diff --git a/glide.lock b/glide.lock
index 0c79505e9669ed2ee3d6ef7cfbf31ca65affb917..7ebf7affef1ee8a39e1202943f79911c6af03951 100644
--- a/glide.lock
+++ b/glide.lock
@@ -1,12 +1,12 @@
-hash: c3530f2a60a64c2efc4c3ac499fcd15f79de2a532715ba2b9841c1d404942b2e
-updated: 2016-11-17T15:18:56.701287533-08:00
+hash: 773c45cb2136423f907496cc1ba67e0c58b35e237b15b0d5f212dce598265442
+updated: 2016-12-01T13:12:54.401738528-08:00
imports:
- name: github.com/cockroachdb/cockroach-go
version: 31611c0501c812f437d4861d87d117053967c955
subpackages:
- crdb
- name: github.com/coreos/go-oidc
- version: 5a7f09ab5787e846efa7f56f4a08b6d6926d08c4
+ version: dedb650fb29c39c2f21aa88c1e4cec66da8754d1
- name: github.com/ghodss/yaml
version: bea76d6a4713e18b7f5321a2b020738552def3ea
- name: github.com/go-sql-driver/mysql
diff --git a/glide.yaml b/glide.yaml
index bd16dab69fd48445e0a252559473c5cbd60bde49..18cd889d8a8add0935ebb0220392eaa418580803 100644
--- a/glide.yaml
+++ b/glide.yaml
@@ -51,7 +51,7 @@ import:
- bcrypt
- package: github.com/coreos/go-oidc
- version: 5a7f09ab5787e846efa7f56f4a08b6d6926d08c4
+ version: dedb650fb29c39c2f21aa88c1e4cec66da8754d1
- package: github.com/pquerna/cachecontrol
version: c97913dcbd76de40b051a9b4cd827f7eaeb7a868
- package: golang.org/x/oauth2
diff --git a/vendor/github.com/coreos/go-oidc/.travis.yml b/vendor/github.com/coreos/go-oidc/.travis.yml
index fb89294c6b282d8954b27fcadf966c171d4c8901..68199e8cdd3aef7662243dc4f29b44ac5833a085 100644
--- a/vendor/github.com/coreos/go-oidc/.travis.yml
+++ b/vendor/github.com/coreos/go-oidc/.travis.yml
@@ -5,7 +5,7 @@ go:
- 1.6.3
install:
- - go get -v -t github.com/coreos/go-oidc
+ - go get -v -t github.com/coreos/go-oidc/...
- go get golang.org/x/tools/cmd/cover
- go get github.com/golang/lint/golint
diff --git a/vendor/github.com/coreos/go-oidc/jose/jwk.go b/vendor/github.com/coreos/go-oidc/jose/jwk.go
index b7a8e235583ac0bc5a659e3f7df523dd36a72856..119f073ff7a91550e5777e9e5d70a1fa7107f7a6 100644
--- a/vendor/github.com/coreos/go-oidc/jose/jwk.go
+++ b/vendor/github.com/coreos/go-oidc/jose/jwk.go
@@ -104,7 +104,7 @@ func encodeExponent(e int) string {
break
}
}
- return base64.URLEncoding.EncodeToString(b[idx:])
+ return base64.RawURLEncoding.EncodeToString(b[idx:])
}
// Turns a URL encoded modulus of a key into a big int.
@@ -119,7 +119,7 @@ func decodeModulus(n string) (*big.Int, error) {
}
func encodeModulus(n *big.Int) string {
- return base64.URLEncoding.EncodeToString(n.Bytes())
+ return base64.RawURLEncoding.EncodeToString(n.Bytes())
}
// decodeBase64URLPaddingOptional decodes Base64 whether there is padding or not.
diff --git a/vendor/github.com/coreos/go-oidc/jwks.go b/vendor/github.com/coreos/go-oidc/jwks.go
index 4ec6c3f1d6e4747be46470cd6ea79b4574a9541f..413f392f56f1b2f30683b56eda7728136433659a 100644
--- a/vendor/github.com/coreos/go-oidc/jwks.go
+++ b/vendor/github.com/coreos/go-oidc/jwks.go
@@ -39,38 +39,39 @@ type remoteKeySet struct {
// guard all other fields
mu sync.Mutex
- // inflightCtx is the context of the current HTTP request to update the keys.
- // Its Err() method returns any errors encountered during that attempt.
+ // inflightCtx suppresses parallel execution of updateKeys and allows
+ // multiple goroutines to wait for its result.
+ // Its Err() method returns any errors encountered during updateKeys.
//
- // If nil, there is no inflight request.
- inflightCtx context.Context
+ // If nil, there is no inflight updateKeys request.
+ inflightCtx *inflight
// A set of cached keys and their expiry.
cachedKeys []jose.JSONWebKey
expiry time.Time
}
-// errContext is a context with a customizable Err() return value.
-type errContext struct {
- context.Context
-
- cf context.CancelFunc
- err error
+// inflight is used to wait on some in-flight request from multiple goroutines
+type inflight struct {
+ done chan struct{}
+ err error
}
-func newErrContext(parent context.Context) *errContext {
- ctx, cancel := context.WithCancel(parent)
- return &errContext{ctx, cancel, nil}
+// Done returns a channel that is closed when the inflight request finishes.
+func (i *inflight) Done() <-chan struct{} {
+ return i.done
}
-func (e errContext) Err() error {
- return e.err
+// Err returns any error encountered during request execution. May be nil.
+func (i *inflight) Err() error {
+ return i.err
}
-// cancel cancels the errContext causing listeners on Done() to return.
-func (e errContext) cancel(err error) {
- e.err = err
- e.cf()
+// Cancel signals completion of the inflight request with error err.
+// Must be called only once for particular inflight instance.
+func (i *inflight) Cancel(err error) {
+ i.err = err
+ close(i.done)
}
func (r *remoteKeySet) keysWithIDFromCache(keyIDs []string) ([]jose.JSONWebKey, bool) {
@@ -105,18 +106,15 @@ func (r *remoteKeySet) keysWithID(ctx context.Context, keyIDs []string) ([]jose.
return keys, nil
}
- var inflightCtx context.Context
+ var inflightCtx *inflight
func() {
r.mu.Lock()
defer r.mu.Unlock()
// If there's not a current inflight request, create one.
if r.inflightCtx == nil {
- // Use the remoteKeySet's context instead of the requests context
- // because a re-sync is unique to the keys set and will span multiple
- // requests.
- errCtx := newErrContext(r.ctx)
- r.inflightCtx = errCtx
+ inflightCtx := &inflight{make(chan struct{}), nil}
+ r.inflightCtx = inflightCtx
go func() {
// TODO(ericchiang): Upstream Kubernetes request that we recover every time
@@ -131,7 +129,10 @@ func (r *remoteKeySet) keysWithID(ctx context.Context, keyIDs []string) ([]jose.
// See: https://github.com/coreos/go-oidc/issues/89
// Sync keys and close inflightCtx when that's done.
- errCtx.cancel(r.updateKeys(r.inflightCtx))
+ // Use the remoteKeySet's context instead of the requests context
+ // because a re-sync is unique to the keys set and will span multiple
+ // requests.
+ inflightCtx.Cancel(r.updateKeys(r.ctx))
r.mu.Lock()
defer r.mu.Unlock()
diff --git a/vendor/github.com/coreos/go-oidc/key/key_test.go b/vendor/github.com/coreos/go-oidc/key/key_test.go
index d68a61f0f610c6d372d733dd1a16c7b923a917b0..04d58214c5a815f469197bab49fed13be7902d9a 100644
--- a/vendor/github.com/coreos/go-oidc/key/key_test.go
+++ b/vendor/github.com/coreos/go-oidc/key/key_test.go
@@ -76,7 +76,7 @@ func TestPublicKeyMarshalJSON(t *testing.T) {
Modulus: big.NewInt(int64(17)),
Exponent: 65537,
}
- want := `{"kid":"foo","kty":"RSA","alg":"RS256","use":"sig","e":"AQAB","n":"EQ=="}`
+ want := `{"kid":"foo","kty":"RSA","alg":"RS256","use":"sig","e":"AQAB","n":"EQ"}`
pubKey := NewPublicKey(k)
gotBytes, err := pubKey.MarshalJSON()
if err != nil {
diff --git a/vendor/github.com/coreos/go-oidc/oidc.go b/vendor/github.com/coreos/go-oidc/oidc.go
index 378f8f6483320cb06b643852b455513f9f98feec..62be15d3b8e5e9ba7ab459e42ffe1f5484d8ba6d 100644
--- a/vendor/github.com/coreos/go-oidc/oidc.go
+++ b/vendor/github.com/coreos/go-oidc/oidc.go
@@ -11,6 +11,7 @@ import (
"time"
"golang.org/x/net/context"
+ "golang.org/x/net/context/ctxhttp"
"golang.org/x/oauth2"
jose "gopkg.in/square/go-jose.v2"
)
@@ -84,7 +85,7 @@ type providerJSON struct {
// or "https://login.salesforce.com".
func NewProvider(ctx context.Context, issuer string) (*Provider, error) {
wellKnown := strings.TrimSuffix(issuer, "/") + "/.well-known/openid-configuration"
- resp, err := clientFromContext(ctx).Get(wellKnown)
+ resp, err := ctxhttp.Get(ctx, clientFromContext(ctx), wellKnown)
if err != nil {
return nil, err
}
@@ -161,7 +162,19 @@ func (p *Provider) UserInfo(ctx context.Context, tokenSource oauth2.TokenSource)
if p.userInfoURL == "" {
return nil, errors.New("oidc: user info endpoint is not supported by this provider")
}
- resp, err := clientFromContext(ctx).Get(p.userInfoURL)
+
+ req, err := http.NewRequest("GET", p.userInfoURL, nil)
+ if err != nil {
+ return nil, fmt.Errorf("oidc: create GET request: %v", err)
+ }
+
+ token, err := tokenSource.Token()
+ if err != nil {
+ return nil, fmt.Errorf("oidc: get access token: %v", err)
+ }
+ token.SetAuthHeader(req)
+
+ resp, err := ctxhttp.Do(ctx, clientFromContext(ctx), req)
if err != nil {
return nil, err
}
diff --git a/vendor/github.com/coreos/go-oidc/oidc/provider.go b/vendor/github.com/coreos/go-oidc/oidc/provider.go
index ca2838440b3e9123b8edbd1e175ece62139a4428..42197ff1a5f7275272476e1d497d0fa1cf578a50 100644
--- a/vendor/github.com/coreos/go-oidc/oidc/provider.go
+++ b/vendor/github.com/coreos/go-oidc/oidc/provider.go
@@ -567,7 +567,7 @@ func (n *pcsStepNext) step(fn pcsStepFunc) (next pcsStepper) {
next = &pcsStepNext{aft: ttl}
} else {
next = &pcsStepRetry{aft: time.Second}
- log.Printf("go-oidc: provider config sync falied, retyring in %v: %v", next.after(), err)
+ log.Printf("go-oidc: provider config sync failed, retrying in %v: %v", next.after(), err)
}
return
}
@@ -586,7 +586,7 @@ func (r *pcsStepRetry) step(fn pcsStepFunc) (next pcsStepper) {
next = &pcsStepNext{aft: ttl}
} else {
next = &pcsStepRetry{aft: timeutil.ExpBackoff(r.aft, time.Minute)}
- log.Printf("go-oidc: provider config sync falied, retyring in %v: %v", next.after(), err)
+ log.Printf("go-oidc: provider config sync failed, retrying in %v: %v", next.after(), err)
}
return
}
diff --git a/vendor/github.com/coreos/go-oidc/test b/vendor/github.com/coreos/go-oidc/test
index 4b2e39f875f5d257a1d446d54f37bf66bdf75fc3..bbb5ed39dd815bdec2915c739621a51ba21a4fda 100755
--- a/vendor/github.com/coreos/go-oidc/test
+++ b/vendor/github.com/coreos/go-oidc/test
@@ -9,7 +9,7 @@ LINTABLE=$( go list -tags=golint -f '
{{ range $i, $file := .TestGoFiles -}}
{{ $file }} {{ end }}' github.com/coreos/go-oidc )
-go test -v -i -race github.com/coreos/go-oidc
-go test -v -race github.com/coreos/go-oidc
+go test -v -i -race github.com/coreos/go-oidc/...
+go test -v -race github.com/coreos/go-oidc/...
golint $LINTABLE
-go vet github.com/coreos/go-oidc
+go vet github.com/coreos/go-oidc/...