --- a/pkg/keycloak/proxy/handlers.go +++ b/pkg/keycloak/proxy/handlers.go @@ -30,6 +30,7 @@ import ( "strings" "time" + "github.com/go-jose/go-jose/v3/jwt" "github.com/gogatekeeper/gatekeeper/pkg/apperrors" "github.com/gogatekeeper/gatekeeper/pkg/constant" "github.com/gogatekeeper/gatekeeper/pkg/encryption" @@ -38,7 +39,6 @@ import ( "github.com/grokify/go-pkce" "go.uber.org/zap" "golang.org/x/oauth2" - "gopkg.in/square/go-jose.v2/jwt" ) type DiscoveryResponse struct { diff --git a/pkg/keycloak/proxy/misc.go b/pkg/keycloak/proxy/misc.go index 09bc01b9..79d89fca 100644 --- a/pkg/keycloak/proxy/misc.go +++ b/pkg/keycloak/proxy/misc.go @@ -29,6 +29,7 @@ import ( "github.com/Nerzal/gocloak/v12" oidc3 "github.com/coreos/go-oidc/v3/oidc" + "github.com/go-jose/go-jose/v3/jwt" "github.com/gogatekeeper/gatekeeper/pkg/apperrors" "github.com/gogatekeeper/gatekeeper/pkg/authorization" configcore "github.com/gogatekeeper/gatekeeper/pkg/config/core" @@ -36,7 +37,6 @@ import ( "github.com/gogatekeeper/gatekeeper/pkg/encryption" "github.com/gogatekeeper/gatekeeper/pkg/utils" "go.uber.org/zap" - "gopkg.in/square/go-jose.v2/jwt" ) // filterCookies is responsible for censoring any cookies we don't want sent diff --git a/pkg/keycloak/proxy/oauth.go b/pkg/keycloak/proxy/oauth.go index c919f01e..2801b232 100644 --- a/pkg/keycloak/proxy/oauth.go +++ b/pkg/keycloak/proxy/oauth.go @@ -29,7 +29,7 @@ import ( "golang.org/x/net/context" "golang.org/x/oauth2" - "gopkg.in/square/go-jose.v2/jwt" + "github.com/go-jose/go-jose/v3/jwt" ) // newOAuth2Config returns a oauth2 config diff --git a/pkg/keycloak/proxy/oauth_proxy.go b/pkg/keycloak/proxy/oauth_proxy.go index 1d77eb83..49e683b1 100644 --- a/pkg/keycloak/proxy/oauth_proxy.go +++ b/pkg/keycloak/proxy/oauth_proxy.go @@ -12,6 +12,7 @@ import ( "github.com/Nerzal/gocloak/v12" oidc3 "github.com/coreos/go-oidc/v3/oidc" + "github.com/go-jose/go-jose/v3/jwt" "github.com/gogatekeeper/gatekeeper/pkg/apperrors" "github.com/gogatekeeper/gatekeeper/pkg/authorization" "github.com/gogatekeeper/gatekeeper/pkg/constant" @@ -19,7 +20,6 @@ import ( "github.com/gogatekeeper/gatekeeper/pkg/proxy/cookie" "github.com/gogatekeeper/gatekeeper/pkg/storage" "go.uber.org/zap" - "gopkg.in/square/go-jose.v2/jwt" ) type PAT struct { diff --git a/pkg/keycloak/proxy/session.go b/pkg/keycloak/proxy/session.go index 8e3cfd9d..423874bd 100644 --- a/pkg/keycloak/proxy/session.go +++ b/pkg/keycloak/proxy/session.go @@ -19,11 +19,11 @@ import ( "net/http" "strings" + "github.com/go-jose/go-jose/v3/jwt" "github.com/gogatekeeper/gatekeeper/pkg/apperrors" "github.com/gogatekeeper/gatekeeper/pkg/encryption" "github.com/gogatekeeper/gatekeeper/pkg/utils" "go.uber.org/zap" - "gopkg.in/square/go-jose.v2/jwt" ) // GetIdentity retrieves the user identity from a request, either from a session cookie or a bearer token diff --git a/pkg/testsuite/fake_authserver.go b/pkg/testsuite/fake_authserver.go index c1cfbfa4..17f07b4b 100644 --- a/pkg/testsuite/fake_authserver.go +++ b/pkg/testsuite/fake_authserver.go @@ -17,14 +17,14 @@ import ( "github.com/go-chi/chi/v5" "github.com/go-chi/chi/v5/middleware" + jose2 "github.com/go-jose/go-jose/v3" + "github.com/go-jose/go-jose/v3/jwt" "github.com/gogatekeeper/gatekeeper/pkg/authorization" configcore "github.com/gogatekeeper/gatekeeper/pkg/config/core" "github.com/gogatekeeper/gatekeeper/pkg/constant" "github.com/gogatekeeper/gatekeeper/pkg/keycloak/proxy" "github.com/grokify/go-pkce" "github.com/jochasinga/relay" - jose2 "gopkg.in/square/go-jose.v2" - "gopkg.in/square/go-jose.v2/jwt" ) type RoleClaim struct { diff --git a/pkg/testsuite/handlers_test.go b/pkg/testsuite/handlers_test.go index 1a604a27..288217c1 100644 --- a/pkg/testsuite/handlers_test.go +++ b/pkg/testsuite/handlers_test.go @@ -25,6 +25,7 @@ import ( "testing" "time" + "github.com/go-jose/go-jose/v3/jwt" "github.com/gogatekeeper/gatekeeper/pkg/apperrors" "github.com/gogatekeeper/gatekeeper/pkg/authorization" "github.com/gogatekeeper/gatekeeper/pkg/constant" @@ -32,7 +33,6 @@ import ( "github.com/gogatekeeper/gatekeeper/pkg/keycloak/proxy" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "gopkg.in/square/go-jose.v2/jwt" ) func TestDebugHandler(t *testing.T) { diff --git a/pkg/testsuite/middleware_test.go b/pkg/testsuite/middleware_test.go index b6c2e56d..322ab797 100644 --- a/pkg/testsuite/middleware_test.go +++ b/pkg/testsuite/middleware_test.go @@ -44,7 +44,7 @@ import ( "github.com/gogatekeeper/gatekeeper/pkg/keycloak/proxy" "github.com/gogatekeeper/gatekeeper/pkg/utils" - "gopkg.in/square/go-jose.v2/jwt" + "github.com/go-jose/go-jose/v3/jwt" opaserver "github.com/open-policy-agent/opa/server" ) diff --git a/pkg/testsuite/server_test.go b/pkg/testsuite/server_test.go index b987fbd7..1335eace 100644 --- a/pkg/testsuite/server_test.go +++ b/pkg/testsuite/server_test.go @@ -29,6 +29,7 @@ import ( "testing" "time" + "github.com/go-jose/go-jose/v3/jwt" "github.com/gogatekeeper/gatekeeper/pkg/apperrors" "github.com/gogatekeeper/gatekeeper/pkg/authorization" configcore "github.com/gogatekeeper/gatekeeper/pkg/config/core" @@ -37,7 +38,6 @@ import ( "github.com/gogatekeeper/gatekeeper/pkg/keycloak/proxy" "github.com/gogatekeeper/gatekeeper/pkg/utils" "github.com/stretchr/testify/assert" - "gopkg.in/square/go-jose.v2/jwt" ) func TestNewKeycloakProxy(t *testing.T) { diff --git a/pkg/testsuite/session_test.go b/pkg/testsuite/session_test.go index 165edd1e..1993e3a9 100644 --- a/pkg/testsuite/session_test.go +++ b/pkg/testsuite/session_test.go @@ -21,13 +21,13 @@ import ( "testing" "time" + "github.com/go-jose/go-jose/v3/jwt" "github.com/gogatekeeper/gatekeeper/pkg/apperrors" "github.com/gogatekeeper/gatekeeper/pkg/constant" "github.com/gogatekeeper/gatekeeper/pkg/keycloak/config" "github.com/gogatekeeper/gatekeeper/pkg/keycloak/proxy" "github.com/gogatekeeper/gatekeeper/pkg/utils" "github.com/stretchr/testify/assert" - "gopkg.in/square/go-jose.v2/jwt" ) func TestGetIndentity(t *testing.T) {