Merge branch 'main' into dependabot/github_actions/bufbuild/buf-setup-action-1.18.0

Author: euskadi31

.github/dependabot.yml

@@ -3,8 +3,7 @@ updates:
 - package-ecosystem: gomod
   directory: "/"
   schedule:
-    interval: daily
-    time: "04:00"
+    interval: weekly
   open-pull-requests-limit: 10
   assignees:
   - euskadi31

.golangci.yml

@@ -49,7 +49,6 @@ linters-settings:
 linters:
   disable-all: true
   enable:
-    - deadcode
     - depguard
     - errcheck
     - gas
@@ -61,10 +60,8 @@ linters:
     - ineffassign
     - megacheck
     - misspell
-    - structcheck
     - typecheck
     - unconvert
-    - varcheck
     - gosimple
     - staticcheck
     - unused

auth.go

@@ -5,7 +5,7 @@ import (
 	"encoding/base64"
 	"strings"
 
-	"github.com/grpc-ecosystem/go-grpc-middleware/v2/auth"
+	"github.com/grpc-ecosystem/go-grpc-middleware/v2/interceptors/auth"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"

auth_test.go

@@ -0,0 +1,108 @@
+package grpcoauth
+
+import (
+	"context"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/metadata"
+)
+
+type FakeStreamServer struct {
+	ctx context.Context
+}
+
+func (f *FakeStreamServer) SetHeader(metadata.MD) error {
+	return nil
+}
+
+func (f *FakeStreamServer) SendHeader(metadata.MD) error {
+	return nil
+}
+
+func (f *FakeStreamServer) SetTrailer(metadata.MD) {
+}
+
+func (f *FakeStreamServer) Context() context.Context {
+	return f.ctx
+}
+
+func (f *FakeStreamServer) SendMsg(m interface{}) error {
+	return nil
+}
+
+func (f *FakeStreamServer) RecvMsg(m interface{}) error {
+	return nil
+}
+
+func TestStreamServerInterceptor(t *testing.T) {
+	authF := func(ctx context.Context, creds *OAuthCredentials) (context.Context, error) {
+		assert.Equal(t, "foo", creds.ClientID)
+		assert.Equal(t, "bar", creds.ClientSecret)
+
+		return ctx, nil
+	}
+
+	fss := &FakeStreamServer{
+		ctx: metadata.NewIncomingContext(context.Background(), metadata.MD{
+			"authorization": []string{"basic Zm9vOmJhcg=="},
+		}),
+	}
+
+	err := StreamServerInterceptor(authF)(nil, fss, &grpc.StreamServerInfo{
+		FullMethod: "/foo.bar",
+	}, func(srv interface{}, stream grpc.ServerStream) error {
+
+		return nil
+	})
+	assert.NoError(t, err)
+}
+
+func TestStreamServerInterceptorWithBadBasicAuthString(t *testing.T) {
+	authF := func(ctx context.Context, creds *OAuthCredentials) (context.Context, error) {
+		assert.Equal(t, "foo", creds.ClientID)
+		assert.Equal(t, "bar", creds.ClientSecret)
+
+		return ctx, nil
+	}
+
+	fss := &FakeStreamServer{
+		ctx: metadata.NewIncomingContext(context.Background(), metadata.MD{
+			"authorization": []string{"basic ="},
+		}),
+	}
+
+	err := StreamServerInterceptor(authF)(nil, fss, &grpc.StreamServerInfo{
+		FullMethod: "/foo.bar",
+	}, func(srv interface{}, stream grpc.ServerStream) error {
+
+		return nil
+	})
+
+	assert.EqualError(t, err, "rpc error: code = Unauthenticated desc = Basic auth invalid")
+}
+
+func TestStreamServerInterceptorWithBadBase64BasicAuthString(t *testing.T) {
+	authF := func(ctx context.Context, creds *OAuthCredentials) (context.Context, error) {
+		assert.Equal(t, "foo", creds.ClientID)
+		assert.Equal(t, "bar", creds.ClientSecret)
+
+		return ctx, nil
+	}
+
+	fss := &FakeStreamServer{
+		ctx: metadata.NewIncomingContext(context.Background(), metadata.MD{
+			"authorization": []string{"basic YmFk"},
+		}),
+	}
+
+	err := StreamServerInterceptor(authF)(nil, fss, &grpc.StreamServerInfo{
+		FullMethod: "/foo.bar",
+	}, func(srv interface{}, stream grpc.ServerStream) error {
+
+		return nil
+	})
+
+	assert.EqualError(t, err, "rpc error: code = Unauthenticated desc = Basic auth invalid")
+}

credentials.go

@@ -12,16 +12,20 @@ import (
 func newOAuth2ClientIDCredentials(clientID string, secret string) credentials.PerRPCCredentials {
 	token := base64.StdEncoding.EncodeToString([]byte(clientID + ":" + secret))
 
-	return oauth.NewOauthAccess(&oauth2.Token{
-		AccessToken: token,
-		TokenType:   "basic",
-	})
+	return &oauth.TokenSource{
+		TokenSource: oauth2.StaticTokenSource(&oauth2.Token{
+			AccessToken: token,
+			TokenType:   "basic",
+		}),
+	}
 }
 
 func newOAuth2AccessTokenCredentials(token string) credentials.PerRPCCredentials {
-	return oauth.NewOauthAccess(&oauth2.Token{
-		AccessToken: token,
-	})
+	return &oauth.TokenSource{
+		TokenSource: oauth2.StaticTokenSource(&oauth2.Token{
+			AccessToken: token,
+		}),
+	}
 }
 
 // PerRPCClientIDCredentials returns a CallOption that sets credentials.PerRPCCredentials

go.mod

@@ -3,26 +3,25 @@ module github.com/hyperscale-stack/grpcoauth
 go 1.18
 
 require (
-	github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.0.0-rc.2
+	github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.0.0-rc.5
 	github.com/stretchr/testify v1.8.2
-	golang.org/x/oauth2 v0.7.0
-	google.golang.org/grpc v1.54.0
+	golang.org/x/oauth2 v0.8.0
+	google.golang.org/grpc v1.55.0
+	google.golang.org/protobuf v1.30.0
 )
 
 require (
-	cloud.google.com/go/compute v1.15.1 // indirect
+	cloud.google.com/go/compute v1.18.0 // indirect
 	cloud.google.com/go/compute/metadata v0.2.3 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/kr/pretty v0.1.0 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
-	golang.org/x/net v0.9.0 // indirect
-	golang.org/x/sys v0.7.0 // indirect
+	golang.org/x/net v0.10.0 // indirect
+	golang.org/x/sys v0.8.0 // indirect
 	golang.org/x/text v0.9.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
-	google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f // indirect
-	google.golang.org/grpc/examples v0.0.0-20220902210910-60a3a7e969c4 // indirect
-	google.golang.org/protobuf v1.28.1 // indirect
+	google.golang.org/genproto v0.0.0-20230306155012-7f2fa6fef1f4 // indirect
 	gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )