From ff64f188fdb2c1abf74d51df145e60d5e9463fb1 Mon Sep 17 00:00:00 2001 From: Lauris BH Date: Mon, 30 Apr 2018 04:05:59 +0300 Subject: [PATCH] Switch back to upstream goth repository and update govendor to latest goth version (#3863) --- vendor/github.com/markbates/goth/README.md | 1 + .../markbates/goth/gothic/gothic.go | 12 ++--- vendor/vendor.json | 54 ++++++++----------- 3 files changed, 28 insertions(+), 39 deletions(-) diff --git a/vendor/github.com/markbates/goth/README.md b/vendor/github.com/markbates/goth/README.md index 05b19fce5a..737d9ecff4 100644 --- a/vendor/github.com/markbates/goth/README.md +++ b/vendor/github.com/markbates/goth/README.md @@ -46,6 +46,7 @@ $ go get github.com/markbates/goth * Linkedin * Meetup * MicrosoftOnline +* Naver * OneDrive * OpenID Connect (auto discovery) * Paypal diff --git a/vendor/github.com/markbates/goth/gothic/gothic.go b/vendor/github.com/markbates/goth/gothic/gothic.go index 7d6ac2ab6a..19dacb44b0 100644 --- a/vendor/github.com/markbates/goth/gothic/gothic.go +++ b/vendor/github.com/markbates/goth/gothic/gothic.go @@ -10,16 +10,16 @@ package gothic import ( "bytes" "compress/gzip" + "crypto/rand" "encoding/base64" "errors" "fmt" + "io" "io/ioutil" - "math/rand" "net/http" "net/url" "os" "strings" - "time" "github.com/gorilla/mux" "github.com/gorilla/sessions" @@ -35,8 +35,6 @@ var defaultStore sessions.Store var keySet = false -var gothicRand *rand.Rand - func init() { key := []byte(os.Getenv("SESSION_SECRET")) keySet = len(key) != 0 @@ -45,7 +43,6 @@ func init() { cookieStore.Options.HttpOnly = true Store = cookieStore defaultStore = Store - gothicRand = rand.New(rand.NewSource(time.Now().UnixNano())) } /* @@ -85,8 +82,9 @@ var SetState = func(req *http.Request) string { // // https://auth0.com/docs/protocols/oauth2/oauth-state#keep-reading nonceBytes := make([]byte, 64) - for i := 0; i < 64; i++ { - nonceBytes[i] = byte(gothicRand.Int63() % 256) + _, err := io.ReadFull(rand.Reader, nonceBytes) + if err != nil { + panic("gothic: source of randomness unavailable: " + err.Error()) } return base64.URLEncoding.EncodeToString(nonceBytes) } diff --git a/vendor/vendor.json b/vendor/vendor.json index 937824dc40..d16ef6ca66 100644 --- a/vendor/vendor.json +++ b/vendor/vendor.json @@ -678,74 +678,64 @@ "revisionTime": "2017-10-25T03:15:54Z" }, { - "checksumSHA1": "q9MD1ienC+kmKq5i51oAktQEV1E=", - "origin": "github.com/go-gitea/goth", + "checksumSHA1": "2fOWeJ+HGddUUTBlvpRIF4v2x5E=", "path": "github.com/markbates/goth", - "revision": "3b54d96084a5e11030f19556cf68a6ab5d93ba20", - "revisionTime": "2018-03-12T06:32:04Z" + "revision": "4933f155d89c3c52ab4ca545c6602cf4a1e87913", + "revisionTime": "2018-04-12T22:15:10Z" }, { - "checksumSHA1": "FISfgOkoMtn98wglLUvfBTZ6baE=", - "origin": "github.com/go-gitea/goth/gothic", + "checksumSHA1": "cZLls/zE/yokmiyypPyGfJWh69E=", "path": "github.com/markbates/goth/gothic", - "revision": "3b54d96084a5e11030f19556cf68a6ab5d93ba20", - "revisionTime": "2018-03-12T06:32:04Z" + "revision": "4933f155d89c3c52ab4ca545c6602cf4a1e87913", + "revisionTime": "2018-04-12T22:15:10Z" }, { "checksumSHA1": "pJ+Cws/TU22K6tZ/ALFOvvH1K5U=", - "origin": "github.com/go-gitea/goth/providers/bitbucket", "path": "github.com/markbates/goth/providers/bitbucket", - "revision": "3b54d96084a5e11030f19556cf68a6ab5d93ba20", - "revisionTime": "2018-03-12T06:32:04Z" + "revision": "4933f155d89c3c52ab4ca545c6602cf4a1e87913", + "revisionTime": "2018-04-12T22:15:10Z" }, { "checksumSHA1": "XsF5HI4240QHbFXbtWWnGgTsoq8=", - "origin": "github.com/go-gitea/goth/providers/dropbox", "path": "github.com/markbates/goth/providers/dropbox", - "revision": "3b54d96084a5e11030f19556cf68a6ab5d93ba20", - "revisionTime": "2018-03-12T06:32:04Z" + "revision": "4933f155d89c3c52ab4ca545c6602cf4a1e87913", + "revisionTime": "2018-04-12T22:15:10Z" }, { "checksumSHA1": "VzbroIA9R00Ig3iGnOlZLU7d4ls=", - "origin": "github.com/go-gitea/goth/providers/facebook", "path": "github.com/markbates/goth/providers/facebook", - "revision": "3b54d96084a5e11030f19556cf68a6ab5d93ba20", - "revisionTime": "2018-03-12T06:32:04Z" + "revision": "4933f155d89c3c52ab4ca545c6602cf4a1e87913", + "revisionTime": "2018-04-12T22:15:10Z" }, { "checksumSHA1": "P6nBZ850aaekpOcoXNdRhK86bH8=", - "origin": "github.com/go-gitea/goth/providers/github", "path": "github.com/markbates/goth/providers/github", - "revision": "3b54d96084a5e11030f19556cf68a6ab5d93ba20", - "revisionTime": "2018-03-12T06:32:04Z" + "revision": "4933f155d89c3c52ab4ca545c6602cf4a1e87913", + "revisionTime": "2018-04-12T22:15:10Z" }, { "checksumSHA1": "ld488t+yGoTwtmiCSSggEX4fxVk=", - "origin": "github.com/go-gitea/goth/providers/gitlab", "path": "github.com/markbates/goth/providers/gitlab", - "revision": "3b54d96084a5e11030f19556cf68a6ab5d93ba20", - "revisionTime": "2018-03-12T06:32:04Z" + "revision": "4933f155d89c3c52ab4ca545c6602cf4a1e87913", + "revisionTime": "2018-04-12T22:15:10Z" }, { "checksumSHA1": "qXEulD7vnwY9hFrxh91Pm5YrvTM=", - "origin": "github.com/go-gitea/goth/providers/gplus", "path": "github.com/markbates/goth/providers/gplus", - "revision": "3b54d96084a5e11030f19556cf68a6ab5d93ba20", - "revisionTime": "2018-03-12T06:32:04Z" + "revision": "4933f155d89c3c52ab4ca545c6602cf4a1e87913", + "revisionTime": "2018-04-12T22:15:10Z" }, { "checksumSHA1": "wsOBzyp4LKDhfCPmX1LLP7T0S3U=", - "origin": "github.com/go-gitea/goth/providers/openidConnect", "path": "github.com/markbates/goth/providers/openidConnect", - "revision": "3b54d96084a5e11030f19556cf68a6ab5d93ba20", - "revisionTime": "2018-03-12T06:32:04Z" + "revision": "4933f155d89c3c52ab4ca545c6602cf4a1e87913", + "revisionTime": "2018-04-12T22:15:10Z" }, { "checksumSHA1": "o6RqMbbE8QNZhNT9TsAIRMPI8tg=", - "origin": "github.com/go-gitea/goth/providers/twitter", "path": "github.com/markbates/goth/providers/twitter", - "revision": "3b54d96084a5e11030f19556cf68a6ab5d93ba20", - "revisionTime": "2018-03-12T06:32:04Z" + "revision": "4933f155d89c3c52ab4ca545c6602cf4a1e87913", + "revisionTime": "2018-04-12T22:15:10Z" }, { "checksumSHA1": "61HNjGetaBoMp8HBOpuEZRSim8g=",