diff --git a/command/oauth2.go b/command/oauth2.go index 805bb270..4b3c9a30 100644 --- a/command/oauth2.go +++ b/command/oauth2.go @@ -4,7 +4,6 @@ import ( "context" "crypto/rand" "crypto/sha256" - "crypto/tls" "encoding/base64" "errors" "fmt" @@ -16,7 +15,6 @@ import ( "github.com/RobotsAndPencils/go-saml" "github.com/coreos/go-oidc" - rootcerts "github.com/hashicorp/go-rootcerts" "golang.org/x/net/html" "golang.org/x/oauth2" ) @@ -27,20 +25,6 @@ var ErrNoSAMLAssertion = errors.New("no saml assertion") // 43 is a magic number - It generates states that are not too short or long for Okta's validation. const stateBufSize = 43 -func NewHTTPClient() *http.Client { - // Some Darwin systems require certs to be loaded from the system certificate store or attempts to verify SSL certs on internal websites may fail. - tr := http.DefaultTransport - if certs, err := rootcerts.LoadSystemCAs(); err == nil { - tr = &http.Transport{ - TLSClientConfig: &tls.Config{ - RootCAs: certs, - }, - } - } - - return &http.Client{Transport: LogRoundTripper{tr}} -} - func DiscoverOAuth2Config(ctx context.Context, domain, clientID string) (*oauth2.Config, error) { provider, err := oidc.NewProvider(ctx, domain) if err != nil { diff --git a/command/root.go b/command/root.go index e008d842..e3f15293 100644 --- a/command/root.go +++ b/command/root.go @@ -3,6 +3,7 @@ package command import ( "context" "fmt" + "net/http" "os" "path/filepath" "runtime" @@ -106,7 +107,7 @@ To get started run the following commands: } func Execute(ctx context.Context, args []string) error { - client := NewHTTPClient() + client := &http.Client{Transport: LogRoundTripper{http.DefaultTransport}} ctx = oidc.ClientContext(ctx, client) rootCmd.SetArgs(args) return rootCmd.ExecuteContext(ctx) diff --git a/go.mod b/go.mod index 51794668..2be63242 100644 --- a/go.mod +++ b/go.mod @@ -4,10 +4,8 @@ require ( github.com/RobotsAndPencils/go-saml v0.0.0-20170520135329-fb13cb52a46b github.com/aws/aws-lambda-go v1.19.1 github.com/aws/aws-sdk-go v1.34.19 - github.com/aws/aws-sdk-go-v2/service/ec2 v1.148.2 github.com/coreos/go-oidc v2.2.1+incompatible github.com/go-ini/ini v1.61.0 - github.com/hashicorp/go-rootcerts v1.0.2 github.com/mitchellh/go-homedir v1.1.0 github.com/mitchellh/go-ps v1.0.0 github.com/okta/okta-sdk-golang/v2 v2.2.1 @@ -19,13 +17,11 @@ require ( github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cam v1.0.392 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.479 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/sts v1.0.479 - golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63 golang.org/x/net v0.8.0 golang.org/x/oauth2 v0.6.0 ) require ( - github.com/aws/smithy-go v1.20.1 // indirect github.com/cenkalti/backoff/v4 v4.1.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/golang/protobuf v1.5.2 // indirect @@ -34,6 +30,7 @@ require ( github.com/hashicorp/go-cleanhttp v0.5.1 // indirect github.com/hashicorp/go-multierror v1.1.0 // indirect github.com/hashicorp/go-retryablehttp v0.6.7 // indirect + github.com/hashicorp/go-rootcerts v1.0.2 // indirect github.com/hashicorp/go-sockaddr v1.0.2 // indirect github.com/hashicorp/hcl v1.0.0 // indirect github.com/hashicorp/vault/api v1.0.4 // indirect diff --git a/go.sum b/go.sum index f9aecef1..513bfdac 100644 --- a/go.sum +++ b/go.sum @@ -10,11 +10,6 @@ github.com/aws/aws-lambda-go v1.19.1/go.mod h1:jJmlefzPfGnckuHdXX7/80O3BvUUi12XO github.com/aws/aws-sdk-go v1.34.10/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0= github.com/aws/aws-sdk-go v1.34.19 h1:x3MMvAJ1nfWviixEduchBSs65DgY5Y2pA2/NAcxVGOo= github.com/aws/aws-sdk-go v1.34.19/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0= -github.com/aws/aws-sdk-go-v2 v1.25.1 h1:P7hU6A5qEdmajGwvae/zDkOq+ULLC9tQBTwqqiwFGpI= -github.com/aws/aws-sdk-go-v2/service/ec2 v1.148.2 h1:1oOlVyfM5Lzn/XKjqoVyy2i4OQhqOPaqYg3Jk+cZ4FE= -github.com/aws/aws-sdk-go-v2/service/ec2 v1.148.2/go.mod h1:7MUTgVVnC1GAxx4SNQqzQalrm1n4v1HYa/R/LEB3CKo= -github.com/aws/smithy-go v1.20.1 h1:4SZlSlMr36UEqC7XOyRVb27XMeZubNcBNN+9IgEPIQw= -github.com/aws/smithy-go v1.20.1/go.mod h1:krry+ya/rV9RDcV/Q16kpu6ypI4K2czasz0NC3qS14E= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= github.com/cenkalti/backoff/v4 v4.1.0 h1:c8LkOFQTzuO0WBM/ae5HdGQuZPfPxp7lqBRwQRm4fSc= github.com/cenkalti/backoff/v4 v4.1.0/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= @@ -51,6 +46,7 @@ github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg= +github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= @@ -188,8 +184,6 @@ golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897 h1:pLI5jrR7OSLijeIDcmRxNmw2api+jEfxLoykJVice/E= golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63 h1:m64FZMko/V45gv0bNmrNYoDEq8U5YUhetc9cBWKS1TQ= -golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63/go.mod h1:0v4NqG35kSWCMzLaMeX+IQrlSnVE/bqGSyC2cz/9Le8= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=