Merge branch 'main' into main

Makefile

@@ -173,8 +173,8 @@ license:
 .PHONY: release
 release:
 	@echo "Making release"
-	@go mod tidy
-	@go mod verify
+	@go mod tidy;
+	@go mod verify;
 	@if [ $(GIT_BRANCH) != "main" ]; then echo "cannot release to non-main branch $(GIT_BRANCH)" && false; fi
 	@git diff-index --quiet HEAD -- || ( echo "git directory is dirty, commit changes first" && false )
 	@versioned -patch

VERSION

@@ -1 +1 @@
-1.0.46
+1.0.47

assets/cla/consent.yaml

@@ -43,6 +43,8 @@
   email: [email protected]
 - name: Peter Oettig
   email: [email protected]
+- name: Phil Porada
+  email: [email protected]
 - name: Matthias Stone
   email: [email protected]
 

cmd/authdbctl/main.go

@@ -37,9 +37,9 @@ func init() {
 	app = versioned.NewPackageManager("authdbctl")
 	app.Description = "AuthDB management client"
 	app.Documentation = "https://github.com/greenpau/go-authcrunch/"
-	app.SetVersion(appVersion, "1.0.46")
+	app.SetVersion(appVersion, "1.0.47")
 	app.SetGitBranch(gitBranch, "main")
-	app.SetGitCommit(gitCommit, "v1.0.45-1-g04ef714")
+	app.SetGitCommit(gitCommit, "v1.0.46-7-g3d57676")
 	app.SetBuildUser(buildUser, "")
 	app.SetBuildDate(buildDate, "")
 

go.mod

@@ -15,7 +15,7 @@ require (
 	github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e
 	github.com/urfave/cli/v2 v2.25.7
 	go.uber.org/zap v1.26.0
-	golang.org/x/crypto v0.16.0
+	golang.org/x/crypto v0.17.0
 	golang.org/x/net v0.19.0
 	gopkg.in/yaml.v3 v3.0.1
 )

go.sum

@@ -87,8 +87,8 @@ go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
-golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY=
-golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
+golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
+golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=

pkg/authn/handle_json_whoami.go

@@ -22,13 +22,30 @@ import (
 	"go.uber.org/zap"
 	"net/http"
 	"strings"
+	"time"
 )
 
 func (p *Portal) handleJSONWhoami(ctx context.Context, w http.ResponseWriter, r *http.Request, rr *requests.Request, usr *user.User) error {
 	if usr == nil {
 		return p.handleJSONError(ctx, w, http.StatusUnauthorized, "Access denied")
 	}
 
+	// Check whether probe is being requested.
+	probeEnabled := r.URL.Query().Get("probe")
+	if probeEnabled == "true" && usr.Claims != nil {
+		respMap := make(map[string]interface{})
+		for k, v := range usr.AsMap() {
+			respMap[k] = v
+		}
+		expiresIn := usr.Claims.ExpiresAt - time.Now().Unix()
+		respMap["authenticated"] = true
+		respMap["expires_in"] = expiresIn
+		respBytes, _ := json.Marshal(respMap)
+		w.WriteHeader(200)
+		w.Write(respBytes)
+		return nil
+	}
+
 	// Check whether id_token is being requested.
 	identityTokenEnabled := r.URL.Query().Get("id_token")
 	if identityTokenEnabled != "true" || usr.Claims == nil {

pkg/identity/database.go

@@ -17,17 +17,18 @@ package identity
 import (
 	"encoding/json"
 	"fmt"
-	"github.com/greenpau/go-authcrunch/internal/utils"
-	"github.com/greenpau/go-authcrunch/pkg/errors"
-	"github.com/greenpau/go-authcrunch/pkg/requests"
-	"github.com/greenpau/go-authcrunch/pkg/util"
-	"github.com/greenpau/versioned"
 	"io/ioutil"
 	"os"
 	"path/filepath"
 	"strings"
 	"sync"
 	"time"
+
+	"github.com/greenpau/go-authcrunch/pkg/errors"
+	"github.com/greenpau/go-authcrunch/pkg/requests"
+	"github.com/greenpau/go-authcrunch/pkg/util"
+	fileutil "github.com/greenpau/go-authcrunch/pkg/util/file"
+	"github.com/greenpau/versioned"
 )
 
 var (
@@ -62,9 +63,9 @@ func init() {
 	app = versioned.NewPackageManager("authdb")
 	app.Description = "authdb"
 	app.Documentation = "https://github.com/greenpau/go-authcrunch"
-	app.SetVersion(appVersion, "1.0.46")
+	app.SetVersion(appVersion, "1.0.47")
 	app.SetGitBranch(gitBranch, "main")
-	app.SetGitCommit(gitCommit, "v1.0.45-1-g04ef714")
+	app.SetGitCommit(gitCommit, "v1.0.46-7-g3d57676")
 	app.SetBuildUser(buildUser, "")
 	app.SetBuildDate(buildDate, "")
 }
@@ -142,7 +143,7 @@ func NewDatabase(fp string) (*Database, error) {
 		if fileInfo.IsDir() {
 			return nil, errors.ErrNewDatabase.WithArgs(fp, "path points to a directory")
 		}
-		b, err := utils.ReadFileBytes(fp)
+		b, err := fileutil.ReadFileBytes(fp)
 		if err != nil {
 			return nil, errors.ErrNewDatabase.WithArgs(fp, err)
 		}

pkg/util/file/utils.go

@@ -17,6 +17,7 @@ package file
 import (
 	"bufio"
 	"bytes"
+	"fmt"
 	"io/ioutil"
 	"os"
 	"path/filepath"
@@ -80,6 +81,9 @@ func ReadFile(filePath string) (string, error) {
 }
 
 func expandHomePath(fp string) (string, error) {
+	if fp == "" {
+		return fp, fmt.Errorf("cannot expand an empty string")
+	}
 	if fp[0] != '~' {
 		return fp, nil
 	}
@@ -93,8 +97,10 @@ func expandHomePath(fp string) (string, error) {
 
 // ReadFileBytes expands home directory and reads a file.
 func ReadFileBytes(fp string) ([]byte, error) {
-	var err error
-	fp, err = expandHomePath(fp)
+	if fp == "" {
+		return nil, fmt.Errorf("cannot expand an empty string")
+	}
+	fp, err := expandHomePath(fp)
 	if err != nil {
 		return nil, err
 	}