From 1e747cf98988c417a7d74b8aa41b6518efa65e7c Mon Sep 17 00:00:00 2001 From: Kurtis Michie Date: Fri, 6 Jan 2023 14:55:34 -0700 Subject: [PATCH 01/12] Created catch and parse for user from "access_token" in wrappers.go WrapAccessLog function --- .../routing/middleware/wrappers.go | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go b/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go index 2ebf85f9e6..689d00f46d 100644 --- a/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go +++ b/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go @@ -27,6 +27,7 @@ import ( "encoding/base64" "errors" "fmt" + "github.com/lestrrat-go/jwx/jwt" "net/http" "strings" "time" @@ -201,6 +202,19 @@ func WrapAccessLog(secret string, h http.Handler) http.HandlerFunc { if userErr == nil && sysErr == nil { user = cookie.AuthData } + } else { + cookie, err := r.Cookie("access_token") + if err == nil && cookie != nil { + decodedToken, err := jwt.Parse( + []byte(cookie.Value), + ) + if err == nil && cookie != nil { + cookie, userErr, sysErr := tocookie.Parse(secret, fmt.Sprintf("%s", decodedToken.PrivateClaims()["mojoCookie"])) + if userErr == nil && sysErr == nil { + user = cookie.AuthData + } + } + } } start := time.Now() defer func() { From ec1d94faa68841ff6720617a216d4deda4b80fc4 Mon Sep 17 00:00:00 2001 From: Kurtis Michie Date: Tue, 10 Jan 2023 16:02:44 -0700 Subject: [PATCH 02/12] Created constant names in cookie.go for MojoCookie, AccessToken, and BearToken --- traffic_ops/traffic_ops_golang/tocookie/cookie.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/traffic_ops/traffic_ops_golang/tocookie/cookie.go b/traffic_ops/traffic_ops_golang/tocookie/cookie.go index c21a997512..72f42ad965 100644 --- a/traffic_ops/traffic_ops_golang/tocookie/cookie.go +++ b/traffic_ops/traffic_ops_golang/tocookie/cookie.go @@ -26,6 +26,9 @@ import ( const GeneratedByStr = "trafficcontrol-go-tocookie" const Name = "mojolicious" +const MojoCookie = "mojoCookie" +const AccessToken = "access_token" +const BearerToken = "Bearer" const DefaultDuration = time.Hour type Cookie struct { From edd933ff9632dd67cec7c3253064264c7217d20b Mon Sep 17 00:00:00 2001 From: Kurtis Michie Date: Tue, 10 Jan 2023 16:04:32 -0700 Subject: [PATCH 03/12] Added name Cookie to HTTP Headers list in http.go --- lib/go-rfc/http.go | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/go-rfc/http.go b/lib/go-rfc/http.go index 9590245d2d..db452a259b 100644 --- a/lib/go-rfc/http.go +++ b/lib/go-rfc/http.go @@ -43,6 +43,7 @@ const ( Age = "Age" // RFC7234§5.1 Location = "Location" // RFC7231§7.1.2 Authorization = "Authorization" // RFC7235§4.2 + Cookie = "Cookie" // RFC7873 ) // These are (some) valid values for content encoding and MIME types, for From 6cf1586ce0aa3c74f5f28fd4e3846f24dd7e5c18 Mon Sep 17 00:00:00 2001 From: Kurtis Michie Date: Tue, 10 Jan 2023 16:06:21 -0700 Subject: [PATCH 04/12] Added additional logic to extract user from requests when using mojolicious cookie, access_token, and bearer token --- .../routing/middleware/wrappers.go | 49 ++++++++++++------- 1 file changed, 30 insertions(+), 19 deletions(-) diff --git a/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go b/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go index 689d00f46d..973755cffe 100644 --- a/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go +++ b/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go @@ -189,6 +189,32 @@ func GetWrapAccessLog(secret string) Middleware { } } +func getCookieToken(r *http.Request) string { + cookie, err := r.Cookie(tocookie.Name) + if err == nil && cookie != nil { + return cookie.Value + } else if r.Header.Get(rfc.Cookie) != "" && strings.Contains(r.Header.Get(rfc.Cookie), "access_token") { + cookie, err := r.Cookie("access_token") + if err == nil && cookie != nil { + decodedToken, err := jwt.Parse([]byte(cookie.Value)) + if err == nil && cookie != nil { + return fmt.Sprintf("%s", decodedToken.PrivateClaims()["mojoCookie"]) + } + } + } else if r.Header.Get(rfc.Authorization) != "" && strings.Contains(r.Header.Get(rfc.Authorization), "Bearer") { + givenTokenSplit := strings.Split(r.Header.Get(rfc.Authorization), " ") + if len(givenTokenSplit) < 2 { + return "" + } + decodedToken, err := jwt.Parse([]byte(givenTokenSplit[1])) + if err == nil && decodedToken != nil { + return fmt.Sprintf("%s", decodedToken.PrivateClaims()["mojoCookie"]) + } + return givenTokenSplit[1] + } + return "" +} + // WrapAccessLog takes the cookie secret and a http.Handler, and returns a HandlerFunc which writes to the Access Log (which is the lib/go-log EventLog) after the HandlerFunc finishes. // This is not a Middleware, because it needs the secret as a parameter. For a Middleware, see GetWrapAccessLog. func WrapAccessLog(secret string, h http.Handler) http.HandlerFunc { @@ -196,25 +222,10 @@ func WrapAccessLog(secret string, h http.Handler) http.HandlerFunc { var imsType = NONIMS iw := &util.Interceptor{W: w} user := "-" - cookie, err := r.Cookie(tocookie.Name) - if err == nil && cookie != nil { - cookie, userErr, sysErr := tocookie.Parse(secret, cookie.Value) - if userErr == nil && sysErr == nil { - user = cookie.AuthData - } - } else { - cookie, err := r.Cookie("access_token") - if err == nil && cookie != nil { - decodedToken, err := jwt.Parse( - []byte(cookie.Value), - ) - if err == nil && cookie != nil { - cookie, userErr, sysErr := tocookie.Parse(secret, fmt.Sprintf("%s", decodedToken.PrivateClaims()["mojoCookie"])) - if userErr == nil && sysErr == nil { - user = cookie.AuthData - } - } - } + cookieToken := getCookieToken(r) + cookie, userErr, sysErr := tocookie.Parse(secret, cookieToken) + if userErr == nil && sysErr == nil { + user = cookie.AuthData } start := time.Now() defer func() { From cc76c506d048ac05dc814e0cde4fff9912af213e Mon Sep 17 00:00:00 2001 From: Kurtis Michie Date: Tue, 17 Jan 2023 10:41:13 -0700 Subject: [PATCH 05/12] Configured use of cookie variables form cookies.go: AccessToken, BearerToken, MojoCookie. Reorged import. Added logging for case where user is not found from cookie. --- .../traffic_ops_golang/routing/middleware/wrappers.go | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go b/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go index 973755cffe..499d97d6c0 100644 --- a/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go +++ b/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go @@ -27,7 +27,6 @@ import ( "encoding/base64" "errors" "fmt" - "github.com/lestrrat-go/jwx/jwt" "net/http" "strings" "time" @@ -40,6 +39,7 @@ import ( "github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/api" "github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/auth" "github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/tocookie" + "github.com/lestrrat-go/jwx/jwt" ) // DefaultRequestTimeout is the default request timeout, if no timeout is configured. @@ -193,15 +193,15 @@ func getCookieToken(r *http.Request) string { cookie, err := r.Cookie(tocookie.Name) if err == nil && cookie != nil { return cookie.Value - } else if r.Header.Get(rfc.Cookie) != "" && strings.Contains(r.Header.Get(rfc.Cookie), "access_token") { + } else if r.Header.Get(rfc.Cookie) != "" && strings.Contains(r.Header.Get(rfc.Cookie), tocookie.AccessToken) { cookie, err := r.Cookie("access_token") if err == nil && cookie != nil { decodedToken, err := jwt.Parse([]byte(cookie.Value)) if err == nil && cookie != nil { - return fmt.Sprintf("%s", decodedToken.PrivateClaims()["mojoCookie"]) + return fmt.Sprintf("%s", decodedToken.PrivateClaims()[tocookie.MojoCookie]) } } - } else if r.Header.Get(rfc.Authorization) != "" && strings.Contains(r.Header.Get(rfc.Authorization), "Bearer") { + } else if r.Header.Get(rfc.Authorization) != "" && strings.Contains(r.Header.Get(rfc.Authorization), tocookie.BearerToken) { givenTokenSplit := strings.Split(r.Header.Get(rfc.Authorization), " ") if len(givenTokenSplit) < 2 { return "" @@ -226,6 +226,8 @@ func WrapAccessLog(secret string, h http.Handler) http.HandlerFunc { cookie, userErr, sysErr := tocookie.Parse(secret, cookieToken) if userErr == nil && sysErr == nil { user = cookie.AuthData + } else { + log.Errorf("Error retrieving user:\nUser Error: %v\nSystem Error %v\n", userErr, sysErr) } start := time.Now() defer func() { From 8a68f523002918ddc54f90af1f896865337c6b1f Mon Sep 17 00:00:00 2001 From: Kurtis Michie Date: Mon, 23 Jan 2023 13:29:00 -0700 Subject: [PATCH 06/12] Updated a couple missed constant cookie names in wrappers.go. Created unt it test for getCookieToken in wrappers_test.go. --- .../routing/middleware/wrappers.go | 6 ++-- .../routing/middleware/wrappers_test.go | 34 ++++++++++++++++++- 2 files changed, 36 insertions(+), 4 deletions(-) diff --git a/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go b/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go index 499d97d6c0..2b6781b557 100644 --- a/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go +++ b/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go @@ -194,7 +194,7 @@ func getCookieToken(r *http.Request) string { if err == nil && cookie != nil { return cookie.Value } else if r.Header.Get(rfc.Cookie) != "" && strings.Contains(r.Header.Get(rfc.Cookie), tocookie.AccessToken) { - cookie, err := r.Cookie("access_token") + cookie, err := r.Cookie(tocookie.AccessToken) if err == nil && cookie != nil { decodedToken, err := jwt.Parse([]byte(cookie.Value)) if err == nil && cookie != nil { @@ -208,7 +208,7 @@ func getCookieToken(r *http.Request) string { } decodedToken, err := jwt.Parse([]byte(givenTokenSplit[1])) if err == nil && decodedToken != nil { - return fmt.Sprintf("%s", decodedToken.PrivateClaims()["mojoCookie"]) + return fmt.Sprintf("%s", decodedToken.PrivateClaims()[tocookie.MojoCookie]) } return givenTokenSplit[1] } @@ -227,7 +227,7 @@ func WrapAccessLog(secret string, h http.Handler) http.HandlerFunc { if userErr == nil && sysErr == nil { user = cookie.AuthData } else { - log.Errorf("Error retrieving user:\nUser Error: %v\nSystem Error %v\n", userErr, sysErr) + log.Errorf("Error retrieving user from cookie: User Error: %v System Error: %v", userErr, sysErr) } start := time.Now() defer func() { diff --git a/traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go b/traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go index 29303e8312..d0e05746a6 100644 --- a/traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go +++ b/traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go @@ -440,4 +440,36 @@ func TestNoOpWhenNoPermissionsRequired(t *testing.T) { } } -// TODO: TestWrapAccessLog, et. al +func TestGetCookieToken(t *testing.T) { + var cookies []http.Cookie + var e bytes.Buffer + + mojoCookie := http.Cookie{Name: "mojolicious", Value: "eyJhdXRoX2RhdGEiOiJhZG1pbiIsImV4cGlyZXMiOjE2NzQyNTY4MjEsImJ5IjoidHJhZmZpY2NvbnRyb2wtZ28tdG9jb29raWUifQ--f7f40f516bfedc888d0ac6bc3c373b21773d1765"} + accessToken := http.Cookie{Name: "access_token", Value: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NzQyNTY4MjEsIm1vam9Db29raWUiOiJleUpoZFhSb1gyUmhkR0VpT2lKaFpHMXBiaUlzSW1WNGNHbHlaWE1pT2pFMk56UXlOVFk0TWpFc0ltSjVJam9pZEhKaFptWnBZMk52Ym5SeWIyd3RaMjh0ZEc5amIyOXJhV1VpZlEtLWY3ZjQwZjUxNmJmZWRjODg4ZDBhYzZiYzNjMzczYjIxNzczZDE3NjUifQ.41te1VWlSzHCiH77nZjdqtGQNgc-ad6HwRi5cyffTGc"} + bearerToken := "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NzQ1MjU0OTcsIm1vam9Db29raWUiOiJleUpoZFhSb1gyUmhkR0VpT2lKaFpHMXBiaUlzSW1WNGNHbHlaWE1pT2pFMk56UTFNalUwT1Rjc0ltSjVJam9pZEhKaFptWnBZMk52Ym5SeWIyd3RaMjh0ZEc5amIyOXJhV1VpZlEtLTlmODI1Yzk5MDJhYTU5NDI1ZTQwYzJhYzcyNjhiZTI4NDMyMTg4ZjEifQ.szYraBtmKQ0UB13G6C3WUDcix1kZQyn4uqv27qy0_vY" + cookies = append(cookies, mojoCookie, accessToken, http.Cookie{}) + + r, err := http.NewRequest("GET", "https://localhost:8888", nil) + if err == nil && r != nil { + for i := range cookies { + if cookies[i].Name != "" { + r.AddCookie(&cookies[i]) + cookie := getCookieToken(r) + if cookie != mojoCookie.Value && cookies[i].Name == "mojolicious" { + e.WriteString("Error: Unable to get mojolicious cookie. ") + } else if cookie != mojoCookie.Value && cookies[i].Name == "access_token" { + e.WriteString("Error: Unable to get mojolicious cookie from Access Token. ") + } + } else { + r.Header.Add("Authorization", bearerToken) + cookie := getCookieToken(r) + if cookie != mojoCookie.Value { + e.WriteString("Error: Unable to get cookie from Bearer Token.") + } + } + } + } + if e.String() != "" { + t.Error(e.String()) + } +} From 4d2f45003935111eb4edf7cc4159dd4777c8bc4d Mon Sep 17 00:00:00 2001 From: Kurtis Michie Date: Tue, 24 Jan 2023 14:24:47 -0700 Subject: [PATCH 07/12] Modified error logging to fail fast --- .../routing/middleware/wrappers_test.go | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go b/traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go index d0e05746a6..8afdfd9e9e 100644 --- a/traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go +++ b/traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go @@ -442,7 +442,6 @@ func TestNoOpWhenNoPermissionsRequired(t *testing.T) { func TestGetCookieToken(t *testing.T) { var cookies []http.Cookie - var e bytes.Buffer mojoCookie := http.Cookie{Name: "mojolicious", Value: "eyJhdXRoX2RhdGEiOiJhZG1pbiIsImV4cGlyZXMiOjE2NzQyNTY4MjEsImJ5IjoidHJhZmZpY2NvbnRyb2wtZ28tdG9jb29raWUifQ--f7f40f516bfedc888d0ac6bc3c373b21773d1765"} accessToken := http.Cookie{Name: "access_token", Value: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NzQyNTY4MjEsIm1vam9Db29raWUiOiJleUpoZFhSb1gyUmhkR0VpT2lKaFpHMXBiaUlzSW1WNGNHbHlaWE1pT2pFMk56UXlOVFk0TWpFc0ltSjVJam9pZEhKaFptWnBZMk52Ym5SeWIyd3RaMjh0ZEc5amIyOXJhV1VpZlEtLWY3ZjQwZjUxNmJmZWRjODg4ZDBhYzZiYzNjMzczYjIxNzczZDE3NjUifQ.41te1VWlSzHCiH77nZjdqtGQNgc-ad6HwRi5cyffTGc"} @@ -456,20 +455,17 @@ func TestGetCookieToken(t *testing.T) { r.AddCookie(&cookies[i]) cookie := getCookieToken(r) if cookie != mojoCookie.Value && cookies[i].Name == "mojolicious" { - e.WriteString("Error: Unable to get mojolicious cookie. ") + t.Errorf("Error: Unable to get mojolicious cookie. Expected: %v Got: %v", mojoCookie.Value, cookie) } else if cookie != mojoCookie.Value && cookies[i].Name == "access_token" { - e.WriteString("Error: Unable to get mojolicious cookie from Access Token. ") + t.Errorf("Error: Unable to get mojolicious cookie from Access Token. Expected: %v Got: %v", mojoCookie.Value, cookie) } } else { r.Header.Add("Authorization", bearerToken) cookie := getCookieToken(r) if cookie != mojoCookie.Value { - e.WriteString("Error: Unable to get cookie from Bearer Token.") + t.Errorf("Error: Unable to get cookie from Bearer Token. Expected: %v Got: %v", mojoCookie.Value, cookie) } } } } - if e.String() != "" { - t.Error(e.String()) - } } From 961978617300642f34aad74adfed8815d569f4c7 Mon Sep 17 00:00:00 2001 From: Kurtis Michie Date: Wed, 25 Jan 2023 15:13:10 -0700 Subject: [PATCH 08/12] Made TestGetCookieToken in wrappers_test.go more versatile and robust with username parsing verification. --- .../routing/middleware/wrappers_test.go | 42 +++++++++++++------ 1 file changed, 29 insertions(+), 13 deletions(-) diff --git a/traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go b/traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go index 8afdfd9e9e..35e7d6c4ff 100644 --- a/traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go +++ b/traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go @@ -26,6 +26,8 @@ import ( "encoding/json" "flag" "fmt" + "github.com/lestrrat-go/jwx/jwa" + "github.com/lestrrat-go/jwx/jwt" "io/ioutil" "net/http" "net/http/httptest" @@ -442,29 +444,43 @@ func TestNoOpWhenNoPermissionsRequired(t *testing.T) { func TestGetCookieToken(t *testing.T) { var cookies []http.Cookie + var jwtToken jwt.Token + var jwtSigned []byte - mojoCookie := http.Cookie{Name: "mojolicious", Value: "eyJhdXRoX2RhdGEiOiJhZG1pbiIsImV4cGlyZXMiOjE2NzQyNTY4MjEsImJ5IjoidHJhZmZpY2NvbnRyb2wtZ28tdG9jb29raWUifQ--f7f40f516bfedc888d0ac6bc3c373b21773d1765"} - accessToken := http.Cookie{Name: "access_token", Value: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NzQyNTY4MjEsIm1vam9Db29raWUiOiJleUpoZFhSb1gyUmhkR0VpT2lKaFpHMXBiaUlzSW1WNGNHbHlaWE1pT2pFMk56UXlOVFk0TWpFc0ltSjVJam9pZEhKaFptWnBZMk52Ym5SeWIyd3RaMjh0ZEc5amIyOXJhV1VpZlEtLWY3ZjQwZjUxNmJmZWRjODg4ZDBhYzZiYzNjMzczYjIxNzczZDE3NjUifQ.41te1VWlSzHCiH77nZjdqtGQNgc-ad6HwRi5cyffTGc"} - bearerToken := "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NzQ1MjU0OTcsIm1vam9Db29raWUiOiJleUpoZFhSb1gyUmhkR0VpT2lKaFpHMXBiaUlzSW1WNGNHbHlaWE1pT2pFMk56UTFNalUwT1Rjc0ltSjVJam9pZEhKaFptWnBZMk52Ym5SeWIyd3RaMjh0ZEc5amIyOXJhV1VpZlEtLTlmODI1Yzk5MDJhYTU5NDI1ZTQwYzJhYzcyNjhiZTI4NDMyMTg4ZjEifQ.szYraBtmKQ0UB13G6C3WUDcix1kZQyn4uqv27qy0_vY" + authUser := "foobar" + httpCookie := tocookie.GetCookie(authUser, 0, "fOObAR.") + + jwtToken, _ = jwt.NewBuilder().Claim(api.MojoCookie, httpCookie.Value).Build() + jwtSigned, _ = jwt.Sign(jwtToken, jwa.HS256, []byte("fOObAR.")) + + mojoCookie := http.Cookie{Name: httpCookie.Name, Value: httpCookie.Value} + accessToken := http.Cookie{Name: "access_token", Value: string(jwtSigned)} + bearerToken := "Bearer " + string(jwtSigned) cookies = append(cookies, mojoCookie, accessToken, http.Cookie{}) + getUserFromCookie := func(cookieToken string) { + secret := "fOObAR." + user := "" + cookie, userErr, sysErr := tocookie.Parse(secret, cookieToken) + if userErr == nil && sysErr == nil { + user = cookie.AuthData + } + if user != "foobar" { + t.Errorf("Error: Unable to user from cookie. Expected: %v Got: %v", authUser, user) + } + } + r, err := http.NewRequest("GET", "https://localhost:8888", nil) if err == nil && r != nil { for i := range cookies { if cookies[i].Name != "" { r.AddCookie(&cookies[i]) - cookie := getCookieToken(r) - if cookie != mojoCookie.Value && cookies[i].Name == "mojolicious" { - t.Errorf("Error: Unable to get mojolicious cookie. Expected: %v Got: %v", mojoCookie.Value, cookie) - } else if cookie != mojoCookie.Value && cookies[i].Name == "access_token" { - t.Errorf("Error: Unable to get mojolicious cookie from Access Token. Expected: %v Got: %v", mojoCookie.Value, cookie) - } + cookieToken := getCookieToken(r) + getUserFromCookie(cookieToken) } else { r.Header.Add("Authorization", bearerToken) - cookie := getCookieToken(r) - if cookie != mojoCookie.Value { - t.Errorf("Error: Unable to get cookie from Bearer Token. Expected: %v Got: %v", mojoCookie.Value, cookie) - } + cookieToken := getCookieToken(r) + getUserFromCookie(cookieToken) } } } From 1a8257c997e6602e0a31eca4cfaac568f6335180 Mon Sep 17 00:00:00 2001 From: Kurtis Michie Date: Thu, 26 Jan 2023 13:47:36 -0700 Subject: [PATCH 09/12] Organized imports --- .../traffic_ops_golang/routing/middleware/wrappers_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go b/traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go index 35e7d6c4ff..4b4cb917a3 100644 --- a/traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go +++ b/traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go @@ -26,8 +26,6 @@ import ( "encoding/json" "flag" "fmt" - "github.com/lestrrat-go/jwx/jwa" - "github.com/lestrrat-go/jwx/jwt" "io/ioutil" "net/http" "net/http/httptest" @@ -44,6 +42,8 @@ import ( "github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/tocookie" "github.com/jmoiron/sqlx" + "github.com/lestrrat-go/jwx/jwa" + "github.com/lestrrat-go/jwx/jwt" sqlmock "gopkg.in/DATA-DOG/go-sqlmock.v1" ) From df06bab8c9eaf37a2ac27bf1f68c55f5c55778bf Mon Sep 17 00:00:00 2001 From: Kurtis Michie Date: Thu, 26 Jan 2023 14:19:58 -0700 Subject: [PATCH 10/12] Fixed indentation issue on imports --- .../traffic_ops_golang/routing/middleware/wrappers_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go b/traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go index 4b4cb917a3..f81cd9c307 100644 --- a/traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go +++ b/traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go @@ -42,8 +42,8 @@ import ( "github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/tocookie" "github.com/jmoiron/sqlx" - "github.com/lestrrat-go/jwx/jwa" - "github.com/lestrrat-go/jwx/jwt" + "github.com/lestrrat-go/jwx/jwa" + "github.com/lestrrat-go/jwx/jwt" sqlmock "gopkg.in/DATA-DOG/go-sqlmock.v1" ) From b9cfb5d21b9fc517376c1dbdef3614032a76a4ca Mon Sep 17 00:00:00 2001 From: Kurtis Michie Date: Fri, 27 Jan 2023 09:47:57 -0700 Subject: [PATCH 11/12] Arranged imports --- traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go | 1 + 1 file changed, 1 insertion(+) diff --git a/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go b/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go index 2b6781b557..b67b5d4cd1 100644 --- a/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go +++ b/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go @@ -39,6 +39,7 @@ import ( "github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/api" "github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/auth" "github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/tocookie" + "github.com/lestrrat-go/jwx/jwt" ) From 1eb1f574f2d8eda12bc2cf929f4da8ed71bcf10d Mon Sep 17 00:00:00 2001 From: Kurtis Michie Date: Fri, 27 Jan 2023 10:32:48 -0700 Subject: [PATCH 12/12] CHANGELOG.md updated with fix --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 23f76fcbfd..720c4d0872 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -72,6 +72,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/). - [#7182](https://github.com/apache/trafficcontrol/pull/7182) *Traffic Control Cache Config (t3c)* Sort peers used in strategy.yaml to prevent false positive for reload. - [#7204](https://github.com/apache/trafficcontrol/pull/7204) *Traffic Control Cache Config (t3c)* strategies.yaml hash_key only for consistent_hash - [#7277](https://github.com/apache/trafficcontrol/pull/7277) *Traffic Control Cache Config (t3c)* remapdotconfig: remove skip check at mids for nocache/live +- [#7282](https://github.com/apache/trafficcontrol/pull/7282) *Traffic Ops* Fixed issue with user getting correctly logged when using an access or bearer token authentication. ## [7.0.0] - 2022-07-19 ### Added