Hey Matt, These dependencies seem fine to me, but by the way it looks like https://github.com/lestrrat/go-jwx is now https://github.com/lestrrat-go/jwx (your PR is correctly referencing the latter).
If you'd like to see how we typically vendor our dependencies, here's an example PR where I added a YAML parsing dependency: https://github.com/apache/trafficcontrol/pull/3047/files Note the changes to the .rat-excludes and LICENSE files, and the vendoring was basically done by just git cloning the dependency repo into the trafficcontrol/vendor/gopkg.in directory then removing their .git directory. I think you would clone these repos into trafficcontrol/traffic_ops/traffic_ops_golang/vendor since they're just going to be used by TO for now. Longer-term we need to figure out when/how we want to start using a Go dependency management tool like Go modules for the project, but that is a conversation for another thread IMO. - Rawlin On Mon, Jul 8, 2019 at 1:20 PM Matthew Jackson <[email protected]> wrote: > > Hello again, > > This functionality is just about ready to be merged in so I wanted to send > out an email letting everyone know I am adding 2 dependencies for it. Feel > free to review them and let me know of any questions/concerns. Both are > MIT licensed: > https://github.com/dgrijalva/jwt-go > https://github.com/lestrrat/go-jwx > > Thanks, > Matt > > On Tue, May 14, 2019 at 3:33 PM Matthew Jackson <[email protected]> > wrote: > > > Hey all, > > > > I have submitted this PR: > > https://github.com/apache/trafficcontrol/pull/3505 > > > > It is a first step toward using OAuth for login in Traffic Portal (first > > step because it only works for OAuth providers that return a JWT and use a > > keyset URL instead of key file stored locally). It is an opt in service > > using the traffic_portal_properties.json file so unless you want to use it, > > it will not impact you, but I wanted to give everyone a heads up that it is > > submitted for review. > > > > Let me know if you have any questions/concerns/ideas! > > > > Matt > >
