test: use playwright to test out an OIDC login

author: mo khan <mo@mokhan.ca> 2025-05-14 13:18:54 -0600
committer: mo khan <mo@mokhan.ca> 2025-05-14 13:18:54 -0600
commit: 4b2d609a0efcc1d9b2f1a08f954d067ad1d9cd1e (patch)
tree: 0afacf9217b0569130da6b97d4197331681bf119 /vendor/github.com/go-ole
parent: ab373d1fe698cd3f53258c09bc8515d88a6d0b9e (diff)
5 files changed, 90 insertions, 20 deletions
diff --git a/vendor/github.com/go-ole/go-ole/SECURITY.md b/vendor/github.com/go-ole/go-ole/SECURITY.md
new file mode 100644
index 0000000..dac2815
--- /dev/null
+++ b/vendor/github.com/go-ole/go-ole/SECURITY.md
@@ -0,0 +1,13 @@
+# Security Policy
+
+## Supported Versions
+
+Security updates are applied only to the latest release.
+
+## Reporting a Vulnerability
+
+If you have discovered a security vulnerability in this project, please report it privately. **Do not disclose it as a public issue.** This gives us time to work with you to fix the issue before public exposure, reducing the chance that the exploit will be used before a patch is released.
+
+Please disclose it at [security advisory](https://github.com/go-ole/go-ole/security/advisories/new).
+
+This project is maintained by a team of volunteers on a reasonable-effort basis. As such, please give us at least 90 days to work on a fix before public exposure.
diff --git a/vendor/github.com/go-ole/go-ole/appveyor.yml b/vendor/github.com/go-ole/go-ole/appveyor.yml
index 0d557ac..8df7fa2 100644
--- a/vendor/github.com/go-ole/go-ole/appveyor.yml
+++ b/vendor/github.com/go-ole/go-ole/appveyor.yml
@@ -6,14 +6,9 @@
 
 version: "1.3.0.{build}-alpha-{branch}"
 
-os: Windows Server 2012 R2
+os: Visual Studio 2019
 
-branches:
-  only:
-    - master
-    - v1.2
-    - v1.1
-    - v1.0
+build: off
 
 skip_tags: true
 
@@ -21,20 +16,40 @@ clone_folder: c:\gopath\src\github.com\go-ole\go-ole
 
 environment:
   GOPATH: c:\gopath
-  matrix:
-  - GOARCH: amd64
-    GOVERSION: 1.5
-    GOROOT: c:\go
-    DOWNLOADPLATFORM: "x64"
+  GOROOT: c:\go
+  DOWNLOADPLATFORM: "x64"
 
-install:
-  - choco install mingw
-  - SET PATH=c:\tools\mingw64\bin;%PATH%
+before_test:
   # - Download COM Server
   - ps: Start-FileDownload "https://github.com/go-ole/test-com-server/releases/download/v1.0.2/test-com-server-${env:DOWNLOADPLATFORM}.zip"
   - 7z e test-com-server-%DOWNLOADPLATFORM%.zip -oc:\gopath\src\github.com\go-ole\go-ole > NUL
   - c:\gopath\src\github.com\go-ole\go-ole\build\register-assembly.bat
-  # - set
+
+test_script:
+  - go test -v -cover ./...
+  # go vet has false positives on unsafe.Pointer with windows/sys. Disabling since it is recommended to use go test instead.
+  # - go vet ./...
+
+branches:
+  only:
+    - master
+    - v1.2
+    - v1.1
+    - v1.0
+
+matrix:
+  allow_failures:
+    - environment:
+      GOROOT: C:\go-x86
+      DOWNLOADPLATFORM: "x86"
+    - environment:
+      GOROOT: C:\go118
+      DOWNLOADPLATFORM: "x64"
+    - environment:
+      GOROOT: C:\go118-x86
+      DOWNLOADPLATFORM: "x86"
+
+install:
   - go version
   - go env
   - go get -u golang.org/x/tools/cmd/cover
@@ -45,10 +60,9 @@ build_script:
   - cd c:\gopath\src\github.com\go-ole\go-ole
   - go get -v -t ./...
   - go build
-  - go test -v -cover ./...
 
 # disable automatic tests
-test: off
+test: on
 
 # disable deployment
 deploy: off
diff --git a/vendor/github.com/go-ole/go-ole/com.go b/vendor/github.com/go-ole/go-ole/com.go
index a9bef15..cabbac0 100644
--- a/vendor/github.com/go-ole/go-ole/com.go
+++ b/vendor/github.com/go-ole/go-ole/com.go
@@ -11,6 +11,7 @@ import (
 var (
 	procCoInitialize            = modole32.NewProc("CoInitialize")
 	procCoInitializeEx          = modole32.NewProc("CoInitializeEx")
+	procCoInitializeSecurity    = modole32.NewProc("CoInitializeSecurity")
 	procCoUninitialize          = modole32.NewProc("CoUninitialize")
 	procCoCreateInstance        = modole32.NewProc("CoCreateInstance")
 	procCoTaskMemFree           = modole32.NewProc("CoTaskMemFree")
@@ -37,6 +38,9 @@ var (
 	procDispatchMessageW = moduser32.NewProc("DispatchMessageW")
 )
 
+// This is to enable calling COM Security initialization multiple times
+var bSecurityInit bool = false
+
 // coInitialize initializes COM library on current thread.
 //
 // MSDN documentation suggests that this function should not be called. Call
@@ -68,6 +72,35 @@ func coInitializeEx(coinit uint32) (err error) {
 	return
 }
 
+// coInitializeSecurity: Registers security and sets the default security values
+// for the process.
+func coInitializeSecurity(cAuthSvc int32,
+	dwAuthnLevel uint32,
+	dwImpLevel uint32,
+	dwCapabilities uint32) (err error) {
+	// Check COM Security initialization has done previously
+	if !bSecurityInit {
+		// https://learn.microsoft.com/en-us/windows/win32/api/combaseapi/nf-combaseapi-coinitializesecurity
+		hr, _, _ := procCoInitializeSecurity.Call(
+			uintptr(0),              // Allow *all* VSS writers to communicate back!
+			uintptr(cAuthSvc),       // Default COM authentication service
+			uintptr(0),              // Default COM authorization service
+			uintptr(0),              // Reserved parameter
+			uintptr(dwAuthnLevel),   // Strongest COM authentication level
+			uintptr(dwImpLevel),     // Minimal impersonation abilities
+			uintptr(0),              // Default COM authentication settings
+			uintptr(dwCapabilities), // Cloaking
+			uintptr(0))              // eserved parameter
+		if hr != 0 {
+			err = NewError(hr)
+		} else {
+			// COM Security initialization done make global flag true.
+			bSecurityInit = true
+		}
+	}
+	return
+}
+
 // CoInitialize initializes COM library on current thread.
 //
 // MSDN documentation suggests that this function should not be called. Call
@@ -96,6 +129,15 @@ func CoUninitialize() {
 	procCoUninitialize.Call()
 }
 
+// CoInitializeSecurity: Registers security and sets the default security values
+// for the process.
+func CoInitializeSecurity(cAuthSvc int32,
+	dwAuthnLevel uint32,
+	dwImpLevel uint32,
+	dwCapabilities uint32) (err error) {
+	return coInitializeSecurity(cAuthSvc, dwAuthnLevel, dwImpLevel, dwCapabilities)
+}
+
 // CoTaskMemFree frees memory pointer.
 func CoTaskMemFree(memptr uintptr) {
 	procCoTaskMemFree.Call(memptr)
diff --git a/vendor/github.com/go-ole/go-ole/idispatch_windows.go b/vendor/github.com/go-ole/go-ole/idispatch_windows.go
index b399f04..649c073 100644
--- a/vendor/github.com/go-ole/go-ole/idispatch_windows.go
+++ b/vendor/github.com/go-ole/go-ole/idispatch_windows.go
@@ -1,3 +1,4 @@
+//go:build windows
 // +build windows
 
 package ole
@@ -92,7 +93,7 @@ func invoke(disp *IDispatch, dispid int32, dispatch int16, params ...interface{}
 			case int8:
 				vargs[n] = NewVariant(VT_I1, int64(v.(int8)))
 			case *int8:
-				vargs[n] = NewVariant(VT_I1|VT_BYREF, int64(uintptr(unsafe.Pointer(v.(*uint8)))))
+				vargs[n] = NewVariant(VT_I1|VT_BYREF, int64(uintptr(unsafe.Pointer(v.(*int8)))))
 			case int16:
 				vargs[n] = NewVariant(VT_I2, int64(v.(int16)))
 			case *int16:
diff --git a/vendor/github.com/go-ole/go-ole/variant.go b/vendor/github.com/go-ole/go-ole/variant.go
index 967a23f..a2c8402 100644
--- a/vendor/github.com/go-ole/go-ole/variant.go
+++ b/vendor/github.com/go-ole/go-ole/variant.go
@@ -99,7 +99,7 @@ func (v *VARIANT) Value() interface{} {
 	case VT_DISPATCH:
 		return v.ToIDispatch()
 	case VT_BOOL:
-		return v.Val != 0
+		return (v.Val & 0xffff) != 0
 	}
 	return nil
 }
author	mo khan <mo@mokhan.ca>	2025-05-14 13:18:54 -0600
committer	mo khan <mo@mokhan.ca>	2025-05-14 13:18:54 -0600
commit	4b2d609a0efcc1d9b2f1a08f954d067ad1d9cd1e (patch)
tree	0afacf9217b0569130da6b97d4197331681bf119 /vendor/github.com/go-ole
parent	ab373d1fe698cd3f53258c09bc8515d88a6d0b9e (diff)