~tsileo/blobstash

6c3ef782dad51a1a2597544297389f1eee444b23 — Thomas Sileo 3 months ago 7c71e60
deps: update
M go.mod => go.mod +2 -2
@@ 4,7 4,7 @@ require (
	a4.io/blobsfile v0.3.8
	a4.io/gluapp v0.0.0-20200404171232-054f285d8e63
	a4.io/gluarequire2 v0.0.0-20200222094423-7528d5a10bc1
	a4.io/go/indieauth v1.0.0
	a4.io/go/indieauth v1.0.3
	a4.io/ssse v0.0.0-20181202155639-1949828a8689
	github.com/alecthomas/chroma v0.7.2 // indirect
	github.com/aws/aws-sdk-go v1.30.14


@@ 37,7 37,7 @@ require (
	github.com/yuin/gopher-lua v0.0.0-20191220021717-ab39c6098bdb
	github.com/zpatrick/rbac v0.0.0-20180829190353-d2c4f050cf28
	golang.org/x/crypto v0.0.0-20200423211502-4bdfaf469ed5
	golang.org/x/net v0.0.0-20200421231249-e086a090c8fd // indirect
	golang.org/x/net v0.0.0-20200425230154-ff2c4b7c35a0 // indirect
	golang.org/x/sys v0.0.0-20200420163511-1957bb5e6d1f // indirect
	google.golang.org/appengine v1.6.6 // indirect
	gopkg.in/inconshreveable/log15.v2 v2.0.0-20200109203555-b30bc20e4fd1

M go.sum => go.sum +8 -0
@@ 34,6 34,12 @@ a4.io/gluarequire2 v0.0.0-20200222094423-7528d5a10bc1 h1:prvtjU2SK4PCsJnvY39+DkQ
a4.io/gluarequire2 v0.0.0-20200222094423-7528d5a10bc1/go.mod h1:mPtxfgeyyAcPonI669LtVTsmZfNSklo7kq3zSFej+jk=
a4.io/go/indieauth v1.0.0 h1:ZZh1ilpNwwlzZ9xH2f0VeSN/dvP22Px5naoGVe4wJ5A=
a4.io/go/indieauth v1.0.0/go.mod h1:yCJuSTw9d22VdPWrZ8frGLwVOdwscJTiXjG4IgVL0Vw=
a4.io/go/indieauth v1.0.1 h1:X7dYKctfZFgO5Xr0X6IAxla6m2sfWnEYNky50ajC2rI=
a4.io/go/indieauth v1.0.1/go.mod h1:2XxJBr1uN0yfbaPU+g+qFkC5RnmT+7/K0tLIKi1PHac=
a4.io/go/indieauth v1.0.2 h1:zi2zzJFxLXnbIOsBPVzSfmWX3H2P/16Pv3hfg08JNmg=
a4.io/go/indieauth v1.0.2/go.mod h1:2XxJBr1uN0yfbaPU+g+qFkC5RnmT+7/K0tLIKi1PHac=
a4.io/go/indieauth v1.0.3 h1:PmwKzmj0IeMbTJd/VGs876KI++ho8K47y26hg/zKKOA=
a4.io/go/indieauth v1.0.3/go.mod h1:EzNbm1uG8UIauF73AM5BA4txNBsHbTolCbBjbG/E1ng=
a4.io/ssse v0.0.0-20181202155639-1949828a8689 h1:xXG2KAzqyucPIo7c7zEW9aGUDXV+Fqg5jVrQiw7s2DU=
a4.io/ssse v0.0.0-20181202155639-1949828a8689/go.mod h1:/4k4qDJv4lDmiIcMs9k/5Rs7bU/1FkIvu42oMyf5A7Y=
bazil.org/fuse v0.0.0-20180421153158-65cc252bf669 h1:FNCRpXiquG1aoyqcIWVFmpTSKVcx2bQD38uZZeGtdlw=


@@ 494,6 500,8 @@ golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e h1:3G+cUijn7XD+S4eJFddp53Pv7
golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
golang.org/x/net v0.0.0-20200421231249-e086a090c8fd h1:QPwSajcTUrFriMF1nJ3XzgoqakqQEsnZf9LdXdi2nkI=
golang.org/x/net v0.0.0-20200421231249-e086a090c8fd/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
golang.org/x/net v0.0.0-20200425230154-ff2c4b7c35a0 h1:Jcxah/M+oLZ/R4/z5RzfPzGbPXnVDPkEDtf2JnuxN+U=
golang.org/x/net v0.0.0-20200425230154-ff2c4b7c35a0/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f h1:Bl/8QSvNqXvPGPGXa2z5xUTmV7VDcZyvRZ+QQXkXTZQ=
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=

M vendor/a4.io/go/indieauth/go.mod => vendor/a4.io/go/indieauth/go.mod +5 -6
@@ 1,12 1,11 @@
module a4.io/go/indieauth

go 1.12
go 1.14

require (
	github.com/gorilla/sessions v1.1.3
	github.com/hashicorp/golang-lru v0.5.1
	github.com/kylelemons/godebug v1.1.0 // indirect
	github.com/peterhellberg/link v1.0.0
	golang.org/x/net v0.0.0-20190509222800-a4d6f7feada5
	github.com/gorilla/sessions v1.2.0
	github.com/hashicorp/golang-lru v0.5.4
	github.com/peterhellberg/link v1.1.0
	golang.org/x/net v0.0.0-20200425230154-ff2c4b7c35a0 // indirect
	willnorris.com/go/microformats v1.0.0
)

M vendor/a4.io/go/indieauth/go.sum => vendor/a4.io/go/indieauth/go.sum +9 -12
@@ 1,19 1,16 @@
github.com/gorilla/context v1.1.1 h1:AWwleXJkX/nhcU9bZSnZoi3h/qGYqQAGhq6zZe/aQW8=
github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
github.com/gorilla/securecookie v1.1.1 h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyCS8BvQ=
github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
github.com/gorilla/sessions v1.1.3 h1:uXoZdcdA5XdXF3QzuSlheVRUvjl+1rKY7zBXL68L9RU=
github.com/gorilla/sessions v1.1.3/go.mod h1:8KCfur6+4Mqcc6S0FEfKuN15Vl5MgXW92AE8ovaJD0w=
github.com/hashicorp/golang-lru v0.5.1 h1:0hERBMJE1eitiLkihrMvRVBYAkpHzc/J3QdDN+dAcgU=
github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
github.com/peterhellberg/link v1.0.0 h1:mUWkiegowUXEcmlb+ybF75Q/8D2Y0BjZtR8cxoKhaQo=
github.com/peterhellberg/link v1.0.0/go.mod h1:gtSlOT4jmkY8P47hbTc8PTgiDDWpdPbFYl75keYyBB8=
github.com/gorilla/sessions v1.2.0 h1:S7P+1Hm5V/AT9cjEcUD5uDaQSX0OE577aCXgoaKpYbQ=
github.com/gorilla/sessions v1.2.0/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc=
github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4=
github.com/peterhellberg/link v1.1.0 h1:s2+RH8EGuI/mI4QwrWGSYQCRz7uNgip9BaM04HKu5kc=
github.com/peterhellberg/link v1.1.0/go.mod h1:gtSlOT4jmkY8P47hbTc8PTgiDDWpdPbFYl75keYyBB8=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/net v0.0.0-20190509222800-a4d6f7feada5 h1:6M3SDHlHHDCx2PcQw3S4KsR170vGqDhJDOmpVd4Hjak=
golang.org/x/net v0.0.0-20190509222800-a4d6f7feada5/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20200425230154-ff2c4b7c35a0 h1:Jcxah/M+oLZ/R4/z5RzfPzGbPXnVDPkEDtf2JnuxN+U=
golang.org/x/net v0.0.0-20200425230154-ff2c4b7c35a0/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
willnorris.com/go/microformats v1.0.0 h1:II6uDIJBPp6RpJQqRWm+6IN9lI00mN/jQAC5OHuF4HA=
willnorris.com/go/microformats v1.0.0/go.mod h1:AXRtimOA0J5fDmM2sxlka4G6PNLWC4bCNJcZjLvFdDw=

M vendor/a4.io/go/indieauth/indieauth.go => vendor/a4.io/go/indieauth/indieauth.go +4 -1
@@ 45,7 45,7 @@ func defaultClientID(r *http.Request) string {
	if r.TLS == nil {
		s = "http"
	}
	return s + "://" + r.Host
	return s + "://" + r.Host + "/"
}

// ClientID can optionally be used to force a specific client ID.


@@ 181,6 181,8 @@ func (ia *IndieAuth) RedirectHandler(w http.ResponseWriter, r *http.Request) {
			panic(fmt.Errorf("invalid state"))
		}

		ia.cache.Remove(state)

		// Verify the code against the remote IndieAuth server
		if _, err := ia.verifyCode(r, code); err != nil {
			if err == ErrForbidden {


@@ 218,6 220,7 @@ func (ia *IndieAuth) Redirect(w http.ResponseWriter, r *http.Request) error {
	state := fmt.Sprintf("%x", rawState)

	// Store the state in the LRU cache
	//FIXME(tsileo): store the "redirect path" in the state (base64 JS with token + redirect path + HMAC?) and remove the LRU?
	ia.cache.Add(state, r.URL.String())

	// Add the query params

M vendor/modules.txt => vendor/modules.txt +2 -2
@@ 8,7 8,7 @@ a4.io/gluapp/util
# a4.io/gluarequire2 v0.0.0-20200222094423-7528d5a10bc1
## explicit
a4.io/gluarequire2
# a4.io/go/indieauth v1.0.0
# a4.io/go/indieauth v1.0.3
## explicit
a4.io/go/indieauth
# a4.io/ssse v0.0.0-20181202155639-1949828a8689


@@ 298,7 298,7 @@ golang.org/x/crypto/ssh
golang.org/x/crypto/ssh/agent
golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
golang.org/x/crypto/ssh/knownhosts
# golang.org/x/net v0.0.0-20200421231249-e086a090c8fd
# golang.org/x/net v0.0.0-20200425230154-ff2c4b7c35a0
## explicit
golang.org/x/net/context
golang.org/x/net/html