From bfd667e4a2bd028983b5d2555187753611f8b078 Mon Sep 17 00:00:00 2001 From: darh Date: Mon, 8 Jan 2024 14:08:35 +0100 Subject: [PATCH] Update go-jose dependency as requested in #2350 (#2356) * update go-jose dependency by switching gopkg.in/square/go-jose.v2 with github.com/go-jose/go-jose/v3 * updated `CHANGELOG.md` with entry for PR #2356 --------- Co-authored-by: Joel Speed --- CHANGELOG.md | 2 ++ go.mod | 4 ++-- go.sum | 4 ++-- pkg/providers/oidc/verifier_test.go | 2 +- providers/logingov.go | 2 +- providers/logingov_test.go | 2 +- 6 files changed, 9 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index aca48f4..bee904e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,7 @@ ## Breaking Changes ## Changes since v7.5.1 + - [#2128](https://github.com/oauth2-proxy/oauth2-proxy/pull/2128) Update dependencies (@vllvll) - [#2269](https://github.com/oauth2-proxy/oauth2-proxy/pull/2269) Added Azure China (and other air gaped cloud) support (@mblaschke) - [#2237](https://github.com/oauth2-proxy/oauth2-proxy/pull/2237) adds an option to append CA certificates (@emsixteeen) @@ -21,6 +22,7 @@ - [#2299](https://github.com/oauth2-proxy/oauth2-proxy/pull/2299) bugfix: OIDCConfig based providers are not respecting flags and configs (@tuunit) - [#2248](https://github.com/oauth2-proxy/oauth2-proxy/pull/2248) Added support for semicolons in query strings. (@timwsuqld) - [#2196](https://github.com/oauth2-proxy/oauth2-proxy/pull/2196) Add GitHub groups (orgs/teams) support. Including `X-Forwarded-Groups` header (@tuunit) +- [#2356](https://github.com/oauth2-proxy/oauth2-proxy/pull/2356) Update go-jose dependency (@dasvh) - [#2357](https://github.com/oauth2-proxy/oauth2-proxy/pull/2357) Update ojg to latest release (@bitfehler) # V7.5.1 diff --git a/go.mod b/go.mod index f007349..68dd02a 100644 --- a/go.mod +++ b/go.mod @@ -12,6 +12,7 @@ require ( github.com/coreos/go-oidc/v3 v3.6.0 github.com/fsnotify/fsnotify v1.6.0 github.com/ghodss/yaml v1.0.1-0.20190212211648-25d852aebe32 + github.com/go-jose/go-jose/v3 v3.0.1 github.com/golang-jwt/jwt v3.2.2+incompatible github.com/google/uuid v1.3.1 github.com/gorilla/mux v1.8.0 @@ -38,7 +39,6 @@ require ( golang.org/x/sync v0.4.0 google.golang.org/api v0.148.0 gopkg.in/natefinch/lumberjack.v2 v2.2.1 - gopkg.in/square/go-jose.v2 v2.6.0 k8s.io/apimachinery v0.27.2 ) @@ -50,7 +50,6 @@ require ( github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect - github.com/go-jose/go-jose/v3 v3.0.0 // indirect github.com/go-logr/logr v1.2.4 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.3 // indirect @@ -80,6 +79,7 @@ require ( google.golang.org/grpc v1.58.3 // indirect google.golang.org/protobuf v1.31.0 // indirect gopkg.in/ini.v1 v1.67.0 // indirect + gopkg.in/square/go-jose.v2 v2.6.0 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect diff --git a/go.sum b/go.sum index cc4f4ca..b3484b6 100644 --- a/go.sum +++ b/go.sum @@ -112,8 +112,8 @@ github.com/ghodss/yaml v1.0.1-0.20190212211648-25d852aebe32/go.mod h1:GIjDIg/heH github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-jose/go-jose/v3 v3.0.0 h1:s6rrhirfEP/CGIoc6p+PZAeogN2SxKav6Wp7+dyMWVo= -github.com/go-jose/go-jose/v3 v3.0.0/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8= +github.com/go-jose/go-jose/v3 v3.0.1 h1:pWmKFVtt+Jl0vBZTIpz/eAKwsm6LkIxDVVbFHKkchhA= +github.com/go-jose/go-jose/v3 v3.0.1/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= diff --git a/pkg/providers/oidc/verifier_test.go b/pkg/providers/oidc/verifier_test.go index dd125e7..5496d9f 100755 --- a/pkg/providers/oidc/verifier_test.go +++ b/pkg/providers/oidc/verifier_test.go @@ -8,9 +8,9 @@ import ( "fmt" "github.com/coreos/go-oidc/v3/oidc" + "github.com/go-jose/go-jose/v3" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "gopkg.in/square/go-jose.v2" ) var _ = Describe("Verify", func() { diff --git a/providers/logingov.go b/providers/logingov.go index 2660b01..b7af202 100644 --- a/providers/logingov.go +++ b/providers/logingov.go @@ -12,11 +12,11 @@ import ( "os" "time" + "github.com/go-jose/go-jose/v3" "github.com/golang-jwt/jwt" "github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/options" "github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/sessions" "github.com/oauth2-proxy/oauth2-proxy/v7/pkg/requests" - "gopkg.in/square/go-jose.v2" ) // LoginGovProvider represents an OIDC based Identity Provider diff --git a/providers/logingov_test.go b/providers/logingov_test.go index 00fe8dc..a885349 100644 --- a/providers/logingov_test.go +++ b/providers/logingov_test.go @@ -15,11 +15,11 @@ import ( "testing" "time" + "github.com/go-jose/go-jose/v3" "github.com/golang-jwt/jwt" "github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/options" . "github.com/onsi/gomega" "github.com/stretchr/testify/assert" - "gopkg.in/square/go-jose.v2" ) type MyKeyData struct {