summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Crute <mike@crute.us>2023-07-29 12:15:13 -0700
committerMike Crute <mike@crute.us>2023-07-29 12:15:13 -0700
commit4e995f9e6c3adc43a361b6fa9b976d25378f1594 (patch)
tree862642149583fa4ad662edfe0b31a7d65b8e302e
parentfea07831eadd35532055ec16fc43b0cde56a54b1 (diff)
downloadwebsocket_proxy-4e995f9e6c3adc43a361b6fa9b976d25378f1594.tar.bz2
websocket_proxy-4e995f9e6c3adc43a361b6fa9b976d25378f1594.tar.xz
websocket_proxy-4e995f9e6c3adc43a361b6fa9b976d25378f1594.zip
Initial import of rewrite
Diffstat
-rw-r--r--.gitignore5
-rw-r--r--Dockerfile10
-rw-r--r--Makefile54
-rw-r--r--app/config.go45
-rw-r--r--app/controllers/ca.go172
-rw-r--r--app/controllers/login.go117
-rw-r--r--app/controllers/oauth2_device.go129
-rw-r--r--app/controllers/proxy.go78
-rw-r--r--app/controllers/register.go78
-rw-r--r--app/middleware/token_auth.go76
-rw-r--r--app/models/auth_session.go75
-rw-r--r--app/models/auth_session_mongodb.go45
-rw-r--r--app/models/auth_session_util.go25
-rw-r--r--app/models/oauth2.go103
-rw-r--r--app/models/oauth_client.go27
-rw-r--r--app/models/user.go63
-rw-r--r--app/session.go46
-rw-r--r--app/templates.go18
-rw-r--r--client.go54
-rw-r--r--cmd/client/client.go226
-rw-r--r--cmd/client/oauth2.go158
-rw-r--r--cmd/register/register.go71
-rw-r--r--cmd/web/server.go257
-rw-r--r--db/mongodb_store.go72
-rw-r--r--go.mod101
-rw-r--r--go.sum814
-rw-r--r--localclient.go31
-rw-r--r--main.go117
-rw-r--r--proxy/copier.go8
-rw-r--r--proxy/ws_read_writer.go (renamed from sockets.go)8
-rw-r--r--server.go53
-rw-r--r--templates/404.tpl0
-rw-r--r--templates/40x.tpl0
-rw-r--r--templates/50x.tpl0
-rw-r--r--templates/footer.tpl0
-rw-r--r--templates/header.tpl0
-rw-r--r--templates/login.tpl137
-rw-r--r--templates/register.tpl146
38 files changed, 3130 insertions, 289 deletions
diff --git a/.gitignore b/.gitignore
index 6a0c633..048c44e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,5 @@
1/websocket-proxy 1/ssh-proxy
2/ssh-proxy-client
3/ssl/
2/docker/ 4/docker/
5/test.sh
diff --git a/Dockerfile b/Dockerfile
deleted file mode 100644
index 52f657c..0000000
--- a/Dockerfile
+++ /dev/null
@@ -1,10 +0,0 @@
1FROM alpine:edge
2
3RUN set -euxo pipefail; \
4 apk --no-cache add ca-certificates;
5
6
7ADD websocket-proxy /usr/local/bin/
8
9ENTRYPOINT [ "/usr/local/bin/websocket-proxy" ]
10CMD [ "help" ]
diff --git a/Makefile b/Makefile
index 3e599d0..6038948 100644
--- a/Makefile
+++ b/Makefile
@@ -1,22 +1,52 @@
1IMAGE="docker.crute.me/websocket-proxy" 1IMAGE=docker.crute.me/ssh-proxy
2VERSION="0.1.0" 2BINARY=ssh-proxy
3 3
4websocket-proxy: main.go sockets.go server.go client.go localclient.go 4$(BINARY): $(shell find . -name '*.go')
5 CGO_ENABLED=0 go build -ldflags "-X main.version=$(VERSION)" -o $@ $^ 5 @[ "$(CLIENT_ID)" ] || ( echo "CLIENT_ID must be set"; exit 1 )
6
7 CGO_ENABLED=0 go build \
8 -ldflags "-X main.appVersion=$(shell git describe --long --tags --dirty --always) \
9 -X code.crute.us/mcrute/ssh-proxy/cmd/client.clientId=$(CLIENT_ID)" \
10 -o $@
11
12.PHONY: vet
13vet: main.go
14 go vet $<
6 15
7.PHONY: docker 16.PHONY: docker
8docker: websocket-proxy 17docker: $(BINARY)
9 mkdir docker; \ 18 mkdir docker; cp Dockerfile web-server docker; cd docker; \
10 cp Dockerfile websocket-proxy docker; \ 19 docker pull $(shell grep '^FROM ' Dockerfile | cut -d' ' -f2); \
11 cd docker; \ 20 docker build --no-cache -t $(IMAGE):stage .
12 docker build -t $(IMAGE):$(VERSION) .
13 21
14.PHONY: publish 22.PHONY: publish
15publish: 23publish:
16 docker push $(IMAGE):$(VERSION) 24 docker push $(IMAGE):stage
17 docker tag $(IMAGE):$(VERSION) $(IMAGE):latest 25
26.PHONY: publish-prod
27publish-prod:
28 docker tag $(IMAGE):stage $(IMAGE):latest
18 docker push $(IMAGE):latest 29 docker push $(IMAGE):latest
19 30
20.PHONY: clean 31.PHONY: clean
21clean: 32clean:
22 rm -rf websocket-proxy docker 33 rm -rf docker || true
34 rm $(BINARY) || true
35
36.PHONY: run-backfill
37run-backfill: clean $(BINARY)
38 test -n "$(VAULT_ROLE_ID)" # Caller must export VAULT_ROLE_ID
39 test -n "$(VAULT_SECRET_ID)" # Caller must also export VAULT_SECRET_ID
40 VAULT_ADDR="https://vault.sea4.crute.me:8200" \
41 VAULT_SKIP_VERIFY=true \
42 ./web-server backfill-shakes
43
44.PHONY: run-web
45run-web: clean $(BINARY)
46 test -n "$(VAULT_ROLE_ID)" # Caller must export VAULT_ROLE_ID
47 test -n "$(VAULT_SECRET_ID)" # Caller must also export VAULT_SECRET_ID
48 VAULT_ADDR="https://vault.sea4.crute.me:8200" \
49 VAULT_SKIP_VERIFY=true \
50 ./$(BINARY) --debug \
51 --hostname=dev.ssh-proxy.crute.me \
52 web
diff --git a/app/config.go b/app/config.go
new file mode 100644
index 0000000..2ffd0cb
--- /dev/null
+++ b/app/config.go
@@ -0,0 +1,45 @@
1package app
2
3import "time"
4
5type Config struct {
6 Bind []string `flag:"bind" flag-scope:"web" flag-help:"Addresses and ports to bind http server"`
7 Debug bool `flag:"debug" flag-help:"Enable debug mode"`
8 MongoDbUri string `flag:"mongodb-uri" flag-scope:"web,register" flag-help:"URI for connection to mongodb"`
9 DisableBackgroundJobs bool `flag:"disable-bg-jobs" flag-scope:"web" flag-help:"Disable background jobs and only serve web pages"`
10 Hostnames []string `flag:"hostname" flag-scope:"web" flag-help:"Hostname this server serves (can be specified multiple times)"`
11 TrustedIPRanges []string `flag:"trusted-ip-ranges" flag-scope:"web" flag-help:"Comma separated list of IP ranges for trusted XFF proxies"`
12 DNSApiKeyVaultPath string `flag:"dns-api-vault-path" flag-scope:"web" flag-help:"Vault material for DNS API key"`
13 AutocertEmail string `flag:"autocert-email" flag-scope:"web" flag-help:"Autocert notification email"`
14 AutocertHost string `flag:"autocert-host" flag-scope:"web" flag-help:"Autocert service url"`
15 NetboxHost string `flag:"netbox-host" flag-scope:"web" flag-help:"Netbox service url"`
16 NetboxApiKeyVaultPath string `flag:"netbox-api-vault-path" flag-scope:"web" flag-help:"Vault material path for Netbox API key"`
17 CookieKeyPath string `flag:"cookie-key-path" flag-scope:"web" flag-help:"Vault material path for cookie encryption key"`
18 SSHCAKeyPath string `flag:"ssh-ca-key-path" flag-scope:"web" flag-help:"Vault material path for SSH CA key"`
19 SSHCertificateExpiration time.Duration `flag:"ssh-cert-expire" flag-scope:"web" flag-help:"Lifetime duration of signed SSH certificates"`
20 OauthRPName string `flag:"oauth-rp-name" flag-scope:"web" flag-help:"Name of Oauth2 relying party for auth"`
21 OauthDevicePollSecs int `flag:"oauth-device-poll-secs" flag-scope:"web" flag-help:"Number of seconds between polls for oauth device flow"`
22 OauthSessionTimeout time.Duration `flag:"oauth-session-timelut" flag-scope:"web" flag-help:"Timeout before oauth session expires"`
23 InviteTimeout time.Duration `flag:"invite-timeout" flag-scope:"register" flag-help:"Timeout before inivitation code expires"`
24}
25
26var DefaultConfig = &Config{
27 Bind: []string{":8069"},
28 Debug: false,
29 MongoDbUri: "ssh-proxy-prod@mongodb.sea4.crute.me/ssh-proxy-prod",
30 DisableBackgroundJobs: false,
31 Hostnames: []string{"ssh-proxy.crute.me"},
32 TrustedIPRanges: []string{"172.19.0.0/22", "2602:803:4072::/48"},
33 DNSApiKeyVaultPath: "service/ssh-proxy/dns-api-key",
34 AutocertEmail: "letsencrypt-certs@pomonaconsulting.com",
35 AutocertHost: "https://dns-manage.crute.me/acmev2",
36 NetboxHost: "https://netbox.crute.me",
37 NetboxApiKeyVaultPath: "infra/netbox-readonly",
38 CookieKeyPath: "service/ssh-proxy/cookie-key",
39 SSHCAKeyPath: "service/ssh-proxy/ssh-ca-key",
40 SSHCertificateExpiration: time.Minute,
41 OauthRPName: "Crute SSH Proxy",
42 OauthDevicePollSecs: 5,
43 OauthSessionTimeout: 5 * time.Minute,
44 InviteTimeout: 1 * time.Hour,
45}
diff --git a/app/controllers/ca.go b/app/controllers/ca.go
new file mode 100644
index 0000000..632db50
--- /dev/null
+++ b/app/controllers/ca.go
@@ -0,0 +1,172 @@
1package controllers
2
3import (
4 "crypto/rand"
5 "fmt"
6 "io"
7 "net/http"
8 "strings"
9 "time"
10
11 "code.crute.us/mcrute/ssh-proxy/app/middleware"
12 "code.crute.us/mcrute/ssh-proxy/app/models"
13 "github.com/labstack/echo/v4"
14 "golang.org/x/crypto/ssh"
15)
16
17type CASecret struct {
18 Key string `mapstructure:"key"`
19}
20
21type CAHandlerConfig struct {
22 Logger echo.Logger
23 Users models.UserStore
24 Expiration time.Duration
25 Secret CASecret
26}
27
28type CAHandler struct {
29 Logger echo.Logger
30 Users models.UserStore
31 Expiration time.Duration
32 signer ssh.Signer
33}
34
35func NewCAHandler(cfg CAHandlerConfig) (*CAHandler, error) {
36 signer, err := ssh.ParsePrivateKey([]byte(cfg.Secret.Key))
37 if err != nil {
38 return nil, err
39 }
40
41 cfg.Logger.Infof("CA Authorized Key: %s", ssh.MarshalAuthorizedKey(signer.PublicKey()))
42
43 return &CAHandler{
44 Logger: cfg.Logger,
45 Users: cfg.Users,
46 Expiration: cfg.Expiration,
47 signer: signer,
48 }, nil
49}
50
51func (h *CAHandler) authorizeRequest(c echo.Context, certRequest *ssh.Certificate) error {
52 session := middleware.GetAuthorizedSession(c)
53
54 user, err := h.Users.Get(c.Request().Context(), session.UserId)
55 if err != nil {
56 return err
57 }
58
59 if user.Username != certRequest.ValidPrincipals[0] {
60 return fmt.Errorf("Authenticated username and cert username must match")
61 }
62
63 if !session.HasScope("ca:issue") {
64 return fmt.Errorf("Authorized session does not have scope ca:issue")
65 }
66
67 if certRequest.Extensions == nil {
68 return fmt.Errorf("Cert request extensions are empty")
69 }
70
71 hostLine, ok := certRequest.Extensions["allowed-hosts"]
72 if !ok {
73 return fmt.Errorf("Cert request allowed-hosts is blank")
74 }
75
76 for _, host := range strings.Split(hostLine, ",") {
77 if !user.AuthorizedForHost(host) {
78 return fmt.Errorf("User %s is not authorized for host %s", session.UserId, host)
79 }
80 }
81
82 h.Logger.Infof("Allowing user %s to obtain SSH certificate for hosts %s", user.Username, hostLine)
83 return nil
84}
85
86func (h *CAHandler) verifyRequestSignature(c *ssh.Certificate) error {
87 // Copied from ssh.Certificate#bytesForSigning
88 // https://cs.opensource.google/go/x/crypto/+/refs/tags/v0.11.0:ssh/certs.go;l=499-505
89 c2 := *c
90 c2.Signature = nil
91 out := c2.Marshal()
92 // Drop trailing signature length.
93 return c.Verify(out[:len(out)-4], c.Signature)
94}
95
96func (h *CAHandler) HandleIssue(c echo.Context) error {
97 req, err := io.ReadAll(c.Request().Body)
98 if err != nil {
99 return c.JSON(http.StatusBadRequest, map[string]string{
100 "error": "Unable to read request body",
101 })
102 }
103
104 pubkey, _, _, _, err := ssh.ParseAuthorizedKey(req)
105 if err != nil {
106 return c.JSON(http.StatusBadRequest, map[string]string{
107 "error": "Error parsing certificate request",
108 })
109 }
110
111 certRequest, ok := pubkey.(*ssh.Certificate)
112 if !ok {
113 return c.JSON(http.StatusBadRequest, map[string]string{
114 "error": "Invalid format for certificate request",
115 })
116 }
117
118 if certRequest.CertType != ssh.UserCert {
119 return c.JSON(http.StatusBadRequest, map[string]string{
120 "error": "This CA only issues user certificates",
121 })
122 }
123
124 if len(certRequest.ValidPrincipals) != 1 {
125 return c.JSON(http.StatusBadRequest, map[string]string{
126 "error": "Invalid number of principals specified",
127 })
128 }
129
130 // Kinda silly I guess but at least proves that the requestor
131 // is in posession of the private key that we're signing
132 if err := h.verifyRequestSignature(certRequest); err != nil {
133 h.Logger.Error(err)
134 return c.JSON(http.StatusUnauthorized, map[string]string{
135 "error": "Invalid signature",
136 })
137 }
138
139 if err := h.authorizeRequest(c, certRequest); err != nil {
140 h.Logger.Error(err)
141 return c.JSON(http.StatusUnauthorized, map[string]string{
142 "error": "Not authorized",
143 })
144 }
145
146 utcNow := time.Now().UTC()
147
148 // Serial doesn't really matter since these are so short lived and we
149 // won't be revoking them
150 certToIssue := &ssh.Certificate{
151 Key: certRequest.Key,
152 Serial: uint64(utcNow.Unix()),
153 CertType: ssh.UserCert,
154 KeyId: fmt.Sprintf("%s_%d", certRequest.ValidPrincipals[0], utcNow.Unix()),
155 ValidPrincipals: certRequest.ValidPrincipals,
156 ValidAfter: uint64(utcNow.Add(-5 * time.Minute).Unix()),
157 ValidBefore: uint64(utcNow.Add(h.Expiration).Unix()),
158 Permissions: ssh.Permissions{
159 Extensions: map[string]string{
160 "permit-pty": "",
161 },
162 },
163 }
164
165 if err := certToIssue.SignCert(rand.Reader, h.signer); err != nil {
166 return c.JSON(http.StatusBadRequest, map[string]string{
167 "error": "Error signing certificate",
168 })
169 }
170
171 return c.Blob(http.StatusOK, "application/x-ssh-certificate", ssh.MarshalAuthorizedKey(certToIssue))
172}
diff --git a/app/controllers/login.go b/app/controllers/login.go
new file mode 100644
index 0000000..603eb20
--- /dev/null
+++ b/app/controllers/login.go
@@ -0,0 +1,117 @@
1package controllers
2
3import (
4 "bytes"
5 "encoding/json"
6 "io"
7 "net/http"
8 "time"
9
10 "code.crute.us/mcrute/golib/echo/session"
11 "code.crute.us/mcrute/ssh-proxy/app"
12 "code.crute.us/mcrute/ssh-proxy/app/models"
13 "github.com/go-webauthn/webauthn/protocol"
14 "github.com/go-webauthn/webauthn/webauthn"
15 "github.com/labstack/echo/v4"
16)
17
18type LoginController[T app.AppSession] struct {
19 Logger echo.Logger
20 Sessions session.Store[T]
21 Users models.UserStore
22 AuthSessions models.AuthSessionStore
23 Webauthn *webauthn.WebAuthn
24 SessionExpiration time.Duration
25}
26
27func (a *LoginController[T]) HandleStart(c echo.Context) error {
28 user, err := a.Users.Get(c.Request().Context(), c.Param("username"))
29 if err != nil {
30 a.Logger.Errorf("Error getting user: %s", err)
31 return c.NoContent(http.StatusNotFound)
32 }
33
34 request, sessionData, err := a.Webauthn.BeginLogin(user)
35 if err != nil {
36 a.Logger.Errorf("Error creating webauthn request: %s", err)
37 return c.NoContent(http.StatusInternalServerError)
38 }
39
40 session := a.Sessions.Get(c)
41 s := session.Self()
42 s.WebauthnSession = sessionData
43 a.Sessions.Update(c, session)
44
45 return c.JSON(http.StatusOK, request)
46}
47
48func (a *LoginController[T]) HandleFinish(c echo.Context) error {
49 ctx := c.Request().Context()
50
51 body, err := io.ReadAll(c.Request().Body)
52 if err != nil {
53 a.Logger.Errorf("Error reading request body:", err)
54 return c.NoContent(http.StatusInternalServerError)
55 }
56
57 user, err := a.Users.Get(ctx, c.Param("username"))
58 if err != nil {
59 a.Logger.Errorf("Error getting user: %s", err)
60 return c.NoContent(http.StatusNotFound)
61 }
62
63 response, err := protocol.ParseCredentialRequestResponseBody(bytes.NewBuffer(body))
64 if err != nil {
65 a.Logger.Errorf("Error parsing credential response: %s", err)
66 return c.NoContent(http.StatusBadRequest)
67 }
68
69 session := a.Sessions.Get(c)
70 s := session.Self()
71
72 if s.WebauthnSession == nil {
73 a.Logger.Errorf("Webauthn session is not set")
74 return c.NoContent(http.StatusBadRequest)
75 }
76
77 if _, err := a.Webauthn.ValidateLogin(user, *s.WebauthnSession, response); err != nil {
78 a.Logger.Errorf("Error validating login: %s", err)
79 return c.NoContent(http.StatusBadRequest)
80 }
81
82 // Don't check the clone warning or the auth count because these are
83 // meaningless for Passkeys since they are synced across devices
84 // (presumably securely). This would only matter for hard tokens like
85 // Yubikeys and since we're also allowing Passkey support there is no
86 // need to be more strict for that class of device.
87
88 var code struct {
89 Code string `json:"code"`
90 }
91 if err := json.Unmarshal(body, &code); err != nil {
92 a.Logger.Errorf("Error decoding json body")
93 return c.NoContent(http.StatusBadRequest)
94 }
95
96 authSession, err := a.AuthSessions.GetByUserCode(ctx, code.Code)
97 if err != nil {
98 a.Logger.Errorf("No auth session exists")
99 return c.NoContent(http.StatusUnauthorized)
100 }
101
102 if authSession.AccessCode != "" {
103 a.Logger.Errorf("Session is already authenticated")
104 return c.NoContent(http.StatusUnauthorized)
105 }
106
107 authSession.GenerateAccessCode()
108 authSession.UserId = user.Username
109 authSession.Expires = time.Now().Add(a.SessionExpiration)
110
111 if err := a.AuthSessions.Upsert(ctx, authSession); err != nil {
112 a.Logger.Errorf("Error saving auth session")
113 return c.NoContent(http.StatusInternalServerError)
114 }
115
116 return c.NoContent(http.StatusOK)
117}
diff --git a/app/controllers/oauth2_device.go b/app/controllers/oauth2_device.go
new file mode 100644
index 0000000..0ddf653
--- /dev/null
+++ b/app/controllers/oauth2_device.go
@@ -0,0 +1,129 @@
1package controllers
2
3import (
4 "crypto/subtle"
5 "fmt"
6 "net/http"
7 "strconv"
8 "time"
9
10 "code.crute.us/mcrute/ssh-proxy/app"
11 "code.crute.us/mcrute/ssh-proxy/app/models"
12 "github.com/labstack/echo/v4"
13)
14
15func badRequest(c echo.Context, e models.AuthorizationError, d string) error {
16 return c.JSON(http.StatusBadRequest, models.Oauth2Error{
17 Type: e,
18 Description: d,
19 })
20}
21
22type OAuth2DeviceController[T app.AppSession] struct {
23 Logger echo.Logger
24 OauthClients models.OauthClientStore
25 AuthSessions models.AuthSessionStore
26 Hostname string
27 PollSeconds int
28 SessionExpiration time.Duration
29}
30
31func (a *OAuth2DeviceController[T]) HandleStart(c echo.Context) error {
32 ctx := c.Request().Context()
33
34 var form models.AuthorizationRequest
35 if err := (&echo.DefaultBinder{}).BindBody(c, &form); err != nil {
36 a.Logger.Errorf("Unable to parse form data: %s", err)
37 return badRequest(c, models.ErrInvalidRequest, "")
38 }
39
40 client, err := a.OauthClients.Get(ctx, form.ClientId)
41 if err != nil {
42 a.Logger.Errorf("Unable to find client ID '%s': %s", form.ClientId, err)
43 return badRequest(c, models.ErrUnauthorizedClient, "")
44 }
45
46 if len(form.Challenge) <= 16 {
47 return badRequest(c, models.ErrInvalidRequest,
48 "code_challenge is too short, minimum length is 16 bytes")
49 }
50
51 if form.ChallengeMethod != models.ChallengeS256 {
52 return badRequest(c, models.ErrInvalidRequest,
53 "code_challenge_method invalid, only S256 supported")
54 }
55
56 session := models.NewAuthSession(client.Id, time.Now().Add(a.SessionExpiration))
57 session.SetChallenge(form.Challenge, form.ChallengeMethod)
58 session.SetScopeString(form.Scope)
59
60 if !session.HasAnyScopes() {
61 return badRequest(c, models.ErrInvalidRequest, "one or more scopes required")
62 }
63
64 for _, s := range session.Scope {
65 if s != "ssh:proxy" && s != "ca:issue" {
66 return badRequest(c, models.ErrInvalidScope, fmt.Sprintf("scope %s is not recognized", s))
67 }
68 }
69
70 if err := a.AuthSessions.Insert(ctx, session); err != nil {
71 a.Logger.Errorf("Error inserting auth session", err)
72 return c.NoContent(http.StatusInternalServerError)
73 }
74
75 return c.JSON(http.StatusOK, models.DeviceAuthorizationResponse{
76 DeviceCode: session.DeviceCode,
77 UserCode: session.UserCode,
78 VerificationUri: fmt.Sprintf("%s/login", a.Hostname),
79 VerificationUriComplete: fmt.Sprintf("%s/login?code=%s", a.Hostname, session.UserCode),
80 ExpiresIn: int(time.Until(session.Expires).Seconds()),
81 Interval: a.PollSeconds,
82 })
83}
84
85func (a *OAuth2DeviceController[T]) HandleToken(c echo.Context) error {
86 ctx := c.Request().Context()
87
88 var form models.DeviceAccessTokenRequest
89 if err := (&echo.DefaultBinder{}).BindBody(c, &form); err != nil {
90 a.Logger.Errorf("Unable to parse form data: %s", err)
91 return badRequest(c, models.ErrInvalidRequest, "")
92 }
93
94 session, err := a.AuthSessions.Get(ctx, form.DeviceCode)
95 if err != nil {
96 return c.NoContent(http.StatusNotFound)
97 }
98
99 if form.GrantType != models.DEVICE_CODE_GRANT_TYPE {
100 return badRequest(c, models.ErrUnsupportedGrantType, "")
101 }
102
103 if subtle.ConstantTimeCompare([]byte(session.ClientId), []byte(form.ClientId)) != 1 {
104 return badRequest(c, models.ErrUnauthorizedClient, "")
105 }
106
107 if time.Now().After(session.Expires) {
108 return badRequest(c, models.ErrExpiredToken, "")
109 }
110
111 verifier := &models.PKCEChallenge{Verifier: form.CodeVerifier}
112 if verifier.EqualString(session.Challenge) {
113 return badRequest(c, models.ErrInvalidGrant, "") // Per RFC7636 4.6
114 }
115
116 if session.IsRegistration {
117 return badRequest(c, models.ErrInvalidGrant, "")
118 }
119
120 if session.AccessCode == "" {
121 return badRequest(c, models.ErrAuthorizationPending, "")
122 }
123
124 return c.JSON(http.StatusOK, models.AccessTokenResponse{
125 AccessToken: session.AccessCode,
126 TokenType: "Bearer",
127 ExpiresIn: strconv.FormatInt(int64(time.Until(session.Expires).Seconds()), 10),
128 })
129}
diff --git a/app/controllers/proxy.go b/app/controllers/proxy.go
new file mode 100644
index 0000000..c8345e8
--- /dev/null
+++ b/app/controllers/proxy.go
@@ -0,0 +1,78 @@
1package controllers
2
3import (
4 "fmt"
5 "net"
6 "net/http"
7 "strconv"
8
9 "code.crute.us/mcrute/ssh-proxy/app/middleware"
10 "code.crute.us/mcrute/ssh-proxy/app/models"
11 "code.crute.us/mcrute/ssh-proxy/proxy"
12
13 "github.com/gorilla/websocket"
14 "github.com/labstack/echo/v4"
15)
16
17type ProxyHandler struct {
18 Logger echo.Logger
19 Upgrader websocket.Upgrader
20 Users models.UserStore
21}
22
23func getConnectAddr(c echo.Context) string {
24 p, err := strconv.Atoi(c.Param("port"))
25 if err != nil {
26 p = 22
27 }
28 return fmt.Sprintf("%s:%d", c.Param("host"), p)
29}
30
31func (h *ProxyHandler) authorizeRequest(c echo.Context) error {
32 session := middleware.GetAuthorizedSession(c)
33
34 user, err := h.Users.Get(c.Request().Context(), session.UserId)
35 if err != nil {
36 return err
37 }
38
39 if !session.HasScope("ssh:proxy") {
40 return fmt.Errorf("Authorized session does not have scope ssh:proxy")
41 }
42
43 host := c.Param("host")
44 if user.AuthorizedForHost(host) {
45 h.Logger.Infof("Allowing user %s to proxy to host %s", session.UserId, host)
46 return nil
47 }
48
49 return fmt.Errorf("User %s not authorized for host %s", session.UserId, host)
50}
51
52func (h *ProxyHandler) Handle(c echo.Context) error {
53 if err := h.authorizeRequest(c); err != nil {
54 h.Logger.Error(err)
55 return c.NoContent(http.StatusUnauthorized)
56 }
57
58 wsconn, err := h.Upgrader.Upgrade(c.Response(), c.Request(), nil)
59 if err != nil {
60 return err
61 }
62 defer wsconn.Close()
63
64 proxyconn, err := net.Dial("tcp", getConnectAddr(c))
65 if err != nil {
66 return err
67 }
68 defer proxyconn.Close()
69
70 errc := make(chan error)
71 ws := &proxy.WebsocketReadWriter{W: wsconn}
72
73 go proxy.CopyWithErrors(proxyconn, ws, errc)
74 go proxy.CopyWithErrors(ws, proxyconn, errc)
75
76 <-errc
77 return nil
78}
diff --git a/app/controllers/register.go b/app/controllers/register.go
new file mode 100644
index 0000000..8698bda
--- /dev/null
+++ b/app/controllers/register.go
@@ -0,0 +1,78 @@
1package controllers
2
3import (
4 "net/http"
5
6 "code.crute.us/mcrute/golib/echo/session"
7 "code.crute.us/mcrute/ssh-proxy/app"
8 "code.crute.us/mcrute/ssh-proxy/app/models"
9 "github.com/go-webauthn/webauthn/protocol"
10 "github.com/go-webauthn/webauthn/webauthn"
11 "github.com/labstack/echo/v4"
12)
13
14type RegisterController[T app.AppSession] struct {
15 Logger echo.Logger
16 Sessions session.Store[T]
17 Users models.UserStore
18 AuthSessions models.AuthSessionStore
19 Webauthn *webauthn.WebAuthn
20}
21
22func (a *RegisterController[T]) HandleStart(c echo.Context) error {
23 user, err := a.Users.Get(c.Request().Context(), c.Param("username"))
24 if err != nil {
25 a.Logger.Errorf("Error getting user: %s", err)
26 return c.NoContent(http.StatusNotFound)
27 }
28
29 request, sessionData, err := a.Webauthn.BeginRegistration(user)
30 if err != nil {
31 a.Logger.Errorf("Error creating webauthn request: %s", err)
32 return c.NoContent(http.StatusInternalServerError)
33 }
34
35 session := a.Sessions.Get(c)
36 s := session.Self()
37 s.WebauthnSession = sessionData
38 a.Sessions.Update(c, session)
39
40 return c.JSON(http.StatusOK, request)
41}
42
43func (a *RegisterController[T]) HandleFinish(c echo.Context) error {
44 user, err := a.Users.Get(c.Request().Context(), c.Param("username"))
45 if err != nil {
46 a.Logger.Errorf("Error getting user: %s", err)
47 return c.NoContent(http.StatusNotFound)
48 }
49
50 response, err := protocol.ParseCredentialCreationResponseBody(c.Request().Body)
51 if err != nil {
52 a.Logger.Errorf("Error parsing credential response: %s", err)
53 return c.NoContent(http.StatusBadRequest)
54 }
55
56 session := a.Sessions.Get(c)
57 s := session.Self()
58
59 if s.WebauthnSession == nil {
60 a.Logger.Errorf("Webauthn session is not set")
61 return c.NoContent(http.StatusBadRequest)
62 }
63
64 credential, err := a.Webauthn.CreateCredential(user, *s.WebauthnSession, response)
65 if err != nil {
66 a.Logger.Errorf("Error creating credential: %s", err)
67 return c.NoContent(http.StatusBadRequest)
68 }
69
70 user.Fido2Credentials = append(user.Fido2Credentials, *credential)
71
72 if err := a.Users.Upsert(c.Request().Context(), user); err != nil {
73 a.Logger.Errorf("Error saving user: %s", err)
74 return c.NoContent(http.StatusInternalServerError)
75 }
76
77 return c.NoContent(http.StatusOK)
78}
diff --git a/app/middleware/token_auth.go b/app/middleware/token_auth.go
new file mode 100644
index 0000000..6454ddb
--- /dev/null
+++ b/app/middleware/token_auth.go
@@ -0,0 +1,76 @@
1package middleware
2
3import (
4 "net/http"
5 "strings"
6 "time"
7
8 "code.crute.us/mcrute/ssh-proxy/app/models"
9 "github.com/labstack/echo/v4"
10)
11
12const authorizedSession = "__ssh-proxy_authorized_session"
13
14func GetAuthorizedSession(c echo.Context) *models.AuthSession {
15 ses := c.Get(authorizedSession)
16 if ses != nil {
17 return ses.(*models.AuthSession)
18 }
19 return nil
20}
21
22type TokenAuthMiddleware struct {
23 Logger echo.Logger
24 RequiredScope string
25 AuthSessions models.AuthSessionStore
26}
27
28func (m *TokenAuthMiddleware) Middleware(next echo.HandlerFunc) echo.HandlerFunc {
29 return func(c echo.Context) error {
30 authHeader := strings.SplitN(c.Request().Header.Get("Authorization"), " ", 2)
31
32 if len(authHeader) != 2 || strings.ToLower(authHeader[0]) != "bearer" {
33 return c.JSON(http.StatusBadRequest, models.Oauth2Error{
34 Type: models.ErrInvalidRequest,
35 Description: "invalid authorization header",
36 })
37 }
38
39 session, err := m.AuthSessions.GetByAccessCode(c.Request().Context(), authHeader[1])
40 if err != nil {
41 return c.JSON(http.StatusUnauthorized, models.Oauth2Error{
42 Type: models.ErrAccessDenied,
43 })
44 }
45
46 if time.Now().After(session.Expires) {
47 return c.JSON(http.StatusUnauthorized, models.Oauth2Error{
48 Type: models.ErrAccessDenied,
49 })
50 }
51
52 foundScope := false
53 for _, s := range session.Scope {
54 if s == m.RequiredScope {
55 foundScope = true
56 break
57 }
58 }
59
60 if !foundScope {
61 return c.JSON(http.StatusUnauthorized, models.Oauth2Error{
62 Type: models.ErrAccessDenied,
63 })
64 }
65
66 if session.IsRegistration {
67 return c.JSON(http.StatusUnauthorized, models.Oauth2Error{
68 Type: models.ErrAccessDenied,
69 })
70 }
71
72 c.Set(authorizedSession, session)
73
74 return next(c)
75 }
76}
diff --git a/app/models/auth_session.go b/app/models/auth_session.go
new file mode 100644
index 0000000..0b86b16
--- /dev/null
+++ b/app/models/auth_session.go
@@ -0,0 +1,75 @@
1package models
2
3import (
4 "context"
5 "strings"
6 "time"
7)
8
9type AuthSession struct {
10 DeviceCode string `bson:"_id"`
11 ClientId string
12 UserCode string
13 AccessCode string
14 Challenge string
15 ChallengeMethod string
16 UserId string
17 IsRegistration bool
18 Scope []string
19 Expires time.Time
20 Deleted *time.Time
21}
22
23func NewAuthSession(client string, expires time.Time) *AuthSession {
24 return &AuthSession{
25 DeviceCode: createDeviceCode(),
26 UserCode: createUserCode(),
27 Expires: expires,
28 ClientId: client,
29 }
30}
31
32func (s *AuthSession) GenerateAccessCode() {
33 s.AccessCode = createDeviceCode()
34}
35
36func (s *AuthSession) RecordId() string {
37 return s.DeviceCode
38}
39
40func (s *AuthSession) MarkDeleted(t time.Time) {
41 s.Deleted = &t
42}
43
44func (s *AuthSession) SetChallenge(challenge string, method PKCEChallengeType) {
45 s.Challenge = challenge
46 s.ChallengeMethod = string(method)
47}
48
49func (s *AuthSession) SetScopeString(scope string) {
50 s.Scope = strings.Split(scope, " ")
51}
52
53func (s *AuthSession) HasAnyScopes() bool {
54 return len(s.Scope) > 0
55}
56
57func (s *AuthSession) HasScope(scope string) bool {
58 for _, c := range s.Scope {
59 if c == scope {
60 return true
61 }
62 }
63 return false
64}
65
66type AuthSessionStore interface {
67 List(ctx context.Context) ([]*AuthSession, error)
68 ListAll(ctx context.Context) ([]*AuthSession, error)
69 Get(ctx context.Context, name string) (*AuthSession, error)
70 GetByUserCode(ctx context.Context, userCode string) (*AuthSession, error)
71 GetByAccessCode(ctx context.Context, userCode string) (*AuthSession, error)
72 Insert(ctx context.Context, m *AuthSession) error
73 Upsert(ctx context.Context, m *AuthSession) error
74 Delete(ctx context.Context, m *AuthSession) error
75}
diff --git a/app/models/auth_session_mongodb.go b/app/models/auth_session_mongodb.go
new file mode 100644
index 0000000..fc5f5dd
--- /dev/null
+++ b/app/models/auth_session_mongodb.go
@@ -0,0 +1,45 @@
1package models
2
3import (
4 "context"
5 "time"
6
7 "code.crute.us/mcrute/ssh-proxy/db"
8
9 "go.mongodb.org/mongo-driver/bson"
10 "go.mongodb.org/mongo-driver/bson/primitive"
11)
12
13type AuthSessionStoreMongodb struct {
14 *db.MongoDbBasicStore[*AuthSession]
15}
16
17var _ AuthSessionStore = (*AuthSessionStoreMongodb)(nil)
18
19func (s *AuthSessionStoreMongodb) getBy(ctx context.Context, field, value string) (*AuthSession, error) {
20 var out AuthSession
21
22 if err := s.Db.Collection(s.CollectionName).FindOne(ctx, &bson.M{
23 field: value,
24 "expires": bson.M{
25 "$gte": primitive.NewDateTimeFromTime(time.Now()),
26 },
27 }).Decode(&out); err != nil {
28 return nil, err
29 }
30
31 return &out, nil
32}
33
34func (s *AuthSessionStoreMongodb) GetByUserCode(ctx context.Context, userCode string) (*AuthSession, error) {
35 return s.getBy(ctx, "usercode", userCode)
36}
37
38func (s *AuthSessionStoreMongodb) GetByAccessCode(ctx context.Context, accessCode string) (*AuthSession, error) {
39 return s.getBy(ctx, "accesscode", accessCode)
40}
41
42func (s *AuthSessionStoreMongodb) Insert(ctx context.Context, session *AuthSession) error {
43 _, err := s.Db.Collection(s.CollectionName).InsertOne(ctx, session)
44 return err
45}
diff --git a/app/models/auth_session_util.go b/app/models/auth_session_util.go
new file mode 100644
index 0000000..1f1474a
--- /dev/null
+++ b/app/models/auth_session_util.go
@@ -0,0 +1,25 @@
1package models
2
3import (
4 "crypto/rand"
5 "encoding/base32"
6 "encoding/base64"
7 "fmt"
8)
9
10func createDeviceCode() string {
11 buf := make([]byte, 32)
12 if _, err := rand.Read(buf); err != nil {
13 panic(err)
14 }
15 return base64.URLEncoding.EncodeToString(buf)
16}
17
18func createUserCode() string {
19 buf := make([]byte, 32)
20 if _, err := rand.Read(buf); err != nil {
21 panic(err)
22 }
23 userCodeRaw := base32.StdEncoding.EncodeToString(buf)
24 return fmt.Sprintf("%s-%s", userCodeRaw[0:4], userCodeRaw[5:9])
25}
diff --git a/app/models/oauth2.go b/app/models/oauth2.go
new file mode 100644
index 0000000..9bfde0a
--- /dev/null
+++ b/app/models/oauth2.go
@@ -0,0 +1,103 @@
1package models
2
3import (
4 "crypto/rand"
5 "crypto/sha256"
6 "crypto/subtle"
7 "encoding/base64"
8 "fmt"
9)
10
11const (
12 DEVICE_CODE_GRANT_TYPE = "urn:ietf:params:oauth:grant-type:device_code"
13)
14
15type AuthorizationRequest struct {
16 Challenge string `url:"code_challenge" form:"code_challenge" json:"code_challenge"` // RFC7636
17 ChallengeMethod PKCEChallengeType `url:"code_challenge_method" form:"code_challenge_method" json:"code_challenge_method"` // RFC7636
18 ClientId string `url:"client_id" form:"client_id" json:"client_id"`
19 Scope string `url:"scope" form:"scope" json:"scope"`
20}
21
22type DeviceAuthorizationResponse struct {
23 DeviceCode string `json:"device_code"` // REQUIRED
24 UserCode string `json:"user_code"` // REQUIRED
25 VerificationUri string `json:"verification_uri"` // REQUIRED
26 VerificationUriComplete string `json:"verification_uri_complete,omitempty"`
27 ExpiresIn int `json:"expires_in,omitempty"`
28 Interval int `json:"interval,omitempty"`
29}
30
31type DeviceAccessTokenRequest struct {
32 GrantType string `url:"grant_type" form:"grant_type" json:"grant_type"`
33 DeviceCode string `url:"device_code" form:"device_code" json:"device_code"`
34 ClientId string `url:"client_id" form:"client_id" json:"client_id"`
35 CodeVerifier string `url:"code_verifier" form:"code_verifier" json:"code_verifier"`
36}
37
38type AccessTokenResponse struct {
39 AccessToken string `json:"access_token"`
40 TokenType string `json:"token_type"` // Must be Bearer
41 ExpiresIn string `json:"expires_in,omitempty"` // Lifetime in seconds
42 RefreshToken string `json:"refresh_token,omitempty"`
43 Scope string `json:"scope,omitempty"`
44}
45
46type AuthorizationError string
47
48const (
49 ErrInvalidRequest AuthorizationError = "invalid_request"
50 ErrInvalidClient = "invalid_client"
51 ErrInvalidGrant = "invalid_grant"
52 ErrUnauthorizedClient = "unauthorized_client"
53 ErrUnsupportedGrantType = "unsupported_grant_type"
54 ErrInvalidScope = "invalid_scope"
55 ErrAuthorizationPending = "authorization_pending" // RFC7636
56 ErrSlowDown = "slow_down" // RFC7636
57 ErrAccessDenied = "access_denied" // RFC7636
58 ErrExpiredToken = "expired_token" // RFC7636
59)
60
61type Oauth2Error struct {
62 Type AuthorizationError `json:"error"`
63 Description string `json:"error_description,omitempty"`
64 Uri string `json:"error_uri,omitempty"`
65}
66
67func (e Oauth2Error) Error() string {
68 if e.Description == "" {
69 return fmt.Sprintf("Oauth2Error: %s", e.Type)
70 } else {
71 return fmt.Sprintf("Oauth2Error: %s %s", e.Type, e.Description)
72 }
73}
74
75type PKCEChallengeType string
76
77const (
78 ChallengePlain PKCEChallengeType = "plain"
79 ChallengeS256 = "S256"
80)
81
82type PKCEChallenge struct {
83 Verifier string
84}
85
86func NewPKCEChallenge() (*PKCEChallenge, error) {
87 buf := make([]byte, 32)
88 if _, err := rand.Read(buf); err != nil {
89 return nil, err
90 }
91 return &PKCEChallenge{
92 Verifier: base64.URLEncoding.EncodeToString(buf),
93 }, nil
94}
95
96func (c *PKCEChallenge) Challenge() string {
97 hash := sha256.Sum256([]byte(c.Verifier))
98 return base64.URLEncoding.EncodeToString(hash[:])
99}
100
101func (c *PKCEChallenge) EqualString(o string) bool {
102 return subtle.ConstantTimeCompare([]byte(o), []byte(c.Challenge())) != 1
103}
diff --git a/app/models/oauth_client.go b/app/models/oauth_client.go
new file mode 100644
index 0000000..2f30087
--- /dev/null
+++ b/app/models/oauth_client.go
@@ -0,0 +1,27 @@
1package models
2
3import (
4 "context"
5 "time"
6)
7
8type OauthClient struct {
9 Id string `bson:"_id"`
10 Deleted *time.Time
11}
12
13func (c *OauthClient) RecordId() string {
14 return c.Id
15}
16
17func (c *OauthClient) MarkDeleted(t time.Time) {
18 c.Deleted = &t
19}
20
21type OauthClientStore interface {
22 List(ctx context.Context) ([]*OauthClient, error)
23 ListAll(ctx context.Context) ([]*OauthClient, error)
24 Get(ctx context.Context, name string) (*OauthClient, error)
25 Upsert(ctx context.Context, m *OauthClient) error
26 Delete(ctx context.Context, m *OauthClient) error
27}
diff --git a/app/models/user.go b/app/models/user.go
new file mode 100644
index 0000000..5c9ec90
--- /dev/null
+++ b/app/models/user.go
@@ -0,0 +1,63 @@
1package models
2
3import (
4 "context"
5 "time"
6
7 "github.com/go-webauthn/webauthn/webauthn"
8)
9
10type User struct {
11 Username string `bson:"_id"`
12 DisplayName string
13 AllowedHosts []string
14 Fido2Credentials []webauthn.Credential
15 Deleted *time.Time
16}
17
18var _ webauthn.User = (*User)(nil)
19
20func (u *User) RecordId() string {
21 return u.Username
22}
23
24func (u *User) MarkDeleted(t time.Time) {
25 u.Deleted = &t
26}
27
28func (u *User) WebAuthnID() []byte {
29 return []byte(u.Username)
30}
31
32func (u *User) WebAuthnName() string {
33 return u.Username
34}
35
36func (u *User) WebAuthnDisplayName() string {
37 return u.DisplayName
38}
39
40func (u *User) WebAuthnCredentials() []webauthn.Credential {
41 return u.Fido2Credentials
42}
43
44func (u *User) WebAuthnIcon() string {
45 return ""
46}
47
48func (u *User) AuthorizedForHost(host string) bool {
49 for _, c := range u.AllowedHosts {
50 if host == c {
51 return true
52 }
53 }
54 return false
55}
56
57type UserStore interface {
58 List(ctx context.Context) ([]*User, error)
59 ListAll(ctx context.Context) ([]*User, error)
60 Get(ctx context.Context, name string) (*User, error)
61 Upsert(ctx context.Context, m *User) error
62 Delete(ctx context.Context, m *User) error
63}
diff --git a/app/session.go b/app/session.go
new file mode 100644
index 0000000..58aa13d
--- /dev/null
+++ b/app/session.go
@@ -0,0 +1,46 @@
1package app
2
3import (
4 "time"
5
6 "code.crute.us/mcrute/golib/echo/middleware"
7 "code.crute.us/mcrute/golib/echo/session"
8 "github.com/go-webauthn/webauthn/webauthn"
9 "github.com/labstack/echo/v4"
10)
11
12type AppSession interface {
13 session.Session
14 middleware.CSRFAwareSession
15 Self() *Session
16}
17
18type Session struct {
19 Expiration time.Time
20 CSRFToken string
21 WebauthnSession *webauthn.SessionData
22}
23
24var _ AppSession = (*Session)(nil)
25
26func NewSession(c echo.Context) *Session {
27 return &Session{
28 Expiration: time.Now().Add(365 * 24 * time.Hour),
29 }
30}
31
32func (s *Session) Self() *Session {
33 return s
34}
35
36func (s *Session) Expires() time.Time {
37 return s.Expiration
38}
39
40func (s *Session) GetCSRFSecret() string {
41 return s.CSRFToken
42}
43
44func (s *Session) SetCSRFSecret(secret string) {
45 s.CSRFToken = secret
46}
diff --git a/app/templates.go b/app/templates.go
new file mode 100644
index 0000000..52ded7a
--- /dev/null
+++ b/app/templates.go
@@ -0,0 +1,18 @@
1package app
2
3import (
4 "code.crute.us/mcrute/golib/echo/controller"
5 "code.crute.us/mcrute/ssh-proxy/app/models"
6)
7
8type PageContext struct {
9 PageName string
10 Year int
11 RenderTime string
12 Flags *controller.FeatureFlags
13 Context *controller.PageContext
14 CSRFToken string
15 AuthenticatedUser *models.User
16 Model any // For pages with one model
17 Models any // For pages with a collection of models
18}
diff --git a/client.go b/client.go
deleted file mode 100644
index d9a0f25..0000000
--- a/client.go
+++ /dev/null
@@ -1,54 +0,0 @@
1package main
2
3import (
4 "context"
5 "log"
6 "net"
7
8 "github.com/gorilla/websocket"
9)
10
11type ClientHandler struct {
12 SocketListenOn string
13 WebsocketServer string
14 Context context.Context
15}
16
17func (h *ClientHandler) ServiceConnection(proxyconn net.Conn) {
18 defer proxyconn.Close()
19
20 wsconn, _, err := websocket.DefaultDialer.Dial(h.WebsocketServer, nil)
21 if err != nil {
22 log.Println(err)
23 return
24 }
25 defer wsconn.Close()
26
27 log.Println("Connected to server")
28
29 errc := make(chan error)
30 ws := &WebsocketReadWriter{wsconn}
31
32 go serviceBoth(proxyconn, ws, errc)
33 go serviceBoth(ws, proxyconn, errc)
34
35 <-errc
36 log.Println("Closing client connection")
37}
38
39func (h *ClientHandler) Run() {
40 listener, err := net.Listen("tcp", h.SocketListenOn)
41 if err != nil {
42 log.Printf("error: Run: %s", err)
43 return
44 }
45
46 for {
47 conn, err := listener.Accept()
48 if err != nil {
49 log.Printf("error: Run: %s", err)
50 continue
51 }
52 go h.ServiceConnection(conn)
53 }
54}
diff --git a/cmd/client/client.go b/cmd/client/client.go
new file mode 100644
index 0000000..62f1f48
--- /dev/null
+++ b/cmd/client/client.go
@@ -0,0 +1,226 @@
1package client
2
3import (
4 "bytes"
5 "context"
6 "crypto/ed25519"
7 "crypto/rand"
8 "fmt"
9 "io"
10 "log"
11 "net"
12 "net/http"
13 "os"
14
15 "code.crute.us/mcrute/ssh-proxy/app"
16 "code.crute.us/mcrute/ssh-proxy/proxy"
17 "golang.org/x/crypto/ssh"
18 "golang.org/x/crypto/ssh/agent"
19
20 "code.crute.us/mcrute/golib/cli"
21 "github.com/gorilla/websocket"
22 "github.com/mdp/qrterminal"
23 "github.com/spf13/cobra"
24)
25
26// This should be compiled into the binary
27var clientId string
28
29func Register(root *cobra.Command) {
30 clientCmd := &cobra.Command{
31 Use: "client proxy-host ssh-to-host ssh-port username",
32 Short: "Run websocket client",
33 Args: cobra.ExactArgs(4),
34 Run: func(c *cobra.Command, args []string) {
35 cfg := app.Config{}
36 cli.MustGetConfig(c, &cfg)
37 clientMain(cfg, args[0], args[1], args[2], args[3])
38 },
39 }
40 cli.AddFlags(clientCmd, &app.Config{}, app.DefaultConfig, "client")
41 root.AddCommand(clientCmd)
42}
43
44func generateCertificateRequest(username, host string) (ed25519.PrivateKey, []byte, error) {
45 pub, priv, err := ed25519.GenerateKey(rand.Reader)
46 if err != nil {
47 return nil, nil, err
48 }
49
50 pubKey, err := ssh.NewPublicKey(pub)
51 if err != nil {
52 return nil, nil, err
53 }
54
55 cert := &ssh.Certificate{
56 Key: pubKey,
57 CertType: ssh.UserCert,
58 ValidPrincipals: []string{username},
59 Permissions: ssh.Permissions{
60 Extensions: map[string]string{
61 // Used for CA policy checks, removed by the CA server
62 // Server supports a comma separated list without spaces
63 "allowed-hosts": host,
64 },
65 },
66 }
67
68 signer, err := ssh.NewSignerFromKey(priv)
69 if err != nil {
70 return nil, nil, err
71 }
72
73 // Signatures are required to un/marshal to ASCII. The server will
74 // discard this anyhow and replace it with its own signature.
75 if err := cert.SignCert(rand.Reader, signer); err != nil {
76 return nil, nil, err
77 }
78
79 return priv, ssh.MarshalAuthorizedKey(cert), nil
80}
81
82func getCertificateFromCA(ctx context.Context, oauthToken string, certRequest []byte, host string) (*ssh.Certificate, error) {
83 req, err := http.NewRequestWithContext(ctx, http.MethodPost, fmt.Sprintf("https://%s/ca/issue", host), bytes.NewReader(certRequest))
84 if err != nil {
85 return nil, err
86 }
87
88 req.Header.Add("Content-Type", "application/x-ssh-certificate")
89 req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", oauthToken))
90
91 resp, err := http.DefaultClient.Do(req)
92 if err != nil {
93 return nil, err
94 }
95
96 res, err := io.ReadAll(resp.Body)
97 if err != nil {
98 return nil, err
99 }
100 defer resp.Body.Close()
101
102 if resp.StatusCode != http.StatusOK {
103 return nil, fmt.Errorf("CA returned error: %s", res)
104 }
105
106 pubkey, _, _, _, err := ssh.ParseAuthorizedKey(res)
107 if err != nil {
108 return nil, err
109 }
110
111 cert, ok := pubkey.(*ssh.Certificate)
112 if !ok {
113 return nil, fmt.Errorf("Parsed certificate is of incorrect type")
114 }
115
116 return cert, nil
117}
118
119func addCertificateToAgent(private any, cert *ssh.Certificate) error {
120 socket := os.Getenv("SSH_AUTH_SOCK")
121 conn, err := net.Dial("unix", socket)
122 if err != nil {
123 return err
124 }
125
126 agentConn := agent.NewClient(conn)
127
128 return agentConn.Add(agent.AddedKey{
129 PrivateKey: private,
130 Certificate: cert,
131 LifetimeSecs: 10,
132 })
133}
134
135func dialProxyHost(ctx context.Context, oauthToken, proxyHost, host, port string) (io.ReadWriteCloser, error) {
136 addr := fmt.Sprintf("wss://%s/proxy-to/%s/%s", proxyHost, host, port)
137
138 hdr := http.Header{}
139 hdr.Add("Authorization", fmt.Sprintf("Bearer %s", oauthToken))
140
141 conn, _, err := websocket.DefaultDialer.DialContext(ctx, addr, hdr)
142 if err != nil {
143 return nil, err
144 }
145
146 return &proxy.WebsocketReadWriter{W: conn}, nil
147}
148
149func fetchOauthToken(ctx context.Context, clientId, proxyHost string) (string, error) {
150 client := &Oauth2PKCEDeviceClient{
151 Host: proxyHost,
152 ClientId: clientId,
153 Scope: "ssh:proxy ca:issue",
154 }
155
156 authResponse, err := client.Authorize(ctx)
157 if err != nil {
158 return "", err
159 }
160
161 fmt.Fprintf(os.Stderr,
162 "To authenticate, please visit: \n\n\t%s \n\nEnter code: %s\n\n",
163 authResponse.VerificationUri, authResponse.UserCode)
164
165 if authResponse.VerificationUriComplete != "" {
166 qrterminal.GenerateWithConfig(authResponse.VerificationUriComplete, qrterminal.Config{
167 Level: qrterminal.M,
168 Writer: os.Stderr,
169 BlackChar: "\033[7m \033[0m", // White
170 WhiteChar: "\033[0m \033[0m", // Black
171 QuietZone: 1,
172 })
173 fmt.Fprintf(os.Stderr, "\n")
174 }
175
176 tokenResponse, err := client.AwaitToken(ctx, authResponse.DeviceCode)
177 if err != nil {
178 return "", err
179 }
180
181 return tokenResponse.AccessToken, nil
182}
183
184func clientMain(cfg app.Config, proxyHost, host, port, username string) {
185 log.SetOutput(os.Stderr)
186
187 ctx, cancel := context.WithCancel(context.Background())
188 defer cancel()
189
190 oauthToken, err := fetchOauthToken(ctx, clientId, proxyHost)
191 if err != nil {
192 log.Fatalf("Error fetching oauth token: %s", err)
193 }
194
195 privateKey, certRequest, err := generateCertificateRequest(username, host)
196 if err != nil {
197 log.Fatalf("Error generating certificate request: %s", err)
198 }
199
200 certificate, err := getCertificateFromCA(ctx, oauthToken, certRequest, proxyHost)
201 if err != nil {
202 log.Fatalf("Error fetching certificate: %s", err)
203 }
204
205 if err := addCertificateToAgent(privateKey, certificate); err != nil {
206 log.Fatalf("Error adding certificate to agent: %s", err)
207 }
208
209 ws, err := dialProxyHost(ctx, oauthToken, proxyHost, host, port)
210 if err != nil {
211 log.Fatalf("Error dialing proxy host: %s", err)
212 }
213 defer ws.Close()
214
215 errc := make(chan error)
216
217 go proxy.CopyWithErrors(os.Stdout, ws, errc)
218 go proxy.CopyWithErrors(ws, os.Stdin, errc)
219
220 err = <-errc
221 if err != nil {
222 log.Printf("Closing client connection: %s", <-errc)
223 } else {
224 log.Printf("Closing client connection")
225 }
226}
diff --git a/cmd/client/oauth2.go b/cmd/client/oauth2.go
new file mode 100644
index 0000000..6667c5a
--- /dev/null
+++ b/cmd/client/oauth2.go
@@ -0,0 +1,158 @@
1package client
2
3import (
4 "context"
5 "encoding/json"
6 "fmt"
7 "net/http"
8 "strings"
9 "time"
10
11 "code.crute.us/mcrute/ssh-proxy/app/models"
12
13 "github.com/google/go-querystring/query"
14)
15
16// Oauth2PKCEDeviceClient is not safe for concurrent use and should be
17// created anew for each request.
18type Oauth2PKCEDeviceClient struct {
19 Host string
20 ClientId string
21 Scope string
22 pkce *models.PKCEChallenge
23 interval time.Duration
24}
25
26func (c *Oauth2PKCEDeviceClient) Authorize(ctx context.Context) (*models.DeviceAuthorizationResponse, error) {
27 challenge, err := models.NewPKCEChallenge()
28 if err != nil {
29 return nil, err
30 }
31 c.pkce = challenge
32
33 values, err := query.Values(models.AuthorizationRequest{
34 Challenge: c.pkce.Challenge(),
35 ChallengeMethod: models.ChallengeS256,
36 ClientId: c.ClientId,
37 Scope: c.Scope,
38 })
39 if err != nil {
40 return nil, err
41 }
42
43 url := fmt.Sprintf("https://%s/auth/device", c.Host)
44 req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, strings.NewReader(values.Encode()))
45 if err != nil {
46 return nil, err
47 }
48 req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
49
50 res, err := http.DefaultClient.Do(req)
51 if err != nil {
52 return nil, err
53 }
54 defer res.Body.Close()
55
56 if res.StatusCode != 200 {
57 var resError models.Oauth2Error
58 if err := json.NewDecoder(res.Body).Decode(&resError); err != nil {
59 return nil, err
60 }
61 return nil, resError
62 }
63
64 var resp models.DeviceAuthorizationResponse
65 if err := json.NewDecoder(res.Body).Decode(&resp); err != nil {
66 return nil, err
67 }
68
69 c.interval = time.Duration(resp.Interval) * time.Second
70 if c.interval == 0 {
71 c.interval = 5 * time.Second
72 }
73
74 return &resp, nil
75}
76
77func (c *Oauth2PKCEDeviceClient) fetchToken(ctx context.Context, deviceCode string) (*models.AccessTokenResponse, error) {
78 values, err := query.Values(models.DeviceAccessTokenRequest{
79 GrantType: models.DEVICE_CODE_GRANT_TYPE,
80 DeviceCode: deviceCode,
81 ClientId: c.ClientId,
82 CodeVerifier: c.pkce.Verifier,
83 })
84 if err != nil {
85 return nil, err
86 }
87
88 url := fmt.Sprintf("https://%s/auth/token", c.Host)
89 req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, strings.NewReader(values.Encode()))
90 if err != nil {
91 return nil, err
92 }
93 req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
94
95 res, err := http.DefaultClient.Do(req)
96 if err != nil {
97 return nil, err
98 }
99 defer res.Body.Close()
100
101 if res.StatusCode != 200 {
102 var resError models.Oauth2Error
103 if err := json.NewDecoder(res.Body).Decode(&resError); err != nil {
104 return nil, err
105 }
106
107 if resError.Type == models.ErrSlowDown {
108 c.interval += 5 * time.Second
109 }
110
111 return nil, resError
112 }
113
114 var resp models.AccessTokenResponse
115 if err := json.NewDecoder(res.Body).Decode(&resp); err != nil {
116 return nil, err
117 }
118
119 return &resp, nil
120}
121
122func (c *Oauth2PKCEDeviceClient) AwaitToken(ctx context.Context, deviceCode string) (*models.AccessTokenResponse, error) {
123 t := time.NewTicker(c.interval)
124 defer t.Stop()
125
126 res, err := c.fetchToken(ctx, deviceCode)
127 if err == nil {
128 return res, nil
129 } else if e, ok := err.(models.Oauth2Error); ok {
130 if e.Type == models.ErrSlowDown {
131 t.Reset(c.interval)
132 } else if e.Type != models.ErrAuthorizationPending {
133 return nil, err
134 }
135 } else {
136 return nil, err
137 }
138
139 for {
140 select {
141 case <-t.C:
142 res, err := c.fetchToken(ctx, deviceCode)
143 if err == nil {
144 return res, nil
145 } else if e, ok := err.(models.Oauth2Error); ok {
146 if e.Type == models.ErrSlowDown {
147 t.Reset(c.interval)
148 } else if e.Type != models.ErrAuthorizationPending {
149 return nil, err
150 }
151 } else {
152 return nil, err
153 }
154 case <-ctx.Done():
155 return nil, fmt.Errorf("Context has expired")
156 }
157 }
158}
diff --git a/cmd/register/register.go b/cmd/register/register.go
new file mode 100644
index 0000000..fdd083c
--- /dev/null
+++ b/cmd/register/register.go
@@ -0,0 +1,71 @@
1package register
2
3import (
4 "context"
5 "log"
6 "time"
7
8 "code.crute.us/mcrute/golib/cli"
9 "code.crute.us/mcrute/golib/db/mongodb/v2"
10 glecho "code.crute.us/mcrute/golib/echo"
11 "code.crute.us/mcrute/ssh-proxy/app"
12 "code.crute.us/mcrute/ssh-proxy/app/models"
13 "code.crute.us/mcrute/ssh-proxy/db"
14 "github.com/spf13/cobra"
15)
16
17func Register(root *cobra.Command) {
18 registerCmd := &cobra.Command{
19 Use: "register username",
20 Short: "Create registration invite for user",
21 Args: cobra.ExactArgs(1),
22 Run: func(c *cobra.Command, args []string) {
23 cfg := app.Config{}
24 cli.MustGetConfig(c, &cfg)
25 registerMain(cfg, args[0])
26 },
27 }
28 cli.AddFlags(registerCmd, &app.Config{}, app.DefaultConfig, "register")
29 root.AddCommand(registerCmd)
30}
31
32func registerMain(cfg app.Config, username string) {
33 ctx, cancel := context.WithCancel(context.Background())
34 defer cancel()
35
36 vc, err := glecho.MakeVaultSecretsClient(ctx)
37 if err != nil {
38 log.Fatalf("Error making vault client %s", err)
39 }
40
41 mongo, err := mongodb.Connect(ctx, cfg.MongoDbUri, vc)
42 if err != nil {
43 log.Fatalf("Error connecting to mongodb: %s", err)
44 }
45
46 userStore := &db.MongoDbBasicStore[*models.User]{
47 Db: mongo,
48 CollectionName: "users",
49 }
50
51 authSessionStore := &models.AuthSessionStoreMongodb{
52 MongoDbBasicStore: &db.MongoDbBasicStore[*models.AuthSession]{
53 Db: mongo,
54 CollectionName: "oauth_sessions",
55 },
56 }
57
58 if _, err := userStore.Get(ctx, username); err != nil {
59 log.Fatalf("User %s does not exist", username)
60 }
61
62 authSession := models.NewAuthSession("invite-only", time.Now().Add(cfg.InviteTimeout))
63 authSession.IsRegistration = true
64 authSession.UserId = username
65
66 if err := authSessionStore.Upsert(ctx, authSession); err != nil {
67 log.Fatalf("Error inserting registration: %s", err)
68 }
69
70 log.Printf("Invitation created, user code is: %s", authSession.UserCode)
71}
diff --git a/cmd/web/server.go b/cmd/web/server.go
new file mode 100644
index 0000000..6eb585a
--- /dev/null
+++ b/cmd/web/server.go
@@ -0,0 +1,257 @@
1package web
2
3import (
4 "context"
5 "fmt"
6 "io/fs"
7 "log"
8 "os"
9 "strings"
10 "text/template"
11 "time"
12
13 "code.crute.us/mcrute/ssh-proxy/app"
14 "code.crute.us/mcrute/ssh-proxy/app/controllers"
15 "code.crute.us/mcrute/ssh-proxy/app/middleware"
16 "code.crute.us/mcrute/ssh-proxy/app/models"
17 "code.crute.us/mcrute/ssh-proxy/db"
18
19 "code.crute.us/mcrute/golib/cli"
20 "code.crute.us/mcrute/golib/clients/autocert/v2"
21 "code.crute.us/mcrute/golib/clients/netbox/v3"
22 "code.crute.us/mcrute/golib/db/mongodb/v2"
23 glecho "code.crute.us/mcrute/golib/echo"
24 glcontroller "code.crute.us/mcrute/golib/echo/controller"
25 glmiddleware "code.crute.us/mcrute/golib/echo/middleware"
26 "code.crute.us/mcrute/golib/echo/session"
27 "code.crute.us/mcrute/golib/secrets"
28
29 "github.com/go-webauthn/webauthn/webauthn"
30 "github.com/gorilla/websocket"
31 "github.com/labstack/echo/v4"
32 "github.com/spf13/cobra"
33)
34
35func Register(root *cobra.Command, embeddedTemplates fs.FS, appVersion string) {
36 webCmd := &cobra.Command{
37 Use: "web [options]",
38 Short: "Run web server",
39 Run: func(c *cobra.Command, args []string) {
40 cfg := app.Config{}
41 cli.MustGetConfig(c, &cfg)
42 webMain(cfg, embeddedTemplates, appVersion)
43 },
44 }
45 cli.AddFlags(webCmd, &app.Config{}, app.DefaultConfig, "web")
46 root.AddCommand(webCmd)
47}
48
49func PopulateTemplateContext(c echo.Context) (interface{}, error) {
50 // May not be set if we're being called from something other than
51 // the generic template controller, which can happen in the order
52 // redirect controller.
53 cp, _ := c.Get("CanonicalPath").(string)
54
55 return &app.PageContext{
56 PageName: strings.SplitN(cp, ".", 2)[0],
57 Year: time.Now().Year(),
58 RenderTime: time.Now().Format(time.RFC1123),
59 Flags: glcontroller.NewFeatureFlags(),
60 CSRFToken: glmiddleware.GetCSRFToken(c),
61 Context: glcontroller.NewPageContext(),
62 }, nil
63}
64
65func webMain(cfg app.Config, embeddedTemplates fs.FS, appVersion string) {
66 ctx, cancel := context.WithCancel(context.Background())
67 defer cancel()
68
69 gt := &glcontroller.GenericTemplateHandler{Render: PopulateTemplateContext}
70
71 s, err := glecho.NewEchoWrapper(ctx, cfg.Debug)
72 if err != nil {
73 log.Fatalf("Error building echo: %s", err)
74 }
75
76 vc, err := glecho.MakeVaultSecretsClient(ctx)
77 if err != nil {
78 log.Fatalf("Error making vault client %s", err)
79 }
80
81 if err = s.Configure(glecho.EchoConfig{
82 ApplicationName: "app-server",
83 ApplicationVersion: appVersion,
84 BindAddresses: cfg.Bind,
85 DiskTemplates: os.DirFS("templates/"),
86 EmbeddedTemplates: embeddedTemplates,
87 RedirectToWWW: false,
88 TrustedProxyIPRanges: cfg.TrustedIPRanges,
89 ContentSecurityPolicy: &glmiddleware.ContentSecurityPolicyConfig{
90 DefaultSrc: []glmiddleware.CSPDirective{
91 glmiddleware.CSPSelf,
92 glmiddleware.CSPUnsafeInline,
93 },
94 },
95 TemplateFunctions: template.FuncMap{
96 "cacheBustUrl": gt.TmplMakeCacheBustUrl,
97 },
98 Autocert: autocert.MustNewAutocertWrapper(ctx, autocert.AutocertConfig{
99 ApiKey: secrets.MustGetApiKey(vc, ctx, cfg.DNSApiKeyVaultPath).Key,
100 Hosts: cfg.Hostnames,
101 Email: cfg.AutocertEmail,
102 CertHost: cfg.AutocertHost,
103 }),
104 NetboxClient: &netbox.BasicNetboxClient{
105 Endpoint: cfg.NetboxHost,
106 ApiKey: secrets.MustGetApiKey(vc, ctx, cfg.NetboxApiKeyVaultPath).Key,
107 },
108 }); err != nil {
109 log.Fatalf("Error configuring echo: %s", err)
110 }
111
112 glecho.AttachSecretsClient(vc, cancel, s.Runner(), s.Logger)
113
114 mongo, err := mongodb.Connect(ctx, cfg.MongoDbUri, vc)
115 if err != nil {
116 log.Fatalf("Error connecting to mongodb: %s", err)
117 }
118
119 cookieKey := secrets.MustGetRSAKey(vc, ctx, cfg.CookieKeyPath)
120 pk, err := cookieKey.RSAPrivateKey()
121 if err != nil {
122 log.Fatalf("Error fetching cookie key from vault: %s", err)
123 }
124
125 ss, err := session.NewCookieStore[*app.Session](pk, app.NewSession)
126 if err != nil {
127 log.Fatalf("Error creating session store: %s", err)
128 }
129
130 userStore := &db.MongoDbBasicStore[*models.User]{
131 Db: mongo,
132 CollectionName: "users",
133 }
134
135 oauthClientStore := &db.MongoDbBasicStore[*models.OauthClient]{
136 Db: mongo,
137 CollectionName: "oauth_clients",
138 }
139
140 authSessionStore := &models.AuthSessionStoreMongodb{
141 MongoDbBasicStore: &db.MongoDbBasicStore[*models.AuthSession]{
142 Db: mongo,
143 CollectionName: "oauth_sessions",
144 },
145 }
146
147 wauthn, err := webauthn.New(&webauthn.Config{
148 RPDisplayName: cfg.OauthRPName,
149 RPID: cfg.Hostnames[0],
150 RPOrigins: []string{
151 fmt.Sprintf("https://%s:8070", cfg.Hostnames[0]), // TODO: Expose port in echo server for use here
152 },
153 })
154 if err != nil {
155 log.Fatalf("Error constructing webauthn: %s", err)
156 }
157
158 lc := &controllers.LoginController[*app.Session]{
159 Logger: s.Logger,
160 Sessions: ss,
161 Users: userStore,
162 AuthSessions: authSessionStore,
163 Webauthn: wauthn,
164 SessionExpiration: cfg.OauthSessionTimeout,
165 }
166
167 rc := &controllers.RegisterController[*app.Session]{
168 Logger: s.Logger,
169 Sessions: ss,
170 Users: userStore,
171 AuthSessions: authSessionStore,
172 Webauthn: wauthn,
173 }
174
175 o2dc := &controllers.OAuth2DeviceController[*app.Session]{
176 Logger: s.Logger,
177 AuthSessions: authSessionStore,
178 OauthClients: oauthClientStore,
179 Hostname: fmt.Sprintf("https://%s:8070", cfg.Hostnames[0]), // TODO
180 PollSeconds: cfg.OauthDevicePollSecs,
181 SessionExpiration: cfg.OauthSessionTimeout,
182 }
183
184 ph := &controllers.ProxyHandler{
185 Logger: s.Logger,
186 Users: userStore,
187 Upgrader: websocket.Upgrader{
188 ReadBufferSize: 1024,
189 WriteBufferSize: 1024,
190 },
191 }
192
193 caAuthMw := &middleware.TokenAuthMiddleware{
194 Logger: s.Logger,
195 RequiredScope: "ca:issue",
196 AuthSessions: authSessionStore,
197 }
198
199 proxyAuthMw := &middleware.TokenAuthMiddleware{
200 Logger: s.Logger,
201 RequiredScope: "ssh:proxy",
202 AuthSessions: authSessionStore,
203 }
204
205 var caSecret controllers.CASecret
206 if _, err := vc.Secret(ctx, cfg.SSHCAKeyPath, &caSecret); err != nil {
207 log.Fatalf("Error fetching SSH CA secret from Vault: %s", err)
208 }
209
210 ca, err := controllers.NewCAHandler(controllers.CAHandlerConfig{
211 Logger: s.Logger,
212 Users: userStore,
213 Expiration: cfg.SSHCertificateExpiration,
214 Secret: caSecret,
215 })
216 if err != nil {
217 log.Fatalf("Error building CA controller: %s", err)
218 }
219
220 s.Use(session.Middleware(ss))
221
222 csm := glmiddleware.CSRFProtect(ss)
223
224 s.GET("/login", gt.Handle, csm)
225 s.GET("/register", gt.Handle, csm)
226
227 ag := s.Group("/auth")
228 {
229 ag.POST("/device", o2dc.HandleStart)
230 ag.POST("/token", o2dc.HandleToken)
231
232 lg := ag.Group("/login")
233 lg.Use(csm)
234 {
235 lg.GET("/:username", lc.HandleStart)
236 lg.POST("/:username", lc.HandleFinish)
237 }
238
239 rg := ag.Group("/register")
240 rg.Use(csm)
241 {
242 rg.GET("/:username", rc.HandleStart)
243 rg.POST("/:username", rc.HandleFinish)
244 }
245 }
246
247 s.POST("/ca/issue", ca.HandleIssue, caAuthMw.Middleware)
248
249 pg := s.Group("/proxy-to")
250 pg.Use(proxyAuthMw.Middleware)
251 {
252 pg.GET("/:host", ph.Handle)
253 pg.GET("/:host/:port", ph.Handle)
254 }
255
256 s.RunForever(!cfg.DisableBackgroundJobs)
257}
diff --git a/db/mongodb_store.go b/db/mongodb_store.go
new file mode 100644
index 0000000..2822de4
--- /dev/null
+++ b/db/mongodb_store.go
@@ -0,0 +1,72 @@
1package db
2
3import (
4 "context"
5 "time"
6
7 "code.crute.us/mcrute/golib/db/mongodb/v2"
8 "go.mongodb.org/mongo-driver/bson"
9 "go.mongodb.org/mongo-driver/bson/primitive"
10)
11
12type MongoDbBasicModel interface {
13 MarkDeleted(time.Time)
14 RecordId() string
15}
16
17type MongoDbBasicStore[T MongoDbBasicModel] struct {
18 Db *mongodb.Mongo
19 CollectionName string
20}
21
22func (s *MongoDbBasicStore[T]) List(ctx context.Context) ([]T, error) {
23 out := []T{}
24
25 filter := bson.M{}
26 filter["deleted"] = primitive.Null{}
27
28 if err := s.Db.FindAllByFilter(ctx, s.CollectionName, filter, &out); err != nil {
29 return nil, err
30 }
31
32 return out, nil
33}
34
35func (s *MongoDbBasicStore[T]) ListAll(ctx context.Context) ([]T, error) {
36 out := []T{}
37
38 if err := s.Db.FindAllByFilter(ctx, s.CollectionName, bson.M{}, &out); err != nil {
39 return nil, err
40 }
41
42 return out, nil
43}
44
45func (s *MongoDbBasicStore[T]) Get(ctx context.Context, name string) (T, error) {
46 var out T
47
48 filter := bson.M{}
49 filter["_id"] = name
50
51 if err := s.Db.FindOneByFilter(ctx, s.CollectionName, filter, &out); err != nil {
52 return out, err
53 }
54
55 return out, nil
56}
57
58func (s *MongoDbBasicStore[T]) Upsert(ctx context.Context, m T) error {
59 if err := s.Db.ReplaceOneById(ctx, s.CollectionName, m.RecordId(), m); err != nil {
60 return err
61 }
62 return nil
63}
64
65func (s *MongoDbBasicStore[T]) Delete(ctx context.Context, m T) error {
66 k, err := s.Get(ctx, m.RecordId())
67 if err != nil {
68 return err
69 }
70 k.MarkDeleted(time.Now())
71 return s.Upsert(ctx, k)
72}
diff --git a/go.mod b/go.mod
index 3f372f6..4d68ee1 100644
--- a/go.mod
+++ b/go.mod
@@ -1,13 +1,104 @@
1module code.crute.us/mcrute/websocket_proxy 1module code.crute.us/mcrute/ssh-proxy
2 2
3go 1.20 3go 1.20
4 4
5replace golang.org/x/crypto => ../third_party/golang/x/crypto
6
5require ( 7require (
6 github.com/gorilla/websocket v1.4.1 8 code.crute.us/mcrute/golib/cli v0.2.2
7 github.com/spf13/cobra v0.0.5 9 code.crute.us/mcrute/golib/clients/autocert/v2 v2.0.0
10 code.crute.us/mcrute/golib/clients/netbox/v3 v3.2.0
11 code.crute.us/mcrute/golib/db/mongodb/v2 v2.0.0
12 code.crute.us/mcrute/golib/echo v0.9.4
13 code.crute.us/mcrute/golib/secrets v0.4.0
14 github.com/go-webauthn/webauthn v0.8.4
15 github.com/google/go-querystring v1.1.0
16 github.com/gorilla/websocket v1.5.0
17 github.com/labstack/echo/v4 v4.6.1
18 github.com/mdp/qrterminal v1.0.1
19 github.com/spf13/cobra v1.7.0
20 go.mongodb.org/mongo-driver v1.7.4
21 golang.org/x/crypto v0.11.0
8) 22)
9 23
10require ( 24require (
11 github.com/inconshreveable/mousetrap v1.0.0 // indirect 25 code.crute.us/mcrute/golib v0.4.2 // indirect
12 github.com/spf13/pflag v1.0.3 // indirect 26 code.crute.us/mcrute/golib/clients/dns v0.1.0 // indirect
27 code.crute.us/mcrute/golib/clients/netbox v0.1.0 // indirect
28 code.crute.us/mcrute/golib/vault v0.2.4 // indirect
29 github.com/armon/go-metrics v0.3.10 // indirect
30 github.com/armon/go-radix v1.0.0 // indirect
31 github.com/beorn7/perks v1.0.1 // indirect
32 github.com/cenkalti/backoff/v3 v3.0.0 // indirect
33 github.com/cespare/xxhash/v2 v2.1.1 // indirect
34 github.com/elnormous/contenttype v1.0.0 // indirect
35 github.com/fatih/color v1.13.0 // indirect
36 github.com/fxamacker/cbor/v2 v2.4.0 // indirect
37 github.com/go-stack/stack v1.8.0 // indirect
38 github.com/go-webauthn/x v0.1.4 // indirect
39 github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
40 github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
41 github.com/golang/protobuf v1.5.2 // indirect
42 github.com/golang/snappy v0.0.4 // indirect
43 github.com/google/go-tpm v0.9.0 // indirect
44 github.com/google/uuid v1.3.0 // indirect
45 github.com/hashicorp/errwrap v1.1.0 // indirect
46 github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
47 github.com/hashicorp/go-hclog v1.0.0 // indirect
48 github.com/hashicorp/go-immutable-radix v1.3.1 // indirect
49 github.com/hashicorp/go-multierror v1.1.1 // indirect
50 github.com/hashicorp/go-plugin v1.4.3 // indirect
51 github.com/hashicorp/go-retryablehttp v0.6.6 // indirect
52 github.com/hashicorp/go-rootcerts v1.0.2 // indirect
53 github.com/hashicorp/go-secure-stdlib/mlock v0.1.1 // indirect
54 github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6 // indirect
55 github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect
56 github.com/hashicorp/go-sockaddr v1.0.2 // indirect
57 github.com/hashicorp/go-uuid v1.0.2 // indirect
58 github.com/hashicorp/go-version v1.2.0 // indirect
59 github.com/hashicorp/golang-lru v0.5.4 // indirect
60 github.com/hashicorp/hcl v1.0.0 // indirect
61 github.com/hashicorp/vault/api v1.8.0 // indirect
62 github.com/hashicorp/vault/api/auth/approle v0.3.0 // indirect
63 github.com/hashicorp/vault/sdk v0.6.0 // indirect
64 github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb // indirect
65 github.com/inconshreveable/mousetrap v1.1.0 // indirect
66 github.com/klauspost/compress v1.13.6 // indirect
67 github.com/labstack/gommon v0.3.1 // indirect
68 github.com/mattn/go-colorable v0.1.12 // indirect
69 github.com/mattn/go-isatty v0.0.14 // indirect
70 github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
71 github.com/mitchellh/copystructure v1.0.0 // indirect
72 github.com/mitchellh/go-homedir v1.1.0 // indirect
73 github.com/mitchellh/go-testing-interface v1.0.0 // indirect
74 github.com/mitchellh/mapstructure v1.5.0 // indirect
75 github.com/mitchellh/reflectwalk v1.0.0 // indirect
76 github.com/oklog/run v1.0.0 // indirect
77 github.com/pierrec/lz4 v2.5.2+incompatible // indirect
78 github.com/pkg/errors v0.9.1 // indirect
79 github.com/prometheus/client_golang v1.11.0 // indirect
80 github.com/prometheus/client_model v0.2.0 // indirect
81 github.com/prometheus/common v0.32.1 // indirect
82 github.com/prometheus/procfs v0.6.0 // indirect
83 github.com/ryanuber/go-glob v1.0.0 // indirect
84 github.com/spf13/pflag v1.0.5 // indirect
85 github.com/valyala/bytebufferpool v1.0.0 // indirect
86 github.com/valyala/fasttemplate v1.2.1 // indirect
87 github.com/x448/float16 v0.8.4 // indirect
88 github.com/xdg-go/pbkdf2 v1.0.0 // indirect
89 github.com/xdg-go/scram v1.0.2 // indirect
90 github.com/xdg-go/stringprep v1.0.2 // indirect
91 github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d // indirect
92 go.uber.org/atomic v1.9.0 // indirect
93 golang.org/x/net v0.2.0 // indirect
94 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 // indirect
95 golang.org/x/sys v0.10.0 // indirect
96 golang.org/x/text v0.4.0 // indirect
97 golang.org/x/time v0.0.0-20201208040808-7e3f01d25324 // indirect
98 google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa // indirect
99 google.golang.org/grpc v1.42.0 // indirect
100 google.golang.org/protobuf v1.27.1 // indirect
101 gopkg.in/square/go-jose.v2 v2.5.1 // indirect
102 gopkg.in/yaml.v2 v2.4.0 // indirect
103 rsc.io/qr v0.2.0 // indirect
13) 104)
diff --git a/go.sum b/go.sum
index 84ffc4f..b78ecee 100644
--- a/go.sum
+++ b/go.sum
@@ -1,35 +1,801 @@
1cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
2cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
3cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
4cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU=
5cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY=
6cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc=
7cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0=
8cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To=
9cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4=
10cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M=
11cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc=
12cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk=
13cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs=
14cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc=
15cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY=
16cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o=
17cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE=
18cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc=
19cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg=
20cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc=
21cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ=
22cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE=
23cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk=
24cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I=
25cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw=
26cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA=
27cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU=
28cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw=
29cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos=
30cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk=
31cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
32cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
33code.crute.us/mcrute/golib v0.4.2 h1:WeZyBMRFOiIkdNhsXx3kMgRGDUdUshzHS/J4OIPThlY=
34code.crute.us/mcrute/golib v0.4.2/go.mod h1:dukLPhs1H8dxtkhXtpJZYo/bMzefLRbdRj9Tj67wdaQ=
35code.crute.us/mcrute/golib/cli v0.2.2 h1:1MgyEYCyZ2oJBs/FrztMmxJoh0v+7j21VsWXBTIWsqw=
36code.crute.us/mcrute/golib/cli v0.2.2/go.mod h1:vc2TpQ5J/3zRfcWq6sclmU0EmJI8xygpOij77VJ8EK8=
37code.crute.us/mcrute/golib/clients/autocert/v2 v2.0.0 h1:MTS65Npib7DFnsNZ5Fs7EYXkK2ITEqdZQ18kBd3FdPk=
38code.crute.us/mcrute/golib/clients/autocert/v2 v2.0.0/go.mod h1:IPn/fE0kxcOBTaXv3X6fv+/JUP1uZvW4vJLKYwrCdbI=
39code.crute.us/mcrute/golib/clients/dns v0.1.0 h1:bgB+KVLcuSfr5ZoAEgLToawtP4iIrxWIf3s7mMgOo6U=
40code.crute.us/mcrute/golib/clients/dns v0.1.0/go.mod h1:uF2fDvCZAL35ZJgojUhCgVK0HBmIv1+go1NMNPSJaeU=
41code.crute.us/mcrute/golib/clients/netbox v0.1.0 h1:7ae676WtINm2oSLoUw1ERIZ2ndLD5gi7cvv2iZZd1XI=
42code.crute.us/mcrute/golib/clients/netbox v0.1.0/go.mod h1:csRsnmAwenAz8Pbo7CcQTWzn6uaXadELIdB81JxsacY=
43code.crute.us/mcrute/golib/clients/netbox/v3 v3.2.0 h1:g3+vdaUeoVg+Qx++bGi2j2AVBOFpRC6b+uTGw6oM9wc=
44code.crute.us/mcrute/golib/clients/netbox/v3 v3.2.0/go.mod h1:Wjh2iiFDkRuYN1TBgYrRpwT5Xp8i+2+TWJrbdG3JWWk=
45code.crute.us/mcrute/golib/db/mongodb/v2 v2.0.0 h1:v4AYsbesoDeAMMbwS43WzqywNm0w09yKs6731DrdWVY=
46code.crute.us/mcrute/golib/db/mongodb/v2 v2.0.0/go.mod h1:3dFJwm2MtCb312eHdHnK/w8D1lwgCeewa/2hztw89kE=
47code.crute.us/mcrute/golib/echo v0.9.4 h1:C2z7RRIksT2K0Fr4LZHGISRMXooNT1qaEV9NZ7LK5fs=
48code.crute.us/mcrute/golib/echo v0.9.4/go.mod h1:mcmhqsSWD/+ECdrd0Sh9u9XGtukXdLPVHc88sKg/gJo=
49code.crute.us/mcrute/golib/secrets v0.4.0 h1:tZzQEOnJshDGuzvvr0n0BMWZbu3ZMB5QRqIDa4PwE3U=
50code.crute.us/mcrute/golib/secrets v0.4.0/go.mod h1:c40ezKg/NXe5NE3PaCRIUJC6D6XCoPSu9+duZSdKsNY=
51code.crute.us/mcrute/golib/vault v0.2.4 h1:lNc1hq26e/UAGBqxQlZiFffOXZSNEcEkKUzU3oRJ8Eg=
52code.crute.us/mcrute/golib/vault v0.2.4/go.mod h1:23C5g8O0zaeFfo7v6sCO0RKgnHIiHM9ku+ASOWHJD9k=
53dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
1github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= 54github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
2github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= 55github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
3github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= 56github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ=
4github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= 57github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
5github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= 58github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
6github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= 59github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
60github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
61github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
62github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho=
63github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
64github.com/armon/go-metrics v0.3.9/go.mod h1:4O98XIr/9W0sxpJ8UaYkvjk10Iff7SnFrb4QAOwNTFc=
65github.com/armon/go-metrics v0.3.10 h1:FR+drcQStOe+32sYyJYyZ7FIdgoGGBnwLl+flodp8Uo=
66github.com/armon/go-metrics v0.3.10/go.mod h1:4O98XIr/9W0sxpJ8UaYkvjk10Iff7SnFrb4QAOwNTFc=
67github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
68github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI=
69github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
70github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
71github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
72github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
73github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
74github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
75github.com/cenkalti/backoff/v3 v3.0.0 h1:ske+9nBpD9qZsTBoF41nW5L+AIuFBKMeze18XQ3eG1c=
76github.com/cenkalti/backoff/v3 v3.0.0/go.mod h1:cIeZDE3IrqwwJl6VUwCN6trj1oXrTS4rc0ij+ULvLYs=
77github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
78github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
79github.com/cespare/xxhash/v2 v2.1.1 h1:6MnRN8NT7+YBpUIWxHtefFZOKTAPgGjpQSxqLNn0+qY=
80github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
81github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
82github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
83github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
84github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible/go.mod h1:nmEj6Dob7S7YxXgwXpfOuvO54S+tGdZdw9fuRZt25Ag=
85github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp5jckzBHf4XRpQvBOLI+I=
86github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
87github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
88github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
89github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI=
90github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
91github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
92github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
93github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
94github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
95github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
96github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
97github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
7github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 98github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
8github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= 99github.com/elnormous/contenttype v1.0.0 h1:cTLou7K7uQMsPEmRiTJosAznsPcYuoBmXMrFAf86t2A=
9github.com/gorilla/websocket v1.4.1 h1:q7AeDBpnBk8AogcD4DSag/Ukw/KV+YhzLj2bP5HvKCM= 100github.com/elnormous/contenttype v1.0.0/go.mod h1:ngVcyGGU8pnn4QJ5sL4StrNgc/wmXZXy5IQSBuHOFPg=
10github.com/gorilla/websocket v1.4.1/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= 101github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
102github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
103github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
104github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
105github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ=
106github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0=
107github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
108github.com/evanphx/json-patch/v5 v5.5.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4=
109github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
110github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w=
111github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk=
112github.com/fatih/structs v1.1.0 h1:Q7juDM0QtcnhCpeyLGQKyg4TOIghuNXrkL32pHAUMxo=
113github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M=
114github.com/frankban/quicktest v1.10.0/go.mod h1:ui7WezCLWMWxVWr1GETZY3smRy0G4KWq9vcPtJmFl7Y=
115github.com/frankban/quicktest v1.13.0 h1:yNZif1OkDfNoDfb9zZa9aXIpejNR4F23Wely0c+Qdqk=
116github.com/frankban/quicktest v1.13.0/go.mod h1:qLE0fzW0VuyUAJgPU19zByoIr0HtCHN/r/VLSOOIySU=
117github.com/fxamacker/cbor/v2 v2.4.0 h1:ri0ArlOR+5XunOP8CRUowT0pSJOwhW098ZCUyskZD88=
118github.com/fxamacker/cbor/v2 v2.4.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrtAnWBwBCVo=
119github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
120github.com/go-asn1-ber/asn1-ber v1.3.1/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0=
121github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
122github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
123github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
124github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
125github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
126github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY=
127github.com/go-ldap/ldap/v3 v3.1.10/go.mod h1:5Zun81jBTabRaI8lzN7E1JjyEl1g6zI6u9pd8luAK4Q=
128github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
129github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk=
130github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
131github.com/go-stack/stack v1.8.0 h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk=
132github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
133github.com/go-test/deep v1.0.2 h1:onZX1rnHT3Wv6cqNgYyFOOlgVKJrksuCMCRvJStbMYw=
134github.com/go-test/deep v1.0.2/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA=
135github.com/go-webauthn/webauthn v0.8.4 h1:/emQ9b9Rj4flWO94Fo8KJeYvZ6VzPywXsmqyDA/WicY=
136github.com/go-webauthn/webauthn v0.8.4/go.mod h1:ZqEa9OnSCdQf6CJvTWTDCsUcPRi8F3h7XCIDINwbBgI=
137github.com/go-webauthn/x v0.1.4 h1:sGmIFhcY70l6k7JIDfnjVBiAAFEssga5lXIUXe0GtAs=
138github.com/go-webauthn/x v0.1.4/go.mod h1:75Ug0oK6KYpANh5hDOanfDI+dvPWHk788naJVG/37H8=
139github.com/gobuffalo/attrs v0.0.0-20190224210810-a9411de4debd/go.mod h1:4duuawTqi2wkkpB4ePgWMaai6/Kc6WEz83bhFwpHzj0=
140github.com/gobuffalo/depgen v0.0.0-20190329151759-d478694a28d3/go.mod h1:3STtPUQYuzV0gBVOY3vy6CfMm/ljR4pABfrTeHNLHUY=
141github.com/gobuffalo/depgen v0.1.0/go.mod h1:+ifsuy7fhi15RWncXQQKjWS9JPkdah5sZvtHc2RXGlg=
142github.com/gobuffalo/envy v1.6.15/go.mod h1:n7DRkBerg/aorDM8kbduw5dN3oXGswK5liaSCx4T5NI=
143github.com/gobuffalo/envy v1.7.0/go.mod h1:n7DRkBerg/aorDM8kbduw5dN3oXGswK5liaSCx4T5NI=
144github.com/gobuffalo/flect v0.1.0/go.mod h1:d2ehjJqGOH/Kjqcoz+F7jHTBbmDb38yXA598Hb50EGs=
145github.com/gobuffalo/flect v0.1.1/go.mod h1:8JCgGVbRjJhVgD6399mQr4fx5rRfGKVzFjbj6RE/9UI=
146github.com/gobuffalo/flect v0.1.3/go.mod h1:8JCgGVbRjJhVgD6399mQr4fx5rRfGKVzFjbj6RE/9UI=
147github.com/gobuffalo/genny v0.0.0-20190329151137-27723ad26ef9/go.mod h1:rWs4Z12d1Zbf19rlsn0nurr75KqhYp52EAGGxTbBhNk=
148github.com/gobuffalo/genny v0.0.0-20190403191548-3ca520ef0d9e/go.mod h1:80lIj3kVJWwOrXWWMRzzdhW3DsrdjILVil/SFKBzF28=
149github.com/gobuffalo/genny v0.1.0/go.mod h1:XidbUqzak3lHdS//TPu2OgiFB+51Ur5f7CSnXZ/JDvo=
150github.com/gobuffalo/genny v0.1.1/go.mod h1:5TExbEyY48pfunL4QSXxlDOmdsD44RRq4mVZ0Ex28Xk=
151github.com/gobuffalo/gitgen v0.0.0-20190315122116-cc086187d211/go.mod h1:vEHJk/E9DmhejeLeNt7UVvlSGv3ziL+djtTr3yyzcOw=
152github.com/gobuffalo/gogen v0.0.0-20190315121717-8f38393713f5/go.mod h1:V9QVDIxsgKNZs6L2IYiGR8datgMhB577vzTDqypH360=
153github.com/gobuffalo/gogen v0.1.0/go.mod h1:8NTelM5qd8RZ15VjQTFkAW6qOMx5wBbW4dSCS3BY8gg=
154github.com/gobuffalo/gogen v0.1.1/go.mod h1:y8iBtmHmGc4qa3urIyo1shvOD8JftTtfcKi+71xfDNE=
155github.com/gobuffalo/logger v0.0.0-20190315122211-86e12af44bc2/go.mod h1:QdxcLw541hSGtBnhUc4gaNIXRjiDppFGaDqzbrBd3v8=
156github.com/gobuffalo/mapi v1.0.1/go.mod h1:4VAGh89y6rVOvm5A8fKFxYG+wIW6LO1FMTG9hnKStFc=
157github.com/gobuffalo/mapi v1.0.2/go.mod h1:4VAGh89y6rVOvm5A8fKFxYG+wIW6LO1FMTG9hnKStFc=
158github.com/gobuffalo/packd v0.0.0-20190315124812-a385830c7fc0/go.mod h1:M2Juc+hhDXf/PnmBANFCqx4DM3wRbgDvnVWeG2RIxq4=
159github.com/gobuffalo/packd v0.1.0/go.mod h1:M2Juc+hhDXf/PnmBANFCqx4DM3wRbgDvnVWeG2RIxq4=
160github.com/gobuffalo/packr/v2 v2.0.9/go.mod h1:emmyGweYTm6Kdper+iywB6YK5YzuKchGtJQZ0Odn4pQ=
161github.com/gobuffalo/packr/v2 v2.2.0/go.mod h1:CaAwI0GPIAv+5wKLtv8Afwl+Cm78K/I/VCm/3ptBN+0=
162github.com/gobuffalo/syncx v0.0.0-20190224160051-33c29581e754/go.mod h1:HhnNqWY95UYwwW3uSASeV7vtgYkT2t16hJgV3AEPUpw=
163github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
164github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
165github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
166github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
167github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
168github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
169github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
170github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
171github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
172github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
173github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
174github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y=
175github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
176github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
177github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
178github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
179github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
180github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
181github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
182github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
183github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
184github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk=
185github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
186github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
187github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
188github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
189github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
190github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
191github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
192github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
193github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
194github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
195github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
196github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
197github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM=
198github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
199github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
200github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
201github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
202github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
203github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
204github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
205github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
206github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
207github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
208github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
209github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
210github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
211github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
212github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
213github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
214github.com/google/go-tpm v0.9.0 h1:sQF6YqWMi+SCXpsmS3fd21oPy/vSddwZry4JnmltHVk=
215github.com/google/go-tpm v0.9.0/go.mod h1:FkNVkc6C+IsvDI9Jw1OveJmxGZUUaKxtrpOS47QWKfU=
216github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
217github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
218github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
219github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
220github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
221github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
222github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
223github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
224github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
225github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
226github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
227github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
228github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
229github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
230github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
231github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
232github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc=
233github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
234github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw=
235github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
236github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
237github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
238github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80=
239github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80=
240github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ=
241github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48=
242github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ=
243github.com/hashicorp/go-hclog v0.14.1/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ=
244github.com/hashicorp/go-hclog v0.16.2/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ=
245github.com/hashicorp/go-hclog v1.0.0 h1:bkKf0BeBXcSYa7f5Fyi9gMuQ8gNsxeiNpZjR6VxNZeo=
246github.com/hashicorp/go-hclog v1.0.0/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ=
247github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60=
248github.com/hashicorp/go-immutable-radix v1.3.1 h1:DKHmCUm2hRBK510BaiZlwvpD40f8bJFeZnpfm2KLowc=
249github.com/hashicorp/go-immutable-radix v1.3.1/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60=
250github.com/hashicorp/go-kms-wrapping/entropy/v2 v2.0.0/go.mod h1:xvb32K2keAc+R8DSFG2IwDcydK9DBQE+fGA5fsw6hSk=
251github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk=
252github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
253github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
254github.com/hashicorp/go-plugin v1.4.3 h1:DXmvivbWD5qdiBts9TpBC7BYL1Aia5sxbRgQB+v6UZM=
255github.com/hashicorp/go-plugin v1.4.3/go.mod h1:5fGEH17QVwTTcR0zV7yhDPLLmFX9YSZ38b18Udy6vYQ=
256github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs=
257github.com/hashicorp/go-retryablehttp v0.6.6 h1:HJunrbHTDDbBb/ay4kxa1n+dLmttUlnP3V9oNE4hmsM=
258github.com/hashicorp/go-retryablehttp v0.6.6/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY=
259github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc=
260github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8=
261github.com/hashicorp/go-secure-stdlib/base62 v0.1.1/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw=
262github.com/hashicorp/go-secure-stdlib/mlock v0.1.1 h1:cCRo8gK7oq6A2L6LICkUZ+/a5rLiRXFMf1Qd4xSwxTc=
263github.com/hashicorp/go-secure-stdlib/mlock v0.1.1/go.mod h1:zq93CJChV6L9QTfGKtfBxKqD7BqqXx5O04A/ns2p5+I=
264github.com/hashicorp/go-secure-stdlib/parseutil v0.1.1/go.mod h1:QmrqtbKuxxSWTN3ETMPuB+VtEiBJ/A9XhoYGv8E1uD8=
265github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6 h1:om4Al8Oy7kCm/B86rLCLah4Dt5Aa0Fr5rYBG60OzwHQ=
266github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6/go.mod h1:QmrqtbKuxxSWTN3ETMPuB+VtEiBJ/A9XhoYGv8E1uD8=
267github.com/hashicorp/go-secure-stdlib/password v0.1.1/go.mod h1:9hH302QllNwu1o2TGYtSk8I8kTAN0ca1EHpwhm5Mmzo=
268github.com/hashicorp/go-secure-stdlib/strutil v0.1.1/go.mod h1:gKOamz3EwoIoJq7mlMIRBpVTAUn8qPCrEclOKKWhD3U=
269github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9CdjCtrXrXGuOpxEA7Ts=
270github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4=
271github.com/hashicorp/go-secure-stdlib/tlsutil v0.1.1/go.mod h1:l8slYwnJA26yBz+ErHpp2IRCLr0vuOMGBORIz4rRiAs=
272github.com/hashicorp/go-sockaddr v1.0.2 h1:ztczhD1jLxIRjVejw8gFomI1BQZOe2WoVOu0SyteCQc=
273github.com/hashicorp/go-sockaddr v1.0.2/go.mod h1:rB4wwRAUzs07qva3c5SdrY/NEtAUjGlgmH/UkBUC97A=
274github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
275github.com/hashicorp/go-uuid v1.0.2 h1:cfejS+Tpcp13yd5nYHWDI6qVCny6wyX2Mt5SGur2IGE=
276github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
277github.com/hashicorp/go-version v1.2.0 h1:3vNe/fWF5CBgRIguda1meWhsZHy3m8gCJ5wx+dIzX/E=
278github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
279github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
280github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
281github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc=
282github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4=
283github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
11github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= 284github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
12github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= 285github.com/hashicorp/vault/api v1.8.0 h1:7765sW1XBt+qf4XKIYE4ebY9qc/yi9V2/egzGSUNMZU=
286github.com/hashicorp/vault/api v1.8.0/go.mod h1:uJrw6D3y9Rv7hhmS17JQC50jbPDAZdjZoTtrCCxxs7E=
287github.com/hashicorp/vault/api/auth/approle v0.3.0 h1:Ib0oCNXsCq/QZhPYtXPzJEbGS5WR/KoZf8c84QoFdkU=
288github.com/hashicorp/vault/api/auth/approle v0.3.0/go.mod h1:hm51TbjzUkPO0Y17wkrpwOpvyyMRpXJNueTHiG04t3k=
289github.com/hashicorp/vault/sdk v0.6.0 h1:6Z+In5DXHiUfZvIZdMx7e2loL1PPyDjA4bVh9ZTIAhs=
290github.com/hashicorp/vault/sdk v0.6.0/go.mod h1:+DRpzoXIdMvKc88R4qxr+edwy/RvH5QK8itmxLiDHLc=
291github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb h1:b5rjCoWHc7eqmAS4/qyk21ZsHyb6Mxv/jykxvNTkU4M=
292github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM=
293github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
13github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= 294github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
14github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= 295github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
296github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
297github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
298github.com/jhump/protoreflect v1.6.0 h1:h5jfMVslIg6l29nsMs0D8Wj17RDVdNYti0vDN/PZZoE=
299github.com/jhump/protoreflect v1.6.0/go.mod h1:eaTn3RZAmMBcV0fifFvlm6VHNz3wSkYyXYWUh7ymB74=
300github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg=
301github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4=
302github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
303github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
304github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
305github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
306github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
307github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
308github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
309github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM=
310github.com/karrick/godirwalk v1.8.0/go.mod h1:H5KPZjojv4lE+QYImBI8xVtrBRgYrIVsaRPx4tDPEn4=
311github.com/karrick/godirwalk v1.10.3/go.mod h1:RoGL9dQei4vP9ilrpETWE8CLOZ1kiN0LhBygSwrAsHA=
312github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
313github.com/klauspost/compress v1.13.6 h1:P76CopJELS0TiO2mebmnzgWaajssP/EszplttgQxcgc=
314github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
315github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
316github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
317github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
318github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
319github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
320github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
321github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI=
322github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
323github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
324github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
325github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
326github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
327github.com/labstack/echo/v4 v4.6.1 h1:OMVsrnNFzYlGSdaiYGHbgWQnr+JM7NG+B9suCPie14M=
328github.com/labstack/echo/v4 v4.6.1/go.mod h1:RnjgMWNDB9g/HucVWhQYNQP9PvbYf6adqftqryo7s9k=
329github.com/labstack/gommon v0.3.0/go.mod h1:MULnywXg0yavhxWKc+lOruYdAhDwPK9wf0OL7NoOu+k=
330github.com/labstack/gommon v0.3.1 h1:OomWaJXm7xR6L1HmEtGyQf26TEn7V6X88mktX9kee9o=
331github.com/labstack/gommon v0.3.1/go.mod h1:uW6kP17uPlLJsD3ijUYn3/M5bAxtlZhMI6m3MFxTMTM=
332github.com/markbates/oncer v0.0.0-20181203154359-bf2de49a0be2/go.mod h1:Ld9puTsIW75CHf65OeIOkyKbteujpZVXDpWK6YGZbxE=
333github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0=
334github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
335github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
336github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
337github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
338github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
339github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
340github.com/mattn/go-colorable v0.1.11/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4=
341github.com/mattn/go-colorable v0.1.12 h1:jF+Du6AlPIjs2BiUiQlKOX0rt3SujHxPnksPKZbaA40=
342github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4=
343github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
344github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
345github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ=
346github.com/mattn/go-isatty v0.0.10/go.mod h1:qgIWMr58cqv1PHHyhnkY9lrL7etaEgOFcMEpPG5Rm84=
347github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
348github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y=
349github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94=
350github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU=
351github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
352github.com/mdp/qrterminal v1.0.1 h1:07+fzVDlPuBlXS8tB0ktTAyf+Lp1j2+2zK3fBOL5b7c=
353github.com/mdp/qrterminal v1.0.1/go.mod h1:Z33WhxQe9B6CdW37HaVqcRKzP+kByF3q/qLxOGe12xQ=
354github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc=
355github.com/mitchellh/copystructure v1.0.0 h1:Laisrj+bAB6b/yJwB5Bt3ITZhGJdqmxquMKeZ+mmkFQ=
356github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw=
357github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
15github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= 358github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
16github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= 359github.com/mitchellh/go-testing-interface v0.0.0-20171004221916-a61a99592b77/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI=
17github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= 360github.com/mitchellh/go-testing-interface v1.0.0 h1:fzU/JVNcaqHQEcVFAKeR41fkiLdIPrefOvVG1VZ96U0=
361github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI=
362github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo=
363github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
364github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
365github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
366github.com/mitchellh/reflectwalk v1.0.0 h1:9D+8oIskB4VJBN5SFlmc27fSlIBZaov1Wpk/IfikLNY=
367github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw=
368github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
369github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
370github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
371github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
372github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe/go.mod h1:wL8QJuTMNUDYhXwkmfOly8iTdp5TEcJFWZD2D7SIkUc=
373github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
374github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
375github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw=
376github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
377github.com/pascaldekloe/goe v0.1.0 h1:cBOtyMzM9HTpWjXfbbunk26uA6nG3a8n06Wieeh0MwY=
378github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
379github.com/pelletier/go-toml v1.7.0/go.mod h1:vwGMzjaWMwyfHwgIBhI2YUM4fB6nL6lVAvS1LBMMhTE=
380github.com/pierrec/lz4 v2.5.2+incompatible h1:WCjObylUIOlKy/+7Abdn34TLIkXiA4UWUMhxq9m9ZXI=
381github.com/pierrec/lz4 v2.5.2+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=
382github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
383github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
384github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
385github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
386github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
18github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= 387github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
19github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= 388github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI=
20github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= 389github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
21github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= 390github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
22github.com/spf13/cobra v0.0.5 h1:f0B+LkLX6DtmRH1isoNA9VTtNUK9K8xYd28JNNfOv/s= 391github.com/prometheus/client_golang v1.4.0/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3OK1iX/F2sw+iXX5zU=
23github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= 392github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M=
24github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= 393github.com/prometheus/client_golang v1.11.0 h1:HNkLOAEQMIDv/K+04rukrLx6ch7msSRwf3/SASFAGtQ=
25github.com/spf13/pflag v1.0.3 h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg= 394github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0=
395github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
396github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
397github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
398github.com/prometheus/client_model v0.2.0 h1:uq5h0d+GuxiXLJLNABMgp2qUWDPiLvgCzz2dUR+/W/M=
399github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
400github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
401github.com/prometheus/common v0.9.1/go.mod h1:yhUN8i9wzaXS3w1O07YhxHEBxD+W35wd8bs7vj7HSQ4=
402github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo=
403github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc=
404github.com/prometheus/common v0.32.1 h1:hWIdL3N2HoUx3B8j3YN9mWor0qhY/NlEKZEaXxuIRh4=
405github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
406github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
407github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
408github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A=
409github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=
410github.com/prometheus/procfs v0.6.0 h1:mxy4L2jP6qMonqmq+aTtOx1ifVWUgG/TAmntgbh3xv4=
411github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
412github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
413github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
414github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
415github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
416github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
417github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
418github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk=
419github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc=
420github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
421github.com/sirupsen/logrus v1.4.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
422github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q=
423github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
424github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88=
425github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
426github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
427github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I=
428github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0=
26github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= 429github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
27github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= 430github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
431github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
432github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
433github.com/stretchr/objx v0.1.1 h1:2vfRuCMp5sSVIDSqO8oNnWJq7mPa6KVP3iPIwFBuy8A=
434github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
28github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= 435github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
29github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= 436github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
30github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= 437github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
31golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= 438github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
32golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 439github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
440github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
441github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
442github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4=
443github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
444github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM=
445github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
446github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
447github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8=
448github.com/valyala/fasttemplate v1.2.1 h1:TVEnxayobAdVkhQfrfes2IzOB6o+z4roRkPF52WA1u4=
449github.com/valyala/fasttemplate v1.2.1/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ=
450github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
451github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
452github.com/xdg-go/pbkdf2 v1.0.0 h1:Su7DPu48wXMwC3bs7MCNG+z4FhcyEuz5dlvchbq0B0c=
453github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI=
454github.com/xdg-go/scram v1.0.2 h1:akYIkZ28e6A96dkWNJQu3nmCzH3YfwMPQExUYDaRv7w=
455github.com/xdg-go/scram v1.0.2/go.mod h1:1WAq6h33pAW+iRreB34OORO2Nf7qel3VV3fjBj+hCSs=
456github.com/xdg-go/stringprep v1.0.2 h1:6iq84/ryjjeRmMJwxutI51F2GIPlP5BfTvXHeYjyhBc=
457github.com/xdg-go/stringprep v1.0.2/go.mod h1:8F9zXuvzgwmyT5DUm4GUfZGDdT3W+LCvS6+da4O5kxM=
458github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d h1:splanxYIlg+5LfHAM6xpdFEAYOk8iySO56hMFq6uLyA=
459github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA=
460github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
461github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
462github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
463github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
464go.mongodb.org/mongo-driver v1.7.4 h1:sllcioag8Mec0LYkftYWq+cKNPIR4Kqq3iv9ZXY0g/E=
465go.mongodb.org/mongo-driver v1.7.4/go.mod h1:NqaYOwnXWr5Pm7AOpO5QFxKJ503nbMse/R79oO62zWg=
466go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
467go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
468go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
469go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
470go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
471go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI=
472go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE=
473go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
474golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
475golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
476golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
477golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek=
478golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY=
479golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
480golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
481golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
482golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
483golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
484golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
485golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
486golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
487golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
488golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
489golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
490golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
491golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
492golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
493golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs=
494golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
495golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
496golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
497golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
498golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
499golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
500golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
501golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
502golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
503golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
504golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
505golang.org/x/net v0.0.0-20180530234432-1e491301e022/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
506golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
507golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
508golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
509golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
510golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
511golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
512golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
513golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
514golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
515golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
516golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
517golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
518golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
519golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
520golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
521golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
522golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
523golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
524golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
525golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
526golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
527golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
528golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
529golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
530golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
531golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
532golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
533golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
534golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
535golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
536golang.org/x/net v0.0.0-20210913180222-943fd674d43e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
537golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
538golang.org/x/net v0.2.0 h1:sZfSu1wtKLGlWI4ZZayP0ck9Y73K1ynO6gqzTdBVdPU=
539golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
540golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
541golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
542golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
543golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
544golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
545golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
546golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
547golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
548golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
549golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
550golang.org/x/sync v0.0.0-20190412183630-56d357773e84/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
551golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
552golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
553golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
554golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
555golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
556golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 h1:uVc8UZUe6tr40fFVnUP5Oj+veunVezqYl9z7DYw9xzw=
557golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
558golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
559golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
560golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
561golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
562golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
563golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
564golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
565golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
566golang.org/x/sys v0.0.0-20190419153524-e8e3143a4f4a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
567golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
568golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
569golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
570golang.org/x/sys v0.0.0-20190531175056-4c3a928424d2/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
571golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
572golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
573golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
574golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
575golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
576golang.org/x/sys v0.0.0-20191008105621-543471e840be/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
577golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
578golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
579golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
580golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
581golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
582golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
583golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
584golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
585golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
586golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
587golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
588golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
589golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
590golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
591golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
592golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
593golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
594golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
595golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
596golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
597golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
598golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
599golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
600golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
601golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
602golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
603golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
604golang.org/x/sys v0.0.0-20210910150752-751e447fb3d0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
605golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
606golang.org/x/sys v0.0.0-20211103235746-7861aae1554b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
607golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
608golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
609golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
610golang.org/x/sys v0.10.0 h1:SqMFp9UcQJZa+pmYuAKjd9xq1f0j5rLcDIk0mj4qAsA=
611golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
612golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
613golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
614golang.org/x/term v0.2.0 h1:z85xZCsEl7bi/KwbNADeBYoOP0++7W1ipu+aGnpwzRM=
615golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
616golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
33golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= 617golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
618golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
619golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
620golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
621golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
622golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
623golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
624golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg=
625golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
626golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
627golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
628golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
629golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
630golang.org/x/time v0.0.0-20201208040808-7e3f01d25324 h1:Hir2P/De0WpUhtrKGGjvSb2YxUgyZ7EFOSLIcSSpiwE=
631golang.org/x/time v0.0.0-20201208040808-7e3f01d25324/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
632golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
633golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
634golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
635golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
636golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
637golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
638golang.org/x/tools v0.0.0-20190329151228-23e29df326fe/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
639golang.org/x/tools v0.0.0-20190416151739-9c9e1878f421/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
640golang.org/x/tools v0.0.0-20190420181800-aa740d480789/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
641golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
642golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
643golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
644golang.org/x/tools v0.0.0-20190531172133-b3315ee88b7d/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
645golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
646golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
647golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
648golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
649golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
650golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
651golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
652golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
653golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
654golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
655golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
656golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
657golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
658golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
659golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
660golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
661golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
662golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
663golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
664golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
665golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
666golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw=
667golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw=
668golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8=
669golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
670golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
671golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
672golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
673golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
674golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
675golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
676golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
677golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
678golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
679golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
680golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
681google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
682google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M=
683google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
684google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
685google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
686google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
687google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
688google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
689google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
690google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
691google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
692google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
693google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
694google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
695google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM=
696google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc=
697google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
698google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
699google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
700google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0=
701google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
702google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
703google.golang.org/genproto v0.0.0-20170818010345-ee236bd376b0/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
704google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
705google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
706google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
707google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
708google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
709google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
710google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
711google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8=
712google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
713google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
714google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
715google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
716google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
717google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
718google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA=
719google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
720google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
721google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
722google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
723google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
724google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
725google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
726google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
727google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
728google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U=
729google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
730google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA=
731google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
732google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
733google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
734google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa h1:I0YcKz0I7OAhddo7ya8kMnvprhcWM045PmkBdMO9zN0=
735google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
736google.golang.org/grpc v1.8.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw=
737google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
738google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
739google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
740google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
741google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
742google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
743google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
744google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
745google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60=
746google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk=
747google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
748google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
749google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0=
750google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
751google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34=
752google.golang.org/grpc v1.41.0/go.mod h1:U3l9uK9J0sini8mHphKoXyaqDA/8VyGnDee1zzIUK6k=
753google.golang.org/grpc v1.42.0 h1:XT2/MFpuPFsEX2fWh3YQtHkZ+WYZFQRfaUgLZYj/p6A=
754google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU=
755google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
756google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
757google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
758google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
759google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
760google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
761google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
762google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
763google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4=
764google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
765google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
766google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
767google.golang.org/protobuf v1.27.1 h1:SnqbnDw1V7RiZcXPx5MEeqPv2s79L9i7BJUlG/+RurQ=
768google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
769gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
34gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 770gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
771gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
772gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
773gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
774gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
775gopkg.in/square/go-jose.v2 v2.5.1 h1:7odma5RETjNHWJnR32wx8t+Io4djHE1PqxCFx3iiZ2w=
776gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
777gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
35gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 778gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
779gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
780gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
781gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
782gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
783gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
784gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
785gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
786gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
787gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
788gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
789gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
790honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
791honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
792honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
793honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
794honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
795honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
796honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
797rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
798rsc.io/qr v0.2.0 h1:6vBLea5/NRMVTz8V66gipeLycZMl/+UlFmk8DvqQ6WY=
799rsc.io/qr v0.2.0/go.mod h1:IF+uZjkb9fqyeF/4tlBoynqmQxUoPfWEKh921coOuXs=
800rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
801rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
diff --git a/localclient.go b/localclient.go
deleted file mode 100644
index c1f5c38..0000000
--- a/localclient.go
+++ /dev/null
@@ -1,31 +0,0 @@
1package main
2
3import (
4 "context"
5 "log"
6 "os"
7
8 "github.com/gorilla/websocket"
9)
10
11type LocalClientHandler struct {
12 WebsocketServer string
13 Context context.Context
14}
15
16func (h *LocalClientHandler) Run() {
17 wsconn, _, err := websocket.DefaultDialer.Dial(h.WebsocketServer, nil)
18 if err != nil {
19 log.Println(err)
20 return
21 }
22 defer wsconn.Close()
23
24 errc := make(chan error)
25 ws := &WebsocketReadWriter{wsconn}
26
27 go serviceBoth(os.Stdout, ws, errc)
28 go serviceBoth(ws, os.Stdin, errc)
29
30 log.Printf("Closing client connection %s", <-errc)
31}
diff --git a/main.go b/main.go
index 1ac3351..3306a94 100644
--- a/main.go
+++ b/main.go
@@ -1,111 +1,40 @@
1package main 1package main
2 2
3import ( 3import (
4 "context" 4 "embed"
5 "errors"
6 "fmt"
7 "log" 5 "log"
8 "net/http"
9 "os"
10 "strings"
11 6
12 "github.com/spf13/cobra" 7 "code.crute.us/mcrute/ssh-proxy/app"
13) 8 "code.crute.us/mcrute/ssh-proxy/cmd/client"
14 9 "code.crute.us/mcrute/ssh-proxy/cmd/register"
15var version string 10 "code.crute.us/mcrute/ssh-proxy/cmd/web"
16
17var rootCmd = &cobra.Command{
18 Use: "websocket-proxy",
19 Version: version,
20 Short: "Proxy TCP connections over a websocket",
21}
22
23var clientCmd = &cobra.Command{
24 Use: "client [server host]",
25 Short: "Act as a client for a websocket-proxy server",
26 Args: func(cmd *cobra.Command, args []string) error {
27 if len(args) != 1 || args[0] == "" {
28 return errors.New("Server host is a required argument")
29 }
30 if !strings.HasPrefix(args[0], "ws://") && !strings.HasPrefix(args[0], "wss://") {
31 return errors.New("Server host format is ws[s]://host[:port]/[path]")
32 }
33 return nil
34 },
35 Run: func(cmd *cobra.Command, args []string) {
36 listenOn := cmd.Flag("listen").Value.String()
37
38 // TODO: Handle signals
39 ctx, cancel := context.WithCancel(context.Background())
40 defer cancel()
41
42 h := &ClientHandler{
43 SocketListenOn: listenOn,
44 WebsocketServer: args[0],
45 Context: ctx,
46 }
47 11
48 log.Printf("Serving on %s", listenOn) 12 "code.crute.us/mcrute/golib/cli"
49 h.Run()
50 },
51}
52
53var localClientCmd = &cobra.Command{
54 Use: "localclient [server host]",
55 Short: "Act as a client for a websocket-proxy server",
56 Args: func(cmd *cobra.Command, args []string) error {
57 if len(args) != 1 || args[0] == "" {
58 return errors.New("Server host is a required argument")
59 }
60 if !strings.HasPrefix(args[0], "ws://") && !strings.HasPrefix(args[0], "wss://") {
61 return errors.New("Server host format is ws[s]://host[:port]/[path]")
62 }
63 return nil
64 },
65 Run: func(cmd *cobra.Command, args []string) {
66 // TODO: Handle signals
67 ctx, cancel := context.WithCancel(context.Background())
68 defer cancel()
69 13
70 h := &LocalClientHandler{ 14 "github.com/spf13/cobra"
71 WebsocketServer: args[0],
72 Context: ctx,
73 }
74 15
75 h.Run() 16 // Import backup data. By default zoneinfo is installed in the docker image
76 }, 17 // if something breaks this will still result in us having correct TZ info.
77} 18 _ "time/tzdata"
19)
78 20
79var serverCmd = &cobra.Command{ 21//go:embed templates
80 Use: "server [next-hop host]", 22var embeddedTemplates embed.FS
81 Short: "Serve websocket proxy client",
82 Args: func(cmd *cobra.Command, args []string) error {
83 if len(args) != 1 || args[0] == "" {
84 return errors.New("Next-hop host is a required argument")
85 }
86 return nil
87 },
88 Run: func(cmd *cobra.Command, args []string) {
89 listenOn := cmd.Flag("listen").Value.String()
90 log.Printf("Serving on %s", listenOn)
91 23
92 http.Handle("/", NewServerHandler(args[0])) 24var appVersion string
93 log.Fatal(http.ListenAndServe(listenOn, nil))
94 },
95}
96 25
97func main() { 26func main() {
98 log.SetOutput(os.Stderr) 27 rootCmd := &cobra.Command{
99 28 Use: "web-server",
100 rootCmd.AddCommand(clientCmd) 29 Short: "SSH proxy web server",
101 rootCmd.AddCommand(localClientCmd) 30 }
102 rootCmd.AddCommand(serverCmd) 31 cli.AddFlags(rootCmd, &app.Config{}, app.DefaultConfig, "")
103 32
104 clientCmd.Flags().StringP("listen", "l", ":9013", "[address]:port to bind for serving clients") 33 web.Register(rootCmd, embeddedTemplates, appVersion)
105 serverCmd.Flags().StringP("listen", "l", ":9012", "[address]:port to bind for serving clients") 34 client.Register(rootCmd)
35 register.Register(rootCmd)
106 36
107 if err := rootCmd.Execute(); err != nil { 37 if err := rootCmd.Execute(); err != nil {
108 fmt.Println(err) 38 log.Fatalf("Error running root command: %s", err)
109 os.Exit(1)
110 } 39 }
111} 40}
diff --git a/proxy/copier.go b/proxy/copier.go
new file mode 100644
index 0000000..e10cba6
--- /dev/null
+++ b/proxy/copier.go
@@ -0,0 +1,8 @@
1package proxy
2
3import "io"
4
5func CopyWithErrors(dst io.Writer, src io.Reader, errc chan<- error) {
6 _, err := io.Copy(dst, src)
7 errc <- err
8}
diff --git a/sockets.go b/proxy/ws_read_writer.go
index 319b548..b064019 100644
--- a/sockets.go
+++ b/proxy/ws_read_writer.go
@@ -1,8 +1,7 @@
1package main 1package proxy
2 2
3import ( 3import (
4 "fmt" 4 "fmt"
5 "io"
6 5
7 "github.com/gorilla/websocket" 6 "github.com/gorilla/websocket"
8) 7)
@@ -35,7 +34,6 @@ func (w *WebsocketReadWriter) Write(p []byte) (int, error) {
35 return len(p), nil 34 return len(p), nil
36} 35}
37 36
38func serviceBoth(dst io.Writer, src io.Reader, errc chan<- error) { 37func (w *WebsocketReadWriter) Close() error {
39 _, err := io.Copy(dst, src) 38 return w.W.Close()
40 errc <- err
41} 39}
diff --git a/server.go b/server.go
deleted file mode 100644
index 9a9d897..0000000
--- a/server.go
+++ /dev/null
@@ -1,53 +0,0 @@
1package main
2
3import (
4 "log"
5 "net"
6 "net/http"
7
8 "github.com/gorilla/websocket"
9)
10
11type ServerHandler struct {
12 ProxyToHost string
13 upgrader websocket.Upgrader
14}
15
16func NewServerHandler(proxyToHost string) *ServerHandler {
17 return &ServerHandler{
18 ProxyToHost: proxyToHost,
19 upgrader: websocket.Upgrader{
20 ReadBufferSize: 1024,
21 WriteBufferSize: 1024,
22 },
23 }
24}
25
26func (h *ServerHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
27 log.Println("Got new HTTP connection")
28
29 wsconn, err := h.upgrader.Upgrade(w, r, nil)
30 if err != nil {
31 log.Printf("error: ServeHTTP: %s", err)
32 return
33 }
34 defer wsconn.Close()
35
36 proxyconn, err := net.Dial("tcp", h.ProxyToHost)
37 if err != nil {
38 log.Printf("error: ServeHTTP: %s", err)
39 return
40 }
41 defer proxyconn.Close()
42
43 log.Println("Connected to SSH server")
44
45 errc := make(chan error)
46 ws := &WebsocketReadWriter{wsconn}
47
48 go serviceBoth(proxyconn, ws, errc)
49 go serviceBoth(ws, proxyconn, errc)
50
51 <-errc
52 log.Println("Closing client server")
53}
diff --git a/templates/404.tpl b/templates/404.tpl
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/templates/404.tpl
diff --git a/templates/40x.tpl b/templates/40x.tpl
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/templates/40x.tpl
diff --git a/templates/50x.tpl b/templates/50x.tpl
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/templates/50x.tpl
diff --git a/templates/footer.tpl b/templates/footer.tpl
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/templates/footer.tpl
diff --git a/templates/header.tpl b/templates/header.tpl
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/templates/header.tpl
diff --git a/templates/login.tpl b/templates/login.tpl
new file mode 100644
index 0000000..0323409
--- /dev/null
+++ b/templates/login.tpl
@@ -0,0 +1,137 @@
1<!doctype html>
2<html lang="en">
3 <head>
4 <meta charset="utf-8" />
5 <meta name="viewport" content="width=device-width, initial-scale=1">
6 <meta name="render-time" content="{{ .RenderTime }}">
7 {{ if .Context.HasKey "title" }}<title>{{ .Context.Get "title" }}</title>{{ else }}<title>SSH Proxy</title>{{ end }}
8
9 <script type="text/javascript">
10 /*
11 * Base64URL-ArrayBuffer
12 * https://github.com/herrjemand/Base64URL-ArrayBuffer
13 *
14 * Copyright (c) 2017 Yuriy Ackermann <ackermann.yuriy@gmail.com>
15 * Copyright (c) 2012 Niklas von Hertzen
16 * Licensed under the MIT license.
17 *
18 */
19 (function(){
20 'use strict';
21
22 let chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_';
23
24 // Use a lookup table to find the index.
25 let lookup = new Uint8Array(256);
26 for (let i = 0; i < chars.length; i++) {
27 lookup[chars.charCodeAt(i)] = i;
28 }
29
30 let encode = function(arraybuffer) {
31 let bytes = new Uint8Array(arraybuffer),
32 i, len = bytes.length, base64url = '';
33
34 for (i = 0; i < len; i+=3) {
35 base64url += chars[bytes[i] >> 2];
36 base64url += chars[((bytes[i] & 3) << 4) | (bytes[i + 1] >> 4)];
37 base64url += chars[((bytes[i + 1] & 15) << 2) | (bytes[i + 2] >> 6)];
38 base64url += chars[bytes[i + 2] & 63];
39 }
40
41 if ((len % 3) === 2) {
42 base64url = base64url.substring(0, base64url.length - 1);
43 } else if (len % 3 === 1) {
44 base64url = base64url.substring(0, base64url.length - 2);
45 }
46
47 return base64url;
48 };
49
50 let decode = function(base64string) {
51 let bufferLength = base64string.length * 0.75,
52 len = base64string.length, i, p = 0,
53 encoded1, encoded2, encoded3, encoded4;
54
55 let bytes = new Uint8Array(bufferLength);
56
57 for (i = 0; i < len; i+=4) {
58 encoded1 = lookup[base64string.charCodeAt(i)];
59 encoded2 = lookup[base64string.charCodeAt(i+1)];
60 encoded3 = lookup[base64string.charCodeAt(i+2)];
61 encoded4 = lookup[base64string.charCodeAt(i+3)];
62
63 bytes[p++] = (encoded1 << 2) | (encoded2 >> 4);
64 bytes[p++] = ((encoded2 & 15) << 4) | (encoded3 >> 2);
65 bytes[p++] = ((encoded3 & 3) << 6) | (encoded4 & 63);
66 }
67
68 return bytes.buffer
69 };
70
71 window.base64url = {
72 'decode': decode,
73 'encode': encode
74 };
75 })();
76 </script>
77
78 <script type="text/javascript">
79 window.addEventListener("load", _ => {
80 const urlParams = new URLSearchParams(window.location.search);
81 const code = urlParams.get("code");
82 if (code !== "") {
83 document.getElementById("code").value = code;
84 }
85
86 document.getElementById("login").addEventListener("click", evt => {
87 evt.preventDefault();
88
89 var username = document.getElementById("username");
90 fetch("/auth/login/" + username.value)
91 .then((result) => result.json())
92 .then((data) => {
93 data.publicKey.challenge = base64url.decode(data.publicKey.challenge);
94 data.publicKey.allowCredentials.forEach(e => e.id = base64url.decode(e.id));
95
96 navigator.credentials.get(data)
97 .then((credential) => {
98 fetch("/auth/login/" + username.value, {
99 method: "POST",
100 mode: "same-origin",
101 headers: {
102 "Content-Type": "application/json",
103 "X-CSRF-Token": "{{ .CSRFToken }}"
104 },
105 body: JSON.stringify({
106 code: document.getElementById("code").value,
107 type: credential.type,
108 id: credential.id,
109 rawId: base64url.encode(credential.rawId),
110 response: {
111 authenticatorData: base64url.encode(credential.response.authenticatorData),
112 clientDataJSON: base64url.encode(credential.response.clientDataJSON),
113 signature: base64url.encode(credential.response.signature),
114 userHandle: base64url.encode(credential.response.userHandle)
115 }
116 })
117 })
118 .then((response) => {
119 if (response.ok) { document.body.innerHTML = "<h1>Success</h1>"; }
120 else { document.body.innerHTML = "<h1>Failure</h1>"; }
121 });
122 });
123 });
124 });
125 });
126 </script>
127 </head>
128
129 <body>
130 <form>
131 <label for="code">Code: <input type="text" name="code" id="code" /></label><br/>
132 <label for="username">Username: <input type="text" name="username" id="username" autocorrect="off" autocapitalize="none" autocomplete="username" /></label><br/>
133 <input type="hidden" value="{{ .CSRFToken }}" name="csrf-token" />
134 <input type="submit" id="login" value="Login" />
135 </form>
136 </body>
137</html>
diff --git a/templates/register.tpl b/templates/register.tpl
new file mode 100644
index 0000000..794ddaa
--- /dev/null
+++ b/templates/register.tpl
@@ -0,0 +1,146 @@
1<!doctype html>
2<html lang="en">
3 <head>
4 <meta charset="utf-8" />
5 <meta name="viewport" content="width=device-width, initial-scale=1">
6 <meta name="render-time" content="{{ .RenderTime }}">
7 {{ if .Context.HasKey "title" }}<title>{{ .Context.Get "title" }}</title>{{ else }}<title>SSH Proxy</title>{{ end }}
8 </head>
9
10 <body>
11 <script type="text/javascript">
12 /*
13 * Base64URL-ArrayBuffer
14 * https://github.com/herrjemand/Base64URL-ArrayBuffer
15 *
16 * Copyright (c) 2017 Yuriy Ackermann <ackermann.yuriy@gmail.com>
17 * Copyright (c) 2012 Niklas von Hertzen
18 * Licensed under the MIT license.
19 *
20 */
21 (function(){
22 'use strict';
23
24 let chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_';
25
26 // Use a lookup table to find the index.
27 let lookup = new Uint8Array(256);
28 for (let i = 0; i < chars.length; i++) {
29 lookup[chars.charCodeAt(i)] = i;
30 }
31
32 let encode = function(arraybuffer) {
33 let bytes = new Uint8Array(arraybuffer),
34 i, len = bytes.length, base64url = '';
35
36 for (i = 0; i < len; i+=3) {
37 base64url += chars[bytes[i] >> 2];
38 base64url += chars[((bytes[i] & 3) << 4) | (bytes[i + 1] >> 4)];
39 base64url += chars[((bytes[i + 1] & 15) << 2) | (bytes[i + 2] >> 6)];
40 base64url += chars[bytes[i + 2] & 63];
41 }
42
43 if ((len % 3) === 2) {
44 base64url = base64url.substring(0, base64url.length - 1);
45 } else if (len % 3 === 1) {
46 base64url = base64url.substring(0, base64url.length - 2);
47 }
48
49 return base64url;
50 };
51
52 let decode = function(base64string) {
53 let bufferLength = base64string.length * 0.75,
54 len = base64string.length, i, p = 0,
55 encoded1, encoded2, encoded3, encoded4;
56
57 let bytes = new Uint8Array(bufferLength);
58
59 for (i = 0; i < len; i+=4) {
60 encoded1 = lookup[base64string.charCodeAt(i)];
61 encoded2 = lookup[base64string.charCodeAt(i+1)];
62 encoded3 = lookup[base64string.charCodeAt(i+2)];
63 encoded4 = lookup[base64string.charCodeAt(i+3)];
64
65 bytes[p++] = (encoded1 << 2) | (encoded2 >> 4);
66 bytes[p++] = ((encoded2 & 15) << 4) | (encoded3 >> 2);
67 bytes[p++] = ((encoded3 & 3) << 6) | (encoded4 & 63);
68 }
69
70 return bytes.buffer
71 };
72
73 window.base64url = {
74 'decode': decode,
75 'encode': encode
76 };
77 })();
78
79 var request = {{ .Model.WebautnRequest }};
80 request.publicKey.challenge = base64url.decode(request.publicKey.challenge);
81 {{ if .Model.LoginMode }}
82 request.publicKey.allowCredentials.forEach(e => e.id = base64url.decode(e.id));
83 {{ else }}
84 request.publicKey.user.id = base64url.decode(request.publicKey.user.id);
85 {{ end }}
86
87 {{ if .Model.LoginMode }}
88 navigator.credentials.get(request)
89 .then((credential) => {
90 console.log(credential);
91
92 fetch(document.URL, {
93 method: "POST",
94 mode: "same-origin",
95 headers: {
96 "Content-Type": "application/json",
97 "X-CSRF-Token": "{{ .CSRFToken }}"
98 },
99 body: JSON.stringify({
100 type: credential.type,
101 id: credential.id,
102 rawId: base64url.encode(credential.rawId),
103 response: {
104 authenticatorData: base64url.encode(credential.response.authenticatorData),
105 clientDataJSON: base64url.encode(credential.response.clientDataJSON),
106 signature: base64url.encode(credential.response.signature),
107 userHandle: base64url.encode(credential.response.userHandle)
108 }
109 })
110 })
111 .then((response) => {
112 if (response.ok) { document.body.innerHTML = "<h1>Success</h1>"; }
113 else { document.body.innerHTML = "<h1>Failure</h1>"; }
114 });
115 });
116 {{ else }}
117 navigator.credentials.create(request)
118 .then((credential) => {
119 console.log(credential);
120
121 fetch(document.URL, {
122 method: "POST",
123 mode: "same-origin",
124 headers: {
125 "Content-Type": "application/json",
126 "X-CSRF-Token": "{{ .CSRFToken }}"
127 },
128 body: JSON.stringify({
129 type: credential.type,
130 id: credential.id,
131 rawId: base64url.encode(credential.rawId),
132 response: {
133 clientDataJSON: base64url.encode(credential.response.clientDataJSON),
134 attestationObject: base64url.encode(credential.response.attestationObject)
135 }
136 })
137 })
138 .then((response) => {
139 if (response.ok) { document.body.innerHTML = "<h1>Success</h1>"; }
140 else { document.body.innerHTML = "<h1>Failure</h1>"; }
141 });
142 });
143 {{ end }}
144 </script>
145 </body>
146</html>
© 2015 Mike Crute