From e283b5f23e6f4b0c87364aad03402334a9488c84 Mon Sep 17 00:00:00 2001 From: oanatmaria Date: Tue, 16 Jan 2024 12:16:15 +0200 Subject: [PATCH 1/4] Split python packages --- .github/workflows/ci.yaml | 23 +- .github/workflows/gitleaks-check.yml | 13 + DEVELOPER.md | 55 -- README.md | 348 +++++++++- packages/aserto-idp/README.md | 50 -- packages/aserto-idp/poetry.lock | 455 ------------ packages/aserto-idp/pyproject.toml | 53 -- packages/aserto-idp/src/aserto_idp/auth0.py | 62 -- .../src/aserto_idp/oidc/__init__.py | 31 - .../src/aserto_idp/oidc/discovery.py | 99 --- .../aserto-idp/src/aserto_idp/oidc/errors.py | 6 - .../src/aserto_idp/oidc/provider.py | 60 -- packages/aserto-idp/test/test_oidc.py | 38 - packages/aserto-idp/tox.ini | 12 - packages/aserto/README.md | 342 --------- packages/aserto/src/aserto/client/py.typed | 0 packages/aserto/test/__init__.py | 0 packages/flask-aserto/README.md | 37 - packages/flask-aserto/poetry.lock | 647 ------------------ packages/flask-aserto/pyproject.toml | 54 -- .../flask-aserto/src/flask_aserto/__init__.py | 5 - .../src/flask_aserto/_defaults.py | 57 -- .../src/flask_aserto/aio/__init__.py | 6 - .../src/flask_aserto/aio/_defaults.py | 66 -- .../src/flask_aserto/aio/check.py | 195 ------ .../src/flask_aserto/aio/middleware.py | 247 ------- .../flask-aserto/src/flask_aserto/check.py | 194 ------ .../src/flask_aserto/middleware.py | 234 ------- .../flask-aserto/src/flask_aserto/py.typed | 0 packages/flask-aserto/test/__init__.py | 0 .../test/test_default_policy_path_resolver.py | 36 - packages/flask-aserto/tox.ini | 10 - packages/aserto/poetry.lock => poetry.lock | 0 .../aserto/pyproject.toml => pyproject.toml | 0 .../src => src}/aserto/client/__init__.py | 0 .../src => src}/aserto/client/_deadline.py | 0 .../src => src}/aserto/client/_typing.py | 0 .../aserto/client/authorizer/__init__.py | 0 .../aserto/client/authorizer/aio/__init__.py | 0 .../aserto/client/authorizer/helpers.py | 0 .../aserto/client/directory/__init__.py | 0 .../aserto/client/directory/aio/__init__.py | 0 .../aserto/client/directory/channels.py | 0 .../aserto/client/directory/v2/__init__.py | 0 .../client/directory/v2/aio/__init__.py | 0 .../aserto/client/directory/v2/helpers.py | 0 .../aserto/client/directory/v3/__init__.py | 0 .../client/directory/v3/aio/__init__.py | 0 .../aserto/client/directory/v3/helpers.py | 0 .../src => src}/aserto/client/identity.py | 0 .../src => src}/aserto/client/options.py | 0 .../aserto_idp => src/aserto/client}/py.typed | 0 .../aserto/client/resource_context.py | 0 .../src/aserto_idp => test}/__init__.py | 0 .../aserto/test => test}/assets/manifest.yaml | 0 .../aserto/test => test}/assets/objects.json | 0 .../test => test}/assets/relations.json | 0 {packages/aserto/test => test}/conftest.py | 0 .../aserto/test => test}/test_authorizer.py | 0 .../test => test}/test_authorizer_async.py | 0 .../aserto/test => test}/test_directory_v2.py | 0 .../test => test}/test_directory_v2_async.py | 0 .../aserto/test => test}/test_directory_v3.py | 0 .../test => test}/test_directory_v3_async.py | 0 64 files changed, 356 insertions(+), 3079 deletions(-) create mode 100644 .github/workflows/gitleaks-check.yml delete mode 100644 DEVELOPER.md delete mode 100644 packages/aserto-idp/README.md delete mode 100644 packages/aserto-idp/poetry.lock delete mode 100644 packages/aserto-idp/pyproject.toml delete mode 100644 packages/aserto-idp/src/aserto_idp/auth0.py delete mode 100644 packages/aserto-idp/src/aserto_idp/oidc/__init__.py delete mode 100644 packages/aserto-idp/src/aserto_idp/oidc/discovery.py delete mode 100644 packages/aserto-idp/src/aserto_idp/oidc/errors.py delete mode 100644 packages/aserto-idp/src/aserto_idp/oidc/provider.py delete mode 100644 packages/aserto-idp/test/test_oidc.py delete mode 100644 packages/aserto-idp/tox.ini delete mode 100644 packages/aserto/README.md delete mode 100644 packages/aserto/src/aserto/client/py.typed delete mode 100644 packages/aserto/test/__init__.py delete mode 100644 packages/flask-aserto/README.md delete mode 100644 packages/flask-aserto/poetry.lock delete mode 100644 packages/flask-aserto/pyproject.toml delete mode 100644 packages/flask-aserto/src/flask_aserto/__init__.py delete mode 100644 packages/flask-aserto/src/flask_aserto/_defaults.py delete mode 100644 packages/flask-aserto/src/flask_aserto/aio/__init__.py delete mode 100644 packages/flask-aserto/src/flask_aserto/aio/_defaults.py delete mode 100644 packages/flask-aserto/src/flask_aserto/aio/check.py delete mode 100644 packages/flask-aserto/src/flask_aserto/aio/middleware.py delete mode 100644 packages/flask-aserto/src/flask_aserto/check.py delete mode 100644 packages/flask-aserto/src/flask_aserto/middleware.py delete mode 100644 packages/flask-aserto/src/flask_aserto/py.typed delete mode 100644 packages/flask-aserto/test/__init__.py delete mode 100644 packages/flask-aserto/test/test_default_policy_path_resolver.py delete mode 100644 packages/flask-aserto/tox.ini rename packages/aserto/poetry.lock => poetry.lock (100%) rename packages/aserto/pyproject.toml => pyproject.toml (100%) rename {packages/aserto/src => src}/aserto/client/__init__.py (100%) rename {packages/aserto/src => src}/aserto/client/_deadline.py (100%) rename {packages/aserto/src => src}/aserto/client/_typing.py (100%) rename {packages/aserto/src => src}/aserto/client/authorizer/__init__.py (100%) rename {packages/aserto/src => src}/aserto/client/authorizer/aio/__init__.py (100%) rename {packages/aserto/src => src}/aserto/client/authorizer/helpers.py (100%) rename {packages/aserto/src => src}/aserto/client/directory/__init__.py (100%) rename {packages/aserto/src => src}/aserto/client/directory/aio/__init__.py (100%) rename {packages/aserto/src => src}/aserto/client/directory/channels.py (100%) rename {packages/aserto/src => src}/aserto/client/directory/v2/__init__.py (100%) rename {packages/aserto/src => src}/aserto/client/directory/v2/aio/__init__.py (100%) rename {packages/aserto/src => src}/aserto/client/directory/v2/helpers.py (100%) rename {packages/aserto/src => src}/aserto/client/directory/v3/__init__.py (100%) rename {packages/aserto/src => src}/aserto/client/directory/v3/aio/__init__.py (100%) rename {packages/aserto/src => src}/aserto/client/directory/v3/helpers.py (100%) rename {packages/aserto/src => src}/aserto/client/identity.py (100%) rename {packages/aserto/src => src}/aserto/client/options.py (100%) rename {packages/aserto-idp/src/aserto_idp => src/aserto/client}/py.typed (100%) rename {packages/aserto/src => src}/aserto/client/resource_context.py (100%) rename {packages/aserto-idp/src/aserto_idp => test}/__init__.py (100%) rename {packages/aserto/test => test}/assets/manifest.yaml (100%) rename {packages/aserto/test => test}/assets/objects.json (100%) rename {packages/aserto/test => test}/assets/relations.json (100%) rename {packages/aserto/test => test}/conftest.py (100%) rename {packages/aserto/test => test}/test_authorizer.py (100%) rename {packages/aserto/test => test}/test_authorizer_async.py (100%) rename {packages/aserto/test => test}/test_directory_v2.py (100%) rename {packages/aserto/test => test}/test_directory_v2_async.py (100%) rename {packages/aserto/test => test}/test_directory_v3.py (100%) rename {packages/aserto/test => test}/test_directory_v3_async.py (100%) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index ab5a35d..f9c533b 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -57,26 +57,11 @@ jobs: with: version: 1.2.1 - - name: Lint & test aserto package + - name: Run lint run: | - cd packages/aserto - poetry install - poetry run pyright . - poetry run pytest -vv - cd ../.. - - - name: Lint & test aserto-idp package - run : | - cd packages/aserto-idp - poetry install - poetry run pyright . - poetry run pytest -vv - cd ../.. - - - name: Lint & test flask-aserto package - run : | - cd packages/flask-aserto poetry install poetry run pyright . + + - name: Run tests + run: | poetry run pytest -vv - cd ../.. \ No newline at end of file diff --git a/.github/workflows/gitleaks-check.yml b/.github/workflows/gitleaks-check.yml new file mode 100644 index 0000000..f0443b2 --- /dev/null +++ b/.github/workflows/gitleaks-check.yml @@ -0,0 +1,13 @@ +name: gitleaks-check + +on: [pull_request] + +jobs: + test: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: gitleaks-check + uses: aserto-dev/gitleaks-action@master \ No newline at end of file diff --git a/DEVELOPER.md b/DEVELOPER.md deleted file mode 100644 index 43b645d..0000000 --- a/DEVELOPER.md +++ /dev/null @@ -1,55 +0,0 @@ -# Aserto Python package development - -## First time setup instructions - -### pyenv -Follow the pyenv [installation instructions](https://github.com/pyenv/pyenv#installation). This tool will allow us to easily switch between different Python versions as needed. - -*For all following steps make sure your shell is located in your local checkout of this repository.* - -Then run: -```sh -pyenv install -``` -This will install the version of Python specified by `.python-version`. This is the minimum supported version of Python for the SDK package. - -### Poetry -Install [Poetry](https://python-poetry.org/docs/#installation). This must be [installed after pyenv](https://github.com/python-poetry/poetry/issues/651#issuecomment-864533910) has been installed. Poetry is used for managing package dependencies and publishing packages to [PyPI](https://pypi.org/). - -Each package has its own `pyproject.toml` file. For every package you're developing on navigate to its directory and run: -```sh -poetry install -``` - -You can verify that your environment is correctly setup by running: -```sh -poetry run python -V -``` -and verifying that the version number matches the one in `.python_version`. - -## Commands - -### Run tests -```sh -poetry run pytest -``` - -### Run the typechecker -```sh -poetry run mypy src -``` - -## Directory layout -TODO - -## Running PeopleFinder example services -1. Navigate to the `peoplefinder_example` directory. -2. Follow the steps in `.env.example` to create a `.env` file. -3. Run: -```sh -poetry run flask run -``` -4. Start only the front-end of the PeopleFinder service in your local checkout of https://github.com/aserto-demo/peoplefinder. -``` -yarn spa -``` \ No newline at end of file diff --git a/README.md b/README.md index 80942dd..9196582 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,342 @@ -# Aserto - Welcome to modern authorization -This is the home of all the packages that will allow you to use [Aserto](https://www.aserto.com/)'s services from your Python code. -## Packages -[`aserto`](https://github.com/aserto-dev/aserto-python/tree/main/packages/aserto) - Provides a high level interface to Aserto's services. It's the recommended package to fall back to when the web framework integrations don't fit your needs. +# Aserto API client -[`aserto-authorizer-grpc`](https://github.com/aserto-dev/aserto-python/tree/main/packages/aserto-authorizer-grpc) - Lower-level interface specifically to Aserto's Authorizer service. This is for advanced users that need more fine-grained control than the `aserto` package provides. +High-level client interface to Aserto's APIs. -[`aserto-idp`](https://github.com/aserto-dev/aserto-python/tree/main/packages/aserto-idp) - Used to more easily create identity providers for Aserto's other packages. -### Web framework integration -[`flask-aserto`](https://github.com/aserto-dev/aserto-python/tree/main/packages/flask-aserto) - For easier integration into [Flask](https://github.com/pallets/flask) apps. +## Authorizer +The client can be used for interacting with Aserto's [Authorizer service](https://docs.aserto.com/docs/authorizer-guide/overview). -...more on the way! \ No newline at end of file +## Installation + +### Using Pip + +```sh +pip install aserto +``` + +### Using Poetry + +```sh +poetry add aserto +``` + +## Usage + +```py +from aserto.client import AuthorizerOptions, Identity +from aserto.client.authorizer import AuthorizerClient + + +client = AuthorizerClient( + identity=Identity(type="NONE"), + options=AuthorizerOptions( + api_key=ASERTO_API_KEY, + tenant_id=ASERTO_TENANT_ID, + ), +) + +result = await client.decision_tree( + decisions=["visible", "enabled", "allowed"], + policy_instance_name=ASERTO_POLICY_INSTANCE_NAME, + policy_instance_label=ASERTO_POLICY_INSTANCE_LABEL, + policy_path_root=ASERTO_POLICY_PATH_ROOT, + policy_path_separator="DOT", +) + +assert result == { + "GET.your.policy.path": { + "visible": True, + "enabled": True, + "allowed": False, + }, +} +``` + +## Directory + +The Directory APIs can be used to interact with the aserto directory services. +It provides CRUD operations on objects and relations, including bulk import and export. +The client can also be used to check whether a user has a permission or relation on an object instance. + +### Directory Client + +You can initialize a directory client as follows: + +```py +from aserto.client.directory.v3 import Directory + +ds = Directory(api_key="my_api_key", tenant_id="1234", address="localhost:9292") +``` + +- `address`: hostname:port of directory service (_required_) +- `api_key`: API key for directory service (_required_ if using hosted directory) +- `tenant_id`: Aserto tenant ID (_required_ if using hosted directory) +- `cert`: Path to the grpc service certificate when connecting to local topaz instance. + +#### `get_object` + +Get a directory object instance with the type and the id, optionally with the object's relations. + +```py +# without relations: +user = ds.get_object(object_type="user", object_id="euang@acmecorp.com") + +# with relations: +page = PaginationRequest(size=10) +while True: + resp = ds.get_object(object_type="user", object_id="euang@acmecorp.com", with_relations=True, page=page) + user = resp.result # The returned object. + relations_page = resp.relations # A page of relations. + + if not resp.page.next_token: + # we've reached the last page. + break + + # request the next page. + page.token = resp.page.next_token + +``` + +#### `get_objects_many` + +Similar to `get_object` but can retrieve multiple object instances in a single request. +```py +objects = ds.get_object_many( + [ + ObjectIdentifier(type="user", id="euan@acmecorp.com"), + ObjectIdentifier(type="group", id="marketing"), + ] +) +``` + +#### `get_objects` + +Get object instances with an object type type pagination info (page size and pagination token). + +```py +from aserto.client.directory.v3 import PaginationRequest + +users = ds.get_objects(object_type="user", page=PaginationRequest(size=10)) +``` + + +#### `set_object` + +Create an object instance with the specified properties. If an `etag` is specified and is different from the current +object's etag, the call raises an `ETagMismatchError`. + +```py +# pass object fields as arguments: +user = ds.set_object( + object_type="user", + object_id="new-user@acmecorp.com", + display_name="John Doe", + "properties": {"active": True, "department": "Engineering"}, +} + +# set_object can also take an Object parameter: +user.display_name = "Jane Doe" +user.properties["title"] = "Senior Engineer" +updated_user = ds.set_object(object=user) +``` + +#### `delete_object` + +Delete an object instance and optionally its relations, using its type and id: + +```py +# delete an object +ds.delete_object(object_type="user", object_id="test-object") + +# delete an object and all its relations +ds.delete_object(object_type="user", object_id="test-object", with_relations=True) +``` + +#### `get_relation` + +Retrieve a single relation from the directory or raise a `NotFoundError` if no matching relation exists. + +```py +# get the manager of euang@acmecorp.com: +relation = ds.get_relation( + object_type="user", + relation="manager", + subject_type="user", + subject_id="euang@acmecorp.com", +) + +assert relation.object_id + +# include the relation's object and subject in the response: +response = ds.get_relation( + object_type="user", + relation="manager", + subject_type="user", + subject_id="euang@acmecorp.com", + with_relations=True, +) + +assert response.relation.object_id +assert response.subject.display_name == "Euan Garden" +assert response.object.properties["department"] == "Sales" +# +``` + +#### `get_relations` + +Searches the directory for relations matching the specified criteria, optionally including the object and subject +of each returned relation. + +```py +# find all groups a user is a member of: +page = PaginationRequest(size=10) + +while True: + response = ds.get_relations( + object_type="group", + "relation"="member", + "subject_type": "user", + "subject_id": "euang@acmecorp.com", + with_objects=True, + page=page, + ) + + if not response.page.next_token: + break + + page.token = response.page.next_token +``` + +#### `set_relation` + +Create a new relation. + +```py +ds.set_relation( + object_type="group", + object_id="admin", + relation="member", + subject_type="user", + subject_id="euang@acmecorp.com", +) +``` + +#### `delete_relation` + +Delete a relation. + +```py +ds.delete_relation( + object_type="group", + object_id="admin", + relation="member", + subject_type="user", + subject_id="euang@acmecorp.com", +) +``` + +#### `check` + +Check if a subject has a given relation or permission on an object. + +```py +allowed = ds.check( + object_type="folder", + object_id="/path/to/folder", + relation="can_delete", + subject_type="user", + subject_id="euang@acmecorp.com", +) +``` + +#### `get_manifest ` + +Download the directory manifest. + +```py +manifest = ds.get_manifest() + +print(manifest.body) # yaml manifest + +# conditionally get the manifest if its etag has changed +new_manifest = ds.get_manifest(etag=manifest.etag) + +assert new_manifest is None # the manifest hasn't changed +``` + +#### `set_manifest` + +Upload a new directory manifest. + +```py +with open("manifest.yaml", "rb") as f: + manifest = f.read() + +ds.set_manifest(manifest) +``` + +#### `import_data` + +Bulk-insert objects and/or relations to the directory. Returns a summary of the number of objects/relations affected. + +```py +# import an object and a relation. +data = [ + Object(type="user", id="test@acmecorp.com"), + Relation( + object_type="user", + object_id="euang@acmecorp.com", + relation="manager", + subject_type="user", + subject_id="test@acmecorp.com", + ), +] + +response = ds.import_data(data) + +assert response.objects.set == 1 +assert response.object.error == 0 +assert response.relations.set == 1 +assert response.relations.error == 0 +``` + +#### `export_data` + +Bulk-retrieve objects and/or relations from the directory. + + +```py +from aserto.client.directory.v3 import ExportOption, Object, Relation + +# export all objects and relations +for item in ds.export(ExportOption.OPTION_DATA): + if isinstance(item, Object): + print("object:", item) + elif isinstance(item, Relation): + print("relation:", item) +``` + +### Async Directory Client + +You can initialize an asynchronous directory client as follows: + +```py +from aserto.client.directory.v3.aio import Directory + +ds = Directory(api_key="my_api_key", tenant_id="1234", address="localhost:9292") +``` + +The methods on the async directory have the same signatures as their synchronous counterparts. + +### Directory v2 client + +To interact with older instances of the directory service, a v2 client is available with limited functionality. +The v2 client doesn't support `get_manifest`/`set_manifest`, and `import_data`/`export_data`. + +```py +from aserto.client.directory.v2 import Directory +ds = Directory(api_key="my_api_key", tenant_id="1234", address="localhost:9292") +``` + +## License + +This project is licensed under the MIT license. See the [LICENSE](https://github.com/aserto-dev/aserto-python/blob/main/LICENSE) file for more info. diff --git a/packages/aserto-idp/README.md b/packages/aserto-idp/README.md deleted file mode 100644 index 2277a5e..0000000 --- a/packages/aserto-idp/README.md +++ /dev/null @@ -1,50 +0,0 @@ -# Aserto Identity Providers -Common identity providers for use with Aserto client libraries - -## Installation -### Using Pip -```sh -pip install aserto-idp -``` -### Using Poetry -```sh -poetry add aserto-idp -``` -## Current Identity Providers -### OpenID Connect -```py -from aserto_idp.oidc import identity_provider -``` -## Usage -### With [`aserto-authorizer-grpc`](https://github.com/aserto-dev/aserto-python/tree/HEAD/packages/aserto-authorizer-grpc) -```py -from aserto.client import IdentityContext, IdentityType -from aserto_idp.oidc import AccessTokenError, identity_provider - -oidc_provider = identity_provider(issuer=OIDC_ISSUER, client_id=OIDC_CLIENT_ID) - -try: - subject = await oidc_provider.subject_from_jwt_auth_header(request.headers["Authorization"]) - - identity_context = IdentityContext( - type=IdentityType.IDENTITY_TYPE_SUB, - identity=subject, - ) -except AccessTokenError: - identity_context = IdentityContext(type=IdentityType.IDENTITY_TYPE_NONE) - -``` -### With [`aserto`](https://github.com/aserto-dev/aserto-python/tree/HEAD/packages/aserto) -```py -from aserto import Identity -from aserto_idp.oidc import AccessTokenError, IdentityProvider - -oidc_provider = identity_provider(issuer=OIDC_ISSUER, client_id=OIDC_CLIENT_ID) - -try: - subject = await oidc_provider.subject_from_jwt_auth_header(request.headers["Authorization"]) - - identity = Identity(type="SUBJECT", subject=subject) -except AccessTokenError: - identity = Identity(type="NONE") -``` diff --git a/packages/aserto-idp/poetry.lock b/packages/aserto-idp/poetry.lock deleted file mode 100644 index efebd86..0000000 --- a/packages/aserto-idp/poetry.lock +++ /dev/null @@ -1,455 +0,0 @@ -[[package]] -name = "aiohttp" -version = "3.9.1" -description = "Async http client/server framework (asyncio)" -category = "main" -optional = false -python-versions = ">=3.8" - -[package.dependencies] -aiosignal = ">=1.1.2" -async-timeout = {version = ">=4.0,<5.0", markers = "python_version < \"3.11\""} -attrs = ">=17.3.0" -frozenlist = ">=1.1.1" -multidict = ">=4.5,<7.0" -yarl = ">=1.0,<2.0" - -[package.extras] -speedups = ["brotlicffi", "brotli", "aiodns"] - -[[package]] -name = "aiosignal" -version = "1.3.1" -description = "aiosignal: a list of registered asynchronous callbacks" -category = "main" -optional = false -python-versions = ">=3.7" - -[package.dependencies] -frozenlist = ">=1.1.0" - -[[package]] -name = "async-timeout" -version = "4.0.3" -description = "Timeout context manager for asyncio programs" -category = "main" -optional = false -python-versions = ">=3.7" - -[[package]] -name = "attrs" -version = "23.1.0" -description = "Classes Without Boilerplate" -category = "main" -optional = false -python-versions = ">=3.7" - -[package.extras] -cov = ["attrs", "coverage[toml] (>=5.3)"] -dev = ["attrs", "pre-commit"] -docs = ["furo", "myst-parser", "sphinx", "sphinx-notfound-page", "sphinxcontrib-towncrier", "towncrier", "zope-interface"] -tests = ["attrs", "zope-interface"] -tests-no-zope = ["cloudpickle", "hypothesis", "mypy (>=1.1.1)", "pympler", "pytest-mypy-plugins", "pytest-xdist", "pytest (>=4.3.0)"] - -[[package]] -name = "black" -version = "23.11.0" -description = "The uncompromising code formatter." -category = "dev" -optional = false -python-versions = ">=3.8" - -[package.dependencies] -click = ">=8.0.0" -mypy-extensions = ">=0.4.3" -packaging = ">=22.0" -pathspec = ">=0.9.0" -platformdirs = ">=2" -tomli = {version = ">=1.1.0", markers = "python_version < \"3.11\""} -typing-extensions = {version = ">=4.0.1", markers = "python_version < \"3.11\""} - -[package.extras] -colorama = ["colorama (>=0.4.3)"] -d = ["aiohttp (>=3.7.4)"] -jupyter = ["ipython (>=7.8.0)", "tokenize-rt (>=3.2.0)"] -uvloop = ["uvloop (>=0.15.2)"] - -[[package]] -name = "cffi" -version = "1.16.0" -description = "Foreign Function Interface for Python calling C code." -category = "main" -optional = false -python-versions = ">=3.8" - -[package.dependencies] -pycparser = "*" - -[[package]] -name = "click" -version = "8.1.7" -description = "Composable command line interface toolkit" -category = "dev" -optional = false -python-versions = ">=3.7" - -[package.dependencies] -colorama = {version = "*", markers = "platform_system == \"Windows\""} - -[[package]] -name = "colorama" -version = "0.4.6" -description = "Cross-platform colored terminal text." -category = "dev" -optional = false -python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*,>=2.7" - -[[package]] -name = "coverage" -version = "7.3.2" -description = "Code coverage measurement for Python" -category = "dev" -optional = false -python-versions = ">=3.8" - -[package.dependencies] -tomli = {version = "*", optional = true, markers = "python_full_version <= \"3.11.0a6\" and extra == \"toml\""} - -[package.extras] -toml = ["tomli"] - -[[package]] -name = "cryptography" -version = "41.0.7" -description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers." -category = "main" -optional = false -python-versions = ">=3.7" - -[package.dependencies] -cffi = ">=1.12" - -[package.extras] -docs = ["sphinx (>=5.3.0)", "sphinx-rtd-theme (>=1.1.1)"] -docstest = ["pyenchant (>=1.6.11)", "twine (>=1.12.0)", "sphinxcontrib-spelling (>=4.0.1)"] -nox = ["nox"] -pep8test = ["black", "ruff", "mypy", "check-sdist"] -sdist = ["build"] -ssh = ["bcrypt (>=3.1.5)"] -test = ["pytest (>=6.2.0)", "pytest-benchmark", "pytest-cov", "pytest-xdist", "pretend"] -test-randomorder = ["pytest-randomly"] - -[[package]] -name = "ecdsa" -version = "0.18.0" -description = "ECDSA cryptographic signature library (pure python)" -category = "main" -optional = false -python-versions = ">=2.6, !=3.0.*, !=3.1.*, !=3.2.*" - -[package.dependencies] -six = ">=1.9.0" - -[package.extras] -gmpy = ["gmpy"] -gmpy2 = ["gmpy2"] - -[[package]] -name = "exceptiongroup" -version = "1.2.0" -description = "Backport of PEP 654 (exception groups)" -category = "dev" -optional = false -python-versions = ">=3.7" - -[package.extras] -test = ["pytest (>=6)"] - -[[package]] -name = "frozenlist" -version = "1.4.0" -description = "A list-like structure which implements collections.abc.MutableSequence" -category = "main" -optional = false -python-versions = ">=3.8" - -[[package]] -name = "idna" -version = "3.6" -description = "Internationalized Domain Names in Applications (IDNA)" -category = "main" -optional = false -python-versions = ">=3.5" - -[[package]] -name = "iniconfig" -version = "2.0.0" -description = "brain-dead simple config-ini parsing" -category = "dev" -optional = false -python-versions = ">=3.7" - -[[package]] -name = "isort" -version = "5.12.0" -description = "A Python utility / library to sort Python imports." -category = "dev" -optional = false -python-versions = ">=3.8.0" - -[package.extras] -colors = ["colorama (>=0.4.3)"] -requirements-deprecated-finder = ["pip-api", "pipreqs"] -pipfile-deprecated-finder = ["pip-shims (>=0.5.2)", "pipreqs", "requirementslib"] -plugins = ["setuptools"] - -[[package]] -name = "multidict" -version = "6.0.4" -description = "multidict implementation" -category = "main" -optional = false -python-versions = ">=3.7" - -[[package]] -name = "mypy-extensions" -version = "1.0.0" -description = "Type system extensions for programs checked with the mypy type checker." -category = "dev" -optional = false -python-versions = ">=3.5" - -[[package]] -name = "nodeenv" -version = "1.8.0" -description = "Node.js virtual environment builder" -category = "dev" -optional = false -python-versions = ">=2.7,!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*" - -[[package]] -name = "packaging" -version = "23.2" -description = "Core utilities for Python packages" -category = "dev" -optional = false -python-versions = ">=3.7" - -[[package]] -name = "pathspec" -version = "0.11.2" -description = "Utility library for gitignore style pattern matching of file paths." -category = "dev" -optional = false -python-versions = ">=3.7" - -[[package]] -name = "platformdirs" -version = "4.0.0" -description = "A small Python package for determining appropriate platform-specific dirs, e.g. a \"user data dir\"." -category = "dev" -optional = false -python-versions = ">=3.7" - -[package.extras] -docs = ["furo (>=2023.7.26)", "proselint (>=0.13)", "sphinx-autodoc-typehints (>=1.24)", "sphinx (>=7.1.1)"] -test = ["appdirs (==1.4.4)", "covdefaults (>=2.3)", "pytest-cov (>=4.1)", "pytest-mock (>=3.11.1)", "pytest (>=7.4)"] - -[[package]] -name = "pluggy" -version = "1.3.0" -description = "plugin and hook calling mechanisms for python" -category = "dev" -optional = false -python-versions = ">=3.8" - -[package.extras] -dev = ["pre-commit", "tox"] -testing = ["pytest", "pytest-benchmark"] - -[[package]] -name = "pyasn1" -version = "0.5.1" -description = "Pure-Python implementation of ASN.1 types and DER/BER/CER codecs (X.208)" -category = "main" -optional = false -python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,>=2.7" - -[[package]] -name = "pycparser" -version = "2.21" -description = "C parser in Python" -category = "main" -optional = false -python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*" - -[[package]] -name = "pyright" -version = "1.1.337" -description = "Command line wrapper for pyright" -category = "dev" -optional = false -python-versions = ">=3.7" - -[package.dependencies] -nodeenv = ">=1.6.0" - -[package.extras] -all = ["twine (>=3.4.1)"] -dev = ["twine (>=3.4.1)"] - -[[package]] -name = "pytest" -version = "7.4.3" -description = "pytest: simple powerful testing with Python" -category = "dev" -optional = false -python-versions = ">=3.7" - -[package.dependencies] -colorama = {version = "*", markers = "sys_platform == \"win32\""} -exceptiongroup = {version = ">=1.0.0rc8", markers = "python_version < \"3.11\""} -iniconfig = "*" -packaging = "*" -pluggy = ">=0.12,<2.0" -tomli = {version = ">=1.0.0", markers = "python_version < \"3.11\""} - -[package.extras] -testing = ["argcomplete", "attrs (>=19.2.0)", "hypothesis (>=3.56)", "mock", "nose", "pygments (>=2.7.2)", "requests", "setuptools", "xmlschema"] - -[[package]] -name = "pytest-asyncio" -version = "0.15.1" -description = "Pytest support for asyncio." -category = "dev" -optional = false -python-versions = ">= 3.6" - -[package.dependencies] -pytest = ">=5.4.0" - -[package.extras] -testing = ["coverage", "hypothesis (>=5.7.1)"] - -[[package]] -name = "pytest-cov" -version = "3.0.0" -description = "Pytest plugin for measuring coverage." -category = "dev" -optional = false -python-versions = ">=3.6" - -[package.dependencies] -coverage = {version = ">=5.2.1", extras = ["toml"]} -pytest = ">=4.6" - -[package.extras] -testing = ["fields", "hunter", "process-tests", "six", "pytest-xdist", "virtualenv"] - -[[package]] -name = "python-jose" -version = "3.3.0" -description = "JOSE implementation in Python" -category = "main" -optional = false -python-versions = "*" - -[package.dependencies] -cryptography = {version = ">=3.4.0", optional = true, markers = "extra == \"cryptography\""} -ecdsa = "!=0.15" -pyasn1 = "*" -rsa = "*" - -[package.extras] -cryptography = ["cryptography (>=3.4.0)"] -pycrypto = ["pycrypto (>=2.6.0,<2.7.0)", "pyasn1"] -pycryptodome = ["pycryptodome (>=3.3.1,<4.0.0)", "pyasn1"] - -[[package]] -name = "rsa" -version = "4.9" -description = "Pure-Python RSA implementation" -category = "main" -optional = false -python-versions = ">=3.6,<4" - -[package.dependencies] -pyasn1 = ">=0.1.3" - -[[package]] -name = "six" -version = "1.16.0" -description = "Python 2 and 3 compatibility utilities" -category = "main" -optional = false -python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*" - -[[package]] -name = "tomli" -version = "2.0.1" -description = "A lil' TOML parser" -category = "dev" -optional = false -python-versions = ">=3.7" - -[[package]] -name = "typing-extensions" -version = "4.8.0" -description = "Backported and Experimental Type Hints for Python 3.8+" -category = "dev" -optional = false -python-versions = ">=3.8" - -[[package]] -name = "yarl" -version = "1.9.3" -description = "Yet another URL library" -category = "main" -optional = false -python-versions = ">=3.7" - -[package.dependencies] -idna = ">=2.0" -multidict = ">=4.0" - -[metadata] -lock-version = "1.1" -python-versions = "^3.8" -content-hash = "8847f0250fd18d125e5026cdd1d33d334acf7cb858fa216f3a22cba7eabff6de" - -[metadata.files] -aiohttp = [] -aiosignal = [] -async-timeout = [] -attrs = [] -black = [] -cffi = [] -click = [] -colorama = [] -coverage = [] -cryptography = [] -ecdsa = [] -exceptiongroup = [] -frozenlist = [] -idna = [] -iniconfig = [] -isort = [] -multidict = [] -mypy-extensions = [] -nodeenv = [] -packaging = [] -pathspec = [] -platformdirs = [] -pluggy = [] -pyasn1 = [] -pycparser = [] -pyright = [] -pytest = [] -pytest-asyncio = [] -pytest-cov = [] -python-jose = [] -rsa = [] -six = [] -tomli = [] -typing-extensions = [] -yarl = [] diff --git a/packages/aserto-idp/pyproject.toml b/packages/aserto-idp/pyproject.toml deleted file mode 100644 index 02a7c33..0000000 --- a/packages/aserto-idp/pyproject.toml +++ /dev/null @@ -1,53 +0,0 @@ -[tool.poetry] -name = "aserto-idp" -version = "0.3.1" -description = "Common identity providers for use with Aserto client libraries" -readme = "README.md" -authors = ["Aserto, Inc. "] -maintainers = ["authereal "] -homepage = "https://github.com/aserto-dev/aserto-python/tree/HEAD/packages/aserto-idp" -repository = "https://github.com/aserto-dev/aserto-python/tree/HEAD/packages/aserto-idp" -documentation = "https://github.com/aserto-dev/aserto-python/tree/HEAD/packages/aserto-idp" -license = "Apache-2.0" -classifiers = [ - "Intended Audience :: Developers", - "License :: OSI Approved :: Apache Software License", - "Operating System :: OS Independent", - "Programming Language :: Python", - "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3 :: Only", - "Programming Language :: Python :: 3.8", - "Programming Language :: Python :: 3.9", - "Programming Language :: Python :: 3.10", - "Programming Language :: Python :: 3.11", - "Programming Language :: Python :: 3.12", - "Topic :: Software Development :: Libraries", - "Typing :: Typed", -] -packages = [ - {include = "aserto_idp", from = "src"} -] - -[tool.poetry.dependencies] -python = "^3.8" -aiohttp = "^3.8.0" -python-jose = {version = "^3.3.0", extras = ["cryptography"]} - -[tool.poetry.dev-dependencies] -black = "^23.0" -isort= "^5.9.0" -pytest-asyncio = "^0.15.0" -pyright = "^1.1.0" -pytest-cov = "^3.0.0" - -[tool.black] -line-length = 100 -target-version = ["py38"] - -[tool.isort] -profile = "black" - -[build-system] -requires = ["poetry-core>=1.0.0"] -build-backend = "poetry.core.masonry.api" - diff --git a/packages/aserto-idp/src/aserto_idp/auth0.py b/packages/aserto-idp/src/aserto_idp/auth0.py deleted file mode 100644 index 06c4a19..0000000 --- a/packages/aserto-idp/src/aserto_idp/auth0.py +++ /dev/null @@ -1,62 +0,0 @@ -import warnings - -from aiohttp import ClientSession -from jose import jwk, jwt - -__all__ = ["generate_oauth_subject_from_auth_header", "AccessTokenError"] - - -warnings.warn( - "aserto_idp.auth0 is deprecated and will be removed in future versions. Use aserto_idp.oidc instead." -) - - -class AccessTokenError(Exception): - pass - - -async def generate_oauth_subject_from_auth_header( - *, - authorization_header: str, - domain: str, - client_id: str, - audience: str, -) -> str: - parts = authorization_header.split() - if not parts: - raise AccessTokenError("Authorization header missing") - elif parts[0].lower() != "bearer": - raise AccessTokenError("Authorization header must start with 'Bearer'") - elif len(parts) == 1: - raise AccessTokenError("Bearer token not found") - elif len(parts) > 2: - raise AccessTokenError("Authorization header must be a valid Bearer token") - - _, token = parts - - header = jwt.get_unverified_header(token) - if "kid" not in header: - raise AccessTokenError("Bearer token does not have 'kid' claim") - - kid = header["kid"] - - async with ClientSession() as session: - jwks_url = f"https://{domain}/.well-known/jwks.json" - async with session.get(jwks_url) as response: - jwks = await response.json() - - for key in jwks["keys"]: - if key["kid"] == kid: - rsa_key = jwk.construct(key).to_pem() - break - else: - raise AccessTokenError(f"RSA public key with ID '{kid}' was not found.") - - payload = jwt.decode(token, rsa_key, algorithms=["RS256"], audience=audience) - if payload["azp"] != client_id: - raise AccessTokenError(f"'azp' claim '{payload['azp']}' does not match Auth0 client ID") - - if not isinstance(payload["sub"], str): - raise AccessTokenError(f"'sub' claim '{payload['sub']}'is not a valid identity") - - return payload["sub"] diff --git a/packages/aserto-idp/src/aserto_idp/oidc/__init__.py b/packages/aserto-idp/src/aserto_idp/oidc/__init__.py deleted file mode 100644 index d9115a4..0000000 --- a/packages/aserto-idp/src/aserto_idp/oidc/__init__.py +++ /dev/null @@ -1,31 +0,0 @@ -"""OpenID Connect Identity Provider - -This module implements an OpenID Connect provider that can be used with Aserto client libraries. -""" -from typing import Optional - -from .discovery import DiscoveryClient -from .errors import AccessTokenError, DiscoveryError -from .provider import IdentityProvider - -__all__ = ["AccessTokenError", "DiscoveryError", "identity_provider", "IdentityProvider"] - - -def identity_provider( - issuer: str, client_id: str, audience: Optional[str] = None -) -> IdentityProvider: - """Creates a new OpenID Connect identity provider. - - Args: - issuer: The OpenID Connect Issuer Identifier of the identity provider as defined in - https://openid.net/specs/openid-connect-core-1_0.html#IssuerIdentifier. - client_id: The OAuth 2.0 Client Identifier issued by the authorization server. - See https://datatracker.ietf.org/doc/html/rfc6749#section-2.2. - audience: An optional identifier of the audience(s) for which tokens are intended. If omitted, ``client_id`` - is used. - - Returns: - An ``IdentityProvider`` that can validate JWT tokens created by ``issuer`` and extract subject names. - """ - discovery = DiscoveryClient(issuer) - return IdentityProvider(discovery, client_id, audience) diff --git a/packages/aserto-idp/src/aserto_idp/oidc/discovery.py b/packages/aserto-idp/src/aserto_idp/oidc/discovery.py deleted file mode 100644 index f7f479c..0000000 --- a/packages/aserto-idp/src/aserto_idp/oidc/discovery.py +++ /dev/null @@ -1,99 +0,0 @@ -"""OpenID Connect Discovery - -This module implments a subset of the OpenID Connect Discovery 1.0 specification -(https://openid.net/specs/openid-connect-discovery-1_0.html). - -It provides the means to discover and retrieve an OpenID Connect issuer's keyset and find the signing key for -a specified JWT. -""" -import os.path -from typing import Dict, List, Optional, Union -from urllib.parse import urlparse - -from aiohttp import ClientSession - -from aserto_idp.oidc.errors import DiscoveryError - -OidcConfig = Dict[str, Union[str, List[str]]] -Key = Dict[str, str] -KeySet = Dict[str, List[Key]] - - -class DiscoveryClient: - """Client implementation of the OpenID Connect Discovery 1.0 specification. - - Args: - issuer: The OpenID Connect Issuer Identifier of the server issuing tokens. - """ - - def __init__(self, issuer: str): - self.issuer = issuer_url(issuer) - self.discovery_url = os.path.join(self.issuer, ".well-known/openid-configuration") - self._keyset: Optional[KeySet] = None - - async def find_signing_key(self, key_id: str) -> Key: - """Find and return the signing key for the specified key ID. - - Args: - key_id: The ID of the key used by the OIDC issuer to sign a JWT being verified. Key IDs are extracted from - the "kid" JOSE header of a JWT - (https://datatracker.ietf.org/doc/html/draft-ietf-jose-json-web-signature#section-4.1.4). - - Returns: - A ``dict`` - """ - for _ in range(2): - # If we can't find the key ID in the issuer's keyset, clear the cache and try again. - keyset = await self.keyset() - keys = keyset.get("keys") - if not keys: - raise DiscoveryError("Keyset missing required field 'keys': {keys}") - - for key in keys: - if key["kid"] == key_id: - return key - - self.clear_keyset_cache() - - raise DiscoveryError(f"RSA public key with ID '{key_id}' was not found.") - - async def keyset(self) -> KeySet: - """Downloads the OIDC issuer's signing key-set. - - The key-set URL is retrieved from the "jwks_uri" field in the issuer's OIDC configuration - (https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata). - - Returns: - A ``dict`` containing the downloaded JOSE key-set. - """ - if not self._keyset: - config = await self.config() - keyset_url = config.get("jwks_uri") - if not keyset_url: - raise DiscoveryError("Issuer openid-configuration missing 'jwks_uri'") - - self._keyset = await get_json(keyset_url) # type: ignore - - return self._keyset - - async def config(self) -> OidcConfig: - return await get_json(self.discovery_url) - - def clear_keyset_cache(self) -> None: - self._keyset = None - - -def issuer_url(issuer: str) -> str: - url = urlparse(issuer) - if not url.scheme: - # issuer is not a full URL - return f"https://{issuer}" - elif url.scheme != "https": - raise ValueError("OIDC issuer MUST use the 'https' scheme.") - return issuer - - -async def get_json(url: str) -> dict: # type: ignore - async with ClientSession() as session: - async with session.get(url) as response: - return await response.json() diff --git a/packages/aserto-idp/src/aserto_idp/oidc/errors.py b/packages/aserto-idp/src/aserto_idp/oidc/errors.py deleted file mode 100644 index 2da6637..0000000 --- a/packages/aserto-idp/src/aserto_idp/oidc/errors.py +++ /dev/null @@ -1,6 +0,0 @@ -class AccessTokenError(Exception): - """An error that occurs while processing an access token.""" - - -class DiscoveryError(AccessTokenError): - """An error that occurs during the OIDC discovery process.""" diff --git a/packages/aserto-idp/src/aserto_idp/oidc/provider.py b/packages/aserto-idp/src/aserto_idp/oidc/provider.py deleted file mode 100644 index 12c1fa8..0000000 --- a/packages/aserto-idp/src/aserto_idp/oidc/provider.py +++ /dev/null @@ -1,60 +0,0 @@ -from typing import Optional - -from jose import jwt - -from aserto_idp.oidc.discovery import DiscoveryClient -from aserto_idp.oidc.errors import AccessTokenError - - -class IdentityProvider: - def __init__( - self, - discovery_client: DiscoveryClient, - client_id: str, - audience: Optional[str] = None, - ): - self.discovery_client: DiscoveryClient = discovery_client - self.client_id: str = client_id - self.audience: str = audience or client_id - - async def subject_from_jwt_auth_header( - self, - authorization_header: str, - access_token: Optional[str] = None, - ) -> str: - token = self._parse_authorization_header(authorization_header) - key_id = get_key_id(token) - key = await self.discovery_client.find_signing_key(key_id) - - options = {"verify_at_hash": access_token is not None} - claims = jwt.decode(token, key, options=options, audience=self.audience) - if "azp" in claims and claims["azp"] != self.client_id: - raise AccessTokenError(f"'azp' claim '{claims['azp']}' does not match client ID") - - if not isinstance(claims["sub"], str): - raise AccessTokenError(f"'sub' claim '{claims['sub']}'is not a valid identity") - - return claims["sub"] - - @staticmethod - def _parse_authorization_header(header: str) -> str: - parts = header.split() - if not parts: - raise AccessTokenError("Authorization header missing") - elif parts[0].lower() != "bearer": - raise AccessTokenError("Authorization header must start with 'Bearer'") - elif len(parts) == 1: - raise AccessTokenError("Bearer token not found") - elif len(parts) > 2: - raise AccessTokenError("Authorization header must be a valid Bearer token") - - _, token = parts - return token - - -def get_key_id(token: str) -> str: - kid = jwt.get_unverified_header(token).get("kid") - if not kid: - raise AccessTokenError("Bearer token does not have 'kid' claim") - - return kid # type: ignore diff --git a/packages/aserto-idp/test/test_oidc.py b/packages/aserto-idp/test/test_oidc.py deleted file mode 100644 index 02c6d40..0000000 --- a/packages/aserto-idp/test/test_oidc.py +++ /dev/null @@ -1,38 +0,0 @@ -import pytest - -from aserto_idp.oidc import AccessTokenError, identity_provider - -ISSUER = "issuer" -CLIENT_ID = "client_id" - - -@pytest.fixture -def idp(): - return identity_provider(issuer=ISSUER, client_id=CLIENT_ID) - - -def test_create(idp): - assert idp.discovery_client.issuer == f"https://{ISSUER}" - assert idp.client_id == idp.audience == CLIENT_ID - - -def test_parse_empty_header(idp): - for token in ("", " ", "\t", " "): - with pytest.raises(AccessTokenError, match="Authorization header missing"): - idp._parse_authorization_header(token) - - -def test_not_bearer_token(idp): - for token in ("basic xyz", "xyz"): - with pytest.raises(AccessTokenError, match="Authorization header must start with 'Bearer'"): - idp._parse_authorization_header(token) - - -def test_empty_bearer(idp): - with pytest.raises(AccessTokenError, match="Bearer token not found"): - idp._parse_authorization_header("bearer ") - - -def test_too_many_header_parts(idp): - with pytest.raises(AccessTokenError, match="Authorization header must be a valid Bearer token"): - idp._parse_authorization_header("bearer xyz 123") diff --git a/packages/aserto-idp/tox.ini b/packages/aserto-idp/tox.ini deleted file mode 100644 index a5ee60a..0000000 --- a/packages/aserto-idp/tox.ini +++ /dev/null @@ -1,12 +0,0 @@ -[tox] -skipsdist = true -envlist = py37, py38, py39, py310 - -[testenv] -whitelist_externals = poetry -commands = - poetry install -v - poetry run black . - poetry run isort . - poetry run pytest --cov src/ - poetry run mypy src diff --git a/packages/aserto/README.md b/packages/aserto/README.md deleted file mode 100644 index a30571c..0000000 --- a/packages/aserto/README.md +++ /dev/null @@ -1,342 +0,0 @@ -# Aserto API client - -High-level client interface to Aserto's APIs. - -At the moment this only supports interacting with Aserto's [Authorizer service](https://docs.aserto.com/docs/authorizer-guide/overview). - -## Installation - -### Using Pip - -```sh -pip install aserto -``` - -### Using Poetry - -```sh -poetry add aserto -``` - -## Usage - -```py -from aserto.client import AuthorizerOptions, Identity -from aserto.client.api.authorizer import AuthorizerClient - - -client = AuthorizerClient( - identity=Identity(type="NONE"), - options=AuthorizerOptions( - api_key=ASERTO_API_KEY, - tenant_id=ASERTO_TENANT_ID, - service_type="gRPC", - ), -) - -result = await client.decision_tree( - decisions=["visible", "enabled", "allowed"], - policy_instance_name=ASERTO_POLICY_INSTANCE_NAME, - policy_instance_label=ASERTO_POLICY_INSTANCE_LABEL, - policy_path_root=ASERTO_POLICY_PATH_ROOT, - policy_path_separator="DOT", -) - -assert result == { - "GET.your.policy.path": { - "visible": True, - "enabled": True, - "allowed": False, - }, -} -``` - -## Directory - -The Directory APIs can be used to interact with the aserto directory services. -It provides CRUD operations on objects and relations, including bulk import and export. -The client can also be used to check whether a user has a permission or relation on an object instance. - -### Directory Client - -You can initialize a directory client as follows: - -```py -from aserto.client.directory.v3 import Directory - -ds = Directory(api_key="my_api_key", tenant_id="1234", address="localhost:9292") -``` - -- `address`: hostname:port of directory service (_required_) -- `api_key`: API key for directory service (_required_ if using hosted directory) -- `tenant_id`: Aserto tenant ID (_required_ if using hosted directory) -- `cert`: Path to the grpc service certificate when connecting to local topaz instance. - -#### `get_object` - -Get a directory object instance with the type and the id, optionally with the object's relations. - -```py -# without relations: -user = ds.get_object(object_type="user", object_id="euang@acmecorp.com") - -# with relations: -page = PaginationRequest(size=10) -while True: - resp = ds.get_object(object_type="user", object_id="euang@acmecorp.com", with_relations=True, page=page) - user = resp.result # The returned object. - relations_page = resp.relations # A page of relations. - - if not resp.page.next_token: - # we've reached the last page. - break - - # request the next page. - page.token = resp.page.next_token - -``` - -#### `get_objects_many` - -Similar to `get_object` but can retrieve multiple object instances in a single request. -```py -objects = ds.get_object_many( - [ - ObjectIdentifier(type="user", id="euan@acmecorp.com"), - ObjectIdentifier(type="group", id="marketing"), - ] -) -``` - -#### `get_objects` - -Get object instances with an object type type pagination info (page size and pagination token). - -```py -from aserto.client.directory.v3 import PaginationRequest - -users = ds.get_objects(object_type="user", page=PaginationRequest(size=10)) -``` - - -#### `set_object` - -Create an object instance with the specified properties. If an `etag` is specified and is different from the current -object's etag, the call raises an `ETagMismatchError`. - -```py -# pass object fields as arguments: -user = ds.set_object( - object_type="user", - object_id="new-user@acmecorp.com", - display_name="John Doe", - "properties": {"active": True, "department": "Engineering"}, -} - -# set_object can also take an Object parameter: -user.display_name = "Jane Doe" -user.properties["title"] = "Senior Engineer" -updated_user = ds.set_object(object=user) -``` - -#### `delete_object` - -Delete an object instance and optionally its relations, using its type and id: - -```py -# delete an object -ds.delete_object(object_type="user", object_id="test-object") - -# delete an object and all its relations -ds.delete_object(object_type="user", object_id="test-object", with_relations=True) -``` - -#### `get_relation` - -Retrieve a single relation from the directory or raise a `NotFoundError` if no matching relation exists. - -```py -# get the manager of euang@acmecorp.com: -relation = ds.get_relation( - object_type="user", - relation="manager", - subject_type="user", - subject_id="euang@acmecorp.com", -) - -assert relation.object_id - -# include the relation's object and subject in the response: -response = ds.get_relation( - object_type="user", - relation="manager", - subject_type="user", - subject_id="euang@acmecorp.com", - with_relations=True, -) - -assert response.relation.object_id -assert response.subject.display_name == "Euan Garden" -assert response.object.properties["department"] == "Sales" -# -``` - -#### `get_relations` - -Searches the directory for relations matching the specified criteria, optionally including the object and subject -of each returned relation. - -```py -# find all groups a user is a member of: -page = PaginationRequest(size=10) - -while True: - response = ds.get_relations( - object_type="group", - "relation"="member", - "subject_type": "user", - "subject_id": "euang@acmecorp.com", - with_objects=True, - page=page, - ) - - if not response.page.next_token: - break - - page.token = response.page.next_token -``` - -#### `set_relation` - -Create a new relation. - -```py -ds.set_relation( - object_type="group", - object_id="admin", - relation="member", - subject_type="user", - subject_id="euang@acmecorp.com", -) -``` - -#### `delete_relation` - -Delete a relation. - -```py -ds.delete_relation( - object_type="group", - object_id="admin", - relation="member", - subject_type="user", - subject_id="euang@acmecorp.com", -) -``` - -#### `check` - -Check if a subject has a given relation or permission on an object. - -```py -allowed = ds.check( - object_type="folder", - object_id="/path/to/folder", - relation="can_delete", - subject_type="user", - subject_id="euang@acmecorp.com", -) -``` - -#### `get_manifest ` - -Download the directory manifest. - -```py -manifest = ds.get_manifest() - -print(manifest.body) # yaml manifest - -# conditionally get the manifest if its etag has changed -new_manifest = ds.get_manifest(etag=manifest.etag) - -assert new_manifest is None # the manifest hasn't changed -``` - -#### `set_manifest` - -Upload a new directory manifest. - -```py -with open("manifest.yaml", "rb") as f: - manifest = f.read() - -ds.set_manifest(manifest) -``` - -#### `import_data` - -Bulk-insert objects and/or relations to the directory. Returns a summary of the number of objects/relations affected. - -```py -# import an object and a relation. -data = [ - Object(type="user", id="test@acmecorp.com"), - Relation( - object_type="user", - object_id="euang@acmecorp.com", - relation="manager", - subject_type="user", - subject_id="test@acmecorp.com", - ), -] - -response = ds.import_data(data) - -assert response.objects.set == 1 -assert response.object.error == 0 -assert response.relations.set == 1 -assert response.relations.error == 0 -``` - -#### `export_data` - -Bulk-retrieve objects and/or relations from the directory. - - -```py -from aserto.client.directory.v3 import ExportOption, Object, Relation - -# export all objects and relations -for item in ds.export(ExportOption.OPTION_DATA): - if isinstance(item, Object): - print("object:", item) - elif isinstance(item, Relation): - print("relation:", item) -``` - -### Async Directory Client - -You can initialize an asynchronous directory client as follows: - -```py -from aserto.client.directory.v3.aio import Directory - -ds = Directory(api_key="my_api_key", tenant_id="1234", address="localhost:9292") -``` - -The methods on the async directory have the same signatures as their synchronous counterparts. - -### Directory v2 client - -To interact with older instances of the directory service, a v2 client is available with limited functionality. -The v2 client doesn't support `get_manifest`/`set_manifest`, and `import_data`/`export_data`. - -```py -from aserto.client.directory.v2 import Directory -ds = Directory(api_key="my_api_key", tenant_id="1234", address="localhost:9292") -``` - -## License - -This project is licensed under the MIT license. See the [LICENSE](https://github.com/aserto-dev/aserto-python/blob/main/LICENSE) file for more info. diff --git a/packages/aserto/src/aserto/client/py.typed b/packages/aserto/src/aserto/client/py.typed deleted file mode 100644 index e69de29..0000000 diff --git a/packages/aserto/test/__init__.py b/packages/aserto/test/__init__.py deleted file mode 100644 index e69de29..0000000 diff --git a/packages/flask-aserto/README.md b/packages/flask-aserto/README.md deleted file mode 100644 index 162e312..0000000 --- a/packages/flask-aserto/README.md +++ /dev/null @@ -1,37 +0,0 @@ -# Aserto Flask middleware -This is the official library for integrating [Aserto](https://www.aserto.com/) authorization into your [Flask](https://github.com/pallets/flask) applications. - -For a example of what this looks like in a running Flask app and guidance on connecting an identity provider, see the [PeopleFinder app example](https://github.com/aserto-dev/aserto-python/tree/main/packages/flask-aserto/peoplefinder_example). - -## Features -### Add authorization checks to your routes -```py -from flask_aserto import AsertoMiddleware, AuthorizationError - - -app = Flask(__name__) -aserto = AsertoMiddleware(**aserto_options) - - -@app.route("/api/users/", methods=["GET"]) -@aserto.authorize -def api_user(id: str) -> Response: - # Raises an AuthorizationError if the `GET.api.users.__id` - # policy returns a decision of "allowed = false" - ... -``` -### Automatically create a route to serve a [Display State Map](https://docs.aserto.com/docs/authorizer-guide/display-state-map) -```py -# Defaults to creating a route at the path "/__displaystatemap" -aserto.register_display_state_map(app) -``` -### Perform more finely controlled authorization checks -```py -@app.route("/api/users/", methods=["GET"]) -async def api_user(id: str) -> Response: - # This also automatically knows to check the `GET.api.users.__id` policy - if not await aserto.check("allowed"): - raise AuthorizationError() - - ... -``` diff --git a/packages/flask-aserto/poetry.lock b/packages/flask-aserto/poetry.lock deleted file mode 100644 index 293cae6..0000000 --- a/packages/flask-aserto/poetry.lock +++ /dev/null @@ -1,647 +0,0 @@ -[[package]] -name = "aiohttp" -version = "3.9.1" -description = "Async http client/server framework (asyncio)" -category = "main" -optional = false -python-versions = ">=3.8" - -[package.dependencies] -aiosignal = ">=1.1.2" -async-timeout = {version = ">=4.0,<5.0", markers = "python_version < \"3.11\""} -attrs = ">=17.3.0" -frozenlist = ">=1.1.1" -multidict = ">=4.5,<7.0" -yarl = ">=1.0,<2.0" - -[package.extras] -speedups = ["brotlicffi", "brotli", "aiodns"] - -[[package]] -name = "aiosignal" -version = "1.3.1" -description = "aiosignal: a list of registered asynchronous callbacks" -category = "main" -optional = false -python-versions = ">=3.7" - -[package.dependencies] -frozenlist = ">=1.1.0" - -[[package]] -name = "aserto" -version = "0.30.1" -description = "Aserto API client" -category = "main" -optional = false -python-versions = ">=3.8,<4.0" - -[package.dependencies] -aiohttp = ">=3.8.0,<4.0.0" -aserto-authorizer = ">=0.20.2,<0.21.0" -aserto-directory = ">=0.30.0,<0.31.0" -grpcio = ">=1.49.0,<2.0.0" -protobuf = ">=4.21.0,<5.0.0" - -[[package]] -name = "aserto-authorizer" -version = "0.20.2" -description = "gRPC client for Aserto Authorizer service instances" -category = "main" -optional = false -python-versions = ">=3.8,<4.0" - -[package.dependencies] -grpcio = ">=1.49,<2.0" -protobuf = ">=4.21.0,<5.0.0" - -[[package]] -name = "aserto-directory" -version = "0.30.0" -description = "gRPC client for Aserto Directory service instances" -category = "main" -optional = false -python-versions = ">=3.8,<4" - -[package.dependencies] -grpcio = ">=1.49,<2.0" -protobuf = ">=4.21.0,<5.0.0" -protovalidate = {version = ">=0.3.0,<0.4.0", markers = "python_version >= \"3.11\""} - -[[package]] -name = "asgiref" -version = "3.7.2" -description = "ASGI specs, helper code, and adapters" -category = "main" -optional = false -python-versions = ">=3.7" - -[package.dependencies] -typing-extensions = {version = ">=4", markers = "python_version < \"3.11\""} - -[package.extras] -tests = ["pytest", "pytest-asyncio", "mypy (>=0.800)"] - -[[package]] -name = "async-timeout" -version = "4.0.3" -description = "Timeout context manager for asyncio programs" -category = "main" -optional = false -python-versions = ">=3.7" - -[[package]] -name = "attrs" -version = "23.1.0" -description = "Classes Without Boilerplate" -category = "main" -optional = false -python-versions = ">=3.7" - -[package.extras] -cov = ["attrs", "coverage[toml] (>=5.3)"] -dev = ["attrs", "pre-commit"] -docs = ["furo", "myst-parser", "sphinx", "sphinx-notfound-page", "sphinxcontrib-towncrier", "towncrier", "zope-interface"] -tests = ["attrs", "zope-interface"] -tests-no-zope = ["cloudpickle", "hypothesis", "mypy (>=1.1.1)", "pympler", "pytest-mypy-plugins", "pytest-xdist", "pytest (>=4.3.0)"] - -[[package]] -name = "babel" -version = "2.13.1" -description = "Internationalization utilities" -category = "main" -optional = false -python-versions = ">=3.7" - -[package.extras] -dev = ["pytest (>=6.0)", "pytest-cov", "freezegun (>=1.0,<2.0)"] - -[[package]] -name = "black" -version = "23.11.0" -description = "The uncompromising code formatter." -category = "dev" -optional = false -python-versions = ">=3.8" - -[package.dependencies] -click = ">=8.0.0" -mypy-extensions = ">=0.4.3" -packaging = ">=22.0" -pathspec = ">=0.9.0" -platformdirs = ">=2" -tomli = {version = ">=1.1.0", markers = "python_version < \"3.11\""} -typing-extensions = {version = ">=4.0.1", markers = "python_version < \"3.11\""} - -[package.extras] -colorama = ["colorama (>=0.4.3)"] -d = ["aiohttp (>=3.7.4)"] -jupyter = ["ipython (>=7.8.0)", "tokenize-rt (>=3.2.0)"] -uvloop = ["uvloop (>=0.15.2)"] - -[[package]] -name = "blinker" -version = "1.7.0" -description = "Fast, simple object-to-object and broadcast signaling" -category = "main" -optional = false -python-versions = ">=3.8" - -[[package]] -name = "cel-python" -version = "0.1.5" -description = "Pure Python CEL Implementation" -category = "main" -optional = false -python-versions = ">=3.7, <4" - -[package.dependencies] -babel = ">=2.9.0" -jmespath = ">=0.10.0" -lark-parser = ">=0.10.1" -python-dateutil = ">=2.8.1" -pyyaml = ">=5.4.1" -requests = ">=2.25.1" -urllib3 = ">=1.26.4" - -[[package]] -name = "certifi" -version = "2023.11.17" -description = "Python package for providing Mozilla's CA Bundle." -category = "main" -optional = false -python-versions = ">=3.6" - -[[package]] -name = "charset-normalizer" -version = "3.3.2" -description = "The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet." -category = "main" -optional = false -python-versions = ">=3.7.0" - -[[package]] -name = "click" -version = "8.1.7" -description = "Composable command line interface toolkit" -category = "main" -optional = false -python-versions = ">=3.7" - -[package.dependencies] -colorama = {version = "*", markers = "platform_system == \"Windows\""} - -[[package]] -name = "colorama" -version = "0.4.6" -description = "Cross-platform colored terminal text." -category = "main" -optional = false -python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*,>=2.7" - -[[package]] -name = "exceptiongroup" -version = "1.2.0" -description = "Backport of PEP 654 (exception groups)" -category = "dev" -optional = false -python-versions = ">=3.7" - -[package.extras] -test = ["pytest (>=6)"] - -[[package]] -name = "flask" -version = "3.0.0" -description = "A simple framework for building complex web applications." -category = "main" -optional = false -python-versions = ">=3.8" - -[package.dependencies] -asgiref = {version = ">=3.2", optional = true, markers = "extra == \"async\""} -blinker = ">=1.6.2" -click = ">=8.1.3" -importlib-metadata = {version = ">=3.6.0", markers = "python_version < \"3.10\""} -itsdangerous = ">=2.1.2" -Jinja2 = ">=3.1.2" -Werkzeug = ">=3.0.0" - -[package.extras] -async = ["asgiref (>=3.2)"] -dotenv = ["python-dotenv"] - -[[package]] -name = "flask-cors" -version = "4.0.0" -description = "A Flask extension adding a decorator for CORS support" -category = "main" -optional = false -python-versions = "*" - -[package.dependencies] -Flask = ">=0.9" - -[[package]] -name = "frozenlist" -version = "1.4.0" -description = "A list-like structure which implements collections.abc.MutableSequence" -category = "main" -optional = false -python-versions = ">=3.8" - -[[package]] -name = "grpcio" -version = "1.59.3" -description = "HTTP/2-based RPC framework" -category = "main" -optional = false -python-versions = ">=3.7" - -[package.extras] -protobuf = ["grpcio-tools (>=1.59.3)"] - -[[package]] -name = "idna" -version = "3.6" -description = "Internationalized Domain Names in Applications (IDNA)" -category = "main" -optional = false -python-versions = ">=3.5" - -[[package]] -name = "importlib-metadata" -version = "6.8.0" -description = "Read metadata from Python packages" -category = "main" -optional = false -python-versions = ">=3.8" - -[package.dependencies] -zipp = ">=0.5" - -[package.extras] -docs = ["sphinx (>=3.5)", "jaraco.packaging (>=9)", "rst.linker (>=1.9)", "furo", "sphinx-lint", "jaraco.tidelift (>=1.4)"] -perf = ["ipython"] -testing = ["pytest (>=6)", "pytest-checkdocs (>=2.4)", "pytest-cov", "pytest-enabler (>=2.2)", "pytest-ruff", "packaging", "pyfakefs", "flufl.flake8", "pytest-perf (>=0.9.2)", "pytest-black (>=0.3.7)", "pytest-mypy (>=0.9.1)", "importlib-resources (>=1.3)"] - -[[package]] -name = "iniconfig" -version = "2.0.0" -description = "brain-dead simple config-ini parsing" -category = "dev" -optional = false -python-versions = ">=3.7" - -[[package]] -name = "isort" -version = "5.12.0" -description = "A Python utility / library to sort Python imports." -category = "dev" -optional = false -python-versions = ">=3.8.0" - -[package.extras] -colors = ["colorama (>=0.4.3)"] -requirements-deprecated-finder = ["pip-api", "pipreqs"] -pipfile-deprecated-finder = ["pip-shims (>=0.5.2)", "pipreqs", "requirementslib"] -plugins = ["setuptools"] - -[[package]] -name = "itsdangerous" -version = "2.1.2" -description = "Safely pass data to untrusted environments and back." -category = "main" -optional = false -python-versions = ">=3.7" - -[[package]] -name = "jinja2" -version = "3.1.2" -description = "A very fast and expressive template engine." -category = "main" -optional = false -python-versions = ">=3.7" - -[package.dependencies] -MarkupSafe = ">=2.0" - -[package.extras] -i18n = ["Babel (>=2.7)"] - -[[package]] -name = "jmespath" -version = "1.0.1" -description = "JSON Matching Expressions" -category = "main" -optional = false -python-versions = ">=3.7" - -[[package]] -name = "lark-parser" -version = "0.12.0" -description = "a modern parsing library" -category = "main" -optional = false -python-versions = "*" - -[package.extras] -atomic_cache = ["atomicwrites"] -nearley = ["js2py"] -regex = ["regex"] - -[[package]] -name = "markupsafe" -version = "2.1.3" -description = "Safely add untrusted strings to HTML/XML markup." -category = "main" -optional = false -python-versions = ">=3.7" - -[[package]] -name = "multidict" -version = "6.0.4" -description = "multidict implementation" -category = "main" -optional = false -python-versions = ">=3.7" - -[[package]] -name = "mypy-extensions" -version = "1.0.0" -description = "Type system extensions for programs checked with the mypy type checker." -category = "dev" -optional = false -python-versions = ">=3.5" - -[[package]] -name = "nodeenv" -version = "1.8.0" -description = "Node.js virtual environment builder" -category = "dev" -optional = false -python-versions = ">=2.7,!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*" - -[[package]] -name = "packaging" -version = "23.2" -description = "Core utilities for Python packages" -category = "dev" -optional = false -python-versions = ">=3.7" - -[[package]] -name = "pathspec" -version = "0.11.2" -description = "Utility library for gitignore style pattern matching of file paths." -category = "dev" -optional = false -python-versions = ">=3.7" - -[[package]] -name = "platformdirs" -version = "4.0.0" -description = "A small Python package for determining appropriate platform-specific dirs, e.g. a \"user data dir\"." -category = "dev" -optional = false -python-versions = ">=3.7" - -[package.extras] -docs = ["furo (>=2023.7.26)", "proselint (>=0.13)", "sphinx-autodoc-typehints (>=1.24)", "sphinx (>=7.1.1)"] -test = ["appdirs (==1.4.4)", "covdefaults (>=2.3)", "pytest-cov (>=4.1)", "pytest-mock (>=3.11.1)", "pytest (>=7.4)"] - -[[package]] -name = "pluggy" -version = "1.3.0" -description = "plugin and hook calling mechanisms for python" -category = "dev" -optional = false -python-versions = ">=3.8" - -[package.extras] -dev = ["pre-commit", "tox"] -testing = ["pytest", "pytest-benchmark"] - -[[package]] -name = "protobuf" -version = "4.25.1" -description = "" -category = "main" -optional = false -python-versions = ">=3.8" - -[[package]] -name = "protovalidate" -version = "0.3.0" -description = "Protocol Buffer Validation for Python" -category = "main" -optional = false -python-versions = ">=3.11" - -[package.dependencies] -cel-python = "*" -protobuf = "*" - -[[package]] -name = "pyright" -version = "1.1.337" -description = "Command line wrapper for pyright" -category = "dev" -optional = false -python-versions = ">=3.7" - -[package.dependencies] -nodeenv = ">=1.6.0" - -[package.extras] -all = ["twine (>=3.4.1)"] -dev = ["twine (>=3.4.1)"] - -[[package]] -name = "pytest" -version = "7.4.3" -description = "pytest: simple powerful testing with Python" -category = "dev" -optional = false -python-versions = ">=3.7" - -[package.dependencies] -colorama = {version = "*", markers = "sys_platform == \"win32\""} -exceptiongroup = {version = ">=1.0.0rc8", markers = "python_version < \"3.11\""} -iniconfig = "*" -packaging = "*" -pluggy = ">=0.12,<2.0" -tomli = {version = ">=1.0.0", markers = "python_version < \"3.11\""} - -[package.extras] -testing = ["argcomplete", "attrs (>=19.2.0)", "hypothesis (>=3.56)", "mock", "nose", "pygments (>=2.7.2)", "requests", "setuptools", "xmlschema"] - -[[package]] -name = "python-dateutil" -version = "2.8.2" -description = "Extensions to the standard Python datetime module" -category = "main" -optional = false -python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,>=2.7" - -[package.dependencies] -six = ">=1.5" - -[[package]] -name = "pyyaml" -version = "6.0.1" -description = "YAML parser and emitter for Python" -category = "main" -optional = false -python-versions = ">=3.6" - -[[package]] -name = "requests" -version = "2.31.0" -description = "Python HTTP for Humans." -category = "main" -optional = false -python-versions = ">=3.7" - -[package.dependencies] -certifi = ">=2017.4.17" -charset-normalizer = ">=2,<4" -idna = ">=2.5,<4" -urllib3 = ">=1.21.1,<3" - -[package.extras] -socks = ["PySocks (>=1.5.6,!=1.5.7)"] -use_chardet_on_py3 = ["chardet (>=3.0.2,<6)"] - -[[package]] -name = "six" -version = "1.16.0" -description = "Python 2 and 3 compatibility utilities" -category = "main" -optional = false -python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*" - -[[package]] -name = "tomli" -version = "2.0.1" -description = "A lil' TOML parser" -category = "dev" -optional = false -python-versions = ">=3.7" - -[[package]] -name = "typing-extensions" -version = "4.8.0" -description = "Backported and Experimental Type Hints for Python 3.8+" -category = "main" -optional = false -python-versions = ">=3.8" - -[[package]] -name = "urllib3" -version = "2.1.0" -description = "HTTP library with thread-safe connection pooling, file post, and more." -category = "main" -optional = false -python-versions = ">=3.8" - -[package.extras] -brotli = ["brotli (>=1.0.9)", "brotlicffi (>=0.8.0)"] -socks = ["pysocks (>=1.5.6,!=1.5.7,<2.0)"] -zstd = ["zstandard (>=0.18.0)"] - -[[package]] -name = "werkzeug" -version = "3.0.1" -description = "The comprehensive WSGI web application library." -category = "main" -optional = false -python-versions = ">=3.8" - -[package.dependencies] -MarkupSafe = ">=2.1.1" - -[package.extras] -watchdog = ["watchdog (>=2.3)"] - -[[package]] -name = "yarl" -version = "1.9.3" -description = "Yet another URL library" -category = "main" -optional = false -python-versions = ">=3.7" - -[package.dependencies] -idna = ">=2.0" -multidict = ">=4.0" - -[[package]] -name = "zipp" -version = "3.17.0" -description = "Backport of pathlib-compatible object wrapper for zip files" -category = "main" -optional = false -python-versions = ">=3.8" - -[package.extras] -docs = ["sphinx (>=3.5)", "sphinx (<7.2.5)", "jaraco.packaging (>=9.3)", "rst.linker (>=1.9)", "furo", "sphinx-lint", "jaraco.tidelift (>=1.4)"] -testing = ["pytest (>=6)", "pytest-checkdocs (>=2.4)", "pytest-cov", "pytest-enabler (>=2.2)", "pytest-ruff", "jaraco.itertools", "jaraco.functools", "more-itertools", "big-o", "pytest-ignore-flaky", "pytest-black (>=0.3.7)", "pytest-mypy (>=0.9.1)"] - -[metadata] -lock-version = "1.1" -python-versions = "^3.8" -content-hash = "c14d278390ba11bb3cfba8cb91919fe82465ad9ab0f7d8440978c2d845b6f491" - -[metadata.files] -aiohttp = [] -aiosignal = [] -aserto = [] -aserto-authorizer = [] -aserto-directory = [] -asgiref = [] -async-timeout = [] -attrs = [] -babel = [] -black = [] -blinker = [] -cel-python = [] -certifi = [] -charset-normalizer = [] -click = [] -colorama = [] -exceptiongroup = [] -flask = [] -flask-cors = [] -frozenlist = [] -grpcio = [] -idna = [] -importlib-metadata = [] -iniconfig = [] -isort = [] -itsdangerous = [] -jinja2 = [] -jmespath = [] -lark-parser = [] -markupsafe = [] -multidict = [] -mypy-extensions = [] -nodeenv = [] -packaging = [] -pathspec = [] -platformdirs = [] -pluggy = [] -protobuf = [] -protovalidate = [] -pyright = [] -pytest = [] -python-dateutil = [] -pyyaml = [] -requests = [] -six = [] -tomli = [] -typing-extensions = [] -urllib3 = [] -werkzeug = [] -yarl = [] -zipp = [] diff --git a/packages/flask-aserto/pyproject.toml b/packages/flask-aserto/pyproject.toml deleted file mode 100644 index c229585..0000000 --- a/packages/flask-aserto/pyproject.toml +++ /dev/null @@ -1,54 +0,0 @@ -[tool.poetry] -name = "flask-aserto" -version = "0.30.3" -description = "Aserto integration for Flask" -readme = "README.md" -authors = ["Aserto, Inc. "] -maintainers = ["authereal "] -homepage = "https://github.com/aserto-dev/aserto-python/tree/HEAD/packages/flask-aserto" -repository = "https://github.com/aserto-dev/aserto-python/tree/HEAD/packages/flask-aserto" -documentation = "https://github.com/aserto-dev/aserto-python/tree/HEAD/packages/flask-aserto" -license = "Apache-2.0" -classifiers = [ - "Intended Audience :: Developers", - "License :: OSI Approved :: Apache Software License", - "Operating System :: OS Independent", - "Programming Language :: Python", - "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3 :: Only", - "Programming Language :: Python :: 3.8", - "Programming Language :: Python :: 3.9", - "Programming Language :: Python :: 3.10", - "Programming Language :: Python :: 3.11", - "Topic :: Software Development :: Libraries", - "Typing :: Typed", -] -packages = [ - {include = "flask_aserto", from = "src"} -] - -[tool.poetry.dependencies] -python = "^3.8" -Flask = {version = ">=2.0.0,<4.0.0", extras = ["async"]} -Flask-Cors = ">=3.0.0,<5.0.0" -grpcio = "^1.49.0" -protobuf = "^4.21.0" -aserto = "^0.30.1" - -[tool.poetry.dev-dependencies] -black = "^23.0" -isort= "^5.9.0" -pyright = "^1.1.0" -pytest = "^7.4.0" - -[tool.black] -line-length = 100 -target-version = ["py38"] - -[tool.isort] -profile = "black" - -[build-system] -requires = ["poetry-core>=1.0.0"] -build-backend = "poetry.core.masonry.api" - diff --git a/packages/flask-aserto/src/flask_aserto/__init__.py b/packages/flask-aserto/src/flask_aserto/__init__.py deleted file mode 100644 index 5f21f36..0000000 --- a/packages/flask-aserto/src/flask_aserto/__init__.py +++ /dev/null @@ -1,5 +0,0 @@ -from .middleware import AsertoMiddleware -from .check import CheckMiddleware, CheckOptions -from ._defaults import AuthorizationError - -__all__ = ["AsertoMiddleware", "AuthorizationError", "CheckMiddleware", "CheckOptions"] diff --git a/packages/flask-aserto/src/flask_aserto/_defaults.py b/packages/flask-aserto/src/flask_aserto/_defaults.py deleted file mode 100644 index 0f2a18e..0000000 --- a/packages/flask-aserto/src/flask_aserto/_defaults.py +++ /dev/null @@ -1,57 +0,0 @@ -import re -from dataclasses import dataclass -from typing import Callable, TypeVar, Any - -from aserto.client import Identity, ResourceContext -from flask import request - -__all__ = [ - "create_default_policy_path_resolver", - "DEFAULT_RESOURCE_CONTEXT_PROVIDER_FOR_ENDPOINT", - "DEFAULT_RESOURCE_CONTEXT_PROVIDER_FOR_DISPLAY_STATE_MAP", -] - -@dataclass -class Obj: - id: str - objType: str - - -IdentityMapper = Callable[[], Identity] -StringMapper = Callable[[], str] -ObjectMapper = Callable[[], Obj] -ResourceMapper = Callable[[], ResourceContext] -DEFAULT_DISPLAY_STATE_MAP_ENDPOINT = "/__displaystatemap" - -@dataclass(frozen=True) -class AuthorizationError(Exception): - policy_instance_name: str - policy_path: str - - -Handler = TypeVar("Handler", bound=Callable[..., Any]) - - -def DEFAULT_RESOURCE_CONTEXT_PROVIDER_FOR_ENDPOINT() -> ResourceContext: - return request.view_args or {} - - -def DEFAULT_RESOURCE_CONTEXT_PROVIDER_FOR_DISPLAY_STATE_MAP() -> ResourceContext: - return request.get_json(silent=True) or {} - - -def create_default_policy_path_resolver(policy_root: str) -> StringMapper: - def default_policy_path_resolver() -> str: - rule_string = str(request.url_rule) - policy_sub_path = policy_path_heuristic(rule_string) - return f"{policy_root}.{request.method.upper()}{policy_sub_path}" - - return default_policy_path_resolver - - -def policy_path_heuristic(path: str) -> str: - # Replace route arguments surrounded in angle brackets to being - # prefixed with two underscores, e.g. -> __id - path = re.sub("<([^:]*)(:[^>]*)?>", r"__\1", path) - path = path.replace("/", ".") - return path diff --git a/packages/flask-aserto/src/flask_aserto/aio/__init__.py b/packages/flask-aserto/src/flask_aserto/aio/__init__.py deleted file mode 100644 index 974bdba..0000000 --- a/packages/flask-aserto/src/flask_aserto/aio/__init__.py +++ /dev/null @@ -1,6 +0,0 @@ -from .middleware import AsertoMiddleware -from .check import CheckMiddleware, CheckOptions -from ._defaults import AuthorizationError - - -__all__ = ["AsertoMiddleware", "AuthorizationError", "CheckMiddleware", "CheckOptions"] diff --git a/packages/flask-aserto/src/flask_aserto/aio/_defaults.py b/packages/flask-aserto/src/flask_aserto/aio/_defaults.py deleted file mode 100644 index 8c6b24d..0000000 --- a/packages/flask-aserto/src/flask_aserto/aio/_defaults.py +++ /dev/null @@ -1,66 +0,0 @@ -import re -from dataclasses import dataclass -from typing import Awaitable, Callable, Any, TypeVar - -from aserto.client import Identity, ResourceContext -from flask import request - -__all__ = [ - "create_default_policy_path_resolver", - "DEFAULT_RESOURCE_CONTEXT_PROVIDER_FOR_ENDPOINT", - "DEFAULT_RESOURCE_CONTEXT_PROVIDER_FOR_DISPLAY_STATE_MAP", - "policy_path_heuristic", -] - - -@dataclass -class Obj: - id: str - objType: str - -@dataclass(frozen=True) -class AuthorizationError(Exception): - policy_instance_name: str - policy_path: str - - -Handler = TypeVar("Handler", bound=Callable[..., Awaitable[Any]]) - - -DEFAULT_DISPLAY_STATE_MAP_ENDPOINT = "/__displaystatemap" - -IdentityMapper = Callable[[], Awaitable[Identity]] -StringMapper = Callable[[], Awaitable[str]] -ObjectMapper = Callable[[], Awaitable[Obj]] -ResourceMapper = Callable[[], Awaitable[ResourceContext]] - - -def DEFAULT_RESOURCE_CONTEXT_PROVIDER_FOR_ENDPOINT() -> ResourceMapper: - async def view_args() -> ResourceContext: - return request.view_args or {} - - return view_args - - -def DEFAULT_RESOURCE_CONTEXT_PROVIDER_FOR_DISPLAY_STATE_MAP() -> ResourceMapper: - async def get_json_from_request() -> ResourceContext: - return request.get_json(silent=True) or {} - - return get_json_from_request - - -def create_default_policy_path_resolver(policy_root: str) -> StringMapper: - async def default_policy_path_resolver() -> str: - rule_string = str(request.url_rule) - policy_sub_path = policy_path_heuristic(rule_string) - return f"{policy_root}.{request.method.upper()}{policy_sub_path}" - - return default_policy_path_resolver - - -def policy_path_heuristic(path: str) -> str: - # Replace route arguments surrounded in angle brackets to being - # prefixed with two underscores, e.g. -> __id - path = re.sub("<([^:]*)(:[^>]*)?>", r"__\1", path) - path = path.replace("/", ".") - return path diff --git a/packages/flask-aserto/src/flask_aserto/aio/check.py b/packages/flask-aserto/src/flask_aserto/aio/check.py deleted file mode 100644 index cb9fd76..0000000 --- a/packages/flask-aserto/src/flask_aserto/aio/check.py +++ /dev/null @@ -1,195 +0,0 @@ -from dataclasses import dataclass -from functools import wraps -from typing import Any, Callable, Optional, Union, cast, TYPE_CHECKING -if TYPE_CHECKING: - from .middleware import AsertoMiddleware - -from aserto.client import ResourceContext -from flask.wrappers import Response - -from ._defaults import ( - IdentityMapper, - StringMapper, - ResourceMapper, - ObjectMapper, - Obj, - AuthorizationError, - Handler -) - -@dataclass(frozen=True) -class CheckOptions: - """ - Check options class used to create a new instance of Check Middleware - """ - objId: Optional[str] = "" - objType: Optional[str] = "" - objIdMapper: Optional[StringMapper] = None - objMapper: Optional[ObjectMapper] = None - relationName: Optional[str] = "" - relationMapper: Optional[StringMapper] = None - subjType: Optional[str] = "" - subjMapper: Optional[IdentityMapper] = None - policyPath: Optional[str] = "" - policyRoot: Optional[str] = "" - policyPathMapper: Optional[StringMapper] = None - - - -def build_resource_context_mapper( - opts: CheckOptions -) -> ResourceMapper: - - async def resource() -> ResourceContext: - objid = ( - opts.objId - if opts.objId is not None - else "" - ) - objtype = ( - opts.objType - if opts.objType is not None - else "" - ) - - obj = ( - await opts.objMapper() - if opts.objMapper is not None - else Obj(id=objid, objType=objtype) - ) - - obj.id = ( - await opts.objIdMapper() - if opts.objIdMapper is not None - else obj.id - ) - - relation = ( - await opts.relationMapper() - if opts.relationMapper is not None - else opts.relationName - ) - - subjType = ( - opts.subjType - if opts.subjType != "" - else "user" - ) - - return {"relation": relation, - "object_type": obj.objType, - "object_id": obj.id, - "subject_type": subjType} - - return resource - -class CheckMiddleware: - def __init__( - self, - *, - options: CheckOptions, - aserto_middleware: "AsertoMiddleware", - ): - self._aserto_middleware = aserto_middleware - - self._identity_provider = ( - options.subjMapper - if options.subjMapper is not None - else aserto_middleware._identity_provider - ) - - self._resource_context_provider = build_resource_context_mapper(options) - self._options = options - - def _with_overrides(self, **kwargs: Any) -> "CheckMiddleware": - return ( - self - if not kwargs - else CheckMiddleware( - aserto_middleware=self._aserto_middleware, - options = CheckOptions( - relationName=kwargs.get("relation_name", self._options.relationName), - relationMapper=kwargs.get("relation_mapper", self._options.relationMapper), - policyPath=kwargs.get("policy_path", self._options.policyPath), - policyRoot=kwargs.get("policy_root", self._options.policyRoot), - subjMapper=kwargs.get("identity_provider", self._identity_provider), - objId=kwargs.get("object_id", self._options.objId), - objType=kwargs.get("object_type", self._options.objType), - objIdMapper=kwargs.get("object_id_mapper", self._options.objIdMapper), - objMapper=kwargs.get("object_mapper", self._options.objMapper), - subjType=self._options.subjType, - policyPathMapper=self._options.policyPathMapper, - ), - ) - ) - - def _build_policy_path_mapper(self) -> StringMapper: - async def mapper() -> str: - policy_path = "" - if self._options.policyPathMapper is not None: - policy_path = await self._options.policyPathMapper() - if policy_path == "": - policy_path = "check" - policy_root = self._options.policyRoot or self._aserto_middleware._policy_path_root - if policy_root: - policy_path = f"{policy_root}.{policy_path}" - return policy_path - - return mapper - - async def authorize( - self, - *args: Any, - **kwargs: Any, - ) -> Union[Handler, Callable[[Handler], Handler]]: - arguments_error = TypeError( - f"{self.authorize.__name__}() expects either exactly 1 callable" - " 'handler' argument or at least 1 'options' argument" - ) - - handler: Optional[Handler] = None - - if not args and kwargs.keys() == {"handler"}: - handler = kwargs["handler"] - elif not kwargs and len(args) == 1: - (handler,) = args - - if handler is not None: - if not callable(handler): - raise arguments_error - return self._authorize(handler) - - if args: - raise arguments_error - - return self._with_overrides(**kwargs)._authorize - - def _authorize(self, handler: Handler) -> Handler: - if self._aserto_middleware._policy_instance_name == None: - raise TypeError(f"{self._aserto_middleware._policy_instance_name}() should not be None") - - if self._aserto_middleware._policy_instance_label == None: - self._aserto_middleware._policy_instance_label = self._aserto_middleware._policy_instance_name - - @wraps(handler) - async def decorated(*args: Any, **kwargs: Any) -> Response: - - policy_mapper = self._build_policy_path_mapper() - resource_context = await self._resource_context_provider() - decision = await self._aserto_middleware.is_allowed( - decision="allowed", - authorizer_options=self._aserto_middleware._authorizer_options, - identity_provider=self._identity_provider, - policy_instance_name=self._aserto_middleware._policy_instance_name or "", - policy_instance_label=self._aserto_middleware._policy_instance_label or "", - policy_path_root=self._options.policyRoot or self._aserto_middleware._policy_path_root, - policy_path_resolver=policy_mapper, - resource_context_provider=resource_context, - ) - - if not decision: - raise AuthorizationError(policy_instance_name=self._aserto_middleware._policy_instance_name, policy_path=policy_mapper()) # type: ignore[arg-type] - - return await handler(*args, **kwargs) - - return cast(Handler, decorated) \ No newline at end of file diff --git a/packages/flask-aserto/src/flask_aserto/aio/middleware.py b/packages/flask-aserto/src/flask_aserto/aio/middleware.py deleted file mode 100644 index b32a3aa..0000000 --- a/packages/flask-aserto/src/flask_aserto/aio/middleware.py +++ /dev/null @@ -1,247 +0,0 @@ -from asyncio import gather -from functools import wraps -from typing import Any, Callable, Optional, Union, cast, overload - -from aserto.client import AuthorizerOptions, ResourceContext -from aserto.client.authorizer.aio import AuthorizerClient -from flask import Flask, jsonify -from flask.wrappers import Response - -from .check import CheckMiddleware, CheckOptions - -from ._defaults import ( - DEFAULT_DISPLAY_STATE_MAP_ENDPOINT, - DEFAULT_RESOURCE_CONTEXT_PROVIDER_FOR_DISPLAY_STATE_MAP, - DEFAULT_RESOURCE_CONTEXT_PROVIDER_FOR_ENDPOINT, - IdentityMapper, - ResourceMapper, - StringMapper, - create_default_policy_path_resolver, - Handler, - ObjectMapper, - AuthorizationError -) - - -class AsertoMiddleware: - def __init__( - self, - *, - authorizer_options: AuthorizerOptions, - policy_path_root: str, - identity_provider: IdentityMapper, - policy_instance_name: Optional[str] = None, - policy_instance_label: Optional[str] = None, - policy_path_resolver: Optional[StringMapper] = None, - resource_context_provider: Optional[ResourceMapper] = None, - ) -> None: - self._authorizer_options = authorizer_options - self._identity_provider = identity_provider - self._policy_instance_name = policy_instance_name - self._policy_instance_label = policy_instance_label - self._policy_path_root = policy_path_root - - self._policy_path_resolver = ( - policy_path_resolver - if policy_path_resolver is not None - else create_default_policy_path_resolver(policy_path_root) - ) - - self._resource_context_provider = ( - resource_context_provider - if resource_context_provider is not None - else DEFAULT_RESOURCE_CONTEXT_PROVIDER_FOR_ENDPOINT() - ) - - async def _generate_client(self) -> AuthorizerClient: - identity = await self._identity_provider() - - return AuthorizerClient( - identity=identity, - options=self._authorizer_options, - ) - - def _with_overrides(self, **kwargs: Any) -> "AsertoMiddleware": - return ( - self - if not kwargs - else AsertoMiddleware( - authorizer_options=kwargs.get("authorizer", self._authorizer_options), - policy_path_root=kwargs.get("policy_path_root", self._policy_path_root), - identity_provider=kwargs.get("identity_provider", self._identity_provider), - policy_instance_name=kwargs.get("policy_instance_name", self._policy_instance_name), - policy_instance_label=kwargs.get( - "policy_instance_label", self._policy_instance_label - ), - policy_path_resolver=kwargs.get("policy_path_resolver", self._policy_path_resolver), - resource_context_provider=kwargs.get( - "resource_context_provider", self._resource_context_provider - ), - ) - ) - - @overload - async def is_allowed(self, decision: str) -> bool: - ... - - @overload - async def is_allowed( - self, - decision: str, - *, - authorizer_options: AuthorizerOptions = ..., - identity_provider: IdentityMapper = ..., - policy_instance_name: str = ..., - policy_instance_label: str = ..., - policy_path_root: str = ..., - policy_path_resolver: StringMapper = ..., - resource_context_provider: ResourceContext = ..., - ) -> bool: - ... - - async def is_allowed(self, decision: str, **kwargs: Any) -> bool: - return await self._with_overrides(**kwargs)._is_allowed(decision) - - async def _is_allowed(self, decision: str) -> bool: - client = await self._generate_client() - resource_context = await self._resource_context_provider() - policy_path = await self._policy_path_resolver() - - decisions = await client.decisions( - policy_path=policy_path, - decisions=(decision,), - policy_instance_name=self._policy_instance_name, - policy_instance_label=self._policy_instance_label, - resource_context=resource_context, - ) - return decisions[decision] - - @overload - async def authorize(self, handler: Handler) -> Handler: - ... - - @overload - async def authorize( - self, - *, - authorizer_options: AuthorizerOptions = ..., - identity_provider: IdentityMapper = ..., - policy_instance_name: str = ..., - policy_instance_label: str = ..., - policy_path_root: str = ..., - policy_path_resolver: StringMapper = ..., - ) -> Callable[[Handler], Handler]: - ... - - async def authorize( - self, - *args: Any, - **kwargs: Any, - ) -> Union[Handler, Callable[[Handler], Handler]]: - arguments_error = TypeError( - f"{self.authorize.__name__}() expects either exactly 1 callable" - " 'handler' argument or at least 1 'options' argument" - ) - - handler: Optional[Handler] = None - - if not args and kwargs.keys() == {"handler"}: - handler = kwargs["handler"] - elif not kwargs and len(args) == 1: - (handler,) = args - - if handler is not None: - if not callable(handler): - raise arguments_error - return self._authorize(handler) - - if args: - raise arguments_error - - return self._with_overrides(**kwargs)._authorize - - def _authorize(self, handler: Handler) -> Handler: - if self._policy_instance_name == None: - raise TypeError(f"{self._policy_instance_name}() should not be None") - - if self._policy_instance_label == None: - self._policy_instance_label = self._policy_instance_name - - @wraps(handler) - async def decorated(*args: Any, **kwargs: Any) -> Response: - client, policy_path, resource_context = await gather( - self._generate_client(), - self._policy_path_resolver(), - self._resource_context_provider(), - ) - - decisions = await client.decisions( - policy_path=policy_path, - decisions=("allowed",), - policy_instance_name=self._policy_instance_name, - policy_instance_label=self._policy_instance_label, - resource_context=resource_context, - ) - - if not decisions["allowed"]: - raise AuthorizationError( - policy_instance_name=self._policy_instance_name or "", policy_path=policy_path - ) - - return await handler(*args, **kwargs) - - return cast(Handler, decorated) - - def check( - self, - objId: Optional[str] = "", - objType: Optional[str] = "", - objIdMapper: Optional[StringMapper] = None, - objMapper: Optional[ObjectMapper] = None, - relationName: Optional[str] = "", - relationMapper: Optional[StringMapper] = None, - subjType: Optional[str] = "", - subjMapper: Optional[IdentityMapper] = None, - policyPath: Optional[str] = "", - policyRoot: Optional[str] = "", - policyPathMapper: Optional[StringMapper] = None, - ) -> CheckMiddleware: - opts = CheckOptions( - objId=objId, objType=objType,objIdMapper=objIdMapper, - objMapper=objMapper, relationName=relationName, relationMapper=relationMapper, - subjType=subjType, subjMapper=subjMapper, policyRoot=policyRoot, - policyPath=policyPath, policyPathMapper=policyPathMapper) - return CheckMiddleware(options=opts, aserto_middleware=self) - - def register_display_state_map( - self, - app: Flask, - *, - endpoint: str = DEFAULT_DISPLAY_STATE_MAP_ENDPOINT, - resource_context_provider: Optional[ResourceMapper] = None, - ) -> Flask: - @app.route(endpoint, methods=["GET", "POST"]) - async def __displaystatemap() -> Response: - nonlocal resource_context_provider - if resource_context_provider is None: - - resource_context_provider = ( - DEFAULT_RESOURCE_CONTEXT_PROVIDER_FOR_DISPLAY_STATE_MAP() - ) - - client, resource_context = await gather( - self._generate_client(), - resource_context_provider(), - ) - - display_state_map = await client.decision_tree( - policy_path_root=self._policy_path_root, - decisions=["visible", "enabled"], - policy_instance_name=self._policy_instance_name, - policy_instance_label=self._policy_instance_label, - resource_context=resource_context, - policy_path_separator="SLASH", - ) - return jsonify(display_state_map) - - return app diff --git a/packages/flask-aserto/src/flask_aserto/check.py b/packages/flask-aserto/src/flask_aserto/check.py deleted file mode 100644 index 45a70cb..0000000 --- a/packages/flask-aserto/src/flask_aserto/check.py +++ /dev/null @@ -1,194 +0,0 @@ -from dataclasses import dataclass -from functools import wraps -from typing import Any, Callable, Optional, Union, cast, TYPE_CHECKING -if TYPE_CHECKING: - from .middleware import AsertoMiddleware - -from aserto.client import ResourceContext -from flask.wrappers import Response - -from ._defaults import ( - IdentityMapper, - StringMapper, - ResourceMapper, - ObjectMapper, - Obj, - AuthorizationError, - Handler -) - -@dataclass(frozen=True) -class CheckOptions: - """ - Check options class used to create a new instance of Check Middleware - """ - objId: Optional[str] = "" - objType: Optional[str] = "" - objIdMapper: Optional[StringMapper] = None - objMapper: Optional[ObjectMapper] = None - relationName: Optional[str] = "" - relationMapper: Optional[StringMapper] = None - subjType: Optional[str] = "" - subjMapper: Optional[IdentityMapper] = None - policyPath: Optional[str] = "" - policyRoot: Optional[str] = "" - policyPathMapper: Optional[StringMapper] = None - - - -def build_resource_context_mapper( - opts: CheckOptions -) -> ResourceMapper: - - def resource() -> ResourceContext: - objid = ( - opts.objId - if opts.objId is not None - else "" - ) - objtype = ( - opts.objType - if opts.objType is not None - else "" - ) - - obj = ( - opts.objMapper() - if opts.objMapper is not None - else Obj(id=objid, objType=objtype) - ) - - obj.id = ( - opts.objIdMapper() - if opts.objIdMapper is not None - else obj.id - ) - - relation = ( - opts.relationMapper() - if opts.relationMapper is not None - else opts.relationName - ) - - subjType = ( - opts.subjType - if opts.subjType != "" - else "user" - ) - - return {"relation": relation, - "object_type": obj.objType, - "object_id": obj.id, - "subject_type": subjType} - - return resource - -class CheckMiddleware: - def __init__( - self, - *, - options: CheckOptions, - aserto_middleware: "AsertoMiddleware", - ): - self._aserto_middleware = aserto_middleware - - self._identity_provider = ( - options.subjMapper - if options.subjMapper is not None - else aserto_middleware._identity_provider - ) - - self._resource_context_provider = build_resource_context_mapper(options) - self._options = options - - def _with_overrides(self, **kwargs: Any) -> "CheckMiddleware": - return ( - self - if not kwargs - else CheckMiddleware( - aserto_middleware=self._aserto_middleware, - options = CheckOptions( - relationName=kwargs.get("relation_name", self._options.relationName), - relationMapper=kwargs.get("relation_mapper", self._options.relationMapper), - policyPath=kwargs.get("policy_path", self._options.policyPath), - policyRoot=kwargs.get("policy_root", self._options.policyRoot), - subjMapper=kwargs.get("identity_provider", self._identity_provider), - objId=kwargs.get("object_id", self._options.objId), - objType=kwargs.get("object_type", self._options.objType), - objIdMapper=kwargs.get("object_id_mapper", self._options.objIdMapper), - objMapper=kwargs.get("object_mapper", self._options.objMapper), - subjType=self._options.subjType, - policyPathMapper=self._options.policyPathMapper, - ), - ) - ) - - def _build_policy_path_mapper(self) -> StringMapper: - def mapper() -> str: - policy_path = "" - if self._options.policyPathMapper is not None: - policy_path = self._options.policyPathMapper() - if policy_path == "": - policy_path = "check" - policy_root = self._options.policyRoot or self._aserto_middleware._policy_path_root - if policy_root: - policy_path = f"{policy_root}.{policy_path}" - return policy_path - - return mapper - - def authorize( - self, - *args: Any, - **kwargs: Any, - ) -> Union[Handler, Callable[[Handler], Handler]]: - arguments_error = TypeError( - f"{self.authorize.__name__}() expects either exactly 1 callable" - " 'handler' argument or at least 1 'options' argument" - ) - - handler: Optional[Handler] = None - - if not args and kwargs.keys() == {"handler"}: - handler = kwargs["handler"] - elif not kwargs and len(args) == 1: - (handler,) = args - - if handler is not None: - if not callable(handler): - raise arguments_error - return self._authorize(handler) - - if args: - raise arguments_error - - return self._with_overrides(**kwargs)._authorize - - def _authorize(self, handler: Handler) -> Handler: - if self._aserto_middleware._policy_instance_name == None: - raise TypeError(f"{self._aserto_middleware._policy_instance_name}() should not be None") - - if self._aserto_middleware._policy_instance_label == None: - self._aserto_middleware._policy_instance_label = self._aserto_middleware._policy_instance_name - - @wraps(handler) - def decorated(*args: Any, **kwargs: Any) -> Response: - - policy_mapper = self._build_policy_path_mapper() - decision = self._aserto_middleware.is_allowed( - decision="allowed", - authorizer_options=self._aserto_middleware._authorizer_options, - identity_provider=self._identity_provider, - policy_instance_name=self._aserto_middleware._policy_instance_name or "", - policy_instance_label=self._aserto_middleware._policy_instance_label or "", - policy_path_root=self._options.policyRoot or self._aserto_middleware._policy_path_root, - policy_path_resolver=policy_mapper, - resource_context_provider=self._resource_context_provider, - ) - - if not decision: - raise AuthorizationError(policy_instance_name=self._aserto_middleware._policy_instance_name, policy_path=policy_mapper()) # type: ignore[arg-type] - - return handler(*args, **kwargs) - - return cast(Handler, decorated) \ No newline at end of file diff --git a/packages/flask-aserto/src/flask_aserto/middleware.py b/packages/flask-aserto/src/flask_aserto/middleware.py deleted file mode 100644 index ad7197b..0000000 --- a/packages/flask-aserto/src/flask_aserto/middleware.py +++ /dev/null @@ -1,234 +0,0 @@ -from functools import wraps -from typing import Any, Callable, Optional, Union, cast, overload - -from aserto.client import AuthorizerOptions -from aserto.client.authorizer import AuthorizerClient -from flask import Flask, jsonify -from flask.wrappers import Response - -from ._defaults import ( - DEFAULT_DISPLAY_STATE_MAP_ENDPOINT, - DEFAULT_RESOURCE_CONTEXT_PROVIDER_FOR_DISPLAY_STATE_MAP, - DEFAULT_RESOURCE_CONTEXT_PROVIDER_FOR_ENDPOINT, - create_default_policy_path_resolver, - IdentityMapper, - StringMapper, - ResourceMapper, - ObjectMapper, - AuthorizationError, - Handler -) - -from .check import CheckMiddleware, CheckOptions - -class AsertoMiddleware: - def __init__( - self, - *, - authorizer_options: AuthorizerOptions, - policy_path_root: str, - identity_provider: IdentityMapper, - policy_instance_name: Optional[str]= None, - policy_instance_label: Optional[str]= None, - policy_path_resolver: Optional[StringMapper] = None, - resource_context_provider: Optional[ResourceMapper] = None, - ): - self._authorizer_options = authorizer_options - self._identity_provider = identity_provider - self._policy_instance_name = policy_instance_name - self._policy_instance_label = policy_instance_label - self._policy_path_root = policy_path_root - - self._policy_path_resolver = ( - policy_path_resolver - if policy_path_resolver is not None - else create_default_policy_path_resolver(policy_path_root) - ) - - self._resource_context_provider = ( - resource_context_provider - if resource_context_provider is not None - else DEFAULT_RESOURCE_CONTEXT_PROVIDER_FOR_ENDPOINT - ) - - def _generate_client(self) -> AuthorizerClient: - identity = self._identity_provider() - - return AuthorizerClient( - identity=identity, - options=self._authorizer_options, - ) - - def _with_overrides(self, **kwargs: Any) -> "AsertoMiddleware": - return ( - self - if not kwargs - else AsertoMiddleware( - authorizer_options=kwargs.get("authorizer", self._authorizer_options), - policy_path_root=kwargs.get("policy_path_root", self._policy_path_root), - identity_provider=kwargs.get("identity_provider", self._identity_provider), - policy_instance_name=kwargs.get("policy_instance_name", self._policy_instance_name), - policy_instance_label=kwargs.get("policy_instance_label", self._policy_instance_label), - policy_path_resolver=kwargs.get("policy_path_resolver", self._policy_path_resolver), - resource_context_provider=kwargs.get( - "resource_context_provider", self._resource_context_provider - ), - ) - ) - - @overload - def is_allowed(self, decision: str) -> bool: - ... - - @overload - def is_allowed( - self, - decision: str, - *, - authorizer_options: AuthorizerOptions = ..., - identity_provider: IdentityMapper = ..., - policy_instance_name: str = ..., - policy_instance_label: str = ..., - policy_path_root: str = ..., - policy_path_resolver: StringMapper = ..., - resource_context_provider: ResourceMapper = ..., - ) -> bool: - ... - - def is_allowed(self, decision: str, **kwargs: Any) -> bool: - return self._with_overrides(**kwargs)._is_allowed(decision) - - def _is_allowed(self, decision: str) -> bool: - client = self._generate_client() - resource_context = self._resource_context_provider() - policy_path = self._policy_path_resolver() - - decisions = client.decisions( - policy_path=policy_path, - decisions=(decision,), - policy_instance_name=self._policy_instance_name, - policy_instance_label=self._policy_instance_label, - resource_context=resource_context, - ) - return decisions[decision] - - @overload - def authorize(self, handler: Handler) -> Handler: - ... - - @overload - def authorize( - self, - *, - authorizer_options: AuthorizerOptions = ..., - identity_provider: IdentityMapper = ..., - policy_instance_name: str = ..., - policy_instance_label: str = ..., - policy_path_root: str = ..., - policy_path_resolver: StringMapper = ..., - ) -> Callable[[Handler], Handler]: - ... - - def authorize( - self, - *args: Any, - **kwargs: Any, - ) -> Union[Handler, Callable[[Handler], Handler]]: - arguments_error = TypeError( - f"{self.authorize.__name__}() expects either exactly 1 callable" - " 'handler' argument or at least 1 'options' argument" - ) - - handler: Optional[Handler] = None - - if not args and kwargs.keys() == {"handler"}: - handler = kwargs["handler"] - elif not kwargs and len(args) == 1: - (handler,) = args - - if handler is not None: - if not callable(handler): - raise arguments_error - return self._authorize(handler) - - if args: - raise arguments_error - - return self._with_overrides(**kwargs)._authorize - - def _authorize(self, handler: Handler) -> Handler: - if self._policy_instance_name == None: - raise TypeError(f"{self._policy_instance_name}() should not be None") - - if self._policy_instance_label == None: - self._policy_instance_label = self._policy_instance_name - - @wraps(handler) - def decorated(*args: Any, **kwargs: Any) -> Response: - client = self._generate_client() - resource_context = self._resource_context_provider() - policy_path = self._policy_path_resolver() - - decisions = client.decisions( - policy_path=policy_path, - decisions=("allowed",), - policy_instance_name=self._policy_instance_name, - policy_instance_label=self._policy_instance_label, - resource_context=resource_context, - ) - - if not decisions["allowed"]: - raise AuthorizationError(policy_instance_name=self._policy_instance_name, policy_path=policy_path) # type: ignore[arg-type] - - return handler(*args, **kwargs) - - return cast(Handler, decorated) - - def check( - self, - objId: Optional[str] = "", - objType: Optional[str] = "", - objIdMapper: Optional[StringMapper] = None, - objMapper: Optional[ObjectMapper] = None, - relationName: Optional[str] = "", - relationMapper: Optional[StringMapper] = None, - subjType: Optional[str] = "", - subjMapper: Optional[IdentityMapper] = None, - policyPath: Optional[str] = "", - policyRoot: Optional[str] = "", - policyPathMapper: Optional[StringMapper] = None, - ) -> CheckMiddleware: - opts = CheckOptions( - objId=objId, objType=objType,objIdMapper=objIdMapper, - objMapper=objMapper, relationName=relationName, relationMapper=relationMapper, - subjType=subjType, subjMapper=subjMapper, policyRoot=policyRoot, - policyPath=policyPath, policyPathMapper=policyPathMapper) - return CheckMiddleware(options=opts, aserto_middleware=self) - - def register_display_state_map( - self, - app: Flask, - *, - endpoint: str = DEFAULT_DISPLAY_STATE_MAP_ENDPOINT, - resource_context_provider: Optional[ResourceMapper] = None, - ) -> Flask: - @app.route(endpoint, methods=["GET", "POST"]) - def __displaystatemap() -> Response: - nonlocal resource_context_provider - if resource_context_provider is None: - resource_context_provider = DEFAULT_RESOURCE_CONTEXT_PROVIDER_FOR_DISPLAY_STATE_MAP - - client = self._generate_client() - resource_context = resource_context_provider() - - display_state_map = client.decision_tree( - policy_path_root=self._policy_path_root, - decisions=["visible", "enabled"], - policy_instance_name=self._policy_instance_name, - policy_instance_label=self._policy_instance_label, - resource_context=resource_context, - policy_path_separator="SLASH", - ) - return jsonify(display_state_map) - - return app diff --git a/packages/flask-aserto/src/flask_aserto/py.typed b/packages/flask-aserto/src/flask_aserto/py.typed deleted file mode 100644 index e69de29..0000000 diff --git a/packages/flask-aserto/test/__init__.py b/packages/flask-aserto/test/__init__.py deleted file mode 100644 index e69de29..0000000 diff --git a/packages/flask-aserto/test/test_default_policy_path_resolver.py b/packages/flask-aserto/test/test_default_policy_path_resolver.py deleted file mode 100644 index 13b7558..0000000 --- a/packages/flask-aserto/test/test_default_policy_path_resolver.py +++ /dev/null @@ -1,36 +0,0 @@ -from flask import Flask - -from flask_aserto._defaults import ( - create_default_policy_path_resolver, - policy_path_heuristic, -) - - -def test_heuristic() -> None: - assert policy_path_heuristic("/api/users") == ".api.users", "Slashes become dots" - assert policy_path_heuristic("/Upercase") == ".Upercase", "Uppercased stays uppercased" - assert policy_path_heuristic("/dotted.route") == ".dotted.route", "Dots stay dots" - assert ( - policy_path_heuristic("/api/users/") == ".api.users.__id" - ), "Parameters prefixed with double underscores" - assert ( - policy_path_heuristic("/api/users/") == ".api.users.__userID" - ), "Uppercased parameters stay uppercased" - - -def test_policy_route_concatenation() -> None: - resolver = create_default_policy_path_resolver("peoplefinder") - - app = Flask(__name__) - - @app.route("/api/users", methods=["GET", "POST"]) - def api_users() -> str: - return "" - - with app.test_client() as client: - client.get("/api/users") - assert resolver() == "peoplefinder.GET.api.users" - - with app.test_client() as client: - client.post("/api/users") - assert resolver() == "peoplefinder.POST.api.users" diff --git a/packages/flask-aserto/tox.ini b/packages/flask-aserto/tox.ini deleted file mode 100644 index f08f301..0000000 --- a/packages/flask-aserto/tox.ini +++ /dev/null @@ -1,10 +0,0 @@ -[tox] -skipsdist = true -envlist = py37, py38, py39, py310 - -[testenv] -whitelist_externals = poetry -commands = - poetry install -v - poetry run pytest - poetry run mypy src diff --git a/packages/aserto/poetry.lock b/poetry.lock similarity index 100% rename from packages/aserto/poetry.lock rename to poetry.lock diff --git a/packages/aserto/pyproject.toml b/pyproject.toml similarity index 100% rename from packages/aserto/pyproject.toml rename to pyproject.toml diff --git a/packages/aserto/src/aserto/client/__init__.py b/src/aserto/client/__init__.py similarity index 100% rename from packages/aserto/src/aserto/client/__init__.py rename to src/aserto/client/__init__.py diff --git a/packages/aserto/src/aserto/client/_deadline.py b/src/aserto/client/_deadline.py similarity index 100% rename from packages/aserto/src/aserto/client/_deadline.py rename to src/aserto/client/_deadline.py diff --git a/packages/aserto/src/aserto/client/_typing.py b/src/aserto/client/_typing.py similarity index 100% rename from packages/aserto/src/aserto/client/_typing.py rename to src/aserto/client/_typing.py diff --git a/packages/aserto/src/aserto/client/authorizer/__init__.py b/src/aserto/client/authorizer/__init__.py similarity index 100% rename from packages/aserto/src/aserto/client/authorizer/__init__.py rename to src/aserto/client/authorizer/__init__.py diff --git a/packages/aserto/src/aserto/client/authorizer/aio/__init__.py b/src/aserto/client/authorizer/aio/__init__.py similarity index 100% rename from packages/aserto/src/aserto/client/authorizer/aio/__init__.py rename to src/aserto/client/authorizer/aio/__init__.py diff --git a/packages/aserto/src/aserto/client/authorizer/helpers.py b/src/aserto/client/authorizer/helpers.py similarity index 100% rename from packages/aserto/src/aserto/client/authorizer/helpers.py rename to src/aserto/client/authorizer/helpers.py diff --git a/packages/aserto/src/aserto/client/directory/__init__.py b/src/aserto/client/directory/__init__.py similarity index 100% rename from packages/aserto/src/aserto/client/directory/__init__.py rename to src/aserto/client/directory/__init__.py diff --git a/packages/aserto/src/aserto/client/directory/aio/__init__.py b/src/aserto/client/directory/aio/__init__.py similarity index 100% rename from packages/aserto/src/aserto/client/directory/aio/__init__.py rename to src/aserto/client/directory/aio/__init__.py diff --git a/packages/aserto/src/aserto/client/directory/channels.py b/src/aserto/client/directory/channels.py similarity index 100% rename from packages/aserto/src/aserto/client/directory/channels.py rename to src/aserto/client/directory/channels.py diff --git a/packages/aserto/src/aserto/client/directory/v2/__init__.py b/src/aserto/client/directory/v2/__init__.py similarity index 100% rename from packages/aserto/src/aserto/client/directory/v2/__init__.py rename to src/aserto/client/directory/v2/__init__.py diff --git a/packages/aserto/src/aserto/client/directory/v2/aio/__init__.py b/src/aserto/client/directory/v2/aio/__init__.py similarity index 100% rename from packages/aserto/src/aserto/client/directory/v2/aio/__init__.py rename to src/aserto/client/directory/v2/aio/__init__.py diff --git a/packages/aserto/src/aserto/client/directory/v2/helpers.py b/src/aserto/client/directory/v2/helpers.py similarity index 100% rename from packages/aserto/src/aserto/client/directory/v2/helpers.py rename to src/aserto/client/directory/v2/helpers.py diff --git a/packages/aserto/src/aserto/client/directory/v3/__init__.py b/src/aserto/client/directory/v3/__init__.py similarity index 100% rename from packages/aserto/src/aserto/client/directory/v3/__init__.py rename to src/aserto/client/directory/v3/__init__.py diff --git a/packages/aserto/src/aserto/client/directory/v3/aio/__init__.py b/src/aserto/client/directory/v3/aio/__init__.py similarity index 100% rename from packages/aserto/src/aserto/client/directory/v3/aio/__init__.py rename to src/aserto/client/directory/v3/aio/__init__.py diff --git a/packages/aserto/src/aserto/client/directory/v3/helpers.py b/src/aserto/client/directory/v3/helpers.py similarity index 100% rename from packages/aserto/src/aserto/client/directory/v3/helpers.py rename to src/aserto/client/directory/v3/helpers.py diff --git a/packages/aserto/src/aserto/client/identity.py b/src/aserto/client/identity.py similarity index 100% rename from packages/aserto/src/aserto/client/identity.py rename to src/aserto/client/identity.py diff --git a/packages/aserto/src/aserto/client/options.py b/src/aserto/client/options.py similarity index 100% rename from packages/aserto/src/aserto/client/options.py rename to src/aserto/client/options.py diff --git a/packages/aserto-idp/src/aserto_idp/py.typed b/src/aserto/client/py.typed similarity index 100% rename from packages/aserto-idp/src/aserto_idp/py.typed rename to src/aserto/client/py.typed diff --git a/packages/aserto/src/aserto/client/resource_context.py b/src/aserto/client/resource_context.py similarity index 100% rename from packages/aserto/src/aserto/client/resource_context.py rename to src/aserto/client/resource_context.py diff --git a/packages/aserto-idp/src/aserto_idp/__init__.py b/test/__init__.py similarity index 100% rename from packages/aserto-idp/src/aserto_idp/__init__.py rename to test/__init__.py diff --git a/packages/aserto/test/assets/manifest.yaml b/test/assets/manifest.yaml similarity index 100% rename from packages/aserto/test/assets/manifest.yaml rename to test/assets/manifest.yaml diff --git a/packages/aserto/test/assets/objects.json b/test/assets/objects.json similarity index 100% rename from packages/aserto/test/assets/objects.json rename to test/assets/objects.json diff --git a/packages/aserto/test/assets/relations.json b/test/assets/relations.json similarity index 100% rename from packages/aserto/test/assets/relations.json rename to test/assets/relations.json diff --git a/packages/aserto/test/conftest.py b/test/conftest.py similarity index 100% rename from packages/aserto/test/conftest.py rename to test/conftest.py diff --git a/packages/aserto/test/test_authorizer.py b/test/test_authorizer.py similarity index 100% rename from packages/aserto/test/test_authorizer.py rename to test/test_authorizer.py diff --git a/packages/aserto/test/test_authorizer_async.py b/test/test_authorizer_async.py similarity index 100% rename from packages/aserto/test/test_authorizer_async.py rename to test/test_authorizer_async.py diff --git a/packages/aserto/test/test_directory_v2.py b/test/test_directory_v2.py similarity index 100% rename from packages/aserto/test/test_directory_v2.py rename to test/test_directory_v2.py diff --git a/packages/aserto/test/test_directory_v2_async.py b/test/test_directory_v2_async.py similarity index 100% rename from packages/aserto/test/test_directory_v2_async.py rename to test/test_directory_v2_async.py diff --git a/packages/aserto/test/test_directory_v3.py b/test/test_directory_v3.py similarity index 100% rename from packages/aserto/test/test_directory_v3.py rename to test/test_directory_v3.py diff --git a/packages/aserto/test/test_directory_v3_async.py b/test/test_directory_v3_async.py similarity index 100% rename from packages/aserto/test/test_directory_v3_async.py rename to test/test_directory_v3_async.py From 21c5d8ff2fc62777a0b5ea56b45ad671e8f3ec4a Mon Sep 17 00:00:00 2001 From: oanatmaria Date: Tue, 16 Jan 2024 12:44:01 +0200 Subject: [PATCH 2/4] Modify home url in pyproject.toml --- pyproject.toml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index d7fa972..00ce510 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -5,9 +5,9 @@ description = "Aserto API client" readme = "README.md" authors = ["Aserto, Inc. "] maintainers = ["authereal "] -homepage = "https://github.com/aserto-dev/aserto-python/tree/HEAD/packages/aserto" -repository = "https://github.com/aserto-dev/aserto-python/tree/HEAD/packages/aserto" -documentation = "https://github.com/aserto-dev/aserto-python/tree/HEAD/packages/aserto" +homepage = "https://github.com/aserto-dev/aserto-python/tree/HEAD" +repository = "https://github.com/aserto-dev/aserto-python/tree/HEAD" +documentation = "https://github.com/aserto-dev/aserto-python/tree/HEAD" license = "Apache-2.0" classifiers = [ "Intended Audience :: Developers", From 3bac392e8dfc4dc4fd40fb9c710d56f4bea7c15f Mon Sep 17 00:00:00 2001 From: oanatmaria Date: Tue, 16 Jan 2024 15:36:12 +0200 Subject: [PATCH 3/4] Add release ci --- .github/workflows/ci.yaml | 80 +++++- Depfile | 5 + go.mod | 5 + go.sum | 2 + mage.go | 12 + magefiles/go.mod | 44 ++++ magefiles/go.sum | 531 ++++++++++++++++++++++++++++++++++++++ magefiles/magefile.go | 70 +++++ pyproject.toml | 2 +- 9 files changed, 748 insertions(+), 3 deletions(-) create mode 100644 Depfile create mode 100644 go.mod create mode 100644 go.sum create mode 100644 mage.go create mode 100644 magefiles/go.mod create mode 100644 magefiles/go.sum create mode 100644 magefiles/magefile.go diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index f9c533b..e15ea19 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -18,8 +18,8 @@ env: jobs: - tests: - name: Run tests + test: + name: Run test runs-on: ubuntu-latest steps: - name: Read Configuration @@ -65,3 +65,79 @@ jobs: - name: Run tests run: | poetry run pytest -vv + release: + runs-on: ubuntu-latest + needs: test + if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') + + name: Release to pypi + steps: + - name: Read Configuration + uses: hashicorp/vault-action@v2.4.1 + id: vault + with: + url: ${{ env.VAULT_ADDR }} + token: ${{ secrets.VAULT_TOKEN }} + secrets: | + kv/data/github "SSH_PRIVATE_KEY" | SSH_PRIVATE_KEY; + kv/data/pypi "USERNAME" | POETRY_HTTP_BASIC_PYPI_USERNAME; + kv/data/pypi "PASSWORD" | POETRY_HTTP_BASIC_PYPI_PASSWORD; + + - name: Checkout + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ env.GO_VERSION }} + + - name: Setup caching + uses: actions/cache@v2 + with: + path: | + ~/.cache/go-build + ~/go/pkg/mod + .ext + key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum', 'Depfile') }} + restore-keys: | + ${{ runner.os }}-go- + + - name: Install dependencies + run: | + mkdir -p $HOME/.ssh + umask 0077 && echo -e "${SSH_PRIVATE_KEY}" > $HOME/.ssh/id_rsa + ssh-keyscan github.com >> $HOME/.ssh/known_hosts + + git config --global url."git@github.com:".insteadOf https://github.com/ + git config --global user.email "github-bot@aserto.com" + git config --global user.name "Aserto Bot" + + eval `ssh-agent` + ssh-add $HOME/.ssh/id_rsa + + go run mage.go deps + + - name: Set up Python + uses: actions/setup-python@v4 + with: + python-version: '3.10' + + - name: Install Poetry + uses: snok/install-poetry@v1 + + - name: Build and push the python package + run: go run mage.go release + + - name: Bump to the next version + run: go run mage.go bump patch + + - name: Commit changes + uses: EndBug/add-and-commit@v9 + with: + default_author: github_actions + message: 'Bump to next version' + add: 'pyproject.toml' + push: origin HEAD:main + diff --git a/Depfile b/Depfile new file mode 100644 index 0000000..6479cf5 --- /dev/null +++ b/Depfile @@ -0,0 +1,5 @@ +--- +go: + sver: + importPath: "github.com/aserto-dev/sver/cmd/sver" + version: "v1.3.13" diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..5e5849d --- /dev/null +++ b/go.mod @@ -0,0 +1,5 @@ +module github.com/aserto-dev/python-authorizer + +go 1.19 + +require github.com/magefile/mage v1.14.0 diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..f8bfb2f --- /dev/null +++ b/go.sum @@ -0,0 +1,2 @@ +github.com/magefile/mage v1.14.0 h1:6QDX3g6z1YvJ4olPhT1wksUcSa/V0a1B+pJb73fBjyo= +github.com/magefile/mage v1.14.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A= diff --git a/mage.go b/mage.go new file mode 100644 index 0000000..a7e1699 --- /dev/null +++ b/mage.go @@ -0,0 +1,12 @@ +//go:build zeroinstall +// +build zeroinstall + +package main + +import ( + "os" + + "github.com/magefile/mage/mage" +) + +func main() { os.Exit(mage.Main()) } diff --git a/magefiles/go.mod b/magefiles/go.mod new file mode 100644 index 0000000..8534157 --- /dev/null +++ b/magefiles/go.mod @@ -0,0 +1,44 @@ +module github.com/aserto-dev/python-authorizer/magefiles + +go 1.19 + +require ( + github.com/aserto-dev/mage-loot v0.8.10 + github.com/magefile/mage v1.14.0 +) + +require ( + github.com/aserto-dev/clui v0.8.1 // indirect + github.com/fatih/color v1.13.0 // indirect + github.com/fsnotify/fsnotify v1.5.4 // indirect + github.com/gitleaks/go-gitdiff v0.7.4 // indirect + github.com/hashicorp/hcl v1.0.0 // indirect + github.com/imdario/mergo v0.3.13 // indirect + github.com/kyokomi/emoji v2.2.4+incompatible // indirect + github.com/magiconair/properties v1.8.6 // indirect + github.com/mattn/go-colorable v0.1.12 // indirect + github.com/mattn/go-isatty v0.0.14 // indirect + github.com/mattn/go-runewidth v0.0.13 // indirect + github.com/mitchellh/mapstructure v1.5.0 // indirect + github.com/olekukonko/tablewriter v0.0.5 // indirect + github.com/pelletier/go-toml v1.9.5 // indirect + github.com/pelletier/go-toml/v2 v2.0.5 // indirect + github.com/pkg/errors v0.9.1 // indirect + github.com/rivo/uniseg v0.2.0 // indirect + github.com/rs/zerolog v1.25.0 // indirect + github.com/spf13/afero v1.8.2 // indirect + github.com/spf13/cast v1.5.0 // indirect + github.com/spf13/jwalterweatherman v1.1.0 // indirect + github.com/spf13/pflag v1.0.5 // indirect + github.com/spf13/viper v1.13.0 // indirect + github.com/subosito/gotenv v1.4.1 // indirect + github.com/ulikunitz/xz v0.5.10 // indirect + github.com/zricethezav/gitleaks/v8 v8.3.0 // indirect + golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 // indirect + golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f // indirect + golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect + golang.org/x/text v0.3.7 // indirect + gopkg.in/ini.v1 v1.67.0 // indirect + gopkg.in/yaml.v2 v2.4.0 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect +) diff --git a/magefiles/go.sum b/magefiles/go.sum new file mode 100644 index 0000000..6609b83 --- /dev/null +++ b/magefiles/go.sum @@ -0,0 +1,531 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= +cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= +cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= +cloud.google.com/go v0.44.3/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= +cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= +cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= +cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= +cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4= +cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= +cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= +cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk= +cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= +cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= +cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= +cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI= +cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk= +cloud.google.com/go v0.75.0/go.mod h1:VGuuCn7PG0dwsd5XPVm2Mm3wlh3EL55/79EKB6hlPTY= +cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= +cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= +cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= +cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= +cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= +cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= +cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= +cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= +cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= +cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= +cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= +cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU= +cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= +cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= +cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= +cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= +cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= +cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo= +dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= +github.com/aserto-dev/clui v0.8.1 h1:5IW9OnFZoIWjvnmTE4FNTXrjP1wnMzd39qKAcRnRHt8= +github.com/aserto-dev/clui v0.8.1/go.mod h1:XpJxwNzSQaGN6rqXONZJEaeez4MUaCPikM2lKSngrXM= +github.com/aserto-dev/mage-loot v0.8.10 h1:9pai2RtCvkZVerrruVQ2iSrQbcy9fHfOUbGCuZzfecs= +github.com/aserto-dev/mage-loot v0.8.10/go.mod h1:f3ZoYjhdt8ltIPvgI+80mSZ1zuYdMuEq/7/Ubhqvq0Q= +github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= +github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= +github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= +github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= +github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po= +github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= +github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w= +github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= +github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= +github.com/fsnotify/fsnotify v1.5.4 h1:jRbGcIw6P2Meqdwuo0H1p6JVLbL5DHKAKlYndzMwVZI= +github.com/fsnotify/fsnotify v1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmVXmkdnm1bU= +github.com/gitleaks/go-gitdiff v0.7.4 h1:8vICc4moyRR2poklblThdQ0ckMet22mEvFJSxPsiDlk= +github.com/gitleaks/go-gitdiff v0.7.4/go.mod h1:pKz0X4YzCKZs30BL+weqBIG7mx0jl4tF1uXV9ZyNvrA= +github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= +github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= +github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= +github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= +github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= +github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= +github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= +github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= +github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg= +github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= +github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= +github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= +github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= +github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= +github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20201218002935-b9804c9f04c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= +github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= +github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= +github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= +github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= +github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= +github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= +github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= +github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk= +github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg= +github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= +github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kyokomi/emoji v2.2.4+incompatible h1:np0woGKwx9LiHAQmwZx79Oc0rHpNw3o+3evou4BEPv4= +github.com/kyokomi/emoji v2.2.4+incompatible/go.mod h1:mZ6aGCD7yk8j6QY6KICwnZ2pxoszVseX1DNoGtU2tBA= +github.com/magefile/mage v1.14.0 h1:6QDX3g6z1YvJ4olPhT1wksUcSa/V0a1B+pJb73fBjyo= +github.com/magefile/mage v1.14.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A= +github.com/magiconair/properties v1.8.6 h1:5ibWZ6iY0NctNGWo87LalDlEZ6R41TqbbDamhfG/Qzo= +github.com/magiconair/properties v1.8.6/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= +github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= +github.com/mattn/go-colorable v0.1.12 h1:jF+Du6AlPIjs2BiUiQlKOX0rt3SujHxPnksPKZbaA40= +github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= +github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= +github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y= +github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= +github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= +github.com/mattn/go-runewidth v0.0.13 h1:lTGmDsbAYt5DmK6OnoV7EuIF1wEIFAcxld6ypU4OSgU= +github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= +github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= +github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= +github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec= +github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY= +github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3ve8= +github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= +github.com/pelletier/go-toml/v2 v2.0.5 h1:ipoSadvV8oGUjnUbMub59IDPPwfxF694nG/jwbMiyQg= +github.com/pelletier/go-toml/v2 v2.0.5/go.mod h1:OMHamSCAODeSsVrwwvcJOaoN0LIUIaFVNZzmWyNfXas= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY= +github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= +github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/rogpeppe/go-internal v1.6.1 h1:/FiVV8dS/e+YqF2JvO3yXRFbBLTIuSDkuC7aBOAvL+k= +github.com/rs/xid v1.3.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg= +github.com/rs/zerolog v1.25.0 h1:Rj7XygbUHKUlDPcVdoLyR91fJBsduXj5fRxyqIQj/II= +github.com/rs/zerolog v1.25.0/go.mod h1:7KHcEGe0QZPOm2IE4Kpb5rTh6n1h2hIgS5OOnu1rUaI= +github.com/spf13/afero v1.8.2 h1:xehSyVa0YnHWsJ49JFljMpg1HX19V6NDZ1fkm1Xznbo= +github.com/spf13/afero v1.8.2/go.mod h1:CtAatgMJh6bJEIs48Ay/FOnkljP3WeGUG0MC1RfAqwo= +github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= +github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= +github.com/spf13/jwalterweatherman v1.1.0 h1:ue6voC5bR5F8YxI5S67j9i582FU4Qvo2bmqnqMYADFk= +github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= +github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= +github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/viper v1.13.0 h1:BWSJ/M+f+3nmdz9bxB+bWX28kkALN2ok11D0rSo8EJU= +github.com/spf13/viper v1.13.0/go.mod h1:Icm2xNL3/8uyh/wFuB1jI7TiTNKp8632Nwegu+zgdYw= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/subosito/gotenv v1.4.1 h1:jyEFiXpy21Wm81FBN71l9VoMMV8H8jG+qIK3GCpY6Qs= +github.com/subosito/gotenv v1.4.1/go.mod h1:ayKnFf/c6rvx/2iiLrJUk1e6plDbT3edrFNGqEflhK0= +github.com/ulikunitz/xz v0.5.10 h1:t92gobL9l3HE202wg3rlk19F6X+JOxl9BBrCCMYEYd8= +github.com/ulikunitz/xz v0.5.10/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= +github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= +github.com/zricethezav/gitleaks/v8 v8.3.0 h1:3Pw5kSbypWCLXCvPeKdXM66hLNg10nSbBJNzNPfwgfI= +github.com/zricethezav/gitleaks/v8 v8.3.0/go.mod h1:dqPs8vOMHWGj6iJyhQbkAosZuSDHtwxpkbdjfZ+qd4U= +go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= +go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= +go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= +golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= +golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= +golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= +golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= +golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= +golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= +golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= +golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= +golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= +golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= +golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= +golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 h1:uVc8UZUe6tr40fFVnUP5Oj+veunVezqYl9z7DYw9xzw= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f h1:v4INt8xihDGvnrfjMDVXGxw9wrfxYyCjk0KbXjhR55s= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= +golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= +golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= +golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE= +golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= +golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= +google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= +google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= +google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= +google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= +google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= +google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= +google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= +google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg= +google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE= +google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= +google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= +google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA= +google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= +google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= +google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= +google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210108203827-ffc7fda8c3d7/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210226172003-ab064af71705/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= +google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= +google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= +google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60= +google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= +google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= +google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8= +google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= +google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= +google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= +google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= +google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= +google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= +google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= +gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= +gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= +honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= +honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= +rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= +rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= +rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= diff --git a/magefiles/magefile.go b/magefiles/magefile.go new file mode 100644 index 0000000..660c9cb --- /dev/null +++ b/magefiles/magefile.go @@ -0,0 +1,70 @@ +//go:build mage +// +build mage + +package main + +import ( + "fmt" + "os" + "strings" + + "github.com/aserto-dev/mage-loot/common" + "github.com/aserto-dev/mage-loot/deps" + "github.com/magefile/mage/sh" +) + +func init() { + os.Setenv("GO_VERSION", "1.19") + os.Setenv("GOPRIVATE", "github.com/aserto-dev") +} + +// install required dependencies. +func Deps() { + deps.GetAllDeps() +} + +func Bump(next string) error { + nextVersion, err := common.NextVersion(next) + if err != nil { + return err + } + fmt.Println("Bumping version to", nextVersion) + + input, err := os.ReadFile("pyproject.toml") + if err != nil { + return err + } + + lines := strings.Split(string(input), "\n") + + for i, line := range lines { + if strings.Contains(line, "version = \"") { + lines[i] = "version = \"" + nextVersion + "\"" + } + } + output := strings.Join(lines, "\n") + + return os.WriteFile("pyproject.toml", []byte(output), 0644) +} + +func Build() error { + err := os.RemoveAll("dist") + if err != nil { + return err + } + + return sh.RunV("poetry", "build") +} + +func Push() error { + return sh.RunV("poetry", "publish") +} + +func Release() error { + err := Build() + if err != nil { + return err + } + + return Push() +} diff --git a/pyproject.toml b/pyproject.toml index 00ce510..bb3d624 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "aserto" -version = "0.30.3" +version = "0.30.4" description = "Aserto API client" readme = "README.md" authors = ["Aserto, Inc. "] From fe3ff72876f4db7f6ce36e7623f5f0781fa91726 Mon Sep 17 00:00:00 2001 From: oanatmaria Date: Tue, 16 Jan 2024 18:35:05 +0200 Subject: [PATCH 4/4] Use token for release --- .github/workflows/ci.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index e15ea19..5bf1f19 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -80,8 +80,7 @@ jobs: token: ${{ secrets.VAULT_TOKEN }} secrets: | kv/data/github "SSH_PRIVATE_KEY" | SSH_PRIVATE_KEY; - kv/data/pypi "USERNAME" | POETRY_HTTP_BASIC_PYPI_USERNAME; - kv/data/pypi "PASSWORD" | POETRY_HTTP_BASIC_PYPI_PASSWORD; + kv/data/pypi "API_TOKEN" | POETRY_HTTP_BASIC_PYPI_PASSWORD; - name: Checkout uses: actions/checkout@v3 @@ -128,6 +127,9 @@ jobs: uses: snok/install-poetry@v1 - name: Build and push the python package + env: + # When using a PYPI API token, the user name must be set to "__token__" + POETRY_HTTP_BASIC_PYPI_USERNAME: __token__ run: go run mage.go release - name: Bump to the next version