Adds logger

extauthz/cmd/extauthz/main.go

@@ -11,6 +11,8 @@ import (
 	"github.com/openfga/openfga-envoy/extauthz/internal/extractor"
 	"github.com/openfga/openfga-envoy/extauthz/internal/server/authz"
 	"github.com/openfga/openfga-envoy/extauthz/internal/server/config"
+	"github.com/openfga/openfga/pkg/logger"
+	"go.uber.org/zap"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/health"
 	"google.golang.org/grpc/health/grpc_health_v1"
@@ -32,7 +34,6 @@ func main() {
 	}
 
 	fgaClient, err := client.NewSdkClient(&client.ClientConfiguration{
-		//		Debug:                true,
 		ApiUrl:               cfg.Server.APIURL,
 		StoreId:              cfg.Server.StoreID,
 		AuthorizationModelId: cfg.Server.AuthorizationModelID, // optional, recommended to be set for production
@@ -68,16 +69,22 @@ func main() {
 		extractionSet = append(extractionSet, eSet)
 	}
 
-	filter := authz.NewExtAuthZFilter(fgaClient, extractionSet)
+	logger, err := logger.NewLogger(parseLogConfig(cfg.Log)...)
+	if err != nil {
+		log.Fatalf("failed to create logger: %v", err)
+	}
+	defer logger.Sync()
+
+	filter := authz.NewExtAuthZFilter(fgaClient, extractionSet, logger)
 
 	server := createServer(filter)
 
 	listener, err := net.Listen("tcp", fmt.Sprintf(":%d", port))
 	if err != nil {
-		panic(err)
+		log.Fatalf("failed start listener: %v", err)
 	}
 
-	fmt.Printf("Starting server on port %d\n", port)
+	logger.Info("Starting server", zap.Int("port", port))
 	log.Fatal(server.Serve(listener))
 }
 
@@ -89,3 +96,11 @@ func createServer(filter *authz.ExtAuthZFilter) *grpc.Server {
 
 	return grpcServer
 }
+
+func parseLogConfig(cfg config.Log) []logger.OptionLogger {
+	return []logger.OptionLogger{
+		logger.WithLevel(cfg.Level),
+		logger.WithFormat(cfg.Format),
+		logger.WithTimestampFormat(cfg.TimestampFormat),
+	}
+}

extauthz/cmd/extauthz/main_test.go

@@ -11,6 +11,7 @@ import (
 	"github.com/openfga/go-sdk/client"
 	"github.com/openfga/openfga-envoy/extauthz/internal/extractor"
 	"github.com/openfga/openfga-envoy/extauthz/internal/server/authz"
+	"github.com/openfga/openfga/pkg/logger"
 	"github.com/stretchr/testify/require"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/credentials/insecure"
@@ -28,7 +29,7 @@ func server(ctx context.Context, e extractor.ExtractorKit) (auth_pb.Authorizatio
 		panic(err)
 	}
 
-	filter := authz.NewExtAuthZFilter(fgaClient, []extractor.ExtractorKit{e})
+	filter := authz.NewExtAuthZFilter(fgaClient, []extractor.ExtractorKit{e}, logger.NewNoopLogger())
 
 	baseServer := grpc.NewServer()
 	auth_pb.RegisterAuthorizationServer(baseServer, filter)

extauthz/e2e/config.yaml.tmpl

@@ -3,6 +3,10 @@ server:
   # TODO(jcchavezs): This should be read from an env var
   store_id: ${STORE_ID}
 
+log:
+  level: debug
+  format: json
+
 extraction_sets:
   - name: test
     user:

extauthz/go.mod

@@ -1,29 +1,31 @@
 module github.com/openfga/openfga-envoy/extauthz
 
-go 1.22.1
+go 1.22.6
 
 require (
 	github.com/envoyproxy/go-control-plane v0.12.1-0.20240419124334-0cebb2f428b3
 	github.com/openfga/go-sdk v0.3.5
+	github.com/openfga/openfga v1.6.0
 	github.com/stretchr/testify v1.9.0
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20240415141817-7cd4c1c1f9ec
-	google.golang.org/grpc v1.63.2
+	go.uber.org/zap v1.27.0
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240822170219-fc7c04adadcd
+	google.golang.org/grpc v1.65.0
 	gopkg.in/yaml.v3 v3.0.1
 )
 
 replace github.com/imdario/mergo => github.com/imdario/mergo v0.3.5
 
 require (
-	github.com/cncf/xds/go v0.0.0-20240329184929-0c46c01016dc // indirect
+	github.com/cncf/xds/go v0.0.0-20240423153145-555b57ec207b // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/envoyproxy/protoc-gen-validate v1.0.4 // indirect
-	github.com/kr/text v0.2.0 // indirect
 	github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/rogpeppe/go-internal v1.12.0 // indirect
-	golang.org/x/net v0.24.0 // indirect
-	golang.org/x/sync v0.7.0 // indirect
-	golang.org/x/sys v0.19.0 // indirect
-	golang.org/x/text v0.14.0 // indirect
-	google.golang.org/protobuf v1.33.0 // indirect
+	go.uber.org/multierr v1.11.0 // indirect
+	golang.org/x/net v0.28.0 // indirect
+	golang.org/x/sync v0.8.0 // indirect
+	golang.org/x/sys v0.24.0 // indirect
+	golang.org/x/text v0.17.0 // indirect
+	google.golang.org/protobuf v1.34.2 // indirect
 )

extauthz/go.sum

@@ -1,6 +1,5 @@
-github.com/cncf/xds/go v0.0.0-20240329184929-0c46c01016dc h1:Xo7J+m6Iq9pGYXnooTSpxZ11PzNzI7cKU9V81dpKSRQ=
-github.com/cncf/xds/go v0.0.0-20240329184929-0c46c01016dc/go.mod h1:W+zGtBO5Y1IgJhy4+A9GOqVhqLpfZi+vwmdNXUehLA8=
-github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
+github.com/cncf/xds/go v0.0.0-20240423153145-555b57ec207b h1:ga8SEFjZ60pxLcmhnThWgvH2wg8376yUJmPhEH4H3kw=
+github.com/cncf/xds/go v0.0.0-20240423153145-555b57ec207b/go.mod h1:W+zGtBO5Y1IgJhy4+A9GOqVhqLpfZi+vwmdNXUehLA8=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/envoyproxy/go-control-plane v0.12.1-0.20240419124334-0cebb2f428b3 h1:/eklMEyfPvB7C8dULCt9GYwpYDy6shwe7vqHMS+82bI=
@@ -17,6 +16,8 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/openfga/go-sdk v0.3.5 h1:KQXhMREh+g/K7HNuZ/YmXuHkREkq0VMKteua4bYr3Uw=
 github.com/openfga/go-sdk v0.3.5/go.mod h1:u1iErzj5E9/bhe+8nsMv0gigcYbJtImcdgcE5DmpbBg=
+github.com/openfga/openfga v1.6.0 h1:AfTEEK2PJzZPywSYWtOS3IXtHmqPKdLxGr/z+LFUMGk=
+github.com/openfga/openfga v1.6.0/go.mod h1:/Q7/Bg/VeN3m68pAcmySejw/Xpp8HwTV92zrsLBoavo=
 github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 h1:GFCKgmp0tecUJ0sJuv4pzYCqS9+RGSn52M3FUwPs+uo=
 github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10/go.mod h1:t/avpk3KcrXxUnYOhZhMXJlSEyie6gQbtLq5NM3loB8=
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
@@ -25,20 +26,26 @@ github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU
 github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
 github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
 github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
-golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w=
-golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8=
-golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M=
-golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o=
-golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
-golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20240415141817-7cd4c1c1f9ec h1:C3cpGJVV1aqtO+b3L4LV6wQsB7sYplbahYZxrjkZd3A=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20240415141817-7cd4c1c1f9ec/go.mod h1:WtryC6hu0hhx87FDGxWCDptyssuo68sk10vYjF+T9fY=
-google.golang.org/grpc v1.63.2 h1:MUeiw1B2maTVZthpU5xvASfTh3LDbxHd6IJ6QQVU+xM=
-google.golang.org/grpc v1.63.2/go.mod h1:WAX/8DgncnokcFUldAxq7GeB5DXHDbMF+lLvDomNkRA=
-google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
-google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
+go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
+go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
+go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
+go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
+go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
+go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
+golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE=
+golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg=
+golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
+golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sys v0.24.0 h1:Twjiwq9dn6R1fQcyiK+wQyHWfaz/BJB+YIpzU/Cv3Xg=
+golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc=
+golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20240822170219-fc7c04adadcd h1:6TEm2ZxXoQmFWFlt1vNxvVOa1Q0dXFQD1m/rYjXmS0E=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20240822170219-fc7c04adadcd/go.mod h1:UqMtugtsSgubUsoxbuAoiCXvqvErP7Gf0so0mK9tHxU=
+google.golang.org/grpc v1.65.0 h1:bs/cUb4lp1G5iImFFd3u5ixQzweKizoZJAwBNLR42lc=
+google.golang.org/grpc v1.65.0/go.mod h1:WgYC2ypjlB0EiQi6wdKixMqukr6lBc0Vo+oOgjrM5ZQ=
+google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
+google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=

extauthz/internal/extractor/extractor.go

@@ -15,7 +15,7 @@ type Check struct {
 	Context  map[string]interface{}
 }
 
-func (c Check) Validate() error {
+func (c Check) validate() error {
 	if c.User == "" {
 		return errors.New("user is required")
 	}
@@ -103,7 +103,7 @@ func (ek ExtractorKit) Extract(ctx context.Context, req *authv3.CheckRequest) (*
 		return nil, fmt.Errorf("extracting relation: %w", err)
 	}
 
-	if err := check.Validate(); err != nil {
+	if err := check.validate(); err != nil {
 		return nil, fmt.Errorf("validating check: %v", err)
 	}
 
@@ -118,6 +118,8 @@ func GetExtractorConfig(name string) (Config, error) {
 		return &MockConfig{}, nil
 	case "request_method":
 		return nil, nil
+	case "spiffe":
+		return &SpiffeConfig{}, nil
 	default:
 		return nil, errors.New("extractor not found")
 	}
@@ -129,6 +131,8 @@ func MakeExtractor(name string, cfg Config) (Extractor, error) {
 		return NewMock(cfg.(*MockConfig)), nil
 	case "request_method":
 		return NewRequestMethod(cfg), nil
+	case "spiffe":
+		return NewSpiffe(cfg.(*SpiffeConfig)), nil
 	default:
 		return nil, errors.New("extractor not found")
 	}

extauthz/internal/server/authz/authz.go

@@ -4,12 +4,13 @@ import (
 	"context"
 	"errors"
 	"fmt"
-	"log"
 
 	envoy "github.com/envoyproxy/go-control-plane/envoy/service/auth/v3"
 	openfga "github.com/openfga/go-sdk"
 	"github.com/openfga/go-sdk/client"
 	"github.com/openfga/openfga-envoy/extauthz/internal/extractor"
+	"github.com/openfga/openfga/pkg/logger"
+	"go.uber.org/zap"
 	"google.golang.org/genproto/googleapis/rpc/status"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/codes"
@@ -39,13 +40,14 @@ type ExtAuthZFilter struct {
 	client        *client.OpenFgaClient
 	extractionKit []extractor.ExtractorKit
 	modelID       string
+	logger        logger.Logger
 }
 
 var _ envoy.AuthorizationServer = (*ExtAuthZFilter)(nil)
 
 // NewExtAuthZFilter creates a new ExtAuthZFilter
-func NewExtAuthZFilter(c *client.OpenFgaClient, es []extractor.ExtractorKit) *ExtAuthZFilter {
-	return &ExtAuthZFilter{client: c, extractionKit: es}
+func NewExtAuthZFilter(c *client.OpenFgaClient, es []extractor.ExtractorKit, logger logger.Logger) *ExtAuthZFilter {
+	return &ExtAuthZFilter{client: c, extractionKit: es, logger: logger}
 }
 
 func (e ExtAuthZFilter) Register(server *grpc.Server) {
@@ -55,6 +57,7 @@ func (e ExtAuthZFilter) Register(server *grpc.Server) {
 func (e ExtAuthZFilter) Check(ctx context.Context, req *envoy.CheckRequest) (response *envoy.CheckResponse, err error) {
 	res, err := e.check(ctx, req)
 	if err != nil {
+		e.logger.Error("failed to check permissions", zap.Error(err))
 		return nil, err
 	}
 
@@ -80,13 +83,15 @@ func (e ExtAuthZFilter) extract(ctx context.Context, req *envoy.CheckRequest) (*
 
 // Check implements the Check method of the Authorization interface.
 func (e ExtAuthZFilter) check(ctx context.Context, req *envoy.CheckRequest) (response *envoy.CheckResponse, err error) {
+	// TODO: create a new logger when the interface includes the method
+	reqID := req.Attributes.GetRequest().GetHttp().GetHeaders()["x-request-id"]
 	check, err := e.extract(ctx, req)
 	if err != nil {
-		fmt.Printf("extracting from request: %v", err)
-		return nil, err
+		return nil, fmt.Errorf("extracting values from request: %w", err)
 	}
 
 	if check == nil {
+		e.logger.Error("failed to extract values from request", zap.String("request_id", reqID))
 		return deny(codes.InvalidArgument, "No extraction set found"), nil
 	}
 
@@ -101,16 +106,18 @@ func (e ExtAuthZFilter) check(ctx context.Context, req *envoy.CheckRequest) (res
 		AuthorizationModelId: openfga.PtrString(e.modelID),
 	}
 
+	e.logger.Debug("Checking permissions", zap.String("user", check.User), zap.String("relation", check.Relation), zap.String("object", check.Object))
 	data, err := e.client.Check(ctx).Body(body).Options(options).Execute()
 	if err != nil {
-		log.Printf("%v for %v\n", err, body)
+		e.logger.Error("Failed to check permissions", zap.Error(err), zap.String("request_id", reqID))
 		return deny(codes.Internal, fmt.Sprintf("Error checking permissions: %v", err)), nil
 	}
 
 	if data.GetAllowed() {
+		e.logger.Debug("Access granted", zap.String("resolution", data.GetResolution()), zap.String("request_id", reqID))
 		return allow, nil
 	}
 
-	log.Printf("unauthorized request for %v\n", body)
+	e.logger.Debug("Access denied", zap.String("request_id", reqID))
 	return deny(codes.PermissionDenied, fmt.Sprintf("Access denied: %s", data.GetResolution())), nil
 }

extauthz/internal/server/config/config.go

@@ -55,18 +55,25 @@ type ExtractionSet struct {
 type Config struct {
 	ExtractionSet []ExtractionSet `yaml:"extraction_sets"`
 	Server        Server          `yaml:"server"`
+	Log           Log
+}
+
+type Log struct {
+	Level           string `yaml:"level"`
+	Format          string `yaml:"format"`
+	TimestampFormat string `yaml:"timestamp_format"`
 }
 
 func LoadConfig(path string) (Config, error) {
 	cfg := Config{}
 	config, err := os.ReadFile(path)
 	if err != nil {
-		return cfg, err
+		return cfg, fmt.Errorf("reading file: %w", err)
 	}
 
 	err = yaml.Unmarshal(config, &cfg)
 	if err != nil {
-		return cfg, err
+		return cfg, fmt.Errorf("unmarshaling config: %w", err)
 	}
 
 	return cfg, nil

extauthz/internal/server/config/config_test.go

@@ -13,6 +13,11 @@ func TestConfig(t *testing.T) {
 	require.Equal(t, "http://localhost:8080", cfg.Server.APIURL)
 	require.Equal(t, "01FQH7V8BEG3GPQW93KTRFR8JB", cfg.Server.StoreID)
 	require.Equal(t, "01GXSA8YR785C4FYS3C0RTG7B1", cfg.Server.AuthorizationModelID)
+
+	require.Equal(t, "debug", cfg.Log.Level)
+	require.Equal(t, "text", cfg.Log.Format)
+	require.Equal(t, "ISO8601", cfg.Log.TimestampFormat)
+
 	require.Len(t, cfg.ExtractionSet, 1)
 	require.Equal(t, "test", cfg.ExtractionSet[0].Name)
 	require.Equal(t, "mock", cfg.ExtractionSet[0].User.Type)

extauthz/internal/server/config/testdata/config.yaml

@@ -3,6 +3,11 @@ server:
   store_id: 01FQH7V8BEG3GPQW93KTRFR8JB
   authorization_model_id: 01GXSA8YR785C4FYS3C0RTG7B1
 
+log:
+  level: debug
+  format: text
+  timestamp_format: "ISO8601"
+
 extraction_sets:
   - name: test
     user:

go.mod

@@ -1,3 +1,3 @@
 module github.com/openfga/openfga-envoy
 
-go 1.22.1
+go 1.22.6

go.work

@@ -1,4 +1,6 @@
-go 1.22.1
+go 1.22.6
+
+toolchain go1.23.0
 
 use (
 	.

go.work.sum

@@ -12,14 +12,14 @@ github.com/prometheus/client_model v0.6.0/go.mod h1:NTQHnmxFpouOD0DpvP4XujX3CdOA
 github.com/spf13/afero v1.10.0/go.mod h1:UBogFpq8E9Hx+xc5CNTTEpTnuHVmXDwZcZcE1eb/UhQ=
 github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
 go.opentelemetry.io/proto/otlp v1.0.0/go.mod h1:Sy6pihPLfYHkr3NkUbEhGHFhINUSI/v80hjKIs5JXpM=
-go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
 golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M=
 golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/oauth2 v0.17.0/go.mod h1:OzPDGQiuQMguemayvdylqddI7qcD9lnSDb+1FiwQ5HA=
 golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk=
 golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds=
+google.golang.org/genproto v0.0.0-20240123012728-ef4313101c80 h1:KAeGQVN3M9nD0/bQXnr/ClcEMJ968gUXJQ9pwfSynuQ=
 google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de h1:F6qOa9AZTYJXOUEr4jDysRDLrm4PHePlge4v4TGAlxY=
 google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:VUhTRKeHn9wwcdrk73nvdC9gF178Tzhmt/qyaFcPLSo=
 google.golang.org/genproto/googleapis/api v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:5iCWqnniDlqZHrd3neWVTOwvh/v6s3232omMecelax8=