diff --git a/Godeps/Godeps.json b/Godeps/Godeps.json index a29e3f0f05b..318e770a08c 100644 --- a/Godeps/Godeps.json +++ b/Godeps/Godeps.json @@ -691,23 +691,23 @@ }, { "ImportPath": "github.com/coreos/go-oidc/http", - "Rev": "5644a2f50e2d2d5ba0b474bc5bc55fea1925936d" + "Rev": "be73733bb8cc830d0205609b95d125215f8e9c70" }, { "ImportPath": "github.com/coreos/go-oidc/jose", - "Rev": "5644a2f50e2d2d5ba0b474bc5bc55fea1925936d" + "Rev": "be73733bb8cc830d0205609b95d125215f8e9c70" }, { "ImportPath": "github.com/coreos/go-oidc/key", - "Rev": "5644a2f50e2d2d5ba0b474bc5bc55fea1925936d" + "Rev": "be73733bb8cc830d0205609b95d125215f8e9c70" }, { "ImportPath": "github.com/coreos/go-oidc/oauth2", - "Rev": "5644a2f50e2d2d5ba0b474bc5bc55fea1925936d" + "Rev": "be73733bb8cc830d0205609b95d125215f8e9c70" }, { "ImportPath": "github.com/coreos/go-oidc/oidc", - "Rev": "5644a2f50e2d2d5ba0b474bc5bc55fea1925936d" + "Rev": "be73733bb8cc830d0205609b95d125215f8e9c70" }, { "ImportPath": "github.com/coreos/go-semver/semver", diff --git a/staging/src/k8s.io/apiserver/Godeps/Godeps.json b/staging/src/k8s.io/apiserver/Godeps/Godeps.json index 99521709388..dc7e489c0e8 100644 --- a/staging/src/k8s.io/apiserver/Godeps/Godeps.json +++ b/staging/src/k8s.io/apiserver/Godeps/Godeps.json @@ -236,23 +236,23 @@ }, { "ImportPath": "github.com/coreos/go-oidc/http", - "Rev": "5644a2f50e2d2d5ba0b474bc5bc55fea1925936d" + "Rev": "be73733bb8cc830d0205609b95d125215f8e9c70" }, { "ImportPath": "github.com/coreos/go-oidc/jose", - "Rev": "5644a2f50e2d2d5ba0b474bc5bc55fea1925936d" + "Rev": "be73733bb8cc830d0205609b95d125215f8e9c70" }, { "ImportPath": "github.com/coreos/go-oidc/key", - "Rev": "5644a2f50e2d2d5ba0b474bc5bc55fea1925936d" + "Rev": "be73733bb8cc830d0205609b95d125215f8e9c70" }, { "ImportPath": "github.com/coreos/go-oidc/oauth2", - "Rev": "5644a2f50e2d2d5ba0b474bc5bc55fea1925936d" + "Rev": "be73733bb8cc830d0205609b95d125215f8e9c70" }, { "ImportPath": "github.com/coreos/go-oidc/oidc", - "Rev": "5644a2f50e2d2d5ba0b474bc5bc55fea1925936d" + "Rev": "be73733bb8cc830d0205609b95d125215f8e9c70" }, { "ImportPath": "github.com/coreos/go-semver/semver", diff --git a/staging/src/k8s.io/client-go/Godeps/Godeps.json b/staging/src/k8s.io/client-go/Godeps/Godeps.json index 49458bdd379..30890b49246 100644 --- a/staging/src/k8s.io/client-go/Godeps/Godeps.json +++ b/staging/src/k8s.io/client-go/Godeps/Godeps.json @@ -24,23 +24,23 @@ }, { "ImportPath": "github.com/coreos/go-oidc/http", - "Rev": "5644a2f50e2d2d5ba0b474bc5bc55fea1925936d" + "Rev": "be73733bb8cc830d0205609b95d125215f8e9c70" }, { "ImportPath": "github.com/coreos/go-oidc/jose", - "Rev": "5644a2f50e2d2d5ba0b474bc5bc55fea1925936d" + "Rev": "be73733bb8cc830d0205609b95d125215f8e9c70" }, { "ImportPath": "github.com/coreos/go-oidc/key", - "Rev": "5644a2f50e2d2d5ba0b474bc5bc55fea1925936d" + "Rev": "be73733bb8cc830d0205609b95d125215f8e9c70" }, { "ImportPath": "github.com/coreos/go-oidc/oauth2", - "Rev": "5644a2f50e2d2d5ba0b474bc5bc55fea1925936d" + "Rev": "be73733bb8cc830d0205609b95d125215f8e9c70" }, { "ImportPath": "github.com/coreos/go-oidc/oidc", - "Rev": "5644a2f50e2d2d5ba0b474bc5bc55fea1925936d" + "Rev": "be73733bb8cc830d0205609b95d125215f8e9c70" }, { "ImportPath": "github.com/coreos/pkg/health", diff --git a/vendor/BUILD b/vendor/BUILD index 012a5688aaa..341e957b45e 100644 --- a/vendor/BUILD +++ b/vendor/BUILD @@ -2026,6 +2026,7 @@ go_library( name = "github.com/coreos/go-oidc/http", srcs = [ "github.com/coreos/go-oidc/http/client.go", + "github.com/coreos/go-oidc/http/doc.go", "github.com/coreos/go-oidc/http/http.go", "github.com/coreos/go-oidc/http/url.go", ], @@ -2036,12 +2037,12 @@ go_library( name = "github.com/coreos/go-oidc/jose", srcs = [ "github.com/coreos/go-oidc/jose/claims.go", + "github.com/coreos/go-oidc/jose/doc.go", "github.com/coreos/go-oidc/jose/jose.go", "github.com/coreos/go-oidc/jose/jwk.go", "github.com/coreos/go-oidc/jose/jws.go", "github.com/coreos/go-oidc/jose/jwt.go", "github.com/coreos/go-oidc/jose/sig.go", - "github.com/coreos/go-oidc/jose/sig_hmac.go", "github.com/coreos/go-oidc/jose/sig_rsa.go", ], tags = ["automanaged"], @@ -2050,6 +2051,7 @@ go_library( go_library( name = "github.com/coreos/go-oidc/key", srcs = [ + "github.com/coreos/go-oidc/key/doc.go", "github.com/coreos/go-oidc/key/key.go", "github.com/coreos/go-oidc/key/manager.go", "github.com/coreos/go-oidc/key/repo.go", @@ -2068,6 +2070,7 @@ go_library( go_library( name = "github.com/coreos/go-oidc/oauth2", srcs = [ + "github.com/coreos/go-oidc/oauth2/doc.go", "github.com/coreos/go-oidc/oauth2/error.go", "github.com/coreos/go-oidc/oauth2/oauth2.go", ], @@ -2079,6 +2082,7 @@ go_library( name = "github.com/coreos/go-oidc/oidc", srcs = [ "github.com/coreos/go-oidc/oidc/client.go", + "github.com/coreos/go-oidc/oidc/doc.go", "github.com/coreos/go-oidc/oidc/identity.go", "github.com/coreos/go-oidc/oidc/interface.go", "github.com/coreos/go-oidc/oidc/key.go", diff --git a/vendor/github.com/coreos/go-oidc/http/doc.go b/vendor/github.com/coreos/go-oidc/http/doc.go new file mode 100644 index 00000000000..5687e8b81b4 --- /dev/null +++ b/vendor/github.com/coreos/go-oidc/http/doc.go @@ -0,0 +1,2 @@ +// Package http is DEPRECATED. Use net/http instead. +package http diff --git a/vendor/github.com/coreos/go-oidc/jose/doc.go b/vendor/github.com/coreos/go-oidc/jose/doc.go new file mode 100644 index 00000000000..b5e1321781c --- /dev/null +++ b/vendor/github.com/coreos/go-oidc/jose/doc.go @@ -0,0 +1,2 @@ +// Package jose is DEPRECATED. Use gopkg.in/square/go-jose.v2 instead. +package jose diff --git a/vendor/github.com/coreos/go-oidc/jose/jwk.go b/vendor/github.com/coreos/go-oidc/jose/jwk.go index b7a8e235583..119f073ff7a 100644 --- a/vendor/github.com/coreos/go-oidc/jose/jwk.go +++ b/vendor/github.com/coreos/go-oidc/jose/jwk.go @@ -104,7 +104,7 @@ func encodeExponent(e int) string { break } } - return base64.URLEncoding.EncodeToString(b[idx:]) + return base64.RawURLEncoding.EncodeToString(b[idx:]) } // Turns a URL encoded modulus of a key into a big int. @@ -119,7 +119,7 @@ func decodeModulus(n string) (*big.Int, error) { } func encodeModulus(n *big.Int) string { - return base64.URLEncoding.EncodeToString(n.Bytes()) + return base64.RawURLEncoding.EncodeToString(n.Bytes()) } // decodeBase64URLPaddingOptional decodes Base64 whether there is padding or not. diff --git a/vendor/github.com/coreos/go-oidc/jose/sig_hmac.go b/vendor/github.com/coreos/go-oidc/jose/sig_hmac.go deleted file mode 100755 index b3ca3ef3d49..00000000000 --- a/vendor/github.com/coreos/go-oidc/jose/sig_hmac.go +++ /dev/null @@ -1,67 +0,0 @@ -package jose - -import ( - "bytes" - "crypto" - "crypto/hmac" - _ "crypto/sha256" - "errors" - "fmt" -) - -type VerifierHMAC struct { - KeyID string - Hash crypto.Hash - Secret []byte -} - -type SignerHMAC struct { - VerifierHMAC -} - -func NewVerifierHMAC(jwk JWK) (*VerifierHMAC, error) { - if jwk.Alg != "" && jwk.Alg != "HS256" { - return nil, fmt.Errorf("unsupported key algorithm %q", jwk.Alg) - } - - v := VerifierHMAC{ - KeyID: jwk.ID, - Secret: jwk.Secret, - Hash: crypto.SHA256, - } - - return &v, nil -} - -func (v *VerifierHMAC) ID() string { - return v.KeyID -} - -func (v *VerifierHMAC) Alg() string { - return "HS256" -} - -func (v *VerifierHMAC) Verify(sig []byte, data []byte) error { - h := hmac.New(v.Hash.New, v.Secret) - h.Write(data) - if !bytes.Equal(sig, h.Sum(nil)) { - return errors.New("invalid hmac signature") - } - return nil -} - -func NewSignerHMAC(kid string, secret []byte) *SignerHMAC { - return &SignerHMAC{ - VerifierHMAC: VerifierHMAC{ - KeyID: kid, - Secret: secret, - Hash: crypto.SHA256, - }, - } -} - -func (s *SignerHMAC) Sign(data []byte) ([]byte, error) { - h := hmac.New(s.Hash.New, s.Secret) - h.Write(data) - return h.Sum(nil), nil -} diff --git a/vendor/github.com/coreos/go-oidc/key/doc.go b/vendor/github.com/coreos/go-oidc/key/doc.go new file mode 100644 index 00000000000..936eec74582 --- /dev/null +++ b/vendor/github.com/coreos/go-oidc/key/doc.go @@ -0,0 +1,2 @@ +// Package key is DEPRECATED. Use github.com/coreos/go-oidc instead. +package key diff --git a/vendor/github.com/coreos/go-oidc/oauth2/doc.go b/vendor/github.com/coreos/go-oidc/oauth2/doc.go new file mode 100644 index 00000000000..52eb3085e93 --- /dev/null +++ b/vendor/github.com/coreos/go-oidc/oauth2/doc.go @@ -0,0 +1,2 @@ +// Package oauth2 is DEPRECATED. Use golang.org/x/oauth instead. +package oauth2 diff --git a/vendor/github.com/coreos/go-oidc/oidc/doc.go b/vendor/github.com/coreos/go-oidc/oidc/doc.go new file mode 100644 index 00000000000..196611ec542 --- /dev/null +++ b/vendor/github.com/coreos/go-oidc/oidc/doc.go @@ -0,0 +1,2 @@ +// Package oidc is DEPRECATED. Use github.com/coreos/go-oidc instead. +package oidc diff --git a/vendor/github.com/coreos/go-oidc/oidc/provider.go b/vendor/github.com/coreos/go-oidc/oidc/provider.go index ca2838440b3..2afc0da3352 100644 --- a/vendor/github.com/coreos/go-oidc/oidc/provider.go +++ b/vendor/github.com/coreos/go-oidc/oidc/provider.go @@ -353,9 +353,6 @@ func (p ProviderConfig) Valid() error { if !contains(p.IDTokenSigningAlgValues, "RS256") { return errors.New("id_token_signing_alg_values_supported must include 'RS256'") } - if contains(p.TokenEndpointAuthMethodsSupported, "none") { - return errors.New("token_endpoint_auth_signing_alg_values_supported cannot include 'none'") - } uris := []struct { val *url.URL @@ -567,7 +564,7 @@ func (n *pcsStepNext) step(fn pcsStepFunc) (next pcsStepper) { next = &pcsStepNext{aft: ttl} } else { next = &pcsStepRetry{aft: time.Second} - log.Printf("go-oidc: provider config sync falied, retyring in %v: %v", next.after(), err) + log.Printf("go-oidc: provider config sync failed, retrying in %v: %v", next.after(), err) } return } @@ -586,7 +583,7 @@ func (r *pcsStepRetry) step(fn pcsStepFunc) (next pcsStepper) { next = &pcsStepNext{aft: ttl} } else { next = &pcsStepRetry{aft: timeutil.ExpBackoff(r.aft, time.Minute)} - log.Printf("go-oidc: provider config sync falied, retyring in %v: %v", next.after(), err) + log.Printf("go-oidc: provider config sync failed, retrying in %v: %v", next.after(), err) } return }