fix: support windows file paths (#557)

Closes #514
Closes #332

Co-authored-by: zepatrik <[email protected]>
Co-authored-by: Patrik <[email protected]>

.github/workflows/windows_test.yml

@@ -0,0 +1,16 @@
+name: Windows go test
+
+on:
+  pull_request:
+    branches:
+      - master
+  push:
+    branches:
+      - '*'
+
+jobs:
+  test:
+    runs-on: windows-latest
+    steps:
+      - uses: actions/checkout@v2
+      - run: go test -failfast -timeout=20m ./...

api/credential.go

@@ -12,6 +12,7 @@ import (
 	"github.com/ory/oathkeeper/pipeline/mutate"
 	"github.com/ory/oathkeeper/rule"
 	"github.com/ory/oathkeeper/x"
+	"github.com/ory/x/urlx"
 
 	"github.com/julienschmidt/httprouter"
 	"gopkg.in/square/go-jose.v2"
@@ -102,7 +103,7 @@ func (h *CredentialsHandler) jwksURLs() ([]url.URL, error) {
 	result := make([]url.URL, len(t))
 	i := 0
 	for u := range t {
-		uu, err := url.Parse(u)
+		uu, err := urlx.Parse(u)
 		if err != nil {
 			return nil, err
 		}

cmd/root.go

@@ -59,7 +59,7 @@ func watchAndValidateViper() {
 	if err != nil {
 		logger.WithError(err).Fatal("Unable to open configuration JSON Schema.")
 	}
-	viperx.WatchAndValidateViper(logger, schema, "ORY Oathkeeper", []string{"serve", "profiling", "log"})
+	viperx.WatchAndValidateViper(logger, schema, "ORY Oathkeeper", []string{"serve", "profiling", "log"}, "")
 }
 
 func init() {

credentials/fetcher_default.go

@@ -28,7 +28,6 @@ import (
 	"net/http"
 	"net/url"
 	"os"
-	"strings"
 	"sync"
 	"time"
 
@@ -38,6 +37,7 @@ import (
 	"gopkg.in/square/go-jose.v2"
 
 	"github.com/ory/x/logrusx"
+	"github.com/ory/x/urlx"
 
 	"github.com/ory/herodot"
 	"github.com/ory/x/httpx"
@@ -240,8 +240,10 @@ func (s *FetcherDefault) resolve(wg *sync.WaitGroup, errs chan error, location u
 		defer r.Close()
 
 		reader = r
+	case "":
+		fallthrough
 	case "file":
-		f, err := os.Open(strings.Replace(location.String(), "file://", "", 1))
+		f, err := os.Open(urlx.GetURLFilePath(&location))
 		if err != nil {
 			errs <- errors.WithStack(herodot.
 				ErrInternalServerError.

credentials/fetcher_default_test.go

@@ -13,6 +13,7 @@ import (
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 
+	"github.com/ory/oathkeeper/x"
 	"github.com/ory/x/logrusx"
 
 	"github.com/ory/herodot"
@@ -62,13 +63,13 @@ func TestFetcherDefault(t *testing.T) {
 	defer invalidServer.Close()
 
 	uris := []url.URL{
-		*urlx.ParseOrPanic(timeOutServer.URL),
-		*urlx.ParseOrPanic(slowServer.URL),
-		*urlx.ParseOrPanic(fastServer.URL),
-		*urlx.ParseOrPanic(invalidServer.URL),
-		*urlx.ParseOrPanic("file://../test/stub/jwks-hs.json"),
-		*urlx.ParseOrPanic("file://../test/stub/jwks-rsa-single.json"),
-		*urlx.ParseOrPanic("file://../test/stub/jwks-rsa-multiple.json"),
+		*x.ParseURLOrPanic(timeOutServer.URL),
+		*x.ParseURLOrPanic(slowServer.URL),
+		*x.ParseURLOrPanic(fastServer.URL),
+		*x.ParseURLOrPanic(invalidServer.URL),
+		*x.ParseURLOrPanic("file://../test/stub/jwks-hs.json"),
+		*x.ParseURLOrPanic("file://../test/stub/jwks-rsa-single.json"),
+		*x.ParseURLOrPanic("file://../test/stub/jwks-rsa-multiple.json"),
 	}
 
 	t.Run("name=should result in error because server times out", func(t *testing.T) {

credentials/signer_default_test.go

@@ -11,9 +11,8 @@ import (
 	"github.com/pkg/errors"
 	"github.com/stretchr/testify/require"
 
+	"github.com/ory/oathkeeper/x"
 	"github.com/ory/x/logrusx"
-
-	"github.com/ory/x/urlx"
 )
 
 type defaultSignerMockRegistry struct {
@@ -37,7 +36,7 @@ func TestSignerDefault(t *testing.T) {
 		"file://../test/stub/jwks-rsa-single.json",
 	} {
 		t.Run(fmt.Sprintf("src=%s", src), func(t *testing.T) {
-			token, err := signer.Sign(context.Background(), urlx.ParseOrPanic(src), jwt.MapClaims{"sub": "foo"})
+			token, err := signer.Sign(context.Background(), x.ParseURLOrPanic(src), jwt.MapClaims{"sub": "foo"})
 			require.NoError(t, err)
 
 			fetcher := NewFetcherDefault(logrusx.New("", ""), time.Second, time.Second)
@@ -58,7 +57,7 @@ func verify(t *testing.T, token string, f Fetcher, u string) (*jwt.Token, error)
 
 		t.Logf("Looking up kid: %s", kid)
 
-		key, err := f.ResolveKey(context.Background(), []url.URL{*urlx.ParseOrPanic(u)}, kid, "sig")
+		key, err := f.ResolveKey(context.Background(), []url.URL{*x.ParseURLOrPanic(u)}, kid, "sig")
 		if err != nil {
 			t.Logf("erri erro: %+v", err)
 			return nil, errors.WithStack(err)

credentials/verifier_default_test.go

@@ -13,7 +13,7 @@ import (
 	"github.com/stretchr/testify/require"
 
 	"github.com/ory/fosite"
-	"github.com/ory/x/urlx"
+	"github.com/ory/oathkeeper/x"
 )
 
 func TestVerifierDefault(t *testing.T) {
@@ -22,7 +22,7 @@ func TestVerifierDefault(t *testing.T) {
 	now := time.Now().Round(time.Second)
 
 	var sign = func(claims jwt.MapClaims, src string) string {
-		tt, err := signer.Sign(context.Background(), urlx.ParseOrPanic(src), claims)
+		tt, err := signer.Sign(context.Background(), x.ParseURLOrPanic(src), claims)
 		require.NoError(t, err)
 		return tt
 	}
@@ -47,7 +47,7 @@ func TestVerifierDefault(t *testing.T) {
 				Audiences:     []string{"aud-1", "aud-2"},
 				Issuers:       []string{"iss-1", "iss-2"},
 				Scope:         []string{"scope-1", "scope-2"},
-				KeyURLs:       []url.URL{*urlx.ParseOrPanic("file://../test/stub/jwks-hs.json")},
+				KeyURLs:       []url.URL{*x.ParseURLOrPanic("file://../test/stub/jwks-hs.json")},
 				ScopeStrategy: fosite.ExactScopeStrategy,
 			},
 			token: sign(jwt.MapClaims{
@@ -72,7 +72,7 @@ func TestVerifierDefault(t *testing.T) {
 				Audiences:     []string{"aud-1", "aud-2"},
 				Issuers:       []string{"iss-1", "iss-2"},
 				Scope:         []string{"scope-1", "scope-2"},
-				KeyURLs:       []url.URL{*urlx.ParseOrPanic("file://../test/stub/jwks-hs.json")},
+				KeyURLs:       []url.URL{*x.ParseURLOrPanic("file://../test/stub/jwks-hs.json")},
 				ScopeStrategy: fosite.ExactScopeStrategy,
 			},
 			token: sign(jwt.MapClaims{
@@ -97,7 +97,7 @@ func TestVerifierDefault(t *testing.T) {
 				Audiences:     []string{"aud-1", "aud-2"},
 				Issuers:       []string{"iss-1", "iss-2"},
 				Scope:         []string{"scope-1", "scope-2"},
-				KeyURLs:       []url.URL{*urlx.ParseOrPanic("file://../test/stub/jwks-hs.json")},
+				KeyURLs:       []url.URL{*x.ParseURLOrPanic("file://../test/stub/jwks-hs.json")},
 				ScopeStrategy: fosite.ExactScopeStrategy,
 			},
 			token: sign(jwt.MapClaims{
@@ -122,7 +122,7 @@ func TestVerifierDefault(t *testing.T) {
 				Audiences:     []string{"aud-1", "aud-2"},
 				Issuers:       []string{"iss-1", "iss-2"},
 				Scope:         []string{"scope-1", "scope-2"},
-				KeyURLs:       []url.URL{*urlx.ParseOrPanic("file://../test/stub/jwks-hs.json")},
+				KeyURLs:       []url.URL{*x.ParseURLOrPanic("file://../test/stub/jwks-hs.json")},
 				ScopeStrategy: fosite.ExactScopeStrategy,
 			},
 			token: sign(jwt.MapClaims{
@@ -147,7 +147,7 @@ func TestVerifierDefault(t *testing.T) {
 				Audiences:  []string{"aud-1", "aud-2"},
 				Issuers:    []string{"iss-1", "iss-2"},
 				Scope:      []string{"scope-1", "scope-2"},
-				KeyURLs:    []url.URL{*urlx.ParseOrPanic("file://../test/stub/jwks-hs.json")},
+				KeyURLs:    []url.URL{*x.ParseURLOrPanic("file://../test/stub/jwks-hs.json")},
 			},
 			token: sign(jwt.MapClaims{
 				"sub":    "sub",
@@ -165,7 +165,7 @@ func TestVerifierDefault(t *testing.T) {
 				Audiences:     []string{"aud-1", "aud-2"},
 				Issuers:       []string{"iss-1", "iss-2"},
 				Scope:         []string{"scope-1", "scope-2"},
-				KeyURLs:       []url.URL{*urlx.ParseOrPanic("file://../test/stub/jwks-rsa-single.json")},
+				KeyURLs:       []url.URL{*x.ParseURLOrPanic("file://../test/stub/jwks-rsa-single.json")},
 				ScopeStrategy: fosite.ExactScopeStrategy,
 			},
 			token: sign(jwt.MapClaims{
@@ -184,7 +184,7 @@ func TestVerifierDefault(t *testing.T) {
 				Audiences:     []string{"aud-1", "aud-2"},
 				Issuers:       []string{"iss-1", "iss-2"},
 				Scope:         []string{"scope-1", "scope-2"},
-				KeyURLs:       []url.URL{*urlx.ParseOrPanic("file://../test/stub/jwks-hs.json")},
+				KeyURLs:       []url.URL{*x.ParseURLOrPanic("file://../test/stub/jwks-hs.json")},
 				ScopeStrategy: fosite.ExactScopeStrategy,
 			},
 			token: sign(jwt.MapClaims{
@@ -203,7 +203,7 @@ func TestVerifierDefault(t *testing.T) {
 				Audiences:     []string{"aud-1", "aud-2"},
 				Issuers:       []string{"iss-1", "iss-2"},
 				Scope:         []string{"scope-1", "scope-2"},
-				KeyURLs:       []url.URL{*urlx.ParseOrPanic("file://../test/stub/jwks-hs.json")},
+				KeyURLs:       []url.URL{*x.ParseURLOrPanic("file://../test/stub/jwks-hs.json")},
 				ScopeStrategy: fosite.ExactScopeStrategy,
 			},
 			token: sign(jwt.MapClaims{
@@ -222,7 +222,7 @@ func TestVerifierDefault(t *testing.T) {
 				Audiences:     []string{"aud-1", "aud-2"},
 				Issuers:       []string{"iss-1", "iss-2"},
 				Scope:         []string{"scope-1", "scope-2"},
-				KeyURLs:       []url.URL{*urlx.ParseOrPanic("file://../test/stub/jwks-hs.json")},
+				KeyURLs:       []url.URL{*x.ParseURLOrPanic("file://../test/stub/jwks-hs.json")},
 				ScopeStrategy: fosite.ExactScopeStrategy,
 			},
 			token: sign(jwt.MapClaims{
@@ -241,7 +241,7 @@ func TestVerifierDefault(t *testing.T) {
 				Audiences:     []string{"aud-1", "aud-2"},
 				Issuers:       []string{"iss-1", "iss-2"},
 				Scope:         []string{"scope-1", "scope-2"},
-				KeyURLs:       []url.URL{*urlx.ParseOrPanic("file://../test/stub/jwks-hs.json")},
+				KeyURLs:       []url.URL{*x.ParseURLOrPanic("file://../test/stub/jwks-hs.json")},
 				ScopeStrategy: fosite.ExactScopeStrategy,
 			},
 			token: sign(jwt.MapClaims{
@@ -260,7 +260,7 @@ func TestVerifierDefault(t *testing.T) {
 				Audiences:     []string{"aud-1", "aud-2"},
 				Issuers:       []string{"iss-1", "iss-2"},
 				Scope:         []string{"scope-1", "scope-2"},
-				KeyURLs:       []url.URL{*urlx.ParseOrPanic("file://../test/stub/jwks-hs.json")},
+				KeyURLs:       []url.URL{*x.ParseURLOrPanic("file://../test/stub/jwks-hs.json")},
 				ScopeStrategy: fosite.ExactScopeStrategy,
 			},
 			token: sign(jwt.MapClaims{
@@ -280,7 +280,7 @@ func TestVerifierDefault(t *testing.T) {
 				Audiences:     []string{"aud-1", "aud-2"},
 				Issuers:       []string{"iss-1", "iss-2"},
 				Scope:         []string{"scope-1", "scope-2"},
-				KeyURLs:       []url.URL{*urlx.ParseOrPanic("file://../test/stub/jwks-hs.json")},
+				KeyURLs:       []url.URL{*x.ParseURLOrPanic("file://../test/stub/jwks-hs.json")},
 				ScopeStrategy: fosite.ExactScopeStrategy,
 			},
 			token: sign(jwt.MapClaims{

driver/configuration/provider_viper.go

@@ -17,14 +17,14 @@ import (
 
 	"github.com/ory/viper"
 	"github.com/ory/x/logrusx"
+	"github.com/ory/x/urlx"
 
 	"github.com/ory/go-convenience/stringsx"
 
 	"github.com/ory/fosite"
 	"github.com/ory/gojsonschema"
 	"github.com/ory/x/corsx"
 	"github.com/ory/x/tracing"
-	"github.com/ory/x/urlx"
 	"github.com/ory/x/viperx"
 
 	"github.com/ory/oathkeeper/x"
@@ -138,7 +138,7 @@ func (v *ViperProvider) AccessRuleRepositories() []url.URL {
 	sources := viperx.GetStringSlice(v.l, ViperKeyAccessRuleRepositories, []string{})
 	repositories := make([]url.URL, len(sources))
 	for k, source := range sources {
-		repositories[k] = *urlx.ParseOrFatal(v.l, source)
+		repositories[k] = *x.ParseURLOrFatal(v.l, source)
 	}
 
 	return repositories
@@ -216,7 +216,7 @@ func (v *ViperProvider) PrometheusCollapseRequestPaths() bool {
 func (v *ViperProvider) ParseURLs(sources []string) ([]url.URL, error) {
 	r := make([]url.URL, len(sources))
 	for k, u := range sources {
-		p, err := url.Parse(u)
+		p, err := urlx.Parse(u)
 		if err != nil {
 			return nil, err
 		}

driver/configuration/provider_viper_public_test.go

@@ -13,7 +13,6 @@ import (
 
 	"github.com/ory/x/logrusx"
 
-	"github.com/ory/x/urlx"
 	"github.com/ory/x/viperx"
 
 	"github.com/ory/viper"
@@ -234,9 +233,9 @@ func TestViperProvider(t *testing.T) {
 
 	t.Run("group=access_rules", func(t *testing.T) {
 		assert.Equal(t, []url.URL{
-			*urlx.ParseOrPanic("file://path/to/rules.json"),
-			*urlx.ParseOrPanic("inline://W3siaWQiOiJmb28tcnVsZSIsImF1dGhlbnRpY2F0b3JzIjpbXX1d"),
-			*urlx.ParseOrPanic("https://path-to-my-rules/rules.json"),
+			*x.ParseURLOrPanic("file://path/to/rules.json"),
+			*x.ParseURLOrPanic("inline://W3siaWQiOiJmb28tcnVsZSIsImF1dGhlbnRpY2F0b3JzIjpbXX1d"),
+			*x.ParseURLOrPanic("https://path-to-my-rules/rules.json"),
 		}, p.AccessRuleRepositories())
 
 	})

go.mod

@@ -1,10 +1,8 @@
 module github.com/ory/oathkeeper
 
 require (
-	cloud.google.com/go v0.58.0
 	github.com/Azure/azure-pipeline-go v0.2.2
 	github.com/Azure/azure-storage-blob-go v0.9.0
-	github.com/Masterminds/goutils v1.1.0 // indirect
 	github.com/Masterminds/sprig/v3 v3.1.0
 	github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535
 	github.com/auth0/go-jwt-middleware v0.0.0-20170425171159-5493cabe49f7
@@ -29,7 +27,6 @@ require (
 	github.com/golang/mock v1.4.3
 	github.com/google/go-replayers/httpreplay v0.1.0
 	github.com/google/uuid v1.1.1
-	github.com/gorilla/mux v1.7.1 // indirect
 	github.com/gorilla/websocket v1.4.2
 	github.com/imdario/mergo v0.3.8
 	github.com/julienschmidt/httprouter v1.2.0
@@ -48,7 +45,7 @@ require (
 	github.com/ory/jsonschema/v3 v3.0.1
 	github.com/ory/ladon v1.1.0
 	github.com/ory/viper v1.7.5
-	github.com/ory/x v0.0.128
+	github.com/ory/x v0.0.163
 	github.com/pborman/uuid v1.2.0
 	github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2
 	github.com/pkg/errors v0.9.1
@@ -57,7 +54,6 @@ require (
 	github.com/rs/cors v1.6.0
 	github.com/sirupsen/logrus v1.7.0
 	github.com/spf13/cobra v1.1.1
-	github.com/spf13/viper v1.7.0 // indirect
 	github.com/sqs/goreturns v0.0.0-20181028201513-538ac6014518
 	github.com/square/go-jose v2.3.1+incompatible
 	github.com/stretchr/testify v1.6.1
@@ -72,7 +68,6 @@ require (
 	golang.org/x/sys v0.0.0-20201029080932-201ba4db2418 // indirect
 	golang.org/x/tools v0.0.0-20201029135353-690a3c245f28
 	google.golang.org/api v0.26.0
-	google.golang.org/grpc v1.29.1 // indirect
 	gopkg.in/square/go-jose.v2 v2.5.1
 )