From 1b9a649f101124186376bcc45d0ec0b2f02b7a2e Mon Sep 17 00:00:00 2001 From: Filip Burlacu Date: Fri, 24 Jun 2022 12:38:20 -0400 Subject: [PATCH] feat: return subject ID in gnap auth&continue responses Fixes: #249 Signed-off-by: Filip Burlacu --- cmd/auth-rest/go.mod | 2 +- cmd/auth-rest/go.sum | 5 +- go.mod | 6 +- go.sum | 11 ++- pkg/gnap/authhandler/auth_handler.go | 112 ++++++++++++++++------ pkg/gnap/authhandler/auth_handler_test.go | 46 +++++++-- test/bdd/go.mod | 6 +- test/bdd/go.sum | 11 ++- 8 files changed, 143 insertions(+), 56 deletions(-) diff --git a/cmd/auth-rest/go.mod b/cmd/auth-rest/go.mod index 0d23c12..0d047f2 100644 --- a/cmd/auth-rest/go.mod +++ b/cmd/auth-rest/go.mod @@ -77,7 +77,7 @@ require ( github.com/spf13/pflag v1.0.5 // indirect github.com/square/go-jose/v3 v3.0.0-20200630053402-0a67ce9b0693 // indirect github.com/teserakt-io/golang-ed25519 v0.0.0-20210104091850-3888c087a4c8 // indirect - github.com/trustbloc/auth/spi/gnap v0.0.0-20220518152301-fe6ea3ada1af // indirect + github.com/trustbloc/auth/spi/gnap v0.0.0-20220623204824-c6be06c93136 // indirect github.com/xdg-go/pbkdf2 v1.0.0 // indirect github.com/xdg-go/scram v1.0.2 // indirect github.com/xdg-go/stringprep v1.0.2 // indirect diff --git a/cmd/auth-rest/go.sum b/cmd/auth-rest/go.sum index 7a8940b..f1922e2 100644 --- a/cmd/auth-rest/go.sum +++ b/cmd/auth-rest/go.sum @@ -773,7 +773,6 @@ github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81P github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.2 h1:4jaiDzPyXQvSd7D0EjG45355tLlV3VOECpq10pLC+8s= github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= @@ -787,8 +786,8 @@ github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhV github.com/tidwall/pretty v1.0.2 h1:Z7S3cePv9Jwm1KwS0513MRaoUe3S01WPbLNV40pwWZU= github.com/tidwall/pretty v1.0.2/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= github.com/tidwall/sjson v1.1.4/go.mod h1:wXpKXu8CtDjKAZ+3DrKY5ROCorDFahq8l0tey/Lx1fg= -github.com/trustbloc/auth/spi/gnap v0.0.0-20220518152301-fe6ea3ada1af h1:gnMi90yPlM5iBq4W8sGCQ/x0cFpv7k40wT8SQHKxBfU= -github.com/trustbloc/auth/spi/gnap v0.0.0-20220518152301-fe6ea3ada1af/go.mod h1:BPAXixzwWfMHm55daYibYOD4Aq6UO0wCIKZMZYAvsTk= +github.com/trustbloc/auth/spi/gnap v0.0.0-20220623204824-c6be06c93136 h1:zdkrPZHa9Uzo46bF/JHHklfD/Y8vJBzcrwHNE4LKo54= +github.com/trustbloc/auth/spi/gnap v0.0.0-20220623204824-c6be06c93136/go.mod h1:v5BbFh80GLt8+uaiNLcoOr1IqBGkkZUvazleuimmGdc= github.com/trustbloc/edge-core v0.1.8 h1:m4X5XNDwiHJjGf8gHnpo6aLkBYuqDyNRq+npjxLc5cY= github.com/trustbloc/edge-core v0.1.8/go.mod h1:gfoyG/xquRXyHkww0ldM2jwOTuKKZpHYn+87f+TBQ8M= github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM= diff --git a/go.mod b/go.mod index 2317001..18bd688 100644 --- a/go.mod +++ b/go.mod @@ -16,8 +16,8 @@ require ( github.com/hyperledger/aries-framework-go/spi v0.0.0-20220330140627-07042d78580c github.com/ory/hydra-client-go v1.10.6 github.com/square/go-jose/v3 v3.0.0-20200630053402-0a67ce9b0693 - github.com/stretchr/testify v1.7.1 - github.com/trustbloc/auth/spi/gnap v0.0.0-20220518152301-fe6ea3ada1af + github.com/stretchr/testify v1.7.2 + github.com/trustbloc/auth/spi/gnap v0.0.0-20220623204824-c6be06c93136 github.com/trustbloc/edge-core v0.1.8 golang.org/x/crypto v0.0.0-20210817164053-32db794688a5 golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 @@ -61,5 +61,5 @@ require ( gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect gopkg.in/square/go-jose.v2 v2.5.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect - gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index c15f3fb..3acb033 100644 --- a/go.sum +++ b/go.sum @@ -659,8 +659,8 @@ github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81P github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.1 h1:5TQK59W5E3v0r2duFAb7P95B6hEeOyEnHRa8MjYSMTY= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.2 h1:4jaiDzPyXQvSd7D0EjG45355tLlV3VOECpq10pLC+8s= +github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= github.com/teserakt-io/golang-ed25519 v0.0.0-20200315192543-8255be791ce4/go.mod h1:9PdLyPiZIiW3UopXyRnPYyjUXSpiQNHRLu8fOsR3o8M= github.com/teserakt-io/golang-ed25519 v0.0.0-20210104091850-3888c087a4c8 h1:RBkacARv7qY5laaXGlF4wFB/tk5rnthhPb8oIBGoagY= @@ -671,8 +671,8 @@ github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhV github.com/tidwall/pretty v1.0.2 h1:Z7S3cePv9Jwm1KwS0513MRaoUe3S01WPbLNV40pwWZU= github.com/tidwall/pretty v1.0.2/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= github.com/tidwall/sjson v1.1.4/go.mod h1:wXpKXu8CtDjKAZ+3DrKY5ROCorDFahq8l0tey/Lx1fg= -github.com/trustbloc/auth/spi/gnap v0.0.0-20220518152301-fe6ea3ada1af h1:gnMi90yPlM5iBq4W8sGCQ/x0cFpv7k40wT8SQHKxBfU= -github.com/trustbloc/auth/spi/gnap v0.0.0-20220518152301-fe6ea3ada1af/go.mod h1:BPAXixzwWfMHm55daYibYOD4Aq6UO0wCIKZMZYAvsTk= +github.com/trustbloc/auth/spi/gnap v0.0.0-20220623204824-c6be06c93136 h1:zdkrPZHa9Uzo46bF/JHHklfD/Y8vJBzcrwHNE4LKo54= +github.com/trustbloc/auth/spi/gnap v0.0.0-20220623204824-c6be06c93136/go.mod h1:v5BbFh80GLt8+uaiNLcoOr1IqBGkkZUvazleuimmGdc= github.com/trustbloc/edge-core v0.1.8 h1:m4X5XNDwiHJjGf8gHnpo6aLkBYuqDyNRq+npjxLc5cY= github.com/trustbloc/edge-core v0.1.8/go.mod h1:gfoyG/xquRXyHkww0ldM2jwOTuKKZpHYn+87f+TBQ8M= github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM= @@ -1190,8 +1190,9 @@ gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/pkg/gnap/authhandler/auth_handler.go b/pkg/gnap/authhandler/auth_handler.go index 8d19617..f2d1795 100644 --- a/pkg/gnap/authhandler/auth_handler.go +++ b/pkg/gnap/authhandler/auth_handler.go @@ -131,34 +131,33 @@ func (h *AuthHandler) HandleAccessRequest( // nolint: funlen,gocyclo return nil, fmt.Errorf("failed to determine permissions for access request: %w", err) } - continueToken := gnap.AccessToken{ - Value: uuid.New().String(), - } - - s.ContinueToken = &api.ExpiringToken{AccessToken: continueToken} - - s.NeedsConsent = permissions.NeedsConsent - // TODO: smarter access policy logic, to recognize if a token is being re-requested, and send that token instead of // creating fresh access tokens every time. - if permissions.NeedsConsent.IsEmpty() && !permissions.Allowed.IsEmpty() { // nothing needs consent, but something is allowed, so create tokens for all allowed, and return - var newTokens []gnap.AccessToken - newTokens, s = h.createTokens(permissions.Allowed.Tokens, s) + var resp *gnap.AuthResponse - err = h.sessionStore.Save(s) + resp, s, err = h.tokensGranted(permissions.Allowed.Tokens, s) if err != nil { return nil, err } - resp := &gnap.AuthResponse{ - AccessToken: newTokens, + err = h.sessionStore.Save(s) + if err != nil { + return nil, err } return resp, nil } + continueToken := gnap.AccessToken{ + Value: uuid.New().String(), + } + + s.ContinueToken = &api.ExpiringToken{AccessToken: continueToken} + + s.NeedsConsent = permissions.NeedsConsent + s.AllowedRequest = permissions.Allowed // TODO: support selecting one of multiple interaction handlers @@ -211,15 +210,21 @@ func (h *AuthHandler) HandleContinueRequest( s.AddSubjectData(consent.SubjectData) - var newTokens, addedTokens []gnap.AccessToken - newTokens, s = h.createTokens(consent.Tokens, s) + var tokReqs []*api.ExpiringTokenRequest + + tokReqs = append(tokReqs, consent.Tokens...) // create fresh tokens for all requested tokens that were already permitted before this consent interaction if s.AllowedRequest != nil { - addedTokens, s = h.createTokens(s.AllowedRequest.Tokens, s) + tokReqs = append(tokReqs, s.AllowedRequest.Tokens...) } - newTokens = append(newTokens, addedTokens...) + var resp *gnap.AuthResponse + + resp, s, err = h.tokensGranted(tokReqs, s) + if err != nil { + return nil, err + } // clear request metadata, since these are now granted s.AllowedRequest = nil @@ -235,11 +240,40 @@ func (h *AuthHandler) HandleContinueRequest( return nil, err } + return resp, nil +} + +func (h *AuthHandler) tokensGranted( + tokReqs []*api.ExpiringTokenRequest, + s *session.Session, +) ( + *gnap.AuthResponse, + *session.Session, + error, +) { + var newTokens []gnap.AccessToken + + newTokens, s = h.createTokens(tokReqs, s) + resp := &gnap.AuthResponse{ AccessToken: newTokens, } - return resp, nil + subjectData, err := h.getSubjectData(newTokens, s) + if err != nil { + return nil, nil, err + } + + if sub, ok := subjectData["sub"]; ok { + resp.Subject.SubIDs = []gnap.SubjectID{ + { + Format: "opaque", + ID: sub, + }, + } + } + + return resp, s, nil } func (h *AuthHandler) createTokens( @@ -279,8 +313,34 @@ func (h *AuthHandler) createTokens( return newTokens, clientSession } +func (h *AuthHandler) getSubjectData( + tokens []gnap.AccessToken, + clientSession *session.Session, +) (map[string]string, error) { + mergedAccess := []gnap.TokenAccess{} + + for _, token := range tokens { + mergedAccess = append(mergedAccess, token.Access...) + } + + subjectKeys, err := h.accessPolicy.AllowedSubjectKeys(mergedAccess) + if err != nil { + return nil, fmt.Errorf("error fetching subject-data keys: %w", err) + } + + subjectData := map[string]string{} + + for k := range subjectKeys { + if v, ok := clientSession.SubjectData[k]; ok { + subjectData[k] = v + } + } + + return subjectData, nil +} + // HandleIntrospection handles GNAP resource-server requests for access token introspection. -func (h *AuthHandler) HandleIntrospection( // nolint:gocyclo,funlen +func (h *AuthHandler) HandleIntrospection( // nolint:gocyclo req *gnap.IntrospectRequest, reqVerifier api.Verifier, ) (*gnap.IntrospectResponse, error) { @@ -325,9 +385,9 @@ func (h *AuthHandler) HandleIntrospection( // nolint:gocyclo,funlen return &gnap.IntrospectResponse{Active: false}, nil } - subjectKeys, err := h.accessPolicy.AllowedSubjectKeys(clientToken.Access) + subjectData, err := h.getSubjectData([]gnap.AccessToken{clientToken.AccessToken}, clientSession) if err != nil { - err = fmt.Errorf("error fetching subject-data keys for requested token: %w", err) + return nil, fmt.Errorf("get subject data: %w", err) } resp := &gnap.IntrospectResponse{ @@ -335,13 +395,7 @@ func (h *AuthHandler) HandleIntrospection( // nolint:gocyclo,funlen Access: clientToken.Access, Key: clientSession.ClientKey, Flags: clientToken.Flags, - SubjectData: map[string]string{}, - } - - for k := range subjectKeys { - if v, ok := clientSession.SubjectData[k]; ok { - resp.SubjectData[k] = v - } + SubjectData: subjectData, } return resp, err diff --git a/pkg/gnap/authhandler/auth_handler_test.go b/pkg/gnap/authhandler/auth_handler_test.go index 5f45f0a..6a916aa 100644 --- a/pkg/gnap/authhandler/auth_handler_test.go +++ b/pkg/gnap/authhandler/auth_handler_test.go @@ -21,6 +21,7 @@ import ( "github.com/trustbloc/auth/pkg/gnap/accesspolicy" "github.com/trustbloc/auth/pkg/gnap/api" + "github.com/trustbloc/auth/pkg/gnap/session" "github.com/trustbloc/auth/pkg/internal/common/mockinteract" "github.com/trustbloc/auth/pkg/internal/common/mockstorage" "github.com/trustbloc/auth/pkg/internal/common/mockverifier" @@ -389,6 +390,8 @@ func TestAuthHandler_HandleContinueRequest(t *testing.T) { h, err := New(config(t)) require.NoError(t, err) + subID := "JohnDoe12341234" + h.loginConsent = &mockinteract.InteractHandler{ QueryVal: &api.ConsentResult{ Tokens: []*api.ExpiringTokenRequest{ @@ -397,13 +400,17 @@ func TestAuthHandler_HandleContinueRequest(t *testing.T) { Access: []gnap.TokenAccess{ { IsReference: true, - Ref: "foo", + Ref: "client-id", }, }, Label: "foo", }, }, }, + + SubjectData: map[string]string{ + "sub": subID, + }, }, } @@ -421,7 +428,7 @@ func TestAuthHandler_HandleContinueRequest(t *testing.T) { Access: []gnap.TokenAccess{ { IsReference: true, - Ref: "bar", + Ref: "other-access", }, }, Label: "bar", @@ -439,6 +446,9 @@ func TestAuthHandler_HandleContinueRequest(t *testing.T) { // TODO: validate that one token is foo, one token is bar, either order require.Equal(t, "foo", resp.AccessToken[0].Label) require.Equal(t, "bar", resp.AccessToken[1].Label) + + require.Len(t, resp.Subject.SubIDs, 1) + require.Equal(t, subID, resp.Subject.SubIDs[0].ID) }) } @@ -618,8 +628,8 @@ func TestAuthHandler_HandleIntrospection(t *testing.T) { clientSession.Tokens = append(clientSession.Tokens, &api.ExpiringToken{AccessToken: *token}) clientSession.AddSubjectData(map[string]string{ - clientIDKey: clientIDVal, - "secret": "blah blah", + "sub": clientIDVal, + "secret": "blah blah", }) require.NoError(t, h.sessionStore.Save(clientSession)) @@ -641,13 +651,35 @@ func TestAuthHandler_HandleIntrospection(t *testing.T) { Access: token.Access, Key: clientVerKey, SubjectData: map[string]string{ - clientIDKey: clientIDVal, + "sub": clientIDVal, }, } require.Equal(t, expectedResp, resp) }) } +func TestAuthHandler_tokensGranted(t *testing.T) { + t.Run("failure", func(t *testing.T) { + h, err := New(config(t)) + require.NoError(t, err) + + _, _, err = h.tokensGranted([]*api.ExpiringTokenRequest{ + { + TokenRequest: gnap.TokenRequest{ + Access: []gnap.TokenAccess{ + { + IsReference: true, + Ref: "not-found", + }, + }, + }, + }, + }, &session.Session{}) + require.Error(t, err) + require.Contains(t, err.Error(), "fetching subject-data keys") + }) +} + func config(t *testing.T) *Config { t.Helper() @@ -688,8 +720,8 @@ const ( "permission": "NeedsConsent", "access": { "type": "trustbloc.xyz/auth/type/client-id", - "subject-keys": ["client-id"], - "userid-key": "client-id" + "subject-keys": ["sub"], + "userid-key": "sub" } }, { "reference": "other-access", diff --git a/test/bdd/go.mod b/test/bdd/go.mod index 5cf46eb..73bb5cf 100644 --- a/test/bdd/go.mod +++ b/test/bdd/go.mod @@ -17,7 +17,7 @@ require ( github.com/square/go-jose/v3 v3.0.0-20200630053402-0a67ce9b0693 github.com/tidwall/gjson v1.14.1 github.com/trustbloc/auth v0.0.0 - github.com/trustbloc/auth/spi/gnap v0.0.0-20220518152301-fe6ea3ada1af + github.com/trustbloc/auth/spi/gnap v0.0.0-20220623204824-c6be06c93136 github.com/trustbloc/edge-core v0.1.8 golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 ) @@ -75,7 +75,7 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/sirupsen/logrus v1.6.0 // indirect github.com/spf13/pflag v1.0.5 // indirect - github.com/stretchr/testify v1.7.1 // indirect + github.com/stretchr/testify v1.7.2 // indirect github.com/teserakt-io/golang-ed25519 v0.0.0-20210104091850-3888c087a4c8 // indirect github.com/tidwall/match v1.1.1 // indirect github.com/tidwall/pretty v1.2.0 // indirect @@ -91,7 +91,7 @@ require ( google.golang.org/protobuf v1.27.1 // indirect gopkg.in/square/go-jose.v2 v2.5.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect - gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect gotest.tools/v3 v3.0.3 // indirect ) diff --git a/test/bdd/go.sum b/test/bdd/go.sum index d99cb71..64364e8 100644 --- a/test/bdd/go.sum +++ b/test/bdd/go.sum @@ -794,8 +794,8 @@ github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81P github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.1 h1:5TQK59W5E3v0r2duFAb7P95B6hEeOyEnHRa8MjYSMTY= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.2 h1:4jaiDzPyXQvSd7D0EjG45355tLlV3VOECpq10pLC+8s= +github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= github.com/teserakt-io/golang-ed25519 v0.0.0-20200315192543-8255be791ce4/go.mod h1:9PdLyPiZIiW3UopXyRnPYyjUXSpiQNHRLu8fOsR3o8M= @@ -813,8 +813,8 @@ github.com/tidwall/pretty v1.2.0 h1:RWIZEg2iJ8/g6fDDYzMpobmaoGh5OLl4AXtGUGPcqCs= github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU= github.com/tidwall/sjson v1.1.4/go.mod h1:wXpKXu8CtDjKAZ+3DrKY5ROCorDFahq8l0tey/Lx1fg= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= -github.com/trustbloc/auth/spi/gnap v0.0.0-20220518152301-fe6ea3ada1af h1:gnMi90yPlM5iBq4W8sGCQ/x0cFpv7k40wT8SQHKxBfU= -github.com/trustbloc/auth/spi/gnap v0.0.0-20220518152301-fe6ea3ada1af/go.mod h1:BPAXixzwWfMHm55daYibYOD4Aq6UO0wCIKZMZYAvsTk= +github.com/trustbloc/auth/spi/gnap v0.0.0-20220623204824-c6be06c93136 h1:zdkrPZHa9Uzo46bF/JHHklfD/Y8vJBzcrwHNE4LKo54= +github.com/trustbloc/auth/spi/gnap v0.0.0-20220623204824-c6be06c93136/go.mod h1:v5BbFh80GLt8+uaiNLcoOr1IqBGkkZUvazleuimmGdc= github.com/trustbloc/edge-core v0.1.8 h1:m4X5XNDwiHJjGf8gHnpo6aLkBYuqDyNRq+npjxLc5cY= github.com/trustbloc/edge-core v0.1.8/go.mod h1:gfoyG/xquRXyHkww0ldM2jwOTuKKZpHYn+87f+TBQ8M= github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM= @@ -1361,8 +1361,9 @@ gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= gotest.tools/v3 v3.0.3 h1:4AuOwCGf4lLR9u3YOe2awrHygurzhO/HeQ6laiA6Sx0=