diff options
author | Mike Crute <mike@crute.us> | 2023-07-29 12:15:13 -0700 |
---|---|---|
committer | Mike Crute <mike@crute.us> | 2023-07-29 12:15:13 -0700 |
commit | 4e995f9e6c3adc43a361b6fa9b976d25378f1594 (patch) | |
tree | 862642149583fa4ad662edfe0b31a7d65b8e302e | |
parent | fea07831eadd35532055ec16fc43b0cde56a54b1 (diff) | |
download | websocket_proxy-4e995f9e6c3adc43a361b6fa9b976d25378f1594.tar.bz2 websocket_proxy-4e995f9e6c3adc43a361b6fa9b976d25378f1594.tar.xz websocket_proxy-4e995f9e6c3adc43a361b6fa9b976d25378f1594.zip |
Initial import of rewrite
38 files changed, 3130 insertions, 289 deletions
@@ -1,2 +1,5 @@ | |||
1 | /websocket-proxy | 1 | /ssh-proxy |
2 | /ssh-proxy-client | ||
3 | /ssl/ | ||
2 | /docker/ | 4 | /docker/ |
5 | /test.sh | ||
diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 52f657c..0000000 --- a/Dockerfile +++ /dev/null | |||
@@ -1,10 +0,0 @@ | |||
1 | FROM alpine:edge | ||
2 | |||
3 | RUN set -euxo pipefail; \ | ||
4 | apk --no-cache add ca-certificates; | ||
5 | |||
6 | |||
7 | ADD websocket-proxy /usr/local/bin/ | ||
8 | |||
9 | ENTRYPOINT [ "/usr/local/bin/websocket-proxy" ] | ||
10 | CMD [ "help" ] | ||
@@ -1,22 +1,52 @@ | |||
1 | IMAGE="docker.crute.me/websocket-proxy" | 1 | IMAGE=docker.crute.me/ssh-proxy |
2 | VERSION="0.1.0" | 2 | BINARY=ssh-proxy |
3 | 3 | ||
4 | websocket-proxy: main.go sockets.go server.go client.go localclient.go | 4 | $(BINARY): $(shell find . -name '*.go') |
5 | CGO_ENABLED=0 go build -ldflags "-X main.version=$(VERSION)" -o $@ $^ | 5 | @[ "$(CLIENT_ID)" ] || ( echo "CLIENT_ID must be set"; exit 1 ) |
6 | |||
7 | CGO_ENABLED=0 go build \ | ||
8 | -ldflags "-X main.appVersion=$(shell git describe --long --tags --dirty --always) \ | ||
9 | -X code.crute.us/mcrute/ssh-proxy/cmd/client.clientId=$(CLIENT_ID)" \ | ||
10 | -o $@ | ||
11 | |||
12 | .PHONY: vet | ||
13 | vet: main.go | ||
14 | go vet $< | ||
6 | 15 | ||
7 | .PHONY: docker | 16 | .PHONY: docker |
8 | docker: websocket-proxy | 17 | docker: $(BINARY) |
9 | mkdir docker; \ | 18 | mkdir docker; cp Dockerfile web-server docker; cd docker; \ |
10 | cp Dockerfile websocket-proxy docker; \ | 19 | docker pull $(shell grep '^FROM ' Dockerfile | cut -d' ' -f2); \ |
11 | cd docker; \ | 20 | docker build --no-cache -t $(IMAGE):stage . |
12 | docker build -t $(IMAGE):$(VERSION) . | ||
13 | 21 | ||
14 | .PHONY: publish | 22 | .PHONY: publish |
15 | publish: | 23 | publish: |
16 | docker push $(IMAGE):$(VERSION) | 24 | docker push $(IMAGE):stage |
17 | docker tag $(IMAGE):$(VERSION) $(IMAGE):latest | 25 | |
26 | .PHONY: publish-prod | ||
27 | publish-prod: | ||
28 | docker tag $(IMAGE):stage $(IMAGE):latest | ||
18 | docker push $(IMAGE):latest | 29 | docker push $(IMAGE):latest |
19 | 30 | ||
20 | .PHONY: clean | 31 | .PHONY: clean |
21 | clean: | 32 | clean: |
22 | rm -rf websocket-proxy docker | 33 | rm -rf docker || true |
34 | rm $(BINARY) || true | ||
35 | |||
36 | .PHONY: run-backfill | ||
37 | run-backfill: clean $(BINARY) | ||
38 | test -n "$(VAULT_ROLE_ID)" # Caller must export VAULT_ROLE_ID | ||
39 | test -n "$(VAULT_SECRET_ID)" # Caller must also export VAULT_SECRET_ID | ||
40 | VAULT_ADDR="https://vault.sea4.crute.me:8200" \ | ||
41 | VAULT_SKIP_VERIFY=true \ | ||
42 | ./web-server backfill-shakes | ||
43 | |||
44 | .PHONY: run-web | ||
45 | run-web: clean $(BINARY) | ||
46 | test -n "$(VAULT_ROLE_ID)" # Caller must export VAULT_ROLE_ID | ||
47 | test -n "$(VAULT_SECRET_ID)" # Caller must also export VAULT_SECRET_ID | ||
48 | VAULT_ADDR="https://vault.sea4.crute.me:8200" \ | ||
49 | VAULT_SKIP_VERIFY=true \ | ||
50 | ./$(BINARY) --debug \ | ||
51 | --hostname=dev.ssh-proxy.crute.me \ | ||
52 | web | ||
diff --git a/app/config.go b/app/config.go new file mode 100644 index 0000000..2ffd0cb --- /dev/null +++ b/app/config.go | |||
@@ -0,0 +1,45 @@ | |||
1 | package app | ||
2 | |||
3 | import "time" | ||
4 | |||
5 | type Config struct { | ||
6 | Bind []string `flag:"bind" flag-scope:"web" flag-help:"Addresses and ports to bind http server"` | ||
7 | Debug bool `flag:"debug" flag-help:"Enable debug mode"` | ||
8 | MongoDbUri string `flag:"mongodb-uri" flag-scope:"web,register" flag-help:"URI for connection to mongodb"` | ||
9 | DisableBackgroundJobs bool `flag:"disable-bg-jobs" flag-scope:"web" flag-help:"Disable background jobs and only serve web pages"` | ||
10 | Hostnames []string `flag:"hostname" flag-scope:"web" flag-help:"Hostname this server serves (can be specified multiple times)"` | ||
11 | TrustedIPRanges []string `flag:"trusted-ip-ranges" flag-scope:"web" flag-help:"Comma separated list of IP ranges for trusted XFF proxies"` | ||
12 | DNSApiKeyVaultPath string `flag:"dns-api-vault-path" flag-scope:"web" flag-help:"Vault material for DNS API key"` | ||
13 | AutocertEmail string `flag:"autocert-email" flag-scope:"web" flag-help:"Autocert notification email"` | ||
14 | AutocertHost string `flag:"autocert-host" flag-scope:"web" flag-help:"Autocert service url"` | ||
15 | NetboxHost string `flag:"netbox-host" flag-scope:"web" flag-help:"Netbox service url"` | ||
16 | NetboxApiKeyVaultPath string `flag:"netbox-api-vault-path" flag-scope:"web" flag-help:"Vault material path for Netbox API key"` | ||
17 | CookieKeyPath string `flag:"cookie-key-path" flag-scope:"web" flag-help:"Vault material path for cookie encryption key"` | ||
18 | SSHCAKeyPath string `flag:"ssh-ca-key-path" flag-scope:"web" flag-help:"Vault material path for SSH CA key"` | ||
19 | SSHCertificateExpiration time.Duration `flag:"ssh-cert-expire" flag-scope:"web" flag-help:"Lifetime duration of signed SSH certificates"` | ||
20 | OauthRPName string `flag:"oauth-rp-name" flag-scope:"web" flag-help:"Name of Oauth2 relying party for auth"` | ||
21 | OauthDevicePollSecs int `flag:"oauth-device-poll-secs" flag-scope:"web" flag-help:"Number of seconds between polls for oauth device flow"` | ||
22 | OauthSessionTimeout time.Duration `flag:"oauth-session-timelut" flag-scope:"web" flag-help:"Timeout before oauth session expires"` | ||
23 | InviteTimeout time.Duration `flag:"invite-timeout" flag-scope:"register" flag-help:"Timeout before inivitation code expires"` | ||
24 | } | ||
25 | |||
26 | var DefaultConfig = &Config{ | ||
27 | Bind: []string{":8069"}, | ||
28 | Debug: false, | ||
29 | MongoDbUri: "ssh-proxy-prod@mongodb.sea4.crute.me/ssh-proxy-prod", | ||
30 | DisableBackgroundJobs: false, | ||
31 | Hostnames: []string{"ssh-proxy.crute.me"}, | ||
32 | TrustedIPRanges: []string{"172.19.0.0/22", "2602:803:4072::/48"}, | ||
33 | DNSApiKeyVaultPath: "service/ssh-proxy/dns-api-key", | ||
34 | AutocertEmail: "letsencrypt-certs@pomonaconsulting.com", | ||
35 | AutocertHost: "https://dns-manage.crute.me/acmev2", | ||
36 | NetboxHost: "https://netbox.crute.me", | ||
37 | NetboxApiKeyVaultPath: "infra/netbox-readonly", | ||
38 | CookieKeyPath: "service/ssh-proxy/cookie-key", | ||
39 | SSHCAKeyPath: "service/ssh-proxy/ssh-ca-key", | ||
40 | SSHCertificateExpiration: time.Minute, | ||
41 | OauthRPName: "Crute SSH Proxy", | ||
42 | OauthDevicePollSecs: 5, | ||
43 | OauthSessionTimeout: 5 * time.Minute, | ||
44 | InviteTimeout: 1 * time.Hour, | ||
45 | } | ||
diff --git a/app/controllers/ca.go b/app/controllers/ca.go new file mode 100644 index 0000000..632db50 --- /dev/null +++ b/app/controllers/ca.go | |||
@@ -0,0 +1,172 @@ | |||
1 | package controllers | ||
2 | |||
3 | import ( | ||
4 | "crypto/rand" | ||
5 | "fmt" | ||
6 | "io" | ||
7 | "net/http" | ||
8 | "strings" | ||
9 | "time" | ||
10 | |||
11 | "code.crute.us/mcrute/ssh-proxy/app/middleware" | ||
12 | "code.crute.us/mcrute/ssh-proxy/app/models" | ||
13 | "github.com/labstack/echo/v4" | ||
14 | "golang.org/x/crypto/ssh" | ||
15 | ) | ||
16 | |||
17 | type CASecret struct { | ||
18 | Key string `mapstructure:"key"` | ||
19 | } | ||
20 | |||
21 | type CAHandlerConfig struct { | ||
22 | Logger echo.Logger | ||
23 | Users models.UserStore | ||
24 | Expiration time.Duration | ||
25 | Secret CASecret | ||
26 | } | ||
27 | |||
28 | type CAHandler struct { | ||
29 | Logger echo.Logger | ||
30 | Users models.UserStore | ||
31 | Expiration time.Duration | ||
32 | signer ssh.Signer | ||
33 | } | ||
34 | |||
35 | func NewCAHandler(cfg CAHandlerConfig) (*CAHandler, error) { | ||
36 | signer, err := ssh.ParsePrivateKey([]byte(cfg.Secret.Key)) | ||
37 | if err != nil { | ||
38 | return nil, err | ||
39 | } | ||
40 | |||
41 | cfg.Logger.Infof("CA Authorized Key: %s", ssh.MarshalAuthorizedKey(signer.PublicKey())) | ||
42 | |||
43 | return &CAHandler{ | ||
44 | Logger: cfg.Logger, | ||
45 | Users: cfg.Users, | ||
46 | Expiration: cfg.Expiration, | ||
47 | signer: signer, | ||
48 | }, nil | ||
49 | } | ||
50 | |||
51 | func (h *CAHandler) authorizeRequest(c echo.Context, certRequest *ssh.Certificate) error { | ||
52 | session := middleware.GetAuthorizedSession(c) | ||
53 | |||
54 | user, err := h.Users.Get(c.Request().Context(), session.UserId) | ||
55 | if err != nil { | ||
56 | return err | ||
57 | } | ||
58 | |||
59 | if user.Username != certRequest.ValidPrincipals[0] { | ||
60 | return fmt.Errorf("Authenticated username and cert username must match") | ||
61 | } | ||
62 | |||
63 | if !session.HasScope("ca:issue") { | ||
64 | return fmt.Errorf("Authorized session does not have scope ca:issue") | ||
65 | } | ||
66 | |||
67 | if certRequest.Extensions == nil { | ||
68 | return fmt.Errorf("Cert request extensions are empty") | ||
69 | } | ||
70 | |||
71 | hostLine, ok := certRequest.Extensions["allowed-hosts"] | ||
72 | if !ok { | ||
73 | return fmt.Errorf("Cert request allowed-hosts is blank") | ||
74 | } | ||
75 | |||
76 | for _, host := range strings.Split(hostLine, ",") { | ||
77 | if !user.AuthorizedForHost(host) { | ||
78 | return fmt.Errorf("User %s is not authorized for host %s", session.UserId, host) | ||
79 | } | ||
80 | } | ||
81 | |||
82 | h.Logger.Infof("Allowing user %s to obtain SSH certificate for hosts %s", user.Username, hostLine) | ||
83 | return nil | ||
84 | } | ||
85 | |||
86 | func (h *CAHandler) verifyRequestSignature(c *ssh.Certificate) error { | ||
87 | // Copied from ssh.Certificate#bytesForSigning | ||
88 | // https://cs.opensource.google/go/x/crypto/+/refs/tags/v0.11.0:ssh/certs.go;l=499-505 | ||
89 | c2 := *c | ||
90 | c2.Signature = nil | ||
91 | out := c2.Marshal() | ||
92 | // Drop trailing signature length. | ||
93 | return c.Verify(out[:len(out)-4], c.Signature) | ||
94 | } | ||
95 | |||
96 | func (h *CAHandler) HandleIssue(c echo.Context) error { | ||
97 | req, err := io.ReadAll(c.Request().Body) | ||
98 | if err != nil { | ||
99 | return c.JSON(http.StatusBadRequest, map[string]string{ | ||
100 | "error": "Unable to read request body", | ||
101 | }) | ||
102 | } | ||
103 | |||
104 | pubkey, _, _, _, err := ssh.ParseAuthorizedKey(req) | ||
105 | if err != nil { | ||
106 | return c.JSON(http.StatusBadRequest, map[string]string{ | ||
107 | "error": "Error parsing certificate request", | ||
108 | }) | ||
109 | } | ||
110 | |||
111 | certRequest, ok := pubkey.(*ssh.Certificate) | ||
112 | if !ok { | ||
113 | return c.JSON(http.StatusBadRequest, map[string]string{ | ||
114 | "error": "Invalid format for certificate request", | ||
115 | }) | ||
116 | } | ||
117 | |||
118 | if certRequest.CertType != ssh.UserCert { | ||
119 | return c.JSON(http.StatusBadRequest, map[string]string{ | ||
120 | "error": "This CA only issues user certificates", | ||
121 | }) | ||
122 | } | ||
123 | |||
124 | if len(certRequest.ValidPrincipals) != 1 { | ||
125 | return c.JSON(http.StatusBadRequest, map[string]string{ | ||
126 | "error": "Invalid number of principals specified", | ||
127 | }) | ||
128 | } | ||
129 | |||
130 | // Kinda silly I guess but at least proves that the requestor | ||
131 | // is in posession of the private key that we're signing | ||
132 | if err := h.verifyRequestSignature(certRequest); err != nil { | ||
133 | h.Logger.Error(err) | ||
134 | return c.JSON(http.StatusUnauthorized, map[string]string{ | ||
135 | "error": "Invalid signature", | ||
136 | }) | ||
137 | } | ||
138 | |||
139 | if err := h.authorizeRequest(c, certRequest); err != nil { | ||
140 | h.Logger.Error(err) | ||
141 | return c.JSON(http.StatusUnauthorized, map[string]string{ | ||
142 | "error": "Not authorized", | ||
143 | }) | ||
144 | } | ||
145 | |||
146 | utcNow := time.Now().UTC() | ||
147 | |||
148 | // Serial doesn't really matter since these are so short lived and we | ||
149 | // won't be revoking them | ||
150 | certToIssue := &ssh.Certificate{ | ||
151 | Key: certRequest.Key, | ||
152 | Serial: uint64(utcNow.Unix()), | ||
153 | CertType: ssh.UserCert, | ||
154 | KeyId: fmt.Sprintf("%s_%d", certRequest.ValidPrincipals[0], utcNow.Unix()), | ||
155 | ValidPrincipals: certRequest.ValidPrincipals, | ||
156 | ValidAfter: uint64(utcNow.Add(-5 * time.Minute).Unix()), | ||
157 | ValidBefore: uint64(utcNow.Add(h.Expiration).Unix()), | ||
158 | Permissions: ssh.Permissions{ | ||
159 | Extensions: map[string]string{ | ||
160 | "permit-pty": "", | ||
161 | }, | ||
162 | }, | ||
163 | } | ||
164 | |||
165 | if err := certToIssue.SignCert(rand.Reader, h.signer); err != nil { | ||
166 | return c.JSON(http.StatusBadRequest, map[string]string{ | ||
167 | "error": "Error signing certificate", | ||
168 | }) | ||
169 | } | ||
170 | |||
171 | return c.Blob(http.StatusOK, "application/x-ssh-certificate", ssh.MarshalAuthorizedKey(certToIssue)) | ||
172 | } | ||
diff --git a/app/controllers/login.go b/app/controllers/login.go new file mode 100644 index 0000000..603eb20 --- /dev/null +++ b/app/controllers/login.go | |||
@@ -0,0 +1,117 @@ | |||
1 | package controllers | ||
2 | |||
3 | import ( | ||
4 | "bytes" | ||
5 | "encoding/json" | ||
6 | "io" | ||
7 | "net/http" | ||
8 | "time" | ||
9 | |||
10 | "code.crute.us/mcrute/golib/echo/session" | ||
11 | "code.crute.us/mcrute/ssh-proxy/app" | ||
12 | "code.crute.us/mcrute/ssh-proxy/app/models" | ||
13 | "github.com/go-webauthn/webauthn/protocol" | ||
14 | "github.com/go-webauthn/webauthn/webauthn" | ||
15 | "github.com/labstack/echo/v4" | ||
16 | ) | ||
17 | |||
18 | type LoginController[T app.AppSession] struct { | ||
19 | Logger echo.Logger | ||
20 | Sessions session.Store[T] | ||
21 | Users models.UserStore | ||
22 | AuthSessions models.AuthSessionStore | ||
23 | Webauthn *webauthn.WebAuthn | ||
24 | SessionExpiration time.Duration | ||
25 | } | ||
26 | |||
27 | func (a *LoginController[T]) HandleStart(c echo.Context) error { | ||
28 | user, err := a.Users.Get(c.Request().Context(), c.Param("username")) | ||
29 | if err != nil { | ||
30 | a.Logger.Errorf("Error getting user: %s", err) | ||
31 | return c.NoContent(http.StatusNotFound) | ||
32 | } | ||
33 | |||
34 | request, sessionData, err := a.Webauthn.BeginLogin(user) | ||
35 | if err != nil { | ||
36 | a.Logger.Errorf("Error creating webauthn request: %s", err) | ||
37 | return c.NoContent(http.StatusInternalServerError) | ||
38 | } | ||
39 | |||
40 | session := a.Sessions.Get(c) | ||
41 | s := session.Self() | ||
42 | s.WebauthnSession = sessionData | ||
43 | a.Sessions.Update(c, session) | ||
44 | |||
45 | return c.JSON(http.StatusOK, request) | ||
46 | } | ||
47 | |||
48 | func (a *LoginController[T]) HandleFinish(c echo.Context) error { | ||
49 | ctx := c.Request().Context() | ||
50 | |||
51 | body, err := io.ReadAll(c.Request().Body) | ||
52 | if err != nil { | ||
53 | a.Logger.Errorf("Error reading request body:", err) | ||
54 | return c.NoContent(http.StatusInternalServerError) | ||
55 | } | ||
56 | |||
57 | user, err := a.Users.Get(ctx, c.Param("username")) | ||
58 | if err != nil { | ||
59 | a.Logger.Errorf("Error getting user: %s", err) | ||
60 | return c.NoContent(http.StatusNotFound) | ||
61 | } | ||
62 | |||
63 | response, err := protocol.ParseCredentialRequestResponseBody(bytes.NewBuffer(body)) | ||
64 | if err != nil { | ||
65 | a.Logger.Errorf("Error parsing credential response: %s", err) | ||
66 | return c.NoContent(http.StatusBadRequest) | ||
67 | } | ||
68 | |||
69 | session := a.Sessions.Get(c) | ||
70 | s := session.Self() | ||
71 | |||
72 | if s.WebauthnSession == nil { | ||
73 | a.Logger.Errorf("Webauthn session is not set") | ||
74 | return c.NoContent(http.StatusBadRequest) | ||
75 | } | ||
76 | |||
77 | if _, err := a.Webauthn.ValidateLogin(user, *s.WebauthnSession, response); err != nil { | ||
78 | a.Logger.Errorf("Error validating login: %s", err) | ||
79 | return c.NoContent(http.StatusBadRequest) | ||
80 | } | ||
81 | |||
82 | // Don't check the clone warning or the auth count because these are | ||
83 | // meaningless for Passkeys since they are synced across devices | ||
84 | // (presumably securely). This would only matter for hard tokens like | ||
85 | // Yubikeys and since we're also allowing Passkey support there is no | ||
86 | // need to be more strict for that class of device. | ||
87 | |||
88 | var code struct { | ||
89 | Code string `json:"code"` | ||
90 | } | ||
91 | if err := json.Unmarshal(body, &code); err != nil { | ||
92 | a.Logger.Errorf("Error decoding json body") | ||
93 | return c.NoContent(http.StatusBadRequest) | ||
94 | } | ||
95 | |||
96 | authSession, err := a.AuthSessions.GetByUserCode(ctx, code.Code) | ||
97 | if err != nil { | ||
98 | a.Logger.Errorf("No auth session exists") | ||
99 | return c.NoContent(http.StatusUnauthorized) | ||
100 | } | ||
101 | |||
102 | if authSession.AccessCode != "" { | ||
103 | a.Logger.Errorf("Session is already authenticated") | ||
104 | return c.NoContent(http.StatusUnauthorized) | ||
105 | } | ||
106 | |||
107 | authSession.GenerateAccessCode() | ||
108 | authSession.UserId = user.Username | ||
109 | authSession.Expires = time.Now().Add(a.SessionExpiration) | ||
110 | |||
111 | if err := a.AuthSessions.Upsert(ctx, authSession); err != nil { | ||
112 | a.Logger.Errorf("Error saving auth session") | ||
113 | return c.NoContent(http.StatusInternalServerError) | ||
114 | } | ||
115 | |||
116 | return c.NoContent(http.StatusOK) | ||
117 | } | ||
diff --git a/app/controllers/oauth2_device.go b/app/controllers/oauth2_device.go new file mode 100644 index 0000000..0ddf653 --- /dev/null +++ b/app/controllers/oauth2_device.go | |||
@@ -0,0 +1,129 @@ | |||
1 | package controllers | ||
2 | |||
3 | import ( | ||
4 | "crypto/subtle" | ||
5 | "fmt" | ||
6 | "net/http" | ||
7 | "strconv" | ||
8 | "time" | ||
9 | |||
10 | "code.crute.us/mcrute/ssh-proxy/app" | ||
11 | "code.crute.us/mcrute/ssh-proxy/app/models" | ||
12 | "github.com/labstack/echo/v4" | ||
13 | ) | ||
14 | |||
15 | func badRequest(c echo.Context, e models.AuthorizationError, d string) error { | ||
16 | return c.JSON(http.StatusBadRequest, models.Oauth2Error{ | ||
17 | Type: e, | ||
18 | Description: d, | ||
19 | }) | ||
20 | } | ||
21 | |||
22 | type OAuth2DeviceController[T app.AppSession] struct { | ||
23 | Logger echo.Logger | ||
24 | OauthClients models.OauthClientStore | ||
25 | AuthSessions models.AuthSessionStore | ||
26 | Hostname string | ||
27 | PollSeconds int | ||
28 | SessionExpiration time.Duration | ||
29 | } | ||
30 | |||
31 | func (a *OAuth2DeviceController[T]) HandleStart(c echo.Context) error { | ||
32 | ctx := c.Request().Context() | ||
33 | |||
34 | var form models.AuthorizationRequest | ||
35 | if err := (&echo.DefaultBinder{}).BindBody(c, &form); err != nil { | ||
36 | a.Logger.Errorf("Unable to parse form data: %s", err) | ||
37 | return badRequest(c, models.ErrInvalidRequest, "") | ||
38 | } | ||
39 | |||
40 | client, err := a.OauthClients.Get(ctx, form.ClientId) | ||
41 | if err != nil { | ||
42 | a.Logger.Errorf("Unable to find client ID '%s': %s", form.ClientId, err) | ||
43 | return badRequest(c, models.ErrUnauthorizedClient, "") | ||
44 | } | ||
45 | |||
46 | if len(form.Challenge) <= 16 { | ||
47 | return badRequest(c, models.ErrInvalidRequest, | ||
48 | "code_challenge is too short, minimum length is 16 bytes") | ||
49 | } | ||
50 | |||
51 | if form.ChallengeMethod != models.ChallengeS256 { | ||
52 | return badRequest(c, models.ErrInvalidRequest, | ||
53 | "code_challenge_method invalid, only S256 supported") | ||
54 | } | ||
55 | |||
56 | session := models.NewAuthSession(client.Id, time.Now().Add(a.SessionExpiration)) | ||
57 | session.SetChallenge(form.Challenge, form.ChallengeMethod) | ||
58 | session.SetScopeString(form.Scope) | ||
59 | |||
60 | if !session.HasAnyScopes() { | ||
61 | return badRequest(c, models.ErrInvalidRequest, "one or more scopes required") | ||
62 | } | ||
63 | |||
64 | for _, s := range session.Scope { | ||
65 | if s != "ssh:proxy" && s != "ca:issue" { | ||
66 | return badRequest(c, models.ErrInvalidScope, fmt.Sprintf("scope %s is not recognized", s)) | ||
67 | } | ||
68 | } | ||
69 | |||
70 | if err := a.AuthSessions.Insert(ctx, session); err != nil { | ||
71 | a.Logger.Errorf("Error inserting auth session", err) | ||
72 | return c.NoContent(http.StatusInternalServerError) | ||
73 | } | ||
74 | |||
75 | return c.JSON(http.StatusOK, models.DeviceAuthorizationResponse{ | ||
76 | DeviceCode: session.DeviceCode, | ||
77 | UserCode: session.UserCode, | ||
78 | VerificationUri: fmt.Sprintf("%s/login", a.Hostname), | ||
79 | VerificationUriComplete: fmt.Sprintf("%s/login?code=%s", a.Hostname, session.UserCode), | ||
80 | ExpiresIn: int(time.Until(session.Expires).Seconds()), | ||
81 | Interval: a.PollSeconds, | ||
82 | }) | ||
83 | } | ||
84 | |||
85 | func (a *OAuth2DeviceController[T]) HandleToken(c echo.Context) error { | ||
86 | ctx := c.Request().Context() | ||
87 | |||
88 | var form models.DeviceAccessTokenRequest | ||
89 | if err := (&echo.DefaultBinder{}).BindBody(c, &form); err != nil { | ||
90 | a.Logger.Errorf("Unable to parse form data: %s", err) | ||
91 | return badRequest(c, models.ErrInvalidRequest, "") | ||
92 | } | ||
93 | |||
94 | session, err := a.AuthSessions.Get(ctx, form.DeviceCode) | ||
95 | if err != nil { | ||
96 | return c.NoContent(http.StatusNotFound) | ||
97 | } | ||
98 | |||
99 | if form.GrantType != models.DEVICE_CODE_GRANT_TYPE { | ||
100 | return badRequest(c, models.ErrUnsupportedGrantType, "") | ||
101 | } | ||
102 | |||
103 | if subtle.ConstantTimeCompare([]byte(session.ClientId), []byte(form.ClientId)) != 1 { | ||
104 | return badRequest(c, models.ErrUnauthorizedClient, "") | ||
105 | } | ||
106 | |||
107 | if time.Now().After(session.Expires) { | ||
108 | return badRequest(c, models.ErrExpiredToken, "") | ||
109 | } | ||
110 | |||
111 | verifier := &models.PKCEChallenge{Verifier: form.CodeVerifier} | ||
112 | if verifier.EqualString(session.Challenge) { | ||
113 | return badRequest(c, models.ErrInvalidGrant, "") // Per RFC7636 4.6 | ||
114 | } | ||
115 | |||
116 | if session.IsRegistration { | ||
117 | return badRequest(c, models.ErrInvalidGrant, "") | ||
118 | } | ||
119 | |||
120 | if session.AccessCode == "" { | ||
121 | return badRequest(c, models.ErrAuthorizationPending, "") | ||
122 | } | ||
123 | |||
124 | return c.JSON(http.StatusOK, models.AccessTokenResponse{ | ||
125 | AccessToken: session.AccessCode, | ||
126 | TokenType: "Bearer", | ||
127 | ExpiresIn: strconv.FormatInt(int64(time.Until(session.Expires).Seconds()), 10), | ||
128 | }) | ||
129 | } | ||
diff --git a/app/controllers/proxy.go b/app/controllers/proxy.go new file mode 100644 index 0000000..c8345e8 --- /dev/null +++ b/app/controllers/proxy.go | |||
@@ -0,0 +1,78 @@ | |||
1 | package controllers | ||
2 | |||
3 | import ( | ||
4 | "fmt" | ||
5 | "net" | ||
6 | "net/http" | ||
7 | "strconv" | ||
8 | |||
9 | "code.crute.us/mcrute/ssh-proxy/app/middleware" | ||
10 | "code.crute.us/mcrute/ssh-proxy/app/models" | ||
11 | "code.crute.us/mcrute/ssh-proxy/proxy" | ||
12 | |||
13 | "github.com/gorilla/websocket" | ||
14 | "github.com/labstack/echo/v4" | ||
15 | ) | ||
16 | |||
17 | type ProxyHandler struct { | ||
18 | Logger echo.Logger | ||
19 | Upgrader websocket.Upgrader | ||
20 | Users models.UserStore | ||
21 | } | ||
22 | |||
23 | func getConnectAddr(c echo.Context) string { | ||
24 | p, err := strconv.Atoi(c.Param("port")) | ||
25 | if err != nil { | ||
26 | p = 22 | ||
27 | } | ||
28 | return fmt.Sprintf("%s:%d", c.Param("host"), p) | ||
29 | } | ||
30 | |||
31 | func (h *ProxyHandler) authorizeRequest(c echo.Context) error { | ||
32 | session := middleware.GetAuthorizedSession(c) | ||
33 | |||
34 | user, err := h.Users.Get(c.Request().Context(), session.UserId) | ||
35 | if err != nil { | ||
36 | return err | ||
37 | } | ||
38 | |||
39 | if !session.HasScope("ssh:proxy") { | ||
40 | return fmt.Errorf("Authorized session does not have scope ssh:proxy") | ||
41 | } | ||
42 | |||
43 | host := c.Param("host") | ||
44 | if user.AuthorizedForHost(host) { | ||
45 | h.Logger.Infof("Allowing user %s to proxy to host %s", session.UserId, host) | ||
46 | return nil | ||
47 | } | ||
48 | |||
49 | return fmt.Errorf("User %s not authorized for host %s", session.UserId, host) | ||
50 | } | ||
51 | |||
52 | func (h *ProxyHandler) Handle(c echo.Context) error { | ||
53 | if err := h.authorizeRequest(c); err != nil { | ||
54 | h.Logger.Error(err) | ||
55 | return c.NoContent(http.StatusUnauthorized) | ||
56 | } | ||
57 | |||
58 | wsconn, err := h.Upgrader.Upgrade(c.Response(), c.Request(), nil) | ||
59 | if err != nil { | ||
60 | return err | ||
61 | } | ||
62 | defer wsconn.Close() | ||
63 | |||
64 | proxyconn, err := net.Dial("tcp", getConnectAddr(c)) | ||
65 | if err != nil { | ||
66 | return err | ||
67 | } | ||
68 | defer proxyconn.Close() | ||
69 | |||
70 | errc := make(chan error) | ||
71 | ws := &proxy.WebsocketReadWriter{W: wsconn} | ||
72 | |||
73 | go proxy.CopyWithErrors(proxyconn, ws, errc) | ||
74 | go proxy.CopyWithErrors(ws, proxyconn, errc) | ||
75 | |||
76 | <-errc | ||
77 | return nil | ||
78 | } | ||
diff --git a/app/controllers/register.go b/app/controllers/register.go new file mode 100644 index 0000000..8698bda --- /dev/null +++ b/app/controllers/register.go | |||
@@ -0,0 +1,78 @@ | |||
1 | package controllers | ||
2 | |||
3 | import ( | ||
4 | "net/http" | ||
5 | |||
6 | "code.crute.us/mcrute/golib/echo/session" | ||
7 | "code.crute.us/mcrute/ssh-proxy/app" | ||
8 | "code.crute.us/mcrute/ssh-proxy/app/models" | ||
9 | "github.com/go-webauthn/webauthn/protocol" | ||
10 | "github.com/go-webauthn/webauthn/webauthn" | ||
11 | "github.com/labstack/echo/v4" | ||
12 | ) | ||
13 | |||
14 | type RegisterController[T app.AppSession] struct { | ||
15 | Logger echo.Logger | ||
16 | Sessions session.Store[T] | ||
17 | Users models.UserStore | ||
18 | AuthSessions models.AuthSessionStore | ||
19 | Webauthn *webauthn.WebAuthn | ||
20 | } | ||
21 | |||
22 | func (a *RegisterController[T]) HandleStart(c echo.Context) error { | ||
23 | user, err := a.Users.Get(c.Request().Context(), c.Param("username")) | ||
24 | if err != nil { | ||
25 | a.Logger.Errorf("Error getting user: %s", err) | ||
26 | return c.NoContent(http.StatusNotFound) | ||
27 | } | ||
28 | |||
29 | request, sessionData, err := a.Webauthn.BeginRegistration(user) | ||
30 | if err != nil { | ||
31 | a.Logger.Errorf("Error creating webauthn request: %s", err) | ||
32 | return c.NoContent(http.StatusInternalServerError) | ||
33 | } | ||
34 | |||
35 | session := a.Sessions.Get(c) | ||
36 | s := session.Self() | ||
37 | s.WebauthnSession = sessionData | ||
38 | a.Sessions.Update(c, session) | ||
39 | |||
40 | return c.JSON(http.StatusOK, request) | ||
41 | } | ||
42 | |||
43 | func (a *RegisterController[T]) HandleFinish(c echo.Context) error { | ||
44 | user, err := a.Users.Get(c.Request().Context(), c.Param("username")) | ||
45 | if err != nil { | ||
46 | a.Logger.Errorf("Error getting user: %s", err) | ||
47 | return c.NoContent(http.StatusNotFound) | ||
48 | } | ||
49 | |||
50 | response, err := protocol.ParseCredentialCreationResponseBody(c.Request().Body) | ||
51 | if err != nil { | ||
52 | a.Logger.Errorf("Error parsing credential response: %s", err) | ||
53 | return c.NoContent(http.StatusBadRequest) | ||
54 | } | ||
55 | |||
56 | session := a.Sessions.Get(c) | ||
57 | s := session.Self() | ||
58 | |||
59 | if s.WebauthnSession == nil { | ||
60 | a.Logger.Errorf("Webauthn session is not set") | ||
61 | return c.NoContent(http.StatusBadRequest) | ||
62 | } | ||
63 | |||
64 | credential, err := a.Webauthn.CreateCredential(user, *s.WebauthnSession, response) | ||
65 | if err != nil { | ||
66 | a.Logger.Errorf("Error creating credential: %s", err) | ||
67 | return c.NoContent(http.StatusBadRequest) | ||
68 | } | ||
69 | |||
70 | user.Fido2Credentials = append(user.Fido2Credentials, *credential) | ||
71 | |||
72 | if err := a.Users.Upsert(c.Request().Context(), user); err != nil { | ||
73 | a.Logger.Errorf("Error saving user: %s", err) | ||
74 | return c.NoContent(http.StatusInternalServerError) | ||
75 | } | ||
76 | |||
77 | return c.NoContent(http.StatusOK) | ||
78 | } | ||
diff --git a/app/middleware/token_auth.go b/app/middleware/token_auth.go new file mode 100644 index 0000000..6454ddb --- /dev/null +++ b/app/middleware/token_auth.go | |||
@@ -0,0 +1,76 @@ | |||
1 | package middleware | ||
2 | |||
3 | import ( | ||
4 | "net/http" | ||
5 | "strings" | ||
6 | "time" | ||
7 | |||
8 | "code.crute.us/mcrute/ssh-proxy/app/models" | ||
9 | "github.com/labstack/echo/v4" | ||
10 | ) | ||
11 | |||
12 | const authorizedSession = "__ssh-proxy_authorized_session" | ||
13 | |||
14 | func GetAuthorizedSession(c echo.Context) *models.AuthSession { | ||
15 | ses := c.Get(authorizedSession) | ||
16 | if ses != nil { | ||
17 | return ses.(*models.AuthSession) | ||
18 | } | ||
19 | return nil | ||
20 | } | ||
21 | |||
22 | type TokenAuthMiddleware struct { | ||
23 | Logger echo.Logger | ||
24 | RequiredScope string | ||
25 | AuthSessions models.AuthSessionStore | ||
26 | } | ||
27 | |||
28 | func (m *TokenAuthMiddleware) Middleware(next echo.HandlerFunc) echo.HandlerFunc { | ||
29 | return func(c echo.Context) error { | ||
30 | authHeader := strings.SplitN(c.Request().Header.Get("Authorization"), " ", 2) | ||
31 | |||
32 | if len(authHeader) != 2 || strings.ToLower(authHeader[0]) != "bearer" { | ||
33 | return c.JSON(http.StatusBadRequest, models.Oauth2Error{ | ||
34 | Type: models.ErrInvalidRequest, | ||
35 | Description: "invalid authorization header", | ||
36 | }) | ||
37 | } | ||
38 | |||
39 | session, err := m.AuthSessions.GetByAccessCode(c.Request().Context(), authHeader[1]) | ||
40 | if err != nil { | ||
41 | return c.JSON(http.StatusUnauthorized, models.Oauth2Error{ | ||
42 | Type: models.ErrAccessDenied, | ||
43 | }) | ||
44 | } | ||
45 | |||
46 | if time.Now().After(session.Expires) { | ||
47 | return c.JSON(http.StatusUnauthorized, models.Oauth2Error{ | ||
48 | Type: models.ErrAccessDenied, | ||
49 | }) | ||
50 | } | ||
51 | |||
52 | foundScope := false | ||
53 | for _, s := range session.Scope { | ||
54 | if s == m.RequiredScope { | ||
55 | foundScope = true | ||
56 | break | ||
57 | } | ||
58 | } | ||
59 | |||
60 | if !foundScope { | ||
61 | return c.JSON(http.StatusUnauthorized, models.Oauth2Error{ | ||
62 | Type: models.ErrAccessDenied, | ||
63 | }) | ||
64 | } | ||
65 | |||
66 | if session.IsRegistration { | ||
67 | return c.JSON(http.StatusUnauthorized, models.Oauth2Error{ | ||
68 | Type: models.ErrAccessDenied, | ||
69 | }) | ||
70 | } | ||
71 | |||
72 | c.Set(authorizedSession, session) | ||
73 | |||
74 | return next(c) | ||
75 | } | ||
76 | } | ||
diff --git a/app/models/auth_session.go b/app/models/auth_session.go new file mode 100644 index 0000000..0b86b16 --- /dev/null +++ b/app/models/auth_session.go | |||
@@ -0,0 +1,75 @@ | |||
1 | package models | ||
2 | |||
3 | import ( | ||
4 | "context" | ||
5 | "strings" | ||
6 | "time" | ||
7 | ) | ||
8 | |||
9 | type AuthSession struct { | ||
10 | DeviceCode string `bson:"_id"` | ||
11 | ClientId string | ||
12 | UserCode string | ||
13 | AccessCode string | ||
14 | Challenge string | ||
15 | ChallengeMethod string | ||
16 | UserId string | ||
17 | IsRegistration bool | ||
18 | Scope []string | ||
19 | Expires time.Time | ||
20 | Deleted *time.Time | ||
21 | } | ||
22 | |||
23 | func NewAuthSession(client string, expires time.Time) *AuthSession { | ||
24 | return &AuthSession{ | ||
25 | DeviceCode: createDeviceCode(), | ||
26 | UserCode: createUserCode(), | ||
27 | Expires: expires, | ||
28 | ClientId: client, | ||
29 | } | ||
30 | } | ||
31 | |||
32 | func (s *AuthSession) GenerateAccessCode() { | ||
33 | s.AccessCode = createDeviceCode() | ||
34 | } | ||
35 | |||
36 | func (s *AuthSession) RecordId() string { | ||
37 | return s.DeviceCode | ||
38 | } | ||
39 | |||
40 | func (s *AuthSession) MarkDeleted(t time.Time) { | ||
41 | s.Deleted = &t | ||
42 | } | ||
43 | |||
44 | func (s *AuthSession) SetChallenge(challenge string, method PKCEChallengeType) { | ||
45 | s.Challenge = challenge | ||
46 | s.ChallengeMethod = string(method) | ||
47 | } | ||
48 | |||
49 | func (s *AuthSession) SetScopeString(scope string) { | ||
50 | s.Scope = strings.Split(scope, " ") | ||
51 | } | ||
52 | |||
53 | func (s *AuthSession) HasAnyScopes() bool { | ||
54 | return len(s.Scope) > 0 | ||
55 | } | ||
56 | |||
57 | func (s *AuthSession) HasScope(scope string) bool { | ||
58 | for _, c := range s.Scope { | ||
59 | if c == scope { | ||
60 | return true | ||
61 | } | ||
62 | } | ||
63 | return false | ||
64 | } | ||
65 | |||
66 | type AuthSessionStore interface { | ||
67 | List(ctx context.Context) ([]*AuthSession, error) | ||
68 | ListAll(ctx context.Context) ([]*AuthSession, error) | ||
69 | Get(ctx context.Context, name string) (*AuthSession, error) | ||
70 | GetByUserCode(ctx context.Context, userCode string) (*AuthSession, error) | ||
71 | GetByAccessCode(ctx context.Context, userCode string) (*AuthSession, error) | ||
72 | Insert(ctx context.Context, m *AuthSession) error | ||
73 | Upsert(ctx context.Context, m *AuthSession) error | ||
74 | Delete(ctx context.Context, m *AuthSession) error | ||
75 | } | ||
diff --git a/app/models/auth_session_mongodb.go b/app/models/auth_session_mongodb.go new file mode 100644 index 0000000..fc5f5dd --- /dev/null +++ b/app/models/auth_session_mongodb.go | |||
@@ -0,0 +1,45 @@ | |||
1 | package models | ||
2 | |||
3 | import ( | ||
4 | "context" | ||
5 | "time" | ||
6 | |||
7 | "code.crute.us/mcrute/ssh-proxy/db" | ||
8 | |||
9 | "go.mongodb.org/mongo-driver/bson" | ||
10 | "go.mongodb.org/mongo-driver/bson/primitive" | ||
11 | ) | ||
12 | |||
13 | type AuthSessionStoreMongodb struct { | ||
14 | *db.MongoDbBasicStore[*AuthSession] | ||
15 | } | ||
16 | |||
17 | var _ AuthSessionStore = (*AuthSessionStoreMongodb)(nil) | ||
18 | |||
19 | func (s *AuthSessionStoreMongodb) getBy(ctx context.Context, field, value string) (*AuthSession, error) { | ||
20 | var out AuthSession | ||
21 | |||
22 | if err := s.Db.Collection(s.CollectionName).FindOne(ctx, &bson.M{ | ||
23 | field: value, | ||
24 | "expires": bson.M{ | ||
25 | "$gte": primitive.NewDateTimeFromTime(time.Now()), | ||
26 | }, | ||
27 | }).Decode(&out); err != nil { | ||
28 | return nil, err | ||
29 | } | ||
30 | |||
31 | return &out, nil | ||
32 | } | ||
33 | |||
34 | func (s *AuthSessionStoreMongodb) GetByUserCode(ctx context.Context, userCode string) (*AuthSession, error) { | ||
35 | return s.getBy(ctx, "usercode", userCode) | ||
36 | } | ||
37 | |||
38 | func (s *AuthSessionStoreMongodb) GetByAccessCode(ctx context.Context, accessCode string) (*AuthSession, error) { | ||
39 | return s.getBy(ctx, "accesscode", accessCode) | ||
40 | } | ||
41 | |||
42 | func (s *AuthSessionStoreMongodb) Insert(ctx context.Context, session *AuthSession) error { | ||
43 | _, err := s.Db.Collection(s.CollectionName).InsertOne(ctx, session) | ||
44 | return err | ||
45 | } | ||
diff --git a/app/models/auth_session_util.go b/app/models/auth_session_util.go new file mode 100644 index 0000000..1f1474a --- /dev/null +++ b/app/models/auth_session_util.go | |||
@@ -0,0 +1,25 @@ | |||
1 | package models | ||
2 | |||
3 | import ( | ||
4 | "crypto/rand" | ||
5 | "encoding/base32" | ||
6 | "encoding/base64" | ||
7 | "fmt" | ||
8 | ) | ||
9 | |||
10 | func createDeviceCode() string { | ||
11 | buf := make([]byte, 32) | ||
12 | if _, err := rand.Read(buf); err != nil { | ||
13 | panic(err) | ||
14 | } | ||
15 | return base64.URLEncoding.EncodeToString(buf) | ||
16 | } | ||
17 | |||
18 | func createUserCode() string { | ||
19 | buf := make([]byte, 32) | ||
20 | if _, err := rand.Read(buf); err != nil { | ||
21 | panic(err) | ||
22 | } | ||
23 | userCodeRaw := base32.StdEncoding.EncodeToString(buf) | ||
24 | return fmt.Sprintf("%s-%s", userCodeRaw[0:4], userCodeRaw[5:9]) | ||
25 | } | ||
diff --git a/app/models/oauth2.go b/app/models/oauth2.go new file mode 100644 index 0000000..9bfde0a --- /dev/null +++ b/app/models/oauth2.go | |||
@@ -0,0 +1,103 @@ | |||
1 | package models | ||
2 | |||
3 | import ( | ||
4 | "crypto/rand" | ||
5 | "crypto/sha256" | ||
6 | "crypto/subtle" | ||
7 | "encoding/base64" | ||
8 | "fmt" | ||
9 | ) | ||
10 | |||
11 | const ( | ||
12 | DEVICE_CODE_GRANT_TYPE = "urn:ietf:params:oauth:grant-type:device_code" | ||
13 | ) | ||
14 | |||
15 | type AuthorizationRequest struct { | ||
16 | Challenge string `url:"code_challenge" form:"code_challenge" json:"code_challenge"` // RFC7636 | ||
17 | ChallengeMethod PKCEChallengeType `url:"code_challenge_method" form:"code_challenge_method" json:"code_challenge_method"` // RFC7636 | ||
18 | ClientId string `url:"client_id" form:"client_id" json:"client_id"` | ||
19 | Scope string `url:"scope" form:"scope" json:"scope"` | ||
20 | } | ||
21 | |||
22 | type DeviceAuthorizationResponse struct { | ||
23 | DeviceCode string `json:"device_code"` // REQUIRED | ||
24 | UserCode string `json:"user_code"` // REQUIRED | ||
25 | VerificationUri string `json:"verification_uri"` // REQUIRED | ||
26 | VerificationUriComplete string `json:"verification_uri_complete,omitempty"` | ||
27 | ExpiresIn int `json:"expires_in,omitempty"` | ||
28 | Interval int `json:"interval,omitempty"` | ||
29 | } | ||
30 | |||
31 | type DeviceAccessTokenRequest struct { | ||
32 | GrantType string `url:"grant_type" form:"grant_type" json:"grant_type"` | ||
33 | DeviceCode string `url:"device_code" form:"device_code" json:"device_code"` | ||
34 | ClientId string `url:"client_id" form:"client_id" json:"client_id"` | ||
35 | CodeVerifier string `url:"code_verifier" form:"code_verifier" json:"code_verifier"` | ||
36 | } | ||
37 | |||
38 | type AccessTokenResponse struct { | ||
39 | AccessToken string `json:"access_token"` | ||
40 | TokenType string `json:"token_type"` // Must be Bearer | ||
41 | ExpiresIn string `json:"expires_in,omitempty"` // Lifetime in seconds | ||
42 | RefreshToken string `json:"refresh_token,omitempty"` | ||
43 | Scope string `json:"scope,omitempty"` | ||
44 | } | ||
45 | |||
46 | type AuthorizationError string | ||
47 | |||
48 | const ( | ||
49 | ErrInvalidRequest AuthorizationError = "invalid_request" | ||
50 | ErrInvalidClient = "invalid_client" | ||
51 | ErrInvalidGrant = "invalid_grant" | ||
52 | ErrUnauthorizedClient = "unauthorized_client" | ||
53 | ErrUnsupportedGrantType = "unsupported_grant_type" | ||
54 | ErrInvalidScope = "invalid_scope" | ||
55 | ErrAuthorizationPending = "authorization_pending" // RFC7636 | ||
56 | ErrSlowDown = "slow_down" // RFC7636 | ||
57 | ErrAccessDenied = "access_denied" // RFC7636 | ||
58 | ErrExpiredToken = "expired_token" // RFC7636 | ||
59 | ) | ||
60 | |||
61 | type Oauth2Error struct { | ||
62 | Type AuthorizationError `json:"error"` | ||
63 | Description string `json:"error_description,omitempty"` | ||
64 | Uri string `json:"error_uri,omitempty"` | ||
65 | } | ||
66 | |||
67 | func (e Oauth2Error) Error() string { | ||
68 | if e.Description == "" { | ||
69 | return fmt.Sprintf("Oauth2Error: %s", e.Type) | ||
70 | } else { | ||
71 | return fmt.Sprintf("Oauth2Error: %s %s", e.Type, e.Description) | ||
72 | } | ||
73 | } | ||
74 | |||
75 | type PKCEChallengeType string | ||
76 | |||
77 | const ( | ||
78 | ChallengePlain PKCEChallengeType = "plain" | ||
79 | ChallengeS256 = "S256" | ||
80 | ) | ||
81 | |||
82 | type PKCEChallenge struct { | ||
83 | Verifier string | ||
84 | } | ||
85 | |||
86 | func NewPKCEChallenge() (*PKCEChallenge, error) { | ||
87 | buf := make([]byte, 32) | ||
88 | if _, err := rand.Read(buf); err != nil { | ||
89 | return nil, err | ||
90 | } | ||
91 | return &PKCEChallenge{ | ||
92 | Verifier: base64.URLEncoding.EncodeToString(buf), | ||
93 | }, nil | ||
94 | } | ||
95 | |||
96 | func (c *PKCEChallenge) Challenge() string { | ||
97 | hash := sha256.Sum256([]byte(c.Verifier)) | ||
98 | return base64.URLEncoding.EncodeToString(hash[:]) | ||
99 | } | ||
100 | |||
101 | func (c *PKCEChallenge) EqualString(o string) bool { | ||
102 | return subtle.ConstantTimeCompare([]byte(o), []byte(c.Challenge())) != 1 | ||
103 | } | ||
diff --git a/app/models/oauth_client.go b/app/models/oauth_client.go new file mode 100644 index 0000000..2f30087 --- /dev/null +++ b/app/models/oauth_client.go | |||
@@ -0,0 +1,27 @@ | |||
1 | package models | ||
2 | |||
3 | import ( | ||
4 | "context" | ||
5 | "time" | ||
6 | ) | ||
7 | |||
8 | type OauthClient struct { | ||
9 | Id string `bson:"_id"` | ||
10 | Deleted *time.Time | ||
11 | } | ||
12 | |||
13 | func (c *OauthClient) RecordId() string { | ||
14 | return c.Id | ||
15 | } | ||
16 | |||
17 | func (c *OauthClient) MarkDeleted(t time.Time) { | ||
18 | c.Deleted = &t | ||
19 | } | ||
20 | |||
21 | type OauthClientStore interface { | ||
22 | List(ctx context.Context) ([]*OauthClient, error) | ||
23 | ListAll(ctx context.Context) ([]*OauthClient, error) | ||
24 | Get(ctx context.Context, name string) (*OauthClient, error) | ||
25 | Upsert(ctx context.Context, m *OauthClient) error | ||
26 | Delete(ctx context.Context, m *OauthClient) error | ||
27 | } | ||
diff --git a/app/models/user.go b/app/models/user.go new file mode 100644 index 0000000..5c9ec90 --- /dev/null +++ b/app/models/user.go | |||
@@ -0,0 +1,63 @@ | |||
1 | package models | ||
2 | |||
3 | import ( | ||
4 | "context" | ||
5 | "time" | ||
6 | |||
7 | "github.com/go-webauthn/webauthn/webauthn" | ||
8 | ) | ||
9 | |||
10 | type User struct { | ||
11 | Username string `bson:"_id"` | ||
12 | DisplayName string | ||
13 | AllowedHosts []string | ||
14 | Fido2Credentials []webauthn.Credential | ||
15 | Deleted *time.Time | ||
16 | } | ||
17 | |||
18 | var _ webauthn.User = (*User)(nil) | ||
19 | |||
20 | func (u *User) RecordId() string { | ||
21 | return u.Username | ||
22 | } | ||
23 | |||
24 | func (u *User) MarkDeleted(t time.Time) { | ||
25 | u.Deleted = &t | ||
26 | } | ||
27 | |||
28 | func (u *User) WebAuthnID() []byte { | ||
29 | return []byte(u.Username) | ||
30 | } | ||
31 | |||
32 | func (u *User) WebAuthnName() string { | ||
33 | return u.Username | ||
34 | } | ||
35 | |||
36 | func (u *User) WebAuthnDisplayName() string { | ||
37 | return u.DisplayName | ||
38 | } | ||
39 | |||
40 | func (u *User) WebAuthnCredentials() []webauthn.Credential { | ||
41 | return u.Fido2Credentials | ||
42 | } | ||
43 | |||
44 | func (u *User) WebAuthnIcon() string { | ||
45 | return "" | ||
46 | } | ||
47 | |||
48 | func (u *User) AuthorizedForHost(host string) bool { | ||
49 | for _, c := range u.AllowedHosts { | ||
50 | if host == c { | ||
51 | return true | ||
52 | } | ||
53 | } | ||
54 | return false | ||
55 | } | ||
56 | |||
57 | type UserStore interface { | ||
58 | List(ctx context.Context) ([]*User, error) | ||
59 | ListAll(ctx context.Context) ([]*User, error) | ||
60 | Get(ctx context.Context, name string) (*User, error) | ||
61 | Upsert(ctx context.Context, m *User) error | ||
62 | Delete(ctx context.Context, m *User) error | ||
63 | } | ||
diff --git a/app/session.go b/app/session.go new file mode 100644 index 0000000..58aa13d --- /dev/null +++ b/app/session.go | |||
@@ -0,0 +1,46 @@ | |||
1 | package app | ||
2 | |||
3 | import ( | ||
4 | "time" | ||
5 | |||
6 | "code.crute.us/mcrute/golib/echo/middleware" | ||
7 | "code.crute.us/mcrute/golib/echo/session" | ||
8 | "github.com/go-webauthn/webauthn/webauthn" | ||
9 | "github.com/labstack/echo/v4" | ||
10 | ) | ||
11 | |||
12 | type AppSession interface { | ||
13 | session.Session | ||
14 | middleware.CSRFAwareSession | ||
15 | Self() *Session | ||
16 | } | ||
17 | |||
18 | type Session struct { | ||
19 | Expiration time.Time | ||
20 | CSRFToken string | ||
21 | WebauthnSession *webauthn.SessionData | ||
22 | } | ||
23 | |||
24 | var _ AppSession = (*Session)(nil) | ||
25 | |||
26 | func NewSession(c echo.Context) *Session { | ||
27 | return &Session{ | ||
28 | Expiration: time.Now().Add(365 * 24 * time.Hour), | ||
29 | } | ||
30 | } | ||
31 | |||
32 | func (s *Session) Self() *Session { | ||
33 | return s | ||
34 | } | ||
35 | |||
36 | func (s *Session) Expires() time.Time { | ||
37 | return s.Expiration | ||
38 | } | ||
39 | |||
40 | func (s *Session) GetCSRFSecret() string { | ||
41 | return s.CSRFToken | ||
42 | } | ||
43 | |||
44 | func (s *Session) SetCSRFSecret(secret string) { | ||
45 | s.CSRFToken = secret | ||
46 | } | ||
diff --git a/app/templates.go b/app/templates.go new file mode 100644 index 0000000..52ded7a --- /dev/null +++ b/app/templates.go | |||
@@ -0,0 +1,18 @@ | |||
1 | package app | ||
2 | |||
3 | import ( | ||
4 | "code.crute.us/mcrute/golib/echo/controller" | ||
5 | "code.crute.us/mcrute/ssh-proxy/app/models" | ||
6 | ) | ||
7 | |||
8 | type PageContext struct { | ||
9 | PageName string | ||
10 | Year int | ||
11 | RenderTime string | ||
12 | Flags *controller.FeatureFlags | ||
13 | Context *controller.PageContext | ||
14 | CSRFToken string | ||
15 | AuthenticatedUser *models.User | ||
16 | Model any // For pages with one model | ||
17 | Models any // For pages with a collection of models | ||
18 | } | ||
diff --git a/client.go b/client.go deleted file mode 100644 index d9a0f25..0000000 --- a/client.go +++ /dev/null | |||
@@ -1,54 +0,0 @@ | |||
1 | package main | ||
2 | |||
3 | import ( | ||
4 | "context" | ||
5 | "log" | ||
6 | "net" | ||
7 | |||
8 | "github.com/gorilla/websocket" | ||
9 | ) | ||
10 | |||
11 | type ClientHandler struct { | ||
12 | SocketListenOn string | ||
13 | WebsocketServer string | ||
14 | Context context.Context | ||
15 | } | ||
16 | |||
17 | func (h *ClientHandler) ServiceConnection(proxyconn net.Conn) { | ||
18 | defer proxyconn.Close() | ||
19 | |||
20 | wsconn, _, err := websocket.DefaultDialer.Dial(h.WebsocketServer, nil) | ||
21 | if err != nil { | ||
22 | log.Println(err) | ||
23 | return | ||
24 | } | ||
25 | defer wsconn.Close() | ||
26 | |||
27 | log.Println("Connected to server") | ||
28 | |||
29 | errc := make(chan error) | ||
30 | ws := &WebsocketReadWriter{wsconn} | ||
31 | |||
32 | go serviceBoth(proxyconn, ws, errc) | ||
33 | go serviceBoth(ws, proxyconn, errc) | ||
34 | |||
35 | <-errc | ||
36 | log.Println("Closing client connection") | ||
37 | } | ||
38 | |||
39 | func (h *ClientHandler) Run() { | ||
40 | listener, err := net.Listen("tcp", h.SocketListenOn) | ||
41 | if err != nil { | ||
42 | log.Printf("error: Run: %s", err) | ||
43 | return | ||
44 | } | ||
45 | |||
46 | for { | ||
47 | conn, err := listener.Accept() | ||
48 | if err != nil { | ||
49 | log.Printf("error: Run: %s", err) | ||
50 | continue | ||
51 | } | ||
52 | go h.ServiceConnection(conn) | ||
53 | } | ||
54 | } | ||
diff --git a/cmd/client/client.go b/cmd/client/client.go new file mode 100644 index 0000000..62f1f48 --- /dev/null +++ b/cmd/client/client.go | |||
@@ -0,0 +1,226 @@ | |||
1 | package client | ||
2 | |||
3 | import ( | ||
4 | "bytes" | ||
5 | "context" | ||
6 | "crypto/ed25519" | ||
7 | "crypto/rand" | ||
8 | "fmt" | ||
9 | "io" | ||
10 | "log" | ||
11 | "net" | ||
12 | "net/http" | ||
13 | "os" | ||
14 | |||
15 | "code.crute.us/mcrute/ssh-proxy/app" | ||
16 | "code.crute.us/mcrute/ssh-proxy/proxy" | ||
17 | "golang.org/x/crypto/ssh" | ||
18 | "golang.org/x/crypto/ssh/agent" | ||
19 | |||
20 | "code.crute.us/mcrute/golib/cli" | ||
21 | "github.com/gorilla/websocket" | ||
22 | "github.com/mdp/qrterminal" | ||
23 | "github.com/spf13/cobra" | ||
24 | ) | ||
25 | |||
26 | // This should be compiled into the binary | ||
27 | var clientId string | ||
28 | |||
29 | func Register(root *cobra.Command) { | ||
30 | clientCmd := &cobra.Command{ | ||
31 | Use: "client proxy-host ssh-to-host ssh-port username", | ||
32 | Short: "Run websocket client", | ||
33 | Args: cobra.ExactArgs(4), | ||
34 | Run: func(c *cobra.Command, args []string) { | ||
35 | cfg := app.Config{} | ||
36 | cli.MustGetConfig(c, &cfg) | ||
37 | clientMain(cfg, args[0], args[1], args[2], args[3]) | ||
38 | }, | ||
39 | } | ||
40 | cli.AddFlags(clientCmd, &app.Config{}, app.DefaultConfig, "client") | ||
41 | root.AddCommand(clientCmd) | ||
42 | } | ||
43 | |||
44 | func generateCertificateRequest(username, host string) (ed25519.PrivateKey, []byte, error) { | ||
45 | pub, priv, err := ed25519.GenerateKey(rand.Reader) | ||
46 | if err != nil { | ||
47 | return nil, nil, err | ||
48 | } | ||
49 | |||
50 | pubKey, err := ssh.NewPublicKey(pub) | ||
51 | if err != nil { | ||
52 | return nil, nil, err | ||
53 | } | ||
54 | |||
55 | cert := &ssh.Certificate{ | ||
56 | Key: pubKey, | ||
57 | CertType: ssh.UserCert, | ||
58 | ValidPrincipals: []string{username}, | ||
59 | Permissions: ssh.Permissions{ | ||
60 | Extensions: map[string]string{ | ||
61 | // Used for CA policy checks, removed by the CA server | ||
62 | // Server supports a comma separated list without spaces | ||
63 | "allowed-hosts": host, | ||
64 | }, | ||
65 | }, | ||
66 | } | ||
67 | |||
68 | signer, err := ssh.NewSignerFromKey(priv) | ||
69 | if err != nil { | ||
70 | return nil, nil, err | ||
71 | } | ||
72 | |||
73 | // Signatures are required to un/marshal to ASCII. The server will | ||
74 | // discard this anyhow and replace it with its own signature. | ||
75 | if err := cert.SignCert(rand.Reader, signer); err != nil { | ||
76 | return nil, nil, err | ||
77 | } | ||
78 | |||
79 | return priv, ssh.MarshalAuthorizedKey(cert), nil | ||
80 | } | ||
81 | |||
82 | func getCertificateFromCA(ctx context.Context, oauthToken string, certRequest []byte, host string) (*ssh.Certificate, error) { | ||
83 | req, err := http.NewRequestWithContext(ctx, http.MethodPost, fmt.Sprintf("https://%s/ca/issue", host), bytes.NewReader(certRequest)) | ||
84 | if err != nil { | ||
85 | return nil, err | ||
86 | } | ||
87 | |||
88 | req.Header.Add("Content-Type", "application/x-ssh-certificate") | ||
89 | req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", oauthToken)) | ||
90 | |||
91 | resp, err := http.DefaultClient.Do(req) | ||
92 | if err != nil { | ||
93 | return nil, err | ||
94 | } | ||
95 | |||
96 | res, err := io.ReadAll(resp.Body) | ||
97 | if err != nil { | ||
98 | return nil, err | ||
99 | } | ||
100 | defer resp.Body.Close() | ||
101 | |||
102 | if resp.StatusCode != http.StatusOK { | ||
103 | return nil, fmt.Errorf("CA returned error: %s", res) | ||
104 | } | ||
105 | |||
106 | pubkey, _, _, _, err := ssh.ParseAuthorizedKey(res) | ||
107 | if err != nil { | ||
108 | return nil, err | ||
109 | } | ||
110 | |||
111 | cert, ok := pubkey.(*ssh.Certificate) | ||
112 | if !ok { | ||
113 | return nil, fmt.Errorf("Parsed certificate is of incorrect type") | ||
114 | } | ||
115 | |||
116 | return cert, nil | ||
117 | } | ||
118 | |||
119 | func addCertificateToAgent(private any, cert *ssh.Certificate) error { | ||
120 | socket := os.Getenv("SSH_AUTH_SOCK") | ||
121 | conn, err := net.Dial("unix", socket) | ||
122 | if err != nil { | ||
123 | return err | ||
124 | } | ||
125 | |||
126 | agentConn := agent.NewClient(conn) | ||
127 | |||
128 | return agentConn.Add(agent.AddedKey{ | ||
129 | PrivateKey: private, | ||
130 | Certificate: cert, | ||
131 | LifetimeSecs: 10, | ||
132 | }) | ||
133 | } | ||
134 | |||
135 | func dialProxyHost(ctx context.Context, oauthToken, proxyHost, host, port string) (io.ReadWriteCloser, error) { | ||
136 | addr := fmt.Sprintf("wss://%s/proxy-to/%s/%s", proxyHost, host, port) | ||
137 | |||
138 | hdr := http.Header{} | ||
139 | hdr.Add("Authorization", fmt.Sprintf("Bearer %s", oauthToken)) | ||
140 | |||
141 | conn, _, err := websocket.DefaultDialer.DialContext(ctx, addr, hdr) | ||
142 | if err != nil { | ||
143 | return nil, err | ||
144 | } | ||
145 | |||
146 | return &proxy.WebsocketReadWriter{W: conn}, nil | ||
147 | } | ||
148 | |||
149 | func fetchOauthToken(ctx context.Context, clientId, proxyHost string) (string, error) { | ||
150 | client := &Oauth2PKCEDeviceClient{ | ||
151 | Host: proxyHost, | ||
152 | ClientId: clientId, | ||
153 | Scope: "ssh:proxy ca:issue", | ||
154 | } | ||
155 | |||
156 | authResponse, err := client.Authorize(ctx) | ||
157 | if err != nil { | ||
158 | return "", err | ||
159 | } | ||
160 | |||
161 | fmt.Fprintf(os.Stderr, | ||
162 | "To authenticate, please visit: \n\n\t%s \n\nEnter code: %s\n\n", | ||
163 | authResponse.VerificationUri, authResponse.UserCode) | ||
164 | |||
165 | if authResponse.VerificationUriComplete != "" { | ||
166 | qrterminal.GenerateWithConfig(authResponse.VerificationUriComplete, qrterminal.Config{ | ||
167 | Level: qrterminal.M, | ||
168 | Writer: os.Stderr, | ||
169 | BlackChar: "\033[7m \033[0m", // White | ||
170 | WhiteChar: "\033[0m \033[0m", // Black | ||
171 | QuietZone: 1, | ||
172 | }) | ||
173 | fmt.Fprintf(os.Stderr, "\n") | ||
174 | } | ||
175 | |||
176 | tokenResponse, err := client.AwaitToken(ctx, authResponse.DeviceCode) | ||
177 | if err != nil { | ||
178 | return "", err | ||
179 | } | ||
180 | |||
181 | return tokenResponse.AccessToken, nil | ||
182 | } | ||
183 | |||
184 | func clientMain(cfg app.Config, proxyHost, host, port, username string) { | ||
185 | log.SetOutput(os.Stderr) | ||
186 | |||
187 | ctx, cancel := context.WithCancel(context.Background()) | ||
188 | defer cancel() | ||
189 | |||
190 | oauthToken, err := fetchOauthToken(ctx, clientId, proxyHost) | ||
191 | if err != nil { | ||
192 | log.Fatalf("Error fetching oauth token: %s", err) | ||
193 | } | ||
194 | |||
195 | privateKey, certRequest, err := generateCertificateRequest(username, host) | ||
196 | if err != nil { | ||
197 | log.Fatalf("Error generating certificate request: %s", err) | ||
198 | } | ||
199 | |||
200 | certificate, err := getCertificateFromCA(ctx, oauthToken, certRequest, proxyHost) | ||
201 | if err != nil { | ||
202 | log.Fatalf("Error fetching certificate: %s", err) | ||
203 | } | ||
204 | |||
205 | if err := addCertificateToAgent(privateKey, certificate); err != nil { | ||
206 | log.Fatalf("Error adding certificate to agent: %s", err) | ||
207 | } | ||
208 | |||
209 | ws, err := dialProxyHost(ctx, oauthToken, proxyHost, host, port) | ||
210 | if err != nil { | ||
211 | log.Fatalf("Error dialing proxy host: %s", err) | ||
212 | } | ||
213 | defer ws.Close() | ||
214 | |||
215 | errc := make(chan error) | ||
216 | |||
217 | go proxy.CopyWithErrors(os.Stdout, ws, errc) | ||
218 | go proxy.CopyWithErrors(ws, os.Stdin, errc) | ||
219 | |||
220 | err = <-errc | ||
221 | if err != nil { | ||
222 | log.Printf("Closing client connection: %s", <-errc) | ||
223 | } else { | ||
224 | log.Printf("Closing client connection") | ||
225 | } | ||
226 | } | ||
diff --git a/cmd/client/oauth2.go b/cmd/client/oauth2.go new file mode 100644 index 0000000..6667c5a --- /dev/null +++ b/cmd/client/oauth2.go | |||
@@ -0,0 +1,158 @@ | |||
1 | package client | ||
2 | |||
3 | import ( | ||
4 | "context" | ||
5 | "encoding/json" | ||
6 | "fmt" | ||
7 | "net/http" | ||
8 | "strings" | ||
9 | "time" | ||
10 | |||
11 | "code.crute.us/mcrute/ssh-proxy/app/models" | ||
12 | |||
13 | "github.com/google/go-querystring/query" | ||
14 | ) | ||
15 | |||
16 | // Oauth2PKCEDeviceClient is not safe for concurrent use and should be | ||
17 | // created anew for each request. | ||
18 | type Oauth2PKCEDeviceClient struct { | ||
19 | Host string | ||
20 | ClientId string | ||
21 | Scope string | ||
22 | pkce *models.PKCEChallenge | ||
23 | interval time.Duration | ||
24 | } | ||
25 | |||
26 | func (c *Oauth2PKCEDeviceClient) Authorize(ctx context.Context) (*models.DeviceAuthorizationResponse, error) { | ||
27 | challenge, err := models.NewPKCEChallenge() | ||
28 | if err != nil { | ||
29 | return nil, err | ||
30 | } | ||
31 | c.pkce = challenge | ||
32 | |||
33 | values, err := query.Values(models.AuthorizationRequest{ | ||
34 | Challenge: c.pkce.Challenge(), | ||
35 | ChallengeMethod: models.ChallengeS256, | ||
36 | ClientId: c.ClientId, | ||
37 | Scope: c.Scope, | ||
38 | }) | ||
39 | if err != nil { | ||
40 | return nil, err | ||
41 | } | ||
42 | |||
43 | url := fmt.Sprintf("https://%s/auth/device", c.Host) | ||
44 | req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, strings.NewReader(values.Encode())) | ||
45 | if err != nil { | ||
46 | return nil, err | ||
47 | } | ||
48 | req.Header.Add("Content-Type", "application/x-www-form-urlencoded") | ||
49 | |||
50 | res, err := http.DefaultClient.Do(req) | ||
51 | if err != nil { | ||
52 | return nil, err | ||
53 | } | ||
54 | defer res.Body.Close() | ||
55 | |||
56 | if res.StatusCode != 200 { | ||
57 | var resError models.Oauth2Error | ||
58 | if err := json.NewDecoder(res.Body).Decode(&resError); err != nil { | ||
59 | return nil, err | ||
60 | } | ||
61 | return nil, resError | ||
62 | } | ||
63 | |||
64 | var resp models.DeviceAuthorizationResponse | ||
65 | if err := json.NewDecoder(res.Body).Decode(&resp); err != nil { | ||
66 | return nil, err | ||
67 | } | ||
68 | |||
69 | c.interval = time.Duration(resp.Interval) * time.Second | ||
70 | if c.interval == 0 { | ||
71 | c.interval = 5 * time.Second | ||
72 | } | ||
73 | |||
74 | return &resp, nil | ||
75 | } | ||
76 | |||
77 | func (c *Oauth2PKCEDeviceClient) fetchToken(ctx context.Context, deviceCode string) (*models.AccessTokenResponse, error) { | ||
78 | values, err := query.Values(models.DeviceAccessTokenRequest{ | ||
79 | GrantType: models.DEVICE_CODE_GRANT_TYPE, | ||
80 | DeviceCode: deviceCode, | ||
81 | ClientId: c.ClientId, | ||
82 | CodeVerifier: c.pkce.Verifier, | ||
83 | }) | ||
84 | if err != nil { | ||
85 | return nil, err | ||
86 | } | ||
87 | |||
88 | url := fmt.Sprintf("https://%s/auth/token", c.Host) | ||
89 | req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, strings.NewReader(values.Encode())) | ||
90 | if err != nil { | ||
91 | return nil, err | ||
92 | } | ||
93 | req.Header.Add("Content-Type", "application/x-www-form-urlencoded") | ||
94 | |||
95 | res, err := http.DefaultClient.Do(req) | ||
96 | if err != nil { | ||
97 | return nil, err | ||
98 | } | ||
99 | defer res.Body.Close() | ||
100 | |||
101 | if res.StatusCode != 200 { | ||
102 | var resError models.Oauth2Error | ||
103 | if err := json.NewDecoder(res.Body).Decode(&resError); err != nil { | ||
104 | return nil, err | ||
105 | } | ||
106 | |||
107 | if resError.Type == models.ErrSlowDown { | ||
108 | c.interval += 5 * time.Second | ||
109 | } | ||
110 | |||
111 | return nil, resError | ||
112 | } | ||
113 | |||
114 | var resp models.AccessTokenResponse | ||
115 | if err := json.NewDecoder(res.Body).Decode(&resp); err != nil { | ||
116 | return nil, err | ||
117 | } | ||
118 | |||
119 | return &resp, nil | ||
120 | } | ||
121 | |||
122 | func (c *Oauth2PKCEDeviceClient) AwaitToken(ctx context.Context, deviceCode string) (*models.AccessTokenResponse, error) { | ||
123 | t := time.NewTicker(c.interval) | ||
124 | defer t.Stop() | ||
125 | |||
126 | res, err := c.fetchToken(ctx, deviceCode) | ||
127 | if err == nil { | ||
128 | return res, nil | ||
129 | } else if e, ok := err.(models.Oauth2Error); ok { | ||
130 | if e.Type == models.ErrSlowDown { | ||
131 | t.Reset(c.interval) | ||
132 | } else if e.Type != models.ErrAuthorizationPending { | ||
133 | return nil, err | ||
134 | } | ||
135 | } else { | ||
136 | return nil, err | ||
137 | } | ||
138 | |||
139 | for { | ||
140 | select { | ||
141 | case <-t.C: | ||
142 | res, err := c.fetchToken(ctx, deviceCode) | ||
143 | if err == nil { | ||
144 | return res, nil | ||
145 | } else if e, ok := err.(models.Oauth2Error); ok { | ||
146 | if e.Type == models.ErrSlowDown { | ||
147 | t.Reset(c.interval) | ||
148 | } else if e.Type != models.ErrAuthorizationPending { | ||
149 | return nil, err | ||
150 | } | ||
151 | } else { | ||
152 | return nil, err | ||
153 | } | ||
154 | case <-ctx.Done(): | ||
155 | return nil, fmt.Errorf("Context has expired") | ||
156 | } | ||
157 | } | ||
158 | } | ||
diff --git a/cmd/register/register.go b/cmd/register/register.go new file mode 100644 index 0000000..fdd083c --- /dev/null +++ b/cmd/register/register.go | |||
@@ -0,0 +1,71 @@ | |||
1 | package register | ||
2 | |||
3 | import ( | ||
4 | "context" | ||
5 | "log" | ||
6 | "time" | ||
7 | |||
8 | "code.crute.us/mcrute/golib/cli" | ||
9 | "code.crute.us/mcrute/golib/db/mongodb/v2" | ||
10 | glecho "code.crute.us/mcrute/golib/echo" | ||
11 | "code.crute.us/mcrute/ssh-proxy/app" | ||
12 | "code.crute.us/mcrute/ssh-proxy/app/models" | ||
13 | "code.crute.us/mcrute/ssh-proxy/db" | ||
14 | "github.com/spf13/cobra" | ||
15 | ) | ||
16 | |||
17 | func Register(root *cobra.Command) { | ||
18 | registerCmd := &cobra.Command{ | ||
19 | Use: "register username", | ||
20 | Short: "Create registration invite for user", | ||
21 | Args: cobra.ExactArgs(1), | ||
22 | Run: func(c *cobra.Command, args []string) { | ||
23 | cfg := app.Config{} | ||
24 | cli.MustGetConfig(c, &cfg) | ||
25 | registerMain(cfg, args[0]) | ||
26 | }, | ||
27 | } | ||
28 | cli.AddFlags(registerCmd, &app.Config{}, app.DefaultConfig, "register") | ||
29 | root.AddCommand(registerCmd) | ||
30 | } | ||
31 | |||
32 | func registerMain(cfg app.Config, username string) { | ||
33 | ctx, cancel := context.WithCancel(context.Background()) | ||
34 | defer cancel() | ||
35 | |||
36 | vc, err := glecho.MakeVaultSecretsClient(ctx) | ||
37 | if err != nil { | ||
38 | log.Fatalf("Error making vault client %s", err) | ||
39 | } | ||
40 | |||
41 | mongo, err := mongodb.Connect(ctx, cfg.MongoDbUri, vc) | ||
42 | if err != nil { | ||
43 | log.Fatalf("Error connecting to mongodb: %s", err) | ||
44 | } | ||
45 | |||
46 | userStore := &db.MongoDbBasicStore[*models.User]{ | ||
47 | Db: mongo, | ||
48 | CollectionName: "users", | ||
49 | } | ||
50 | |||
51 | authSessionStore := &models.AuthSessionStoreMongodb{ | ||
52 | MongoDbBasicStore: &db.MongoDbBasicStore[*models.AuthSession]{ | ||
53 | Db: mongo, | ||
54 | CollectionName: "oauth_sessions", | ||
55 | }, | ||
56 | } | ||
57 | |||
58 | if _, err := userStore.Get(ctx, username); err != nil { | ||
59 | log.Fatalf("User %s does not exist", username) | ||
60 | } | ||
61 | |||
62 | authSession := models.NewAuthSession("invite-only", time.Now().Add(cfg.InviteTimeout)) | ||
63 | authSession.IsRegistration = true | ||
64 | authSession.UserId = username | ||
65 | |||
66 | if err := authSessionStore.Upsert(ctx, authSession); err != nil { | ||
67 | log.Fatalf("Error inserting registration: %s", err) | ||
68 | } | ||
69 | |||
70 | log.Printf("Invitation created, user code is: %s", authSession.UserCode) | ||
71 | } | ||
diff --git a/cmd/web/server.go b/cmd/web/server.go new file mode 100644 index 0000000..6eb585a --- /dev/null +++ b/cmd/web/server.go | |||
@@ -0,0 +1,257 @@ | |||
1 | package web | ||
2 | |||
3 | import ( | ||
4 | "context" | ||
5 | "fmt" | ||
6 | "io/fs" | ||
7 | "log" | ||
8 | "os" | ||
9 | "strings" | ||
10 | "text/template" | ||
11 | "time" | ||
12 | |||
13 | "code.crute.us/mcrute/ssh-proxy/app" | ||
14 | "code.crute.us/mcrute/ssh-proxy/app/controllers" | ||
15 | "code.crute.us/mcrute/ssh-proxy/app/middleware" | ||
16 | "code.crute.us/mcrute/ssh-proxy/app/models" | ||
17 | "code.crute.us/mcrute/ssh-proxy/db" | ||
18 | |||
19 | "code.crute.us/mcrute/golib/cli" | ||
20 | "code.crute.us/mcrute/golib/clients/autocert/v2" | ||
21 | "code.crute.us/mcrute/golib/clients/netbox/v3" | ||
22 | "code.crute.us/mcrute/golib/db/mongodb/v2" | ||
23 | glecho "code.crute.us/mcrute/golib/echo" | ||
24 | glcontroller "code.crute.us/mcrute/golib/echo/controller" | ||
25 | glmiddleware "code.crute.us/mcrute/golib/echo/middleware" | ||
26 | "code.crute.us/mcrute/golib/echo/session" | ||
27 | "code.crute.us/mcrute/golib/secrets" | ||
28 | |||
29 | "github.com/go-webauthn/webauthn/webauthn" | ||
30 | "github.com/gorilla/websocket" | ||
31 | "github.com/labstack/echo/v4" | ||
32 | "github.com/spf13/cobra" | ||
33 | ) | ||
34 | |||
35 | func Register(root *cobra.Command, embeddedTemplates fs.FS, appVersion string) { | ||
36 | webCmd := &cobra.Command{ | ||
37 | Use: "web [options]", | ||
38 | Short: "Run web server", | ||
39 | Run: func(c *cobra.Command, args []string) { | ||
40 | cfg := app.Config{} | ||
41 | cli.MustGetConfig(c, &cfg) | ||
42 | webMain(cfg, embeddedTemplates, appVersion) | ||
43 | }, | ||
44 | } | ||
45 | cli.AddFlags(webCmd, &app.Config{}, app.DefaultConfig, "web") | ||
46 | root.AddCommand(webCmd) | ||
47 | } | ||
48 | |||
49 | func PopulateTemplateContext(c echo.Context) (interface{}, error) { | ||
50 | // May not be set if we're being called from something other than | ||
51 | // the generic template controller, which can happen in the order | ||
52 | // redirect controller. | ||
53 | cp, _ := c.Get("CanonicalPath").(string) | ||
54 | |||
55 | return &app.PageContext{ | ||
56 | PageName: strings.SplitN(cp, ".", 2)[0], | ||
57 | Year: time.Now().Year(), | ||
58 | RenderTime: time.Now().Format(time.RFC1123), | ||
59 | Flags: glcontroller.NewFeatureFlags(), | ||
60 | CSRFToken: glmiddleware.GetCSRFToken(c), | ||
61 | Context: glcontroller.NewPageContext(), | ||
62 | }, nil | ||
63 | } | ||
64 | |||
65 | func webMain(cfg app.Config, embeddedTemplates fs.FS, appVersion string) { | ||
66 | ctx, cancel := context.WithCancel(context.Background()) | ||
67 | defer cancel() | ||
68 | |||
69 | gt := &glcontroller.GenericTemplateHandler{Render: PopulateTemplateContext} | ||
70 | |||
71 | s, err := glecho.NewEchoWrapper(ctx, cfg.Debug) | ||
72 | if err != nil { | ||
73 | log.Fatalf("Error building echo: %s", err) | ||
74 | } | ||
75 | |||
76 | vc, err := glecho.MakeVaultSecretsClient(ctx) | ||
77 | if err != nil { | ||
78 | log.Fatalf("Error making vault client %s", err) | ||
79 | } | ||
80 | |||
81 | if err = s.Configure(glecho.EchoConfig{ | ||
82 | ApplicationName: "app-server", | ||
83 | ApplicationVersion: appVersion, | ||
84 | BindAddresses: cfg.Bind, | ||
85 | DiskTemplates: os.DirFS("templates/"), | ||
86 | EmbeddedTemplates: embeddedTemplates, | ||
87 | RedirectToWWW: false, | ||
88 | TrustedProxyIPRanges: cfg.TrustedIPRanges, | ||
89 | ContentSecurityPolicy: &glmiddleware.ContentSecurityPolicyConfig{ | ||
90 | DefaultSrc: []glmiddleware.CSPDirective{ | ||
91 | glmiddleware.CSPSelf, | ||
92 | glmiddleware.CSPUnsafeInline, | ||
93 | }, | ||
94 | }, | ||
95 | TemplateFunctions: template.FuncMap{ | ||
96 | "cacheBustUrl": gt.TmplMakeCacheBustUrl, | ||
97 | }, | ||
98 | Autocert: autocert.MustNewAutocertWrapper(ctx, autocert.AutocertConfig{ | ||
99 | ApiKey: secrets.MustGetApiKey(vc, ctx, cfg.DNSApiKeyVaultPath).Key, | ||
100 | Hosts: cfg.Hostnames, | ||
101 | Email: cfg.AutocertEmail, | ||
102 | CertHost: cfg.AutocertHost, | ||
103 | }), | ||
104 | NetboxClient: &netbox.BasicNetboxClient{ | ||
105 | Endpoint: cfg.NetboxHost, | ||
106 | ApiKey: secrets.MustGetApiKey(vc, ctx, cfg.NetboxApiKeyVaultPath).Key, | ||
107 | }, | ||
108 | }); err != nil { | ||
109 | log.Fatalf("Error configuring echo: %s", err) | ||
110 | } | ||
111 | |||
112 | glecho.AttachSecretsClient(vc, cancel, s.Runner(), s.Logger) | ||
113 | |||
114 | mongo, err := mongodb.Connect(ctx, cfg.MongoDbUri, vc) | ||
115 | if err != nil { | ||
116 | log.Fatalf("Error connecting to mongodb: %s", err) | ||
117 | } | ||
118 | |||
119 | cookieKey := secrets.MustGetRSAKey(vc, ctx, cfg.CookieKeyPath) | ||
120 | pk, err := cookieKey.RSAPrivateKey() | ||
121 | if err != nil { | ||
122 | log.Fatalf("Error fetching cookie key from vault: %s", err) | ||
123 | } | ||
124 | |||
125 | ss, err := session.NewCookieStore[*app.Session](pk, app.NewSession) | ||
126 | if err != nil { | ||
127 | log.Fatalf("Error creating session store: %s", err) | ||
128 | } | ||
129 | |||
130 | userStore := &db.MongoDbBasicStore[*models.User]{ | ||
131 | Db: mongo, | ||
132 | CollectionName: "users", | ||
133 | } | ||
134 | |||
135 | oauthClientStore := &db.MongoDbBasicStore[*models.OauthClient]{ | ||
136 | Db: mongo, | ||
137 | CollectionName: "oauth_clients", | ||
138 | } | ||
139 | |||
140 | authSessionStore := &models.AuthSessionStoreMongodb{ | ||
141 | MongoDbBasicStore: &db.MongoDbBasicStore[*models.AuthSession]{ | ||
142 | Db: mongo, | ||
143 | CollectionName: "oauth_sessions", | ||
144 | }, | ||
145 | } | ||
146 | |||
147 | wauthn, err := webauthn.New(&webauthn.Config{ | ||
148 | RPDisplayName: cfg.OauthRPName, | ||
149 | RPID: cfg.Hostnames[0], | ||
150 | RPOrigins: []string{ | ||
151 | fmt.Sprintf("https://%s:8070", cfg.Hostnames[0]), // TODO: Expose port in echo server for use here | ||
152 | }, | ||
153 | }) | ||
154 | if err != nil { | ||
155 | log.Fatalf("Error constructing webauthn: %s", err) | ||
156 | } | ||
157 | |||
158 | lc := &controllers.LoginController[*app.Session]{ | ||
159 | Logger: s.Logger, | ||
160 | Sessions: ss, | ||
161 | Users: userStore, | ||
162 | AuthSessions: authSessionStore, | ||
163 | Webauthn: wauthn, | ||
164 | SessionExpiration: cfg.OauthSessionTimeout, | ||
165 | } | ||
166 | |||
167 | rc := &controllers.RegisterController[*app.Session]{ | ||
168 | Logger: s.Logger, | ||
169 | Sessions: ss, | ||
170 | Users: userStore, | ||
171 | AuthSessions: authSessionStore, | ||
172 | Webauthn: wauthn, | ||
173 | } | ||
174 | |||
175 | o2dc := &controllers.OAuth2DeviceController[*app.Session]{ | ||
176 | Logger: s.Logger, | ||
177 | AuthSessions: authSessionStore, | ||
178 | OauthClients: oauthClientStore, | ||
179 | Hostname: fmt.Sprintf("https://%s:8070", cfg.Hostnames[0]), // TODO | ||
180 | PollSeconds: cfg.OauthDevicePollSecs, | ||
181 | SessionExpiration: cfg.OauthSessionTimeout, | ||
182 | } | ||
183 | |||
184 | ph := &controllers.ProxyHandler{ | ||
185 | Logger: s.Logger, | ||
186 | Users: userStore, | ||
187 | Upgrader: websocket.Upgrader{ | ||
188 | ReadBufferSize: 1024, | ||
189 | WriteBufferSize: 1024, | ||
190 | }, | ||
191 | } | ||
192 | |||
193 | caAuthMw := &middleware.TokenAuthMiddleware{ | ||
194 | Logger: s.Logger, | ||
195 | RequiredScope: "ca:issue", | ||
196 | AuthSessions: authSessionStore, | ||
197 | } | ||
198 | |||
199 | proxyAuthMw := &middleware.TokenAuthMiddleware{ | ||
200 | Logger: s.Logger, | ||
201 | RequiredScope: "ssh:proxy", | ||
202 | AuthSessions: authSessionStore, | ||
203 | } | ||
204 | |||
205 | var caSecret controllers.CASecret | ||
206 | if _, err := vc.Secret(ctx, cfg.SSHCAKeyPath, &caSecret); err != nil { | ||
207 | log.Fatalf("Error fetching SSH CA secret from Vault: %s", err) | ||
208 | } | ||
209 | |||
210 | ca, err := controllers.NewCAHandler(controllers.CAHandlerConfig{ | ||
211 | Logger: s.Logger, | ||
212 | Users: userStore, | ||
213 | Expiration: cfg.SSHCertificateExpiration, | ||
214 | Secret: caSecret, | ||
215 | }) | ||
216 | if err != nil { | ||
217 | log.Fatalf("Error building CA controller: %s", err) | ||
218 | } | ||
219 | |||
220 | s.Use(session.Middleware(ss)) | ||
221 | |||
222 | csm := glmiddleware.CSRFProtect(ss) | ||
223 | |||
224 | s.GET("/login", gt.Handle, csm) | ||
225 | s.GET("/register", gt.Handle, csm) | ||
226 | |||
227 | ag := s.Group("/auth") | ||
228 | { | ||
229 | ag.POST("/device", o2dc.HandleStart) | ||
230 | ag.POST("/token", o2dc.HandleToken) | ||
231 | |||
232 | lg := ag.Group("/login") | ||
233 | lg.Use(csm) | ||
234 | { | ||
235 | lg.GET("/:username", lc.HandleStart) | ||
236 | lg.POST("/:username", lc.HandleFinish) | ||
237 | } | ||
238 | |||
239 | rg := ag.Group("/register") | ||
240 | rg.Use(csm) | ||
241 | { | ||
242 | rg.GET("/:username", rc.HandleStart) | ||
243 | rg.POST("/:username", rc.HandleFinish) | ||
244 | } | ||
245 | } | ||
246 | |||
247 | s.POST("/ca/issue", ca.HandleIssue, caAuthMw.Middleware) | ||
248 | |||
249 | pg := s.Group("/proxy-to") | ||
250 | pg.Use(proxyAuthMw.Middleware) | ||
251 | { | ||
252 | pg.GET("/:host", ph.Handle) | ||
253 | pg.GET("/:host/:port", ph.Handle) | ||
254 | } | ||
255 | |||
256 | s.RunForever(!cfg.DisableBackgroundJobs) | ||
257 | } | ||
diff --git a/db/mongodb_store.go b/db/mongodb_store.go new file mode 100644 index 0000000..2822de4 --- /dev/null +++ b/db/mongodb_store.go | |||
@@ -0,0 +1,72 @@ | |||
1 | package db | ||
2 | |||
3 | import ( | ||
4 | "context" | ||
5 | "time" | ||
6 | |||
7 | "code.crute.us/mcrute/golib/db/mongodb/v2" | ||
8 | "go.mongodb.org/mongo-driver/bson" | ||
9 | "go.mongodb.org/mongo-driver/bson/primitive" | ||
10 | ) | ||
11 | |||
12 | type MongoDbBasicModel interface { | ||
13 | MarkDeleted(time.Time) | ||
14 | RecordId() string | ||
15 | } | ||
16 | |||
17 | type MongoDbBasicStore[T MongoDbBasicModel] struct { | ||
18 | Db *mongodb.Mongo | ||
19 | CollectionName string | ||
20 | } | ||
21 | |||
22 | func (s *MongoDbBasicStore[T]) List(ctx context.Context) ([]T, error) { | ||
23 | out := []T{} | ||
24 | |||
25 | filter := bson.M{} | ||
26 | filter["deleted"] = primitive.Null{} | ||
27 | |||
28 | if err := s.Db.FindAllByFilter(ctx, s.CollectionName, filter, &out); err != nil { | ||
29 | return nil, err | ||
30 | } | ||
31 | |||
32 | return out, nil | ||
33 | } | ||
34 | |||
35 | func (s *MongoDbBasicStore[T]) ListAll(ctx context.Context) ([]T, error) { | ||
36 | out := []T{} | ||
37 | |||
38 | if err := s.Db.FindAllByFilter(ctx, s.CollectionName, bson.M{}, &out); err != nil { | ||
39 | return nil, err | ||
40 | } | ||
41 | |||
42 | return out, nil | ||
43 | } | ||
44 | |||
45 | func (s *MongoDbBasicStore[T]) Get(ctx context.Context, name string) (T, error) { | ||
46 | var out T | ||
47 | |||
48 | filter := bson.M{} | ||
49 | filter["_id"] = name | ||
50 | |||
51 | if err := s.Db.FindOneByFilter(ctx, s.CollectionName, filter, &out); err != nil { | ||
52 | return out, err | ||
53 | } | ||
54 | |||
55 | return out, nil | ||
56 | } | ||
57 | |||
58 | func (s *MongoDbBasicStore[T]) Upsert(ctx context.Context, m T) error { | ||
59 | if err := s.Db.ReplaceOneById(ctx, s.CollectionName, m.RecordId(), m); err != nil { | ||
60 | return err | ||
61 | } | ||
62 | return nil | ||
63 | } | ||
64 | |||
65 | func (s *MongoDbBasicStore[T]) Delete(ctx context.Context, m T) error { | ||
66 | k, err := s.Get(ctx, m.RecordId()) | ||
67 | if err != nil { | ||
68 | return err | ||
69 | } | ||
70 | k.MarkDeleted(time.Now()) | ||
71 | return s.Upsert(ctx, k) | ||
72 | } | ||
@@ -1,13 +1,104 @@ | |||
1 | module code.crute.us/mcrute/websocket_proxy | 1 | module code.crute.us/mcrute/ssh-proxy |
2 | 2 | ||
3 | go 1.20 | 3 | go 1.20 |
4 | 4 | ||
5 | replace golang.org/x/crypto => ../third_party/golang/x/crypto | ||
6 | |||
5 | require ( | 7 | require ( |
6 | github.com/gorilla/websocket v1.4.1 | 8 | code.crute.us/mcrute/golib/cli v0.2.2 |
7 | github.com/spf13/cobra v0.0.5 | 9 | code.crute.us/mcrute/golib/clients/autocert/v2 v2.0.0 |
10 | code.crute.us/mcrute/golib/clients/netbox/v3 v3.2.0 | ||
11 | code.crute.us/mcrute/golib/db/mongodb/v2 v2.0.0 | ||
12 | code.crute.us/mcrute/golib/echo v0.9.4 | ||
13 | code.crute.us/mcrute/golib/secrets v0.4.0 | ||
14 | github.com/go-webauthn/webauthn v0.8.4 | ||
15 | github.com/google/go-querystring v1.1.0 | ||
16 | github.com/gorilla/websocket v1.5.0 | ||
17 | github.com/labstack/echo/v4 v4.6.1 | ||
18 | github.com/mdp/qrterminal v1.0.1 | ||
19 | github.com/spf13/cobra v1.7.0 | ||
20 | go.mongodb.org/mongo-driver v1.7.4 | ||
21 | golang.org/x/crypto v0.11.0 | ||
8 | ) | 22 | ) |
9 | 23 | ||
10 | require ( | 24 | require ( |
11 | github.com/inconshreveable/mousetrap v1.0.0 // indirect | 25 | code.crute.us/mcrute/golib v0.4.2 // indirect |
12 | github.com/spf13/pflag v1.0.3 // indirect | 26 | code.crute.us/mcrute/golib/clients/dns v0.1.0 // indirect |
27 | code.crute.us/mcrute/golib/clients/netbox v0.1.0 // indirect | ||
28 | code.crute.us/mcrute/golib/vault v0.2.4 // indirect | ||
29 | github.com/armon/go-metrics v0.3.10 // indirect | ||
30 | github.com/armon/go-radix v1.0.0 // indirect | ||
31 | github.com/beorn7/perks v1.0.1 // indirect | ||
32 | github.com/cenkalti/backoff/v3 v3.0.0 // indirect | ||
33 | github.com/cespare/xxhash/v2 v2.1.1 // indirect | ||
34 | github.com/elnormous/contenttype v1.0.0 // indirect | ||
35 | github.com/fatih/color v1.13.0 // indirect | ||
36 | github.com/fxamacker/cbor/v2 v2.4.0 // indirect | ||
37 | github.com/go-stack/stack v1.8.0 // indirect | ||
38 | github.com/go-webauthn/x v0.1.4 // indirect | ||
39 | github.com/golang-jwt/jwt v3.2.2+incompatible // indirect | ||
40 | github.com/golang-jwt/jwt/v4 v4.5.0 // indirect | ||
41 | github.com/golang/protobuf v1.5.2 // indirect | ||
42 | github.com/golang/snappy v0.0.4 // indirect | ||
43 | github.com/google/go-tpm v0.9.0 // indirect | ||
44 | github.com/google/uuid v1.3.0 // indirect | ||
45 | github.com/hashicorp/errwrap v1.1.0 // indirect | ||
46 | github.com/hashicorp/go-cleanhttp v0.5.2 // indirect | ||
47 | github.com/hashicorp/go-hclog v1.0.0 // indirect | ||
48 | github.com/hashicorp/go-immutable-radix v1.3.1 // indirect | ||
49 | github.com/hashicorp/go-multierror v1.1.1 // indirect | ||
50 | github.com/hashicorp/go-plugin v1.4.3 // indirect | ||
51 | github.com/hashicorp/go-retryablehttp v0.6.6 // indirect | ||
52 | github.com/hashicorp/go-rootcerts v1.0.2 // indirect | ||
53 | github.com/hashicorp/go-secure-stdlib/mlock v0.1.1 // indirect | ||
54 | github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6 // indirect | ||
55 | github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect | ||
56 | github.com/hashicorp/go-sockaddr v1.0.2 // indirect | ||
57 | github.com/hashicorp/go-uuid v1.0.2 // indirect | ||
58 | github.com/hashicorp/go-version v1.2.0 // indirect | ||
59 | github.com/hashicorp/golang-lru v0.5.4 // indirect | ||
60 | github.com/hashicorp/hcl v1.0.0 // indirect | ||
61 | github.com/hashicorp/vault/api v1.8.0 // indirect | ||
62 | github.com/hashicorp/vault/api/auth/approle v0.3.0 // indirect | ||
63 | github.com/hashicorp/vault/sdk v0.6.0 // indirect | ||
64 | github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb // indirect | ||
65 | github.com/inconshreveable/mousetrap v1.1.0 // indirect | ||
66 | github.com/klauspost/compress v1.13.6 // indirect | ||
67 | github.com/labstack/gommon v0.3.1 // indirect | ||
68 | github.com/mattn/go-colorable v0.1.12 // indirect | ||
69 | github.com/mattn/go-isatty v0.0.14 // indirect | ||
70 | github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect | ||
71 | github.com/mitchellh/copystructure v1.0.0 // indirect | ||
72 | github.com/mitchellh/go-homedir v1.1.0 // indirect | ||
73 | github.com/mitchellh/go-testing-interface v1.0.0 // indirect | ||
74 | github.com/mitchellh/mapstructure v1.5.0 // indirect | ||
75 | github.com/mitchellh/reflectwalk v1.0.0 // indirect | ||
76 | github.com/oklog/run v1.0.0 // indirect | ||
77 | github.com/pierrec/lz4 v2.5.2+incompatible // indirect | ||
78 | github.com/pkg/errors v0.9.1 // indirect | ||
79 | github.com/prometheus/client_golang v1.11.0 // indirect | ||
80 | github.com/prometheus/client_model v0.2.0 // indirect | ||
81 | github.com/prometheus/common v0.32.1 // indirect | ||
82 | github.com/prometheus/procfs v0.6.0 // indirect | ||
83 | github.com/ryanuber/go-glob v1.0.0 // indirect | ||
84 | github.com/spf13/pflag v1.0.5 // indirect | ||
85 | github.com/valyala/bytebufferpool v1.0.0 // indirect | ||
86 | github.com/valyala/fasttemplate v1.2.1 // indirect | ||
87 | github.com/x448/float16 v0.8.4 // indirect | ||
88 | github.com/xdg-go/pbkdf2 v1.0.0 // indirect | ||
89 | github.com/xdg-go/scram v1.0.2 // indirect | ||
90 | github.com/xdg-go/stringprep v1.0.2 // indirect | ||
91 | github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d // indirect | ||
92 | go.uber.org/atomic v1.9.0 // indirect | ||
93 | golang.org/x/net v0.2.0 // indirect | ||
94 | golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 // indirect | ||
95 | golang.org/x/sys v0.10.0 // indirect | ||
96 | golang.org/x/text v0.4.0 // indirect | ||
97 | golang.org/x/time v0.0.0-20201208040808-7e3f01d25324 // indirect | ||
98 | google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa // indirect | ||
99 | google.golang.org/grpc v1.42.0 // indirect | ||
100 | google.golang.org/protobuf v1.27.1 // indirect | ||
101 | gopkg.in/square/go-jose.v2 v2.5.1 // indirect | ||
102 | gopkg.in/yaml.v2 v2.4.0 // indirect | ||
103 | rsc.io/qr v0.2.0 // indirect | ||
13 | ) | 104 | ) |
@@ -1,35 +1,801 @@ | |||
1 | cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= | ||
2 | cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= | ||
3 | cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= | ||
4 | cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= | ||
5 | cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= | ||
6 | cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= | ||
7 | cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= | ||
8 | cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= | ||
9 | cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4= | ||
10 | cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= | ||
11 | cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= | ||
12 | cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk= | ||
13 | cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= | ||
14 | cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= | ||
15 | cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= | ||
16 | cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= | ||
17 | cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= | ||
18 | cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= | ||
19 | cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= | ||
20 | cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= | ||
21 | cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= | ||
22 | cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= | ||
23 | cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= | ||
24 | cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= | ||
25 | cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= | ||
26 | cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= | ||
27 | cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU= | ||
28 | cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= | ||
29 | cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= | ||
30 | cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= | ||
31 | cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= | ||
32 | cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= | ||
33 | code.crute.us/mcrute/golib v0.4.2 h1:WeZyBMRFOiIkdNhsXx3kMgRGDUdUshzHS/J4OIPThlY= | ||
34 | code.crute.us/mcrute/golib v0.4.2/go.mod h1:dukLPhs1H8dxtkhXtpJZYo/bMzefLRbdRj9Tj67wdaQ= | ||
35 | code.crute.us/mcrute/golib/cli v0.2.2 h1:1MgyEYCyZ2oJBs/FrztMmxJoh0v+7j21VsWXBTIWsqw= | ||
36 | code.crute.us/mcrute/golib/cli v0.2.2/go.mod h1:vc2TpQ5J/3zRfcWq6sclmU0EmJI8xygpOij77VJ8EK8= | ||
37 | code.crute.us/mcrute/golib/clients/autocert/v2 v2.0.0 h1:MTS65Npib7DFnsNZ5Fs7EYXkK2ITEqdZQ18kBd3FdPk= | ||
38 | code.crute.us/mcrute/golib/clients/autocert/v2 v2.0.0/go.mod h1:IPn/fE0kxcOBTaXv3X6fv+/JUP1uZvW4vJLKYwrCdbI= | ||
39 | code.crute.us/mcrute/golib/clients/dns v0.1.0 h1:bgB+KVLcuSfr5ZoAEgLToawtP4iIrxWIf3s7mMgOo6U= | ||
40 | code.crute.us/mcrute/golib/clients/dns v0.1.0/go.mod h1:uF2fDvCZAL35ZJgojUhCgVK0HBmIv1+go1NMNPSJaeU= | ||
41 | code.crute.us/mcrute/golib/clients/netbox v0.1.0 h1:7ae676WtINm2oSLoUw1ERIZ2ndLD5gi7cvv2iZZd1XI= | ||
42 | code.crute.us/mcrute/golib/clients/netbox v0.1.0/go.mod h1:csRsnmAwenAz8Pbo7CcQTWzn6uaXadELIdB81JxsacY= | ||
43 | code.crute.us/mcrute/golib/clients/netbox/v3 v3.2.0 h1:g3+vdaUeoVg+Qx++bGi2j2AVBOFpRC6b+uTGw6oM9wc= | ||
44 | code.crute.us/mcrute/golib/clients/netbox/v3 v3.2.0/go.mod h1:Wjh2iiFDkRuYN1TBgYrRpwT5Xp8i+2+TWJrbdG3JWWk= | ||
45 | code.crute.us/mcrute/golib/db/mongodb/v2 v2.0.0 h1:v4AYsbesoDeAMMbwS43WzqywNm0w09yKs6731DrdWVY= | ||
46 | code.crute.us/mcrute/golib/db/mongodb/v2 v2.0.0/go.mod h1:3dFJwm2MtCb312eHdHnK/w8D1lwgCeewa/2hztw89kE= | ||
47 | code.crute.us/mcrute/golib/echo v0.9.4 h1:C2z7RRIksT2K0Fr4LZHGISRMXooNT1qaEV9NZ7LK5fs= | ||
48 | code.crute.us/mcrute/golib/echo v0.9.4/go.mod h1:mcmhqsSWD/+ECdrd0Sh9u9XGtukXdLPVHc88sKg/gJo= | ||
49 | code.crute.us/mcrute/golib/secrets v0.4.0 h1:tZzQEOnJshDGuzvvr0n0BMWZbu3ZMB5QRqIDa4PwE3U= | ||
50 | code.crute.us/mcrute/golib/secrets v0.4.0/go.mod h1:c40ezKg/NXe5NE3PaCRIUJC6D6XCoPSu9+duZSdKsNY= | ||
51 | code.crute.us/mcrute/golib/vault v0.2.4 h1:lNc1hq26e/UAGBqxQlZiFffOXZSNEcEkKUzU3oRJ8Eg= | ||
52 | code.crute.us/mcrute/golib/vault v0.2.4/go.mod h1:23C5g8O0zaeFfo7v6sCO0RKgnHIiHM9ku+ASOWHJD9k= | ||
53 | dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= | ||
1 | github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= | 54 | github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= |
2 | github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= | 55 | github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= |
3 | github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= | 56 | github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= |
4 | github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= | 57 | github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= |
5 | github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= | 58 | github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= |
6 | github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= | 59 | github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= |
60 | github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= | ||
61 | github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= | ||
62 | github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= | ||
63 | github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= | ||
64 | github.com/armon/go-metrics v0.3.9/go.mod h1:4O98XIr/9W0sxpJ8UaYkvjk10Iff7SnFrb4QAOwNTFc= | ||
65 | github.com/armon/go-metrics v0.3.10 h1:FR+drcQStOe+32sYyJYyZ7FIdgoGGBnwLl+flodp8Uo= | ||
66 | github.com/armon/go-metrics v0.3.10/go.mod h1:4O98XIr/9W0sxpJ8UaYkvjk10Iff7SnFrb4QAOwNTFc= | ||
67 | github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= | ||
68 | github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= | ||
69 | github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= | ||
70 | github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= | ||
71 | github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= | ||
72 | github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= | ||
73 | github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= | ||
74 | github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= | ||
75 | github.com/cenkalti/backoff/v3 v3.0.0 h1:ske+9nBpD9qZsTBoF41nW5L+AIuFBKMeze18XQ3eG1c= | ||
76 | github.com/cenkalti/backoff/v3 v3.0.0/go.mod h1:cIeZDE3IrqwwJl6VUwCN6trj1oXrTS4rc0ij+ULvLYs= | ||
77 | github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= | ||
78 | github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= | ||
79 | github.com/cespare/xxhash/v2 v2.1.1 h1:6MnRN8NT7+YBpUIWxHtefFZOKTAPgGjpQSxqLNn0+qY= | ||
80 | github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= | ||
81 | github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= | ||
82 | github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= | ||
83 | github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= | ||
84 | github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible/go.mod h1:nmEj6Dob7S7YxXgwXpfOuvO54S+tGdZdw9fuRZt25Ag= | ||
85 | github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp5jckzBHf4XRpQvBOLI+I= | ||
86 | github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= | ||
87 | github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= | ||
88 | github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= | ||
89 | github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= | ||
90 | github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= | ||
91 | github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= | ||
92 | github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= | ||
93 | github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= | ||
94 | github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= | ||
95 | github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= | ||
96 | github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= | ||
97 | github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= | ||
7 | github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= | 98 | github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= |
8 | github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= | 99 | github.com/elnormous/contenttype v1.0.0 h1:cTLou7K7uQMsPEmRiTJosAznsPcYuoBmXMrFAf86t2A= |
9 | github.com/gorilla/websocket v1.4.1 h1:q7AeDBpnBk8AogcD4DSag/Ukw/KV+YhzLj2bP5HvKCM= | 100 | github.com/elnormous/contenttype v1.0.0/go.mod h1:ngVcyGGU8pnn4QJ5sL4StrNgc/wmXZXy5IQSBuHOFPg= |
10 | github.com/gorilla/websocket v1.4.1/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= | 101 | github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= |
102 | github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= | ||
103 | github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= | ||
104 | github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= | ||
105 | github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= | ||
106 | github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= | ||
107 | github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= | ||
108 | github.com/evanphx/json-patch/v5 v5.5.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= | ||
109 | github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= | ||
110 | github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w= | ||
111 | github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= | ||
112 | github.com/fatih/structs v1.1.0 h1:Q7juDM0QtcnhCpeyLGQKyg4TOIghuNXrkL32pHAUMxo= | ||
113 | github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M= | ||
114 | github.com/frankban/quicktest v1.10.0/go.mod h1:ui7WezCLWMWxVWr1GETZY3smRy0G4KWq9vcPtJmFl7Y= | ||
115 | github.com/frankban/quicktest v1.13.0 h1:yNZif1OkDfNoDfb9zZa9aXIpejNR4F23Wely0c+Qdqk= | ||
116 | github.com/frankban/quicktest v1.13.0/go.mod h1:qLE0fzW0VuyUAJgPU19zByoIr0HtCHN/r/VLSOOIySU= | ||
117 | github.com/fxamacker/cbor/v2 v2.4.0 h1:ri0ArlOR+5XunOP8CRUowT0pSJOwhW098ZCUyskZD88= | ||
118 | github.com/fxamacker/cbor/v2 v2.4.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrtAnWBwBCVo= | ||
119 | github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= | ||
120 | github.com/go-asn1-ber/asn1-ber v1.3.1/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0= | ||
121 | github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= | ||
122 | github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= | ||
123 | github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= | ||
124 | github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= | ||
125 | github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= | ||
126 | github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= | ||
127 | github.com/go-ldap/ldap/v3 v3.1.10/go.mod h1:5Zun81jBTabRaI8lzN7E1JjyEl1g6zI6u9pd8luAK4Q= | ||
128 | github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= | ||
129 | github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= | ||
130 | github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= | ||
131 | github.com/go-stack/stack v1.8.0 h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk= | ||
132 | github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= | ||
133 | github.com/go-test/deep v1.0.2 h1:onZX1rnHT3Wv6cqNgYyFOOlgVKJrksuCMCRvJStbMYw= | ||
134 | github.com/go-test/deep v1.0.2/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= | ||
135 | github.com/go-webauthn/webauthn v0.8.4 h1:/emQ9b9Rj4flWO94Fo8KJeYvZ6VzPywXsmqyDA/WicY= | ||
136 | github.com/go-webauthn/webauthn v0.8.4/go.mod h1:ZqEa9OnSCdQf6CJvTWTDCsUcPRi8F3h7XCIDINwbBgI= | ||
137 | github.com/go-webauthn/x v0.1.4 h1:sGmIFhcY70l6k7JIDfnjVBiAAFEssga5lXIUXe0GtAs= | ||
138 | github.com/go-webauthn/x v0.1.4/go.mod h1:75Ug0oK6KYpANh5hDOanfDI+dvPWHk788naJVG/37H8= | ||
139 | github.com/gobuffalo/attrs v0.0.0-20190224210810-a9411de4debd/go.mod h1:4duuawTqi2wkkpB4ePgWMaai6/Kc6WEz83bhFwpHzj0= | ||
140 | github.com/gobuffalo/depgen v0.0.0-20190329151759-d478694a28d3/go.mod h1:3STtPUQYuzV0gBVOY3vy6CfMm/ljR4pABfrTeHNLHUY= | ||
141 | github.com/gobuffalo/depgen v0.1.0/go.mod h1:+ifsuy7fhi15RWncXQQKjWS9JPkdah5sZvtHc2RXGlg= | ||
142 | github.com/gobuffalo/envy v1.6.15/go.mod h1:n7DRkBerg/aorDM8kbduw5dN3oXGswK5liaSCx4T5NI= | ||
143 | github.com/gobuffalo/envy v1.7.0/go.mod h1:n7DRkBerg/aorDM8kbduw5dN3oXGswK5liaSCx4T5NI= | ||
144 | github.com/gobuffalo/flect v0.1.0/go.mod h1:d2ehjJqGOH/Kjqcoz+F7jHTBbmDb38yXA598Hb50EGs= | ||
145 | github.com/gobuffalo/flect v0.1.1/go.mod h1:8JCgGVbRjJhVgD6399mQr4fx5rRfGKVzFjbj6RE/9UI= | ||
146 | github.com/gobuffalo/flect v0.1.3/go.mod h1:8JCgGVbRjJhVgD6399mQr4fx5rRfGKVzFjbj6RE/9UI= | ||
147 | github.com/gobuffalo/genny v0.0.0-20190329151137-27723ad26ef9/go.mod h1:rWs4Z12d1Zbf19rlsn0nurr75KqhYp52EAGGxTbBhNk= | ||
148 | github.com/gobuffalo/genny v0.0.0-20190403191548-3ca520ef0d9e/go.mod h1:80lIj3kVJWwOrXWWMRzzdhW3DsrdjILVil/SFKBzF28= | ||
149 | github.com/gobuffalo/genny v0.1.0/go.mod h1:XidbUqzak3lHdS//TPu2OgiFB+51Ur5f7CSnXZ/JDvo= | ||
150 | github.com/gobuffalo/genny v0.1.1/go.mod h1:5TExbEyY48pfunL4QSXxlDOmdsD44RRq4mVZ0Ex28Xk= | ||
151 | github.com/gobuffalo/gitgen v0.0.0-20190315122116-cc086187d211/go.mod h1:vEHJk/E9DmhejeLeNt7UVvlSGv3ziL+djtTr3yyzcOw= | ||
152 | github.com/gobuffalo/gogen v0.0.0-20190315121717-8f38393713f5/go.mod h1:V9QVDIxsgKNZs6L2IYiGR8datgMhB577vzTDqypH360= | ||
153 | github.com/gobuffalo/gogen v0.1.0/go.mod h1:8NTelM5qd8RZ15VjQTFkAW6qOMx5wBbW4dSCS3BY8gg= | ||
154 | github.com/gobuffalo/gogen v0.1.1/go.mod h1:y8iBtmHmGc4qa3urIyo1shvOD8JftTtfcKi+71xfDNE= | ||
155 | github.com/gobuffalo/logger v0.0.0-20190315122211-86e12af44bc2/go.mod h1:QdxcLw541hSGtBnhUc4gaNIXRjiDppFGaDqzbrBd3v8= | ||
156 | github.com/gobuffalo/mapi v1.0.1/go.mod h1:4VAGh89y6rVOvm5A8fKFxYG+wIW6LO1FMTG9hnKStFc= | ||
157 | github.com/gobuffalo/mapi v1.0.2/go.mod h1:4VAGh89y6rVOvm5A8fKFxYG+wIW6LO1FMTG9hnKStFc= | ||
158 | github.com/gobuffalo/packd v0.0.0-20190315124812-a385830c7fc0/go.mod h1:M2Juc+hhDXf/PnmBANFCqx4DM3wRbgDvnVWeG2RIxq4= | ||
159 | github.com/gobuffalo/packd v0.1.0/go.mod h1:M2Juc+hhDXf/PnmBANFCqx4DM3wRbgDvnVWeG2RIxq4= | ||
160 | github.com/gobuffalo/packr/v2 v2.0.9/go.mod h1:emmyGweYTm6Kdper+iywB6YK5YzuKchGtJQZ0Odn4pQ= | ||
161 | github.com/gobuffalo/packr/v2 v2.2.0/go.mod h1:CaAwI0GPIAv+5wKLtv8Afwl+Cm78K/I/VCm/3ptBN+0= | ||
162 | github.com/gobuffalo/syncx v0.0.0-20190224160051-33c29581e754/go.mod h1:HhnNqWY95UYwwW3uSASeV7vtgYkT2t16hJgV3AEPUpw= | ||
163 | github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= | ||
164 | github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY= | ||
165 | github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I= | ||
166 | github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= | ||
167 | github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= | ||
168 | github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= | ||
169 | github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= | ||
170 | github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= | ||
171 | github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= | ||
172 | github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= | ||
173 | github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= | ||
174 | github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= | ||
175 | github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= | ||
176 | github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= | ||
177 | github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= | ||
178 | github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= | ||
179 | github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= | ||
180 | github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= | ||
181 | github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= | ||
182 | github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= | ||
183 | github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= | ||
184 | github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= | ||
185 | github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= | ||
186 | github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= | ||
187 | github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= | ||
188 | github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= | ||
189 | github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= | ||
190 | github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= | ||
191 | github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= | ||
192 | github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= | ||
193 | github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= | ||
194 | github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= | ||
195 | github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= | ||
196 | github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= | ||
197 | github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= | ||
198 | github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= | ||
199 | github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= | ||
200 | github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= | ||
201 | github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= | ||
202 | github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= | ||
203 | github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= | ||
204 | github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= | ||
205 | github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= | ||
206 | github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= | ||
207 | github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= | ||
208 | github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= | ||
209 | github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= | ||
210 | github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= | ||
211 | github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= | ||
212 | github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8= | ||
213 | github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= | ||
214 | github.com/google/go-tpm v0.9.0 h1:sQF6YqWMi+SCXpsmS3fd21oPy/vSddwZry4JnmltHVk= | ||
215 | github.com/google/go-tpm v0.9.0/go.mod h1:FkNVkc6C+IsvDI9Jw1OveJmxGZUUaKxtrpOS47QWKfU= | ||
216 | github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= | ||
217 | github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= | ||
218 | github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= | ||
219 | github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= | ||
220 | github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= | ||
221 | github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= | ||
222 | github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= | ||
223 | github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= | ||
224 | github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= | ||
225 | github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= | ||
226 | github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= | ||
227 | github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= | ||
228 | github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= | ||
229 | github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= | ||
230 | github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= | ||
231 | github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= | ||
232 | github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc= | ||
233 | github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= | ||
234 | github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= | ||
235 | github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= | ||
236 | github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= | ||
237 | github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= | ||
238 | github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= | ||
239 | github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= | ||
240 | github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= | ||
241 | github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= | ||
242 | github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= | ||
243 | github.com/hashicorp/go-hclog v0.14.1/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= | ||
244 | github.com/hashicorp/go-hclog v0.16.2/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= | ||
245 | github.com/hashicorp/go-hclog v1.0.0 h1:bkKf0BeBXcSYa7f5Fyi9gMuQ8gNsxeiNpZjR6VxNZeo= | ||
246 | github.com/hashicorp/go-hclog v1.0.0/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= | ||
247 | github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= | ||
248 | github.com/hashicorp/go-immutable-radix v1.3.1 h1:DKHmCUm2hRBK510BaiZlwvpD40f8bJFeZnpfm2KLowc= | ||
249 | github.com/hashicorp/go-immutable-radix v1.3.1/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= | ||
250 | github.com/hashicorp/go-kms-wrapping/entropy/v2 v2.0.0/go.mod h1:xvb32K2keAc+R8DSFG2IwDcydK9DBQE+fGA5fsw6hSk= | ||
251 | github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= | ||
252 | github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= | ||
253 | github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= | ||
254 | github.com/hashicorp/go-plugin v1.4.3 h1:DXmvivbWD5qdiBts9TpBC7BYL1Aia5sxbRgQB+v6UZM= | ||
255 | github.com/hashicorp/go-plugin v1.4.3/go.mod h1:5fGEH17QVwTTcR0zV7yhDPLLmFX9YSZ38b18Udy6vYQ= | ||
256 | github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs= | ||
257 | github.com/hashicorp/go-retryablehttp v0.6.6 h1:HJunrbHTDDbBb/ay4kxa1n+dLmttUlnP3V9oNE4hmsM= | ||
258 | github.com/hashicorp/go-retryablehttp v0.6.6/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= | ||
259 | github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc= | ||
260 | github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8= | ||
261 | github.com/hashicorp/go-secure-stdlib/base62 v0.1.1/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw= | ||
262 | github.com/hashicorp/go-secure-stdlib/mlock v0.1.1 h1:cCRo8gK7oq6A2L6LICkUZ+/a5rLiRXFMf1Qd4xSwxTc= | ||
263 | github.com/hashicorp/go-secure-stdlib/mlock v0.1.1/go.mod h1:zq93CJChV6L9QTfGKtfBxKqD7BqqXx5O04A/ns2p5+I= | ||
264 | github.com/hashicorp/go-secure-stdlib/parseutil v0.1.1/go.mod h1:QmrqtbKuxxSWTN3ETMPuB+VtEiBJ/A9XhoYGv8E1uD8= | ||
265 | github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6 h1:om4Al8Oy7kCm/B86rLCLah4Dt5Aa0Fr5rYBG60OzwHQ= | ||
266 | github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6/go.mod h1:QmrqtbKuxxSWTN3ETMPuB+VtEiBJ/A9XhoYGv8E1uD8= | ||
267 | github.com/hashicorp/go-secure-stdlib/password v0.1.1/go.mod h1:9hH302QllNwu1o2TGYtSk8I8kTAN0ca1EHpwhm5Mmzo= | ||
268 | github.com/hashicorp/go-secure-stdlib/strutil v0.1.1/go.mod h1:gKOamz3EwoIoJq7mlMIRBpVTAUn8qPCrEclOKKWhD3U= | ||
269 | github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9CdjCtrXrXGuOpxEA7Ts= | ||
270 | github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4= | ||
271 | github.com/hashicorp/go-secure-stdlib/tlsutil v0.1.1/go.mod h1:l8slYwnJA26yBz+ErHpp2IRCLr0vuOMGBORIz4rRiAs= | ||
272 | github.com/hashicorp/go-sockaddr v1.0.2 h1:ztczhD1jLxIRjVejw8gFomI1BQZOe2WoVOu0SyteCQc= | ||
273 | github.com/hashicorp/go-sockaddr v1.0.2/go.mod h1:rB4wwRAUzs07qva3c5SdrY/NEtAUjGlgmH/UkBUC97A= | ||
274 | github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= | ||
275 | github.com/hashicorp/go-uuid v1.0.2 h1:cfejS+Tpcp13yd5nYHWDI6qVCny6wyX2Mt5SGur2IGE= | ||
276 | github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= | ||
277 | github.com/hashicorp/go-version v1.2.0 h1:3vNe/fWF5CBgRIguda1meWhsZHy3m8gCJ5wx+dIzX/E= | ||
278 | github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= | ||
279 | github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= | ||
280 | github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= | ||
281 | github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= | ||
282 | github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= | ||
283 | github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= | ||
11 | github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= | 284 | github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= |
12 | github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= | 285 | github.com/hashicorp/vault/api v1.8.0 h1:7765sW1XBt+qf4XKIYE4ebY9qc/yi9V2/egzGSUNMZU= |
286 | github.com/hashicorp/vault/api v1.8.0/go.mod h1:uJrw6D3y9Rv7hhmS17JQC50jbPDAZdjZoTtrCCxxs7E= | ||
287 | github.com/hashicorp/vault/api/auth/approle v0.3.0 h1:Ib0oCNXsCq/QZhPYtXPzJEbGS5WR/KoZf8c84QoFdkU= | ||
288 | github.com/hashicorp/vault/api/auth/approle v0.3.0/go.mod h1:hm51TbjzUkPO0Y17wkrpwOpvyyMRpXJNueTHiG04t3k= | ||
289 | github.com/hashicorp/vault/sdk v0.6.0 h1:6Z+In5DXHiUfZvIZdMx7e2loL1PPyDjA4bVh9ZTIAhs= | ||
290 | github.com/hashicorp/vault/sdk v0.6.0/go.mod h1:+DRpzoXIdMvKc88R4qxr+edwy/RvH5QK8itmxLiDHLc= | ||
291 | github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb h1:b5rjCoWHc7eqmAS4/qyk21ZsHyb6Mxv/jykxvNTkU4M= | ||
292 | github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM= | ||
293 | github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= | ||
13 | github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= | 294 | github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= |
14 | github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= | 295 | github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= |
296 | github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= | ||
297 | github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= | ||
298 | github.com/jhump/protoreflect v1.6.0 h1:h5jfMVslIg6l29nsMs0D8Wj17RDVdNYti0vDN/PZZoE= | ||
299 | github.com/jhump/protoreflect v1.6.0/go.mod h1:eaTn3RZAmMBcV0fifFvlm6VHNz3wSkYyXYWUh7ymB74= | ||
300 | github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg= | ||
301 | github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4= | ||
302 | github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= | ||
303 | github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= | ||
304 | github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= | ||
305 | github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= | ||
306 | github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= | ||
307 | github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= | ||
308 | github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= | ||
309 | github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= | ||
310 | github.com/karrick/godirwalk v1.8.0/go.mod h1:H5KPZjojv4lE+QYImBI8xVtrBRgYrIVsaRPx4tDPEn4= | ||
311 | github.com/karrick/godirwalk v1.10.3/go.mod h1:RoGL9dQei4vP9ilrpETWE8CLOZ1kiN0LhBygSwrAsHA= | ||
312 | github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= | ||
313 | github.com/klauspost/compress v1.13.6 h1:P76CopJELS0TiO2mebmnzgWaajssP/EszplttgQxcgc= | ||
314 | github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= | ||
315 | github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= | ||
316 | github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= | ||
317 | github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= | ||
318 | github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= | ||
319 | github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= | ||
320 | github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= | ||
321 | github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= | ||
322 | github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= | ||
323 | github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= | ||
324 | github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= | ||
325 | github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= | ||
326 | github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= | ||
327 | github.com/labstack/echo/v4 v4.6.1 h1:OMVsrnNFzYlGSdaiYGHbgWQnr+JM7NG+B9suCPie14M= | ||
328 | github.com/labstack/echo/v4 v4.6.1/go.mod h1:RnjgMWNDB9g/HucVWhQYNQP9PvbYf6adqftqryo7s9k= | ||
329 | github.com/labstack/gommon v0.3.0/go.mod h1:MULnywXg0yavhxWKc+lOruYdAhDwPK9wf0OL7NoOu+k= | ||
330 | github.com/labstack/gommon v0.3.1 h1:OomWaJXm7xR6L1HmEtGyQf26TEn7V6X88mktX9kee9o= | ||
331 | github.com/labstack/gommon v0.3.1/go.mod h1:uW6kP17uPlLJsD3ijUYn3/M5bAxtlZhMI6m3MFxTMTM= | ||
332 | github.com/markbates/oncer v0.0.0-20181203154359-bf2de49a0be2/go.mod h1:Ld9puTsIW75CHf65OeIOkyKbteujpZVXDpWK6YGZbxE= | ||
333 | github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0= | ||
334 | github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= | ||
335 | github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= | ||
336 | github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= | ||
337 | github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= | ||
338 | github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= | ||
339 | github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= | ||
340 | github.com/mattn/go-colorable v0.1.11/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= | ||
341 | github.com/mattn/go-colorable v0.1.12 h1:jF+Du6AlPIjs2BiUiQlKOX0rt3SujHxPnksPKZbaA40= | ||
342 | github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= | ||
343 | github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= | ||
344 | github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= | ||
345 | github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ= | ||
346 | github.com/mattn/go-isatty v0.0.10/go.mod h1:qgIWMr58cqv1PHHyhnkY9lrL7etaEgOFcMEpPG5Rm84= | ||
347 | github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= | ||
348 | github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y= | ||
349 | github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= | ||
350 | github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU= | ||
351 | github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= | ||
352 | github.com/mdp/qrterminal v1.0.1 h1:07+fzVDlPuBlXS8tB0ktTAyf+Lp1j2+2zK3fBOL5b7c= | ||
353 | github.com/mdp/qrterminal v1.0.1/go.mod h1:Z33WhxQe9B6CdW37HaVqcRKzP+kByF3q/qLxOGe12xQ= | ||
354 | github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= | ||
355 | github.com/mitchellh/copystructure v1.0.0 h1:Laisrj+bAB6b/yJwB5Bt3ITZhGJdqmxquMKeZ+mmkFQ= | ||
356 | github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= | ||
357 | github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= | ||
15 | github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= | 358 | github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= |
16 | github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= | 359 | github.com/mitchellh/go-testing-interface v0.0.0-20171004221916-a61a99592b77/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= |
17 | github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= | 360 | github.com/mitchellh/go-testing-interface v1.0.0 h1:fzU/JVNcaqHQEcVFAKeR41fkiLdIPrefOvVG1VZ96U0= |
361 | github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= | ||
362 | github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= | ||
363 | github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= | ||
364 | github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= | ||
365 | github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= | ||
366 | github.com/mitchellh/reflectwalk v1.0.0 h1:9D+8oIskB4VJBN5SFlmc27fSlIBZaov1Wpk/IfikLNY= | ||
367 | github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= | ||
368 | github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= | ||
369 | github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= | ||
370 | github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= | ||
371 | github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= | ||
372 | github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe/go.mod h1:wL8QJuTMNUDYhXwkmfOly8iTdp5TEcJFWZD2D7SIkUc= | ||
373 | github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= | ||
374 | github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= | ||
375 | github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw= | ||
376 | github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA= | ||
377 | github.com/pascaldekloe/goe v0.1.0 h1:cBOtyMzM9HTpWjXfbbunk26uA6nG3a8n06Wieeh0MwY= | ||
378 | github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= | ||
379 | github.com/pelletier/go-toml v1.7.0/go.mod h1:vwGMzjaWMwyfHwgIBhI2YUM4fB6nL6lVAvS1LBMMhTE= | ||
380 | github.com/pierrec/lz4 v2.5.2+incompatible h1:WCjObylUIOlKy/+7Abdn34TLIkXiA4UWUMhxq9m9ZXI= | ||
381 | github.com/pierrec/lz4 v2.5.2+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY= | ||
382 | github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= | ||
383 | github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= | ||
384 | github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= | ||
385 | github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= | ||
386 | github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= | ||
18 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= | 387 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= |
19 | github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= | 388 | github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= |
20 | github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= | 389 | github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= |
21 | github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= | 390 | github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= |
22 | github.com/spf13/cobra v0.0.5 h1:f0B+LkLX6DtmRH1isoNA9VTtNUK9K8xYd28JNNfOv/s= | 391 | github.com/prometheus/client_golang v1.4.0/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3OK1iX/F2sw+iXX5zU= |
23 | github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= | 392 | github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= |
24 | github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= | 393 | github.com/prometheus/client_golang v1.11.0 h1:HNkLOAEQMIDv/K+04rukrLx6ch7msSRwf3/SASFAGtQ= |
25 | github.com/spf13/pflag v1.0.3 h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg= | 394 | github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= |
395 | github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= | ||
396 | github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= | ||
397 | github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= | ||
398 | github.com/prometheus/client_model v0.2.0 h1:uq5h0d+GuxiXLJLNABMgp2qUWDPiLvgCzz2dUR+/W/M= | ||
399 | github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= | ||
400 | github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= | ||
401 | github.com/prometheus/common v0.9.1/go.mod h1:yhUN8i9wzaXS3w1O07YhxHEBxD+W35wd8bs7vj7HSQ4= | ||
402 | github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= | ||
403 | github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc= | ||
404 | github.com/prometheus/common v0.32.1 h1:hWIdL3N2HoUx3B8j3YN9mWor0qhY/NlEKZEaXxuIRh4= | ||
405 | github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= | ||
406 | github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= | ||
407 | github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= | ||
408 | github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A= | ||
409 | github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= | ||
410 | github.com/prometheus/procfs v0.6.0 h1:mxy4L2jP6qMonqmq+aTtOx1ifVWUgG/TAmntgbh3xv4= | ||
411 | github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= | ||
412 | github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= | ||
413 | github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= | ||
414 | github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= | ||
415 | github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= | ||
416 | github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= | ||
417 | github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= | ||
418 | github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= | ||
419 | github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc= | ||
420 | github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= | ||
421 | github.com/sirupsen/logrus v1.4.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= | ||
422 | github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= | ||
423 | github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= | ||
424 | github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= | ||
425 | github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= | ||
426 | github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= | ||
427 | github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= | ||
428 | github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= | ||
26 | github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= | 429 | github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= |
27 | github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= | 430 | github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= |
431 | github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= | ||
432 | github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= | ||
433 | github.com/stretchr/objx v0.1.1 h1:2vfRuCMp5sSVIDSqO8oNnWJq7mPa6KVP3iPIwFBuy8A= | ||
434 | github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= | ||
28 | github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= | 435 | github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= |
29 | github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= | 436 | github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= |
30 | github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= | 437 | github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= |
31 | golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= | 438 | github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= |
32 | golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= | 439 | github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= |
440 | github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= | ||
441 | github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= | ||
442 | github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4= | ||
443 | github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= | ||
444 | github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM= | ||
445 | github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= | ||
446 | github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= | ||
447 | github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8= | ||
448 | github.com/valyala/fasttemplate v1.2.1 h1:TVEnxayobAdVkhQfrfes2IzOB6o+z4roRkPF52WA1u4= | ||
449 | github.com/valyala/fasttemplate v1.2.1/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ= | ||
450 | github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= | ||
451 | github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= | ||
452 | github.com/xdg-go/pbkdf2 v1.0.0 h1:Su7DPu48wXMwC3bs7MCNG+z4FhcyEuz5dlvchbq0B0c= | ||
453 | github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI= | ||
454 | github.com/xdg-go/scram v1.0.2 h1:akYIkZ28e6A96dkWNJQu3nmCzH3YfwMPQExUYDaRv7w= | ||
455 | github.com/xdg-go/scram v1.0.2/go.mod h1:1WAq6h33pAW+iRreB34OORO2Nf7qel3VV3fjBj+hCSs= | ||
456 | github.com/xdg-go/stringprep v1.0.2 h1:6iq84/ryjjeRmMJwxutI51F2GIPlP5BfTvXHeYjyhBc= | ||
457 | github.com/xdg-go/stringprep v1.0.2/go.mod h1:8F9zXuvzgwmyT5DUm4GUfZGDdT3W+LCvS6+da4O5kxM= | ||
458 | github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d h1:splanxYIlg+5LfHAM6xpdFEAYOk8iySO56hMFq6uLyA= | ||
459 | github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA= | ||
460 | github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= | ||
461 | github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= | ||
462 | github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= | ||
463 | github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= | ||
464 | go.mongodb.org/mongo-driver v1.7.4 h1:sllcioag8Mec0LYkftYWq+cKNPIR4Kqq3iv9ZXY0g/E= | ||
465 | go.mongodb.org/mongo-driver v1.7.4/go.mod h1:NqaYOwnXWr5Pm7AOpO5QFxKJ503nbMse/R79oO62zWg= | ||
466 | go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= | ||
467 | go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= | ||
468 | go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= | ||
469 | go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= | ||
470 | go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= | ||
471 | go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= | ||
472 | go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE= | ||
473 | go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= | ||
474 | golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= | ||
475 | golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= | ||
476 | golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= | ||
477 | golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= | ||
478 | golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= | ||
479 | golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= | ||
480 | golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= | ||
481 | golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= | ||
482 | golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= | ||
483 | golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= | ||
484 | golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= | ||
485 | golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= | ||
486 | golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= | ||
487 | golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= | ||
488 | golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= | ||
489 | golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= | ||
490 | golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= | ||
491 | golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= | ||
492 | golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= | ||
493 | golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= | ||
494 | golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= | ||
495 | golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= | ||
496 | golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= | ||
497 | golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= | ||
498 | golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= | ||
499 | golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= | ||
500 | golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= | ||
501 | golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= | ||
502 | golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= | ||
503 | golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= | ||
504 | golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= | ||
505 | golang.org/x/net v0.0.0-20180530234432-1e491301e022/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= | ||
506 | golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= | ||
507 | golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= | ||
508 | golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= | ||
509 | golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= | ||
510 | golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= | ||
511 | golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= | ||
512 | golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= | ||
513 | golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= | ||
514 | golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= | ||
515 | golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= | ||
516 | golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= | ||
517 | golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= | ||
518 | golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= | ||
519 | golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= | ||
520 | golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= | ||
521 | golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= | ||
522 | golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= | ||
523 | golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= | ||
524 | golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= | ||
525 | golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= | ||
526 | golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= | ||
527 | golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= | ||
528 | golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= | ||
529 | golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= | ||
530 | golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= | ||
531 | golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= | ||
532 | golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= | ||
533 | golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= | ||
534 | golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= | ||
535 | golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= | ||
536 | golang.org/x/net v0.0.0-20210913180222-943fd674d43e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= | ||
537 | golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= | ||
538 | golang.org/x/net v0.2.0 h1:sZfSu1wtKLGlWI4ZZayP0ck9Y73K1ynO6gqzTdBVdPU= | ||
539 | golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= | ||
540 | golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= | ||
541 | golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= | ||
542 | golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= | ||
543 | golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= | ||
544 | golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= | ||
545 | golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= | ||
546 | golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= | ||
547 | golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= | ||
548 | golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= | ||
549 | golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= | ||
550 | golang.org/x/sync v0.0.0-20190412183630-56d357773e84/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= | ||
551 | golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= | ||
552 | golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= | ||
553 | golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= | ||
554 | golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= | ||
555 | golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= | ||
556 | golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 h1:uVc8UZUe6tr40fFVnUP5Oj+veunVezqYl9z7DYw9xzw= | ||
557 | golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= | ||
558 | golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= | ||
559 | golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= | ||
560 | golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= | ||
561 | golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= | ||
562 | golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= | ||
563 | golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= | ||
564 | golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
565 | golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
566 | golang.org/x/sys v0.0.0-20190419153524-e8e3143a4f4a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
567 | golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
568 | golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
569 | golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
570 | golang.org/x/sys v0.0.0-20190531175056-4c3a928424d2/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
571 | golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
572 | golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
573 | golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
574 | golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
575 | golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
576 | golang.org/x/sys v0.0.0-20191008105621-543471e840be/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
577 | golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
578 | golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
579 | golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
580 | golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
581 | golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
582 | golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
583 | golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
584 | golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
585 | golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
586 | golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
587 | golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
588 | golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
589 | golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
590 | golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
591 | golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
592 | golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
593 | golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
594 | golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
595 | golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
596 | golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
597 | golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
598 | golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
599 | golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
600 | golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= | ||
601 | golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= | ||
602 | golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= | ||
603 | golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= | ||
604 | golang.org/x/sys v0.0.0-20210910150752-751e447fb3d0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= | ||
605 | golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= | ||
606 | golang.org/x/sys v0.0.0-20211103235746-7861aae1554b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= | ||
607 | golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= | ||
608 | golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= | ||
609 | golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= | ||
610 | golang.org/x/sys v0.10.0 h1:SqMFp9UcQJZa+pmYuAKjd9xq1f0j5rLcDIk0mj4qAsA= | ||
611 | golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= | ||
612 | golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= | ||
613 | golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= | ||
614 | golang.org/x/term v0.2.0 h1:z85xZCsEl7bi/KwbNADeBYoOP0++7W1ipu+aGnpwzRM= | ||
615 | golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= | ||
616 | golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= | ||
33 | golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= | 617 | golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= |
618 | golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= | ||
619 | golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= | ||
620 | golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= | ||
621 | golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= | ||
622 | golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= | ||
623 | golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= | ||
624 | golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg= | ||
625 | golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= | ||
626 | golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= | ||
627 | golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= | ||
628 | golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= | ||
629 | golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= | ||
630 | golang.org/x/time v0.0.0-20201208040808-7e3f01d25324 h1:Hir2P/De0WpUhtrKGGjvSb2YxUgyZ7EFOSLIcSSpiwE= | ||
631 | golang.org/x/time v0.0.0-20201208040808-7e3f01d25324/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= | ||
632 | golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= | ||
633 | golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= | ||
634 | golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= | ||
635 | golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= | ||
636 | golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= | ||
637 | golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= | ||
638 | golang.org/x/tools v0.0.0-20190329151228-23e29df326fe/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= | ||
639 | golang.org/x/tools v0.0.0-20190416151739-9c9e1878f421/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= | ||
640 | golang.org/x/tools v0.0.0-20190420181800-aa740d480789/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= | ||
641 | golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= | ||
642 | golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= | ||
643 | golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= | ||
644 | golang.org/x/tools v0.0.0-20190531172133-b3315ee88b7d/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= | ||
645 | golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= | ||
646 | golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= | ||
647 | golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= | ||
648 | golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= | ||
649 | golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= | ||
650 | golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= | ||
651 | golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= | ||
652 | golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= | ||
653 | golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= | ||
654 | golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= | ||
655 | golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= | ||
656 | golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= | ||
657 | golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= | ||
658 | golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= | ||
659 | golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= | ||
660 | golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= | ||
661 | golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= | ||
662 | golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= | ||
663 | golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= | ||
664 | golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= | ||
665 | golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= | ||
666 | golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= | ||
667 | golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= | ||
668 | golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= | ||
669 | golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= | ||
670 | golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= | ||
671 | golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= | ||
672 | golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= | ||
673 | golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= | ||
674 | golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= | ||
675 | golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= | ||
676 | golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= | ||
677 | golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= | ||
678 | golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= | ||
679 | golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= | ||
680 | golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= | ||
681 | google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= | ||
682 | google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= | ||
683 | google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= | ||
684 | google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= | ||
685 | google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= | ||
686 | google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= | ||
687 | google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= | ||
688 | google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= | ||
689 | google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= | ||
690 | google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= | ||
691 | google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= | ||
692 | google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= | ||
693 | google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= | ||
694 | google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= | ||
695 | google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= | ||
696 | google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= | ||
697 | google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= | ||
698 | google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= | ||
699 | google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= | ||
700 | google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= | ||
701 | google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= | ||
702 | google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= | ||
703 | google.golang.org/genproto v0.0.0-20170818010345-ee236bd376b0/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= | ||
704 | google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= | ||
705 | google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= | ||
706 | google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= | ||
707 | google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= | ||
708 | google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= | ||
709 | google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= | ||
710 | google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= | ||
711 | google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= | ||
712 | google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= | ||
713 | google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= | ||
714 | google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= | ||
715 | google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= | ||
716 | google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= | ||
717 | google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= | ||
718 | google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA= | ||
719 | google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= | ||
720 | google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= | ||
721 | google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= | ||
722 | google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= | ||
723 | google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= | ||
724 | google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= | ||
725 | google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= | ||
726 | google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= | ||
727 | google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= | ||
728 | google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= | ||
729 | google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= | ||
730 | google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= | ||
731 | google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= | ||
732 | google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= | ||
733 | google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= | ||
734 | google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa h1:I0YcKz0I7OAhddo7ya8kMnvprhcWM045PmkBdMO9zN0= | ||
735 | google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= | ||
736 | google.golang.org/grpc v1.8.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= | ||
737 | google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= | ||
738 | google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= | ||
739 | google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= | ||
740 | google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= | ||
741 | google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= | ||
742 | google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= | ||
743 | google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= | ||
744 | google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= | ||
745 | google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60= | ||
746 | google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= | ||
747 | google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= | ||
748 | google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= | ||
749 | google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= | ||
750 | google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= | ||
751 | google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= | ||
752 | google.golang.org/grpc v1.41.0/go.mod h1:U3l9uK9J0sini8mHphKoXyaqDA/8VyGnDee1zzIUK6k= | ||
753 | google.golang.org/grpc v1.42.0 h1:XT2/MFpuPFsEX2fWh3YQtHkZ+WYZFQRfaUgLZYj/p6A= | ||
754 | google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= | ||
755 | google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= | ||
756 | google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= | ||
757 | google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= | ||
758 | google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= | ||
759 | google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= | ||
760 | google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= | ||
761 | google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= | ||
762 | google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= | ||
763 | google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= | ||
764 | google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= | ||
765 | google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= | ||
766 | google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= | ||
767 | google.golang.org/protobuf v1.27.1 h1:SnqbnDw1V7RiZcXPx5MEeqPv2s79L9i7BJUlG/+RurQ= | ||
768 | google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= | ||
769 | gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= | ||
34 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= | 770 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= |
771 | gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= | ||
772 | gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= | ||
773 | gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= | ||
774 | gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= | ||
775 | gopkg.in/square/go-jose.v2 v2.5.1 h1:7odma5RETjNHWJnR32wx8t+Io4djHE1PqxCFx3iiZ2w= | ||
776 | gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= | ||
777 | gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= | ||
35 | gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= | 778 | gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= |
779 | gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= | ||
780 | gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= | ||
781 | gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= | ||
782 | gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= | ||
783 | gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= | ||
784 | gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= | ||
785 | gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= | ||
786 | gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= | ||
787 | gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= | ||
788 | gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= | ||
789 | gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= | ||
790 | honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= | ||
791 | honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= | ||
792 | honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= | ||
793 | honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= | ||
794 | honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= | ||
795 | honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= | ||
796 | honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= | ||
797 | rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= | ||
798 | rsc.io/qr v0.2.0 h1:6vBLea5/NRMVTz8V66gipeLycZMl/+UlFmk8DvqQ6WY= | ||
799 | rsc.io/qr v0.2.0/go.mod h1:IF+uZjkb9fqyeF/4tlBoynqmQxUoPfWEKh921coOuXs= | ||
800 | rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= | ||
801 | rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= | ||
diff --git a/localclient.go b/localclient.go deleted file mode 100644 index c1f5c38..0000000 --- a/localclient.go +++ /dev/null | |||
@@ -1,31 +0,0 @@ | |||
1 | package main | ||
2 | |||
3 | import ( | ||
4 | "context" | ||
5 | "log" | ||
6 | "os" | ||
7 | |||
8 | "github.com/gorilla/websocket" | ||
9 | ) | ||
10 | |||
11 | type LocalClientHandler struct { | ||
12 | WebsocketServer string | ||
13 | Context context.Context | ||
14 | } | ||
15 | |||
16 | func (h *LocalClientHandler) Run() { | ||
17 | wsconn, _, err := websocket.DefaultDialer.Dial(h.WebsocketServer, nil) | ||
18 | if err != nil { | ||
19 | log.Println(err) | ||
20 | return | ||
21 | } | ||
22 | defer wsconn.Close() | ||
23 | |||
24 | errc := make(chan error) | ||
25 | ws := &WebsocketReadWriter{wsconn} | ||
26 | |||
27 | go serviceBoth(os.Stdout, ws, errc) | ||
28 | go serviceBoth(ws, os.Stdin, errc) | ||
29 | |||
30 | log.Printf("Closing client connection %s", <-errc) | ||
31 | } | ||
@@ -1,111 +1,40 @@ | |||
1 | package main | 1 | package main |
2 | 2 | ||
3 | import ( | 3 | import ( |
4 | "context" | 4 | "embed" |
5 | "errors" | ||
6 | "fmt" | ||
7 | "log" | 5 | "log" |
8 | "net/http" | ||
9 | "os" | ||
10 | "strings" | ||
11 | 6 | ||
12 | "github.com/spf13/cobra" | 7 | "code.crute.us/mcrute/ssh-proxy/app" |
13 | ) | 8 | "code.crute.us/mcrute/ssh-proxy/cmd/client" |
14 | 9 | "code.crute.us/mcrute/ssh-proxy/cmd/register" | |
15 | var version string | 10 | "code.crute.us/mcrute/ssh-proxy/cmd/web" |
16 | |||
17 | var rootCmd = &cobra.Command{ | ||
18 | Use: "websocket-proxy", | ||
19 | Version: version, | ||
20 | Short: "Proxy TCP connections over a websocket", | ||
21 | } | ||
22 | |||
23 | var clientCmd = &cobra.Command{ | ||
24 | Use: "client [server host]", | ||
25 | Short: "Act as a client for a websocket-proxy server", | ||
26 | Args: func(cmd *cobra.Command, args []string) error { | ||
27 | if len(args) != 1 || args[0] == "" { | ||
28 | return errors.New("Server host is a required argument") | ||
29 | } | ||
30 | if !strings.HasPrefix(args[0], "ws://") && !strings.HasPrefix(args[0], "wss://") { | ||
31 | return errors.New("Server host format is ws[s]://host[:port]/[path]") | ||
32 | } | ||
33 | return nil | ||
34 | }, | ||
35 | Run: func(cmd *cobra.Command, args []string) { | ||
36 | listenOn := cmd.Flag("listen").Value.String() | ||
37 | |||
38 | // TODO: Handle signals | ||
39 | ctx, cancel := context.WithCancel(context.Background()) | ||
40 | defer cancel() | ||
41 | |||
42 | h := &ClientHandler{ | ||
43 | SocketListenOn: listenOn, | ||
44 | WebsocketServer: args[0], | ||
45 | Context: ctx, | ||
46 | } | ||
47 | 11 | ||
48 | log.Printf("Serving on %s", listenOn) | 12 | "code.crute.us/mcrute/golib/cli" |
49 | h.Run() | ||
50 | }, | ||
51 | } | ||
52 | |||
53 | var localClientCmd = &cobra.Command{ | ||
54 | Use: "localclient [server host]", | ||
55 | Short: "Act as a client for a websocket-proxy server", | ||
56 | Args: func(cmd *cobra.Command, args []string) error { | ||
57 | if len(args) != 1 || args[0] == "" { | ||
58 | return errors.New("Server host is a required argument") | ||
59 | } | ||
60 | if !strings.HasPrefix(args[0], "ws://") && !strings.HasPrefix(args[0], "wss://") { | ||
61 | return errors.New("Server host format is ws[s]://host[:port]/[path]") | ||
62 | } | ||
63 | return nil | ||
64 | }, | ||
65 | Run: func(cmd *cobra.Command, args []string) { | ||
66 | // TODO: Handle signals | ||
67 | ctx, cancel := context.WithCancel(context.Background()) | ||
68 | defer cancel() | ||
69 | 13 | ||
70 | h := &LocalClientHandler{ | 14 | "github.com/spf13/cobra" |
71 | WebsocketServer: args[0], | ||
72 | Context: ctx, | ||
73 | } | ||
74 | 15 | ||
75 | h.Run() | 16 | // Import backup data. By default zoneinfo is installed in the docker image |
76 | }, | 17 | // if something breaks this will still result in us having correct TZ info. |
77 | } | 18 | _ "time/tzdata" |
19 | ) | ||
78 | 20 | ||
79 | var serverCmd = &cobra.Command{ | 21 | //go:embed templates |
80 | Use: "server [next-hop host]", | 22 | var embeddedTemplates embed.FS |
81 | Short: "Serve websocket proxy client", | ||
82 | Args: func(cmd *cobra.Command, args []string) error { | ||
83 | if len(args) != 1 || args[0] == "" { | ||
84 | return errors.New("Next-hop host is a required argument") | ||
85 | } | ||
86 | return nil | ||
87 | }, | ||
88 | Run: func(cmd *cobra.Command, args []string) { | ||
89 | listenOn := cmd.Flag("listen").Value.String() | ||
90 | log.Printf("Serving on %s", listenOn) | ||
91 | 23 | ||
92 | http.Handle("/", NewServerHandler(args[0])) | 24 | var appVersion string |
93 | log.Fatal(http.ListenAndServe(listenOn, nil)) | ||
94 | }, | ||
95 | } | ||
96 | 25 | ||
97 | func main() { | 26 | func main() { |
98 | log.SetOutput(os.Stderr) | 27 | rootCmd := &cobra.Command{ |
99 | 28 | Use: "web-server", | |
100 | rootCmd.AddCommand(clientCmd) | 29 | Short: "SSH proxy web server", |
101 | rootCmd.AddCommand(localClientCmd) | 30 | } |
102 | rootCmd.AddCommand(serverCmd) | 31 | cli.AddFlags(rootCmd, &app.Config{}, app.DefaultConfig, "") |
103 | 32 | ||
104 | clientCmd.Flags().StringP("listen", "l", ":9013", "[address]:port to bind for serving clients") | 33 | web.Register(rootCmd, embeddedTemplates, appVersion) |
105 | serverCmd.Flags().StringP("listen", "l", ":9012", "[address]:port to bind for serving clients") | 34 | client.Register(rootCmd) |
35 | register.Register(rootCmd) | ||
106 | 36 | ||
107 | if err := rootCmd.Execute(); err != nil { | 37 | if err := rootCmd.Execute(); err != nil { |
108 | fmt.Println(err) | 38 | log.Fatalf("Error running root command: %s", err) |
109 | os.Exit(1) | ||
110 | } | 39 | } |
111 | } | 40 | } |
diff --git a/proxy/copier.go b/proxy/copier.go new file mode 100644 index 0000000..e10cba6 --- /dev/null +++ b/proxy/copier.go | |||
@@ -0,0 +1,8 @@ | |||
1 | package proxy | ||
2 | |||
3 | import "io" | ||
4 | |||
5 | func CopyWithErrors(dst io.Writer, src io.Reader, errc chan<- error) { | ||
6 | _, err := io.Copy(dst, src) | ||
7 | errc <- err | ||
8 | } | ||
diff --git a/sockets.go b/proxy/ws_read_writer.go index 319b548..b064019 100644 --- a/sockets.go +++ b/proxy/ws_read_writer.go | |||
@@ -1,8 +1,7 @@ | |||
1 | package main | 1 | package proxy |
2 | 2 | ||
3 | import ( | 3 | import ( |
4 | "fmt" | 4 | "fmt" |
5 | "io" | ||
6 | 5 | ||
7 | "github.com/gorilla/websocket" | 6 | "github.com/gorilla/websocket" |
8 | ) | 7 | ) |
@@ -35,7 +34,6 @@ func (w *WebsocketReadWriter) Write(p []byte) (int, error) { | |||
35 | return len(p), nil | 34 | return len(p), nil |
36 | } | 35 | } |
37 | 36 | ||
38 | func serviceBoth(dst io.Writer, src io.Reader, errc chan<- error) { | 37 | func (w *WebsocketReadWriter) Close() error { |
39 | _, err := io.Copy(dst, src) | 38 | return w.W.Close() |
40 | errc <- err | ||
41 | } | 39 | } |
diff --git a/server.go b/server.go deleted file mode 100644 index 9a9d897..0000000 --- a/server.go +++ /dev/null | |||
@@ -1,53 +0,0 @@ | |||
1 | package main | ||
2 | |||
3 | import ( | ||
4 | "log" | ||
5 | "net" | ||
6 | "net/http" | ||
7 | |||
8 | "github.com/gorilla/websocket" | ||
9 | ) | ||
10 | |||
11 | type ServerHandler struct { | ||
12 | ProxyToHost string | ||
13 | upgrader websocket.Upgrader | ||
14 | } | ||
15 | |||
16 | func NewServerHandler(proxyToHost string) *ServerHandler { | ||
17 | return &ServerHandler{ | ||
18 | ProxyToHost: proxyToHost, | ||
19 | upgrader: websocket.Upgrader{ | ||
20 | ReadBufferSize: 1024, | ||
21 | WriteBufferSize: 1024, | ||
22 | }, | ||
23 | } | ||
24 | } | ||
25 | |||
26 | func (h *ServerHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { | ||
27 | log.Println("Got new HTTP connection") | ||
28 | |||
29 | wsconn, err := h.upgrader.Upgrade(w, r, nil) | ||
30 | if err != nil { | ||
31 | log.Printf("error: ServeHTTP: %s", err) | ||
32 | return | ||
33 | } | ||
34 | defer wsconn.Close() | ||
35 | |||
36 | proxyconn, err := net.Dial("tcp", h.ProxyToHost) | ||
37 | if err != nil { | ||
38 | log.Printf("error: ServeHTTP: %s", err) | ||
39 | return | ||
40 | } | ||
41 | defer proxyconn.Close() | ||
42 | |||
43 | log.Println("Connected to SSH server") | ||
44 | |||
45 | errc := make(chan error) | ||
46 | ws := &WebsocketReadWriter{wsconn} | ||
47 | |||
48 | go serviceBoth(proxyconn, ws, errc) | ||
49 | go serviceBoth(ws, proxyconn, errc) | ||
50 | |||
51 | <-errc | ||
52 | log.Println("Closing client server") | ||
53 | } | ||
diff --git a/templates/404.tpl b/templates/404.tpl new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/templates/404.tpl | |||
diff --git a/templates/40x.tpl b/templates/40x.tpl new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/templates/40x.tpl | |||
diff --git a/templates/50x.tpl b/templates/50x.tpl new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/templates/50x.tpl | |||
diff --git a/templates/footer.tpl b/templates/footer.tpl new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/templates/footer.tpl | |||
diff --git a/templates/header.tpl b/templates/header.tpl new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/templates/header.tpl | |||
diff --git a/templates/login.tpl b/templates/login.tpl new file mode 100644 index 0000000..0323409 --- /dev/null +++ b/templates/login.tpl | |||
@@ -0,0 +1,137 @@ | |||
1 | <!doctype html> | ||
2 | <html lang="en"> | ||
3 | <head> | ||
4 | <meta charset="utf-8" /> | ||
5 | <meta name="viewport" content="width=device-width, initial-scale=1"> | ||
6 | <meta name="render-time" content="{{ .RenderTime }}"> | ||
7 | {{ if .Context.HasKey "title" }}<title>{{ .Context.Get "title" }}</title>{{ else }}<title>SSH Proxy</title>{{ end }} | ||
8 | |||
9 | <script type="text/javascript"> | ||
10 | /* | ||
11 | * Base64URL-ArrayBuffer | ||
12 | * https://github.com/herrjemand/Base64URL-ArrayBuffer | ||
13 | * | ||
14 | * Copyright (c) 2017 Yuriy Ackermann <ackermann.yuriy@gmail.com> | ||
15 | * Copyright (c) 2012 Niklas von Hertzen | ||
16 | * Licensed under the MIT license. | ||
17 | * | ||
18 | */ | ||
19 | (function(){ | ||
20 | 'use strict'; | ||
21 | |||
22 | let chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_'; | ||
23 | |||
24 | // Use a lookup table to find the index. | ||
25 | let lookup = new Uint8Array(256); | ||
26 | for (let i = 0; i < chars.length; i++) { | ||
27 | lookup[chars.charCodeAt(i)] = i; | ||
28 | } | ||
29 | |||
30 | let encode = function(arraybuffer) { | ||
31 | let bytes = new Uint8Array(arraybuffer), | ||
32 | i, len = bytes.length, base64url = ''; | ||
33 | |||
34 | for (i = 0; i < len; i+=3) { | ||
35 | base64url += chars[bytes[i] >> 2]; | ||
36 | base64url += chars[((bytes[i] & 3) << 4) | (bytes[i + 1] >> 4)]; | ||
37 | base64url += chars[((bytes[i + 1] & 15) << 2) | (bytes[i + 2] >> 6)]; | ||
38 | base64url += chars[bytes[i + 2] & 63]; | ||
39 | } | ||
40 | |||
41 | if ((len % 3) === 2) { | ||
42 | base64url = base64url.substring(0, base64url.length - 1); | ||
43 | } else if (len % 3 === 1) { | ||
44 | base64url = base64url.substring(0, base64url.length - 2); | ||
45 | } | ||
46 | |||
47 | return base64url; | ||
48 | }; | ||
49 | |||
50 | let decode = function(base64string) { | ||
51 | let bufferLength = base64string.length * 0.75, | ||
52 | len = base64string.length, i, p = 0, | ||
53 | encoded1, encoded2, encoded3, encoded4; | ||
54 | |||
55 | let bytes = new Uint8Array(bufferLength); | ||
56 | |||
57 | for (i = 0; i < len; i+=4) { | ||
58 | encoded1 = lookup[base64string.charCodeAt(i)]; | ||
59 | encoded2 = lookup[base64string.charCodeAt(i+1)]; | ||
60 | encoded3 = lookup[base64string.charCodeAt(i+2)]; | ||
61 | encoded4 = lookup[base64string.charCodeAt(i+3)]; | ||
62 | |||
63 | bytes[p++] = (encoded1 << 2) | (encoded2 >> 4); | ||
64 | bytes[p++] = ((encoded2 & 15) << 4) | (encoded3 >> 2); | ||
65 | bytes[p++] = ((encoded3 & 3) << 6) | (encoded4 & 63); | ||
66 | } | ||
67 | |||
68 | return bytes.buffer | ||
69 | }; | ||
70 | |||
71 | window.base64url = { | ||
72 | 'decode': decode, | ||
73 | 'encode': encode | ||
74 | }; | ||
75 | })(); | ||
76 | </script> | ||
77 | |||
78 | <script type="text/javascript"> | ||
79 | window.addEventListener("load", _ => { | ||
80 | const urlParams = new URLSearchParams(window.location.search); | ||
81 | const code = urlParams.get("code"); | ||
82 | if (code !== "") { | ||
83 | document.getElementById("code").value = code; | ||
84 | } | ||
85 | |||
86 | document.getElementById("login").addEventListener("click", evt => { | ||
87 | evt.preventDefault(); | ||
88 | |||
89 | var username = document.getElementById("username"); | ||
90 | fetch("/auth/login/" + username.value) | ||
91 | .then((result) => result.json()) | ||
92 | .then((data) => { | ||
93 | data.publicKey.challenge = base64url.decode(data.publicKey.challenge); | ||
94 | data.publicKey.allowCredentials.forEach(e => e.id = base64url.decode(e.id)); | ||
95 | |||
96 | navigator.credentials.get(data) | ||
97 | .then((credential) => { | ||
98 | fetch("/auth/login/" + username.value, { | ||
99 | method: "POST", | ||
100 | mode: "same-origin", | ||
101 | headers: { | ||
102 | "Content-Type": "application/json", | ||
103 | "X-CSRF-Token": "{{ .CSRFToken }}" | ||
104 | }, | ||
105 | body: JSON.stringify({ | ||
106 | code: document.getElementById("code").value, | ||
107 | type: credential.type, | ||
108 | id: credential.id, | ||
109 | rawId: base64url.encode(credential.rawId), | ||
110 | response: { | ||
111 | authenticatorData: base64url.encode(credential.response.authenticatorData), | ||
112 | clientDataJSON: base64url.encode(credential.response.clientDataJSON), | ||
113 | signature: base64url.encode(credential.response.signature), | ||
114 | userHandle: base64url.encode(credential.response.userHandle) | ||
115 | } | ||
116 | }) | ||
117 | }) | ||
118 | .then((response) => { | ||
119 | if (response.ok) { document.body.innerHTML = "<h1>Success</h1>"; } | ||
120 | else { document.body.innerHTML = "<h1>Failure</h1>"; } | ||
121 | }); | ||
122 | }); | ||
123 | }); | ||
124 | }); | ||
125 | }); | ||
126 | </script> | ||
127 | </head> | ||
128 | |||
129 | <body> | ||
130 | <form> | ||
131 | <label for="code">Code: <input type="text" name="code" id="code" /></label><br/> | ||
132 | <label for="username">Username: <input type="text" name="username" id="username" autocorrect="off" autocapitalize="none" autocomplete="username" /></label><br/> | ||
133 | <input type="hidden" value="{{ .CSRFToken }}" name="csrf-token" /> | ||
134 | <input type="submit" id="login" value="Login" /> | ||
135 | </form> | ||
136 | </body> | ||
137 | </html> | ||
diff --git a/templates/register.tpl b/templates/register.tpl new file mode 100644 index 0000000..794ddaa --- /dev/null +++ b/templates/register.tpl | |||
@@ -0,0 +1,146 @@ | |||
1 | <!doctype html> | ||
2 | <html lang="en"> | ||
3 | <head> | ||
4 | <meta charset="utf-8" /> | ||
5 | <meta name="viewport" content="width=device-width, initial-scale=1"> | ||
6 | <meta name="render-time" content="{{ .RenderTime }}"> | ||
7 | {{ if .Context.HasKey "title" }}<title>{{ .Context.Get "title" }}</title>{{ else }}<title>SSH Proxy</title>{{ end }} | ||
8 | </head> | ||
9 | |||
10 | <body> | ||
11 | <script type="text/javascript"> | ||
12 | /* | ||
13 | * Base64URL-ArrayBuffer | ||
14 | * https://github.com/herrjemand/Base64URL-ArrayBuffer | ||
15 | * | ||
16 | * Copyright (c) 2017 Yuriy Ackermann <ackermann.yuriy@gmail.com> | ||
17 | * Copyright (c) 2012 Niklas von Hertzen | ||
18 | * Licensed under the MIT license. | ||
19 | * | ||
20 | */ | ||
21 | (function(){ | ||
22 | 'use strict'; | ||
23 | |||
24 | let chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_'; | ||
25 | |||
26 | // Use a lookup table to find the index. | ||
27 | let lookup = new Uint8Array(256); | ||
28 | for (let i = 0; i < chars.length; i++) { | ||
29 | lookup[chars.charCodeAt(i)] = i; | ||
30 | } | ||
31 | |||
32 | let encode = function(arraybuffer) { | ||
33 | let bytes = new Uint8Array(arraybuffer), | ||
34 | i, len = bytes.length, base64url = ''; | ||
35 | |||
36 | for (i = 0; i < len; i+=3) { | ||
37 | base64url += chars[bytes[i] >> 2]; | ||
38 | base64url += chars[((bytes[i] & 3) << 4) | (bytes[i + 1] >> 4)]; | ||
39 | base64url += chars[((bytes[i + 1] & 15) << 2) | (bytes[i + 2] >> 6)]; | ||
40 | base64url += chars[bytes[i + 2] & 63]; | ||
41 | } | ||
42 | |||
43 | if ((len % 3) === 2) { | ||
44 | base64url = base64url.substring(0, base64url.length - 1); | ||
45 | } else if (len % 3 === 1) { | ||
46 | base64url = base64url.substring(0, base64url.length - 2); | ||
47 | } | ||
48 | |||
49 | return base64url; | ||
50 | }; | ||
51 | |||
52 | let decode = function(base64string) { | ||
53 | let bufferLength = base64string.length * 0.75, | ||
54 | len = base64string.length, i, p = 0, | ||
55 | encoded1, encoded2, encoded3, encoded4; | ||
56 | |||
57 | let bytes = new Uint8Array(bufferLength); | ||
58 | |||
59 | for (i = 0; i < len; i+=4) { | ||
60 | encoded1 = lookup[base64string.charCodeAt(i)]; | ||
61 | encoded2 = lookup[base64string.charCodeAt(i+1)]; | ||
62 | encoded3 = lookup[base64string.charCodeAt(i+2)]; | ||
63 | encoded4 = lookup[base64string.charCodeAt(i+3)]; | ||
64 | |||
65 | bytes[p++] = (encoded1 << 2) | (encoded2 >> 4); | ||
66 | bytes[p++] = ((encoded2 & 15) << 4) | (encoded3 >> 2); | ||
67 | bytes[p++] = ((encoded3 & 3) << 6) | (encoded4 & 63); | ||
68 | } | ||
69 | |||
70 | return bytes.buffer | ||
71 | }; | ||
72 | |||
73 | window.base64url = { | ||
74 | 'decode': decode, | ||
75 | 'encode': encode | ||
76 | }; | ||
77 | })(); | ||
78 | |||
79 | var request = {{ .Model.WebautnRequest }}; | ||
80 | request.publicKey.challenge = base64url.decode(request.publicKey.challenge); | ||
81 | {{ if .Model.LoginMode }} | ||
82 | request.publicKey.allowCredentials.forEach(e => e.id = base64url.decode(e.id)); | ||
83 | {{ else }} | ||
84 | request.publicKey.user.id = base64url.decode(request.publicKey.user.id); | ||
85 | {{ end }} | ||
86 | |||
87 | {{ if .Model.LoginMode }} | ||
88 | navigator.credentials.get(request) | ||
89 | .then((credential) => { | ||
90 | console.log(credential); | ||
91 | |||
92 | fetch(document.URL, { | ||
93 | method: "POST", | ||
94 | mode: "same-origin", | ||
95 | headers: { | ||
96 | "Content-Type": "application/json", | ||
97 | "X-CSRF-Token": "{{ .CSRFToken }}" | ||
98 | }, | ||
99 | body: JSON.stringify({ | ||
100 | type: credential.type, | ||
101 | id: credential.id, | ||
102 | rawId: base64url.encode(credential.rawId), | ||
103 | response: { | ||
104 | authenticatorData: base64url.encode(credential.response.authenticatorData), | ||
105 | clientDataJSON: base64url.encode(credential.response.clientDataJSON), | ||
106 | signature: base64url.encode(credential.response.signature), | ||
107 | userHandle: base64url.encode(credential.response.userHandle) | ||
108 | } | ||
109 | }) | ||
110 | }) | ||
111 | .then((response) => { | ||
112 | if (response.ok) { document.body.innerHTML = "<h1>Success</h1>"; } | ||
113 | else { document.body.innerHTML = "<h1>Failure</h1>"; } | ||
114 | }); | ||
115 | }); | ||
116 | {{ else }} | ||
117 | navigator.credentials.create(request) | ||
118 | .then((credential) => { | ||
119 | console.log(credential); | ||
120 | |||
121 | fetch(document.URL, { | ||
122 | method: "POST", | ||
123 | mode: "same-origin", | ||
124 | headers: { | ||
125 | "Content-Type": "application/json", | ||
126 | "X-CSRF-Token": "{{ .CSRFToken }}" | ||
127 | }, | ||
128 | body: JSON.stringify({ | ||
129 | type: credential.type, | ||
130 | id: credential.id, | ||
131 | rawId: base64url.encode(credential.rawId), | ||
132 | response: { | ||
133 | clientDataJSON: base64url.encode(credential.response.clientDataJSON), | ||
134 | attestationObject: base64url.encode(credential.response.attestationObject) | ||
135 | } | ||
136 | }) | ||
137 | }) | ||
138 | .then((response) => { | ||
139 | if (response.ok) { document.body.innerHTML = "<h1>Success</h1>"; } | ||
140 | else { document.body.innerHTML = "<h1>Failure</h1>"; } | ||
141 | }); | ||
142 | }); | ||
143 | {{ end }} | ||
144 | </script> | ||
145 | </body> | ||
146 | </html> | ||