Grand test fixup (#138)

* start fixing up tests

* fix up tests + automate with drone

* fiddle with linting

* messing about with drone.yml

* some more fiddling

* hmmm

* add cache

* add vendor directory

* verbose

* ci updates

* update some little things

* update sig

vendor/github.com/gin-contrib/cors/.gitignore

@@ -0,0 +1,23 @@
+*.o
+*.a
+*.so
+
+_obj
+_test
+
+*.[568vq]
+[568vq].out
+
+*.cgo1.go
+*.cgo2.c
+_cgo_defun.c
+_cgo_gotypes.go
+_cgo_export.*
+
+_testmain.go
+
+*.exe
+*.test
+*.prof
+
+coverage.out

vendor/github.com/gin-contrib/cors/.travis.yml

@@ -0,0 +1,31 @@
+language: go
+sudo: false
+
+go:
+  - 1.11.x
+  - 1.12.x
+  - 1.13.x
+  - 1.14.x
+  - master
+
+matrix:
+  fast_finish: true
+  include:
+  - go: 1.11.x
+    env: GO111MODULE=on
+  - go: 1.12.x
+    env: GO111MODULE=on
+
+script:
+  - go test -v -covermode=atomic -coverprofile=coverage.out
+
+after_success:
+  - bash <(curl -s https://codecov.io/bash)
+
+notifications:
+  webhooks:
+    urls:
+      - https://webhooks.gitter.im/e/acc2c57482e94b44f557
+    on_success: change
+    on_failure: always
+    on_start: false

vendor/github.com/gin-contrib/cors/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2016 Gin-Gonic
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

vendor/github.com/gin-contrib/cors/README.md

@@ -0,0 +1,91 @@
+# CORS gin's middleware
+
+[![Build Status](https://travis-ci.org/gin-contrib/cors.svg)](https://travis-ci.org/gin-contrib/cors)
+[![codecov](https://codecov.io/gh/gin-contrib/cors/branch/master/graph/badge.svg)](https://codecov.io/gh/gin-contrib/cors)
+[![Go Report Card](https://goreportcard.com/badge/github.com/gin-contrib/cors)](https://goreportcard.com/report/github.com/gin-contrib/cors)
+[![GoDoc](https://godoc.org/github.com/gin-contrib/cors?status.svg)](https://godoc.org/github.com/gin-contrib/cors)
+[![Join the chat at https://gitter.im/gin-gonic/gin](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/gin-gonic/gin)
+
+Gin middleware/handler to enable CORS support.
+
+## Usage
+
+### Start using it
+
+Download and install it:
+
+```sh
+$ go get github.com/gin-contrib/cors
+```
+
+Import it in your code:
+
+```go
+import "github.com/gin-contrib/cors"
+```
+
+### Canonical example:
+
+```go
+package main
+
+import (
+	"time"
+
+	"github.com/gin-contrib/cors"
+	"github.com/gin-gonic/gin"
+)
+
+func main() {
+	router := gin.Default()
+	// CORS for https://foo.com and https://github.com origins, allowing:
+	// - PUT and PATCH methods
+	// - Origin header
+	// - Credentials share
+	// - Preflight requests cached for 12 hours
+	router.Use(cors.New(cors.Config{
+		AllowOrigins:     []string{"https://foo.com"},
+		AllowMethods:     []string{"PUT", "PATCH"},
+		AllowHeaders:     []string{"Origin"},
+		ExposeHeaders:    []string{"Content-Length"},
+		AllowCredentials: true,
+		AllowOriginFunc: func(origin string) bool {
+			return origin == "https://github.com"
+		},
+		MaxAge: 12 * time.Hour,
+	}))
+	router.Run()
+}
+```
+
+### Using DefaultConfig as start point
+
+```go
+func main() {
+	router := gin.Default()
+	// - No origin allowed by default
+	// - GET,POST, PUT, HEAD methods
+	// - Credentials share disabled
+	// - Preflight requests cached for 12 hours
+	config := cors.DefaultConfig()
+	config.AllowOrigins = []string{"http://google.com"}
+	// config.AllowOrigins == []string{"http://google.com", "http://facebook.com"}
+
+	router.Use(cors.New(config))
+	router.Run()
+}
+```
+
+### Default() allows all origins
+
+```go
+func main() {
+	router := gin.Default()
+	// same as
+	// config := cors.DefaultConfig()
+	// config.AllowAllOrigins = true
+	// router.Use(cors.New(config))
+	router.Use(cors.Default())
+	router.Run()
+}
+```

vendor/github.com/gin-contrib/cors/config.go

@@ -0,0 +1,134 @@
+package cors
+
+import (
+	"net/http"
+	"strings"
+
+	"github.com/gin-gonic/gin"
+)
+
+type cors struct {
+	allowAllOrigins  bool
+	allowCredentials bool
+	allowOriginFunc  func(string) bool
+	allowOrigins     []string
+	exposeHeaders    []string
+	normalHeaders    http.Header
+	preflightHeaders http.Header
+	wildcardOrigins  [][]string
+}
+
+var (
+	DefaultSchemas = []string{
+		"http://",
+		"https://",
+	}
+	ExtensionSchemas = []string{
+		"chrome-extension://",
+		"safari-extension://",
+		"moz-extension://",
+		"ms-browser-extension://",
+	}
+	FileSchemas = []string{
+		"file://",
+	}
+	WebSocketSchemas = []string{
+		"ws://",
+		"wss://",
+	}
+)
+
+func newCors(config Config) *cors {
+	if err := config.Validate(); err != nil {
+		panic(err.Error())
+	}
+
+	return &cors{
+		allowOriginFunc:  config.AllowOriginFunc,
+		allowAllOrigins:  config.AllowAllOrigins,
+		allowCredentials: config.AllowCredentials,
+		allowOrigins:     normalize(config.AllowOrigins),
+		normalHeaders:    generateNormalHeaders(config),
+		preflightHeaders: generatePreflightHeaders(config),
+		wildcardOrigins:  config.parseWildcardRules(),
+	}
+}
+
+func (cors *cors) applyCors(c *gin.Context) {
+	origin := c.Request.Header.Get("Origin")
+	if len(origin) == 0 {
+		// request is not a CORS request
+		return
+	}
+	host := c.Request.Host
+
+	if origin == "http://"+host || origin == "https://"+host {
+		// request is not a CORS request but have origin header.
+		// for example, use fetch api
+		return
+	}
+
+	if !cors.validateOrigin(origin) {
+		c.AbortWithStatus(http.StatusForbidden)
+		return
+	}
+
+	if c.Request.Method == "OPTIONS" {
+		cors.handlePreflight(c)
+		defer c.AbortWithStatus(http.StatusNoContent) // Using 204 is better than 200 when the request status is OPTIONS
+	} else {
+		cors.handleNormal(c)
+	}
+
+	if !cors.allowAllOrigins {
+		c.Header("Access-Control-Allow-Origin", origin)
+	}
+}
+
+func (cors *cors) validateWildcardOrigin(origin string) bool {
+	for _, w := range cors.wildcardOrigins {
+		if w[0] == "*" && strings.HasSuffix(origin, w[1]) {
+			return true
+		}
+		if w[1] == "*" && strings.HasPrefix(origin, w[0]) {
+			return true
+		}
+		if strings.HasPrefix(origin, w[0]) && strings.HasSuffix(origin, w[1]) {
+			return true
+		}
+	}
+
+	return false
+}
+
+func (cors *cors) validateOrigin(origin string) bool {
+	if cors.allowAllOrigins {
+		return true
+	}
+	for _, value := range cors.allowOrigins {
+		if value == origin {
+			return true
+		}
+	}
+	if len(cors.wildcardOrigins) > 0 && cors.validateWildcardOrigin(origin) {
+		return true
+	}
+	if cors.allowOriginFunc != nil {
+		return cors.allowOriginFunc(origin)
+	}
+	return false
+}
+
+func (cors *cors) handlePreflight(c *gin.Context) {
+	header := c.Writer.Header()
+	for key, value := range cors.preflightHeaders {
+		header[key] = value
+	}
+}
+
+func (cors *cors) handleNormal(c *gin.Context) {
+	header := c.Writer.Header()
+	for key, value := range cors.normalHeaders {
+		header[key] = value
+	}
+}

vendor/github.com/gin-contrib/cors/cors.go

@@ -0,0 +1,171 @@
+package cors
+
+import (
+	"errors"
+	"strings"
+	"time"
+
+	"github.com/gin-gonic/gin"
+)
+
+// Config represents all available options for the middleware.
+type Config struct {
+	AllowAllOrigins bool
+
+	// AllowOrigins is a list of origins a cross-domain request can be executed from.
+	// If the special "*" value is present in the list, all origins will be allowed.
+	// Default value is []
+	AllowOrigins []string
+
+	// AllowOriginFunc is a custom function to validate the origin. It take the origin
+	// as argument and returns true if allowed or false otherwise. If this option is
+	// set, the content of AllowOrigins is ignored.
+	AllowOriginFunc func(origin string) bool
+
+	// AllowMethods is a list of methods the client is allowed to use with
+	// cross-domain requests. Default value is simple methods (GET and POST)
+	AllowMethods []string
+
+	// AllowHeaders is list of non simple headers the client is allowed to use with
+	// cross-domain requests.
+	AllowHeaders []string
+
+	// AllowCredentials indicates whether the request can include user credentials like
+	// cookies, HTTP authentication or client side SSL certificates.
+	AllowCredentials bool
+
+	// ExposedHeaders indicates which headers are safe to expose to the API of a CORS
+	// API specification
+	ExposeHeaders []string
+
+	// MaxAge indicates how long (in seconds) the results of a preflight request
+	// can be cached
+	MaxAge time.Duration
+
+	// Allows to add origins like http://some-domain/*, https://api.* or http://some.*.subdomain.com
+	AllowWildcard bool
+
+	// Allows usage of popular browser extensions schemas
+	AllowBrowserExtensions bool
+
+	// Allows usage of WebSocket protocol
+	AllowWebSockets bool
+
+	// Allows usage of file:// schema (dangerous!) use it only when you 100% sure it's needed
+	AllowFiles bool
+}
+
+// AddAllowMethods is allowed to add custom methods
+func (c *Config) AddAllowMethods(methods ...string) {
+	c.AllowMethods = append(c.AllowMethods, methods...)
+}
+
+// AddAllowHeaders is allowed to add custom headers
+func (c *Config) AddAllowHeaders(headers ...string) {
+	c.AllowHeaders = append(c.AllowHeaders, headers...)
+}
+
+// AddExposeHeaders is allowed to add custom expose headers
+func (c *Config) AddExposeHeaders(headers ...string) {
+	c.ExposeHeaders = append(c.ExposeHeaders, headers...)
+}
+
+func (c Config) getAllowedSchemas() []string {
+	allowedSchemas := DefaultSchemas
+	if c.AllowBrowserExtensions {
+		allowedSchemas = append(allowedSchemas, ExtensionSchemas...)
+	}
+	if c.AllowWebSockets {
+		allowedSchemas = append(allowedSchemas, WebSocketSchemas...)
+	}
+	if c.AllowFiles {
+		allowedSchemas = append(allowedSchemas, FileSchemas...)
+	}
+	return allowedSchemas
+}
+
+func (c Config) validateAllowedSchemas(origin string) bool {
+	allowedSchemas := c.getAllowedSchemas()
+	for _, schema := range allowedSchemas {
+		if strings.HasPrefix(origin, schema) {
+			return true
+		}
+	}
+	return false
+}
+
+// Validate is check configuration of user defined.
+func (c *Config) Validate() error {
+	if c.AllowAllOrigins && (c.AllowOriginFunc != nil || len(c.AllowOrigins) > 0) {
+		return errors.New("conflict settings: all origins are allowed. AllowOriginFunc or AllowOrigins is not needed")
+	}
+	if !c.AllowAllOrigins && c.AllowOriginFunc == nil && len(c.AllowOrigins) == 0 {
+		return errors.New("conflict settings: all origins disabled")
+	}
+	for _, origin := range c.AllowOrigins {
+		if origin == "*" {
+			c.AllowAllOrigins = true
+			return nil
+		} else if !strings.Contains(origin, "*") && !c.validateAllowedSchemas(origin) {
+			return errors.New("bad origin: origins must contain '*' or include " + strings.Join(c.getAllowedSchemas(), ","))
+		}
+	}
+	return nil
+}
+
+func (c Config) parseWildcardRules() [][]string {
+	var wRules [][]string
+
+	if !c.AllowWildcard {
+		return wRules
+	}
+
+	for _, o := range c.AllowOrigins {
+		if !strings.Contains(o, "*") {
+			continue
+		}
+
+		if c := strings.Count(o, "*"); c > 1 {
+			panic(errors.New("only one * is allowed").Error())
+		}
+
+		i := strings.Index(o, "*")
+		if i == 0 {
+			wRules = append(wRules, []string{"*", o[1:]})
+			continue
+		}
+		if i == (len(o) - 1) {
+			wRules = append(wRules, []string{o[:i-1], "*"})
+			continue
+		}
+
+		wRules = append(wRules, []string{o[:i], o[i+1:]})
+	}
+
+	return wRules
+}
+
+// DefaultConfig returns a generic default configuration mapped to localhost.
+func DefaultConfig() Config {
+	return Config{
+		AllowMethods:     []string{"GET", "POST", "PUT", "PATCH", "DELETE", "HEAD"},
+		AllowHeaders:     []string{"Origin", "Content-Length", "Content-Type"},
+		AllowCredentials: false,
+		MaxAge:           12 * time.Hour,
+	}
+}
+
+// Default returns the location middleware with default configuration.
+func Default() gin.HandlerFunc {
+	config := DefaultConfig()
+	config.AllowAllOrigins = true
+	return New(config)
+}
+
+// New returns the location middleware with user-defined custom configuration.
+func New(config Config) gin.HandlerFunc {
+	cors := newCors(config)
+	return func(c *gin.Context) {
+		cors.applyCors(c)
+	}
+}

vendor/github.com/gin-contrib/cors/go.mod

@@ -0,0 +1,10 @@
+module github.com/gin-contrib/cors
+
+go 1.13
+
+require (
+	github.com/gin-gonic/gin v1.5.0
+	github.com/kr/pretty v0.1.0 // indirect
+	github.com/stretchr/testify v1.4.0
+	gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect
+)

vendor/github.com/gin-contrib/cors/go.sum

@@ -0,0 +1,52 @@
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE=
+github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI=
+github.com/gin-gonic/gin v1.5.0 h1:fi+bqFAx/oLK54somfCtEZs9HeH1LHVoEPUgARpTqyc=
+github.com/gin-gonic/gin v1.5.0/go.mod h1:Nd6IXA8m5kNZdNEHMBd93KT+mdY3+bewLgRvmCsR2Do=
+github.com/go-playground/locales v0.12.1 h1:2FITxuFt/xuCNP1Acdhv62OzaCiviiE4kotfhkmOqEc=
+github.com/go-playground/locales v0.12.1/go.mod h1:IUMDtCfWo/w/mtMfIE/IG2K+Ey3ygWanZIBtBW0W2TM=
+github.com/go-playground/universal-translator v0.16.0 h1:X++omBR/4cE2MNg91AoC3rmGrCjJ8eAeUP/K/EKx4DM=
+github.com/go-playground/universal-translator v0.16.0/go.mod h1:1AnU7NaIRDWWzGEKwgtJRd2xk99HeFyHw3yid4rvQIY=
+github.com/golang/protobuf v1.3.2 h1:6nsPYzhq5kReh6QImI3k5qWzO4PEbvbIW2cwSfR/6xs=
+github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/json-iterator/go v1.1.7 h1:KfgG9LzI+pYjr4xvmz/5H4FXjokeP+rlHLhv3iH62Fo=
+github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
+github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
+github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/leodido/go-urn v1.1.0 h1:Sm1gr51B1kKyfD2BlRcLSiEkffoG96g6TPv6eRoEiB8=
+github.com/leodido/go-urn v1.1.0/go.mod h1:+cyI34gQWZcE1eQU7NVgKkkzdXDQHr1dBMtdAPozLkw=
+github.com/mattn/go-isatty v0.0.9 h1:d5US/mDsogSGW37IV293h//ZFaeajb69h+EHFsv2xGg=
+github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ=
+github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421 h1:ZqeYNhU3OHLH3mGKHDcjJRFFRrJa6eAM5H+CtDdOsPc=
+github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
+github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742 h1:Esafd1046DLDQ0W1YjYsBW+p8U2u7vzgW2SQVmlNazg=
+github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
+github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
+github.com/ugorji/go v1.1.7 h1:/68gy2h+1mWMrwZFeD1kQialdSzAb432dtpeJ42ovdo=
+github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw=
+github.com/ugorji/go/codec v1.1.7 h1:2SvQaVZ1ouYrrKKwoSk2pzd4A9evlKJb9oTL+OaLUSs=
+github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLYF3GoBXY=
+golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a h1:aYOabOQFp6Vj6W1F80affTUvO9UxmJRx8K0gsfABByQ=
+golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/go-playground/assert.v1 v1.2.1 h1:xoYuJVE7KT85PYWrN730RguIQO0ePzVRfFMXadIrXTM=
+gopkg.in/go-playground/assert.v1 v1.2.1/go.mod h1:9RXL0bg/zibRAgZUYszZSwO/z8Y/a8bDuhia5mkpMnE=
+gopkg.in/go-playground/validator.v9 v9.29.1 h1:SvGtYmN60a5CVKTOzMSyfzWDeZRxRuGvRQyEAKbw1xc=
+gopkg.in/go-playground/validator.v9 v9.29.1/go.mod h1:+c9/zcJMFNgbLvly1L1V+PpxWdVbfP1avr/N00E2vyQ=
+gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=

vendor/github.com/gin-contrib/cors/utils.go

@@ -0,0 +1,85 @@
+package cors
+
+import (
+	"net/http"
+	"strconv"
+	"strings"
+	"time"
+)
+
+type converter func(string) string
+
+func generateNormalHeaders(c Config) http.Header {
+	headers := make(http.Header)
+	if c.AllowCredentials {
+		headers.Set("Access-Control-Allow-Credentials", "true")
+	}
+	if len(c.ExposeHeaders) > 0 {
+		exposeHeaders := convert(normalize(c.ExposeHeaders), http.CanonicalHeaderKey)
+		headers.Set("Access-Control-Expose-Headers", strings.Join(exposeHeaders, ","))
+	}
+	if c.AllowAllOrigins {
+		headers.Set("Access-Control-Allow-Origin", "*")
+	} else {
+		headers.Set("Vary", "Origin")
+	}
+	return headers
+}
+
+func generatePreflightHeaders(c Config) http.Header {
+	headers := make(http.Header)
+	if c.AllowCredentials {
+		headers.Set("Access-Control-Allow-Credentials", "true")
+	}
+	if len(c.AllowMethods) > 0 {
+		allowMethods := convert(normalize(c.AllowMethods), strings.ToUpper)
+		value := strings.Join(allowMethods, ",")
+		headers.Set("Access-Control-Allow-Methods", value)
+	}
+	if len(c.AllowHeaders) > 0 {
+		allowHeaders := convert(normalize(c.AllowHeaders), http.CanonicalHeaderKey)
+		value := strings.Join(allowHeaders, ",")
+		headers.Set("Access-Control-Allow-Headers", value)
+	}
+	if c.MaxAge > time.Duration(0) {
+		value := strconv.FormatInt(int64(c.MaxAge/time.Second), 10)
+		headers.Set("Access-Control-Max-Age", value)
+	}
+	if c.AllowAllOrigins {
+		headers.Set("Access-Control-Allow-Origin", "*")
+	} else {
+		// Always set Vary headers
+		// see https://github.com/rs/cors/issues/10,
+		// https://github.com/rs/cors/commit/dbdca4d95feaa7511a46e6f1efb3b3aa505bc43f#commitcomment-12352001
+
+		headers.Add("Vary", "Origin")
+		headers.Add("Vary", "Access-Control-Request-Method")
+		headers.Add("Vary", "Access-Control-Request-Headers")
+	}
+	return headers
+}
+
+func normalize(values []string) []string {
+	if values == nil {
+		return nil
+	}
+	distinctMap := make(map[string]bool, len(values))
+	normalized := make([]string, 0, len(values))
+	for _, value := range values {
+		value = strings.TrimSpace(value)
+		value = strings.ToLower(value)
+		if _, seen := distinctMap[value]; !seen {
+			normalized = append(normalized, value)
+			distinctMap[value] = true
+		}
+	}
+	return normalized
+}
+
+func convert(s []string, c converter) []string {
+	var out []string
+	for _, i := range s {
+		out = append(out, c(i))
+	}
+	return out
+}

vendor/github.com/gin-contrib/sessions/.gitignore

@@ -0,0 +1,3 @@
+coverage.out
+vendor/*
+!/vendor/vendor.json

vendor/github.com/gin-contrib/sessions/.travis.yml

@@ -0,0 +1,44 @@
+language: go
+sudo: false
+
+matrix:
+  fast_finish: true
+  include:
+  - go: 1.10.x
+  - go: 1.11.x
+    env: GO111MODULE=on
+  - go: 1.12.x
+    env: GO111MODULE=on
+  - go: 1.13.x
+  - go: master
+    env: GO111MODULE=on
+
+git:
+  depth: 10
+
+services:
+  - redis
+  - memcached
+  - mongodb
+
+before_install:
+  - go get github.com/campoy/embedmd
+
+install:
+  - if [[ "${GO111MODULE}" = "on" ]]; then go mod download; else go get -t -v .; fi
+  - if [[ "${GO111MODULE}" = "on" ]]; then export PATH="${GOPATH}/bin:${GOROOT}/bin:${PATH}"; fi
+
+script:
+  - embedmd -d *.md
+  - go test -v -covermode=atomic -coverprofile=coverage.out ./...
+
+after_success:
+  - bash <(curl -s https://codecov.io/bash)
+
+notifications:
+  webhooks:
+    urls:
+      - https://webhooks.gitter.im/e/acc2c57482e94b44f557
+    on_success: change
+    on_failure: always
+    on_start: false

vendor/github.com/gin-contrib/sessions/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2016 Gin-Gonic
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

vendor/github.com/gin-contrib/sessions/README.md

@@ -0,0 +1,329 @@
+# sessions
+
+[![Build Status](https://travis-ci.org/gin-contrib/sessions.svg)](https://travis-ci.org/gin-contrib/sessions)
+[![codecov](https://codecov.io/gh/gin-contrib/sessions/branch/master/graph/badge.svg)](https://codecov.io/gh/gin-contrib/sessions)
+[![Go Report Card](https://goreportcard.com/badge/github.com/gin-contrib/sessions)](https://goreportcard.com/report/github.com/gin-contrib/sessions)
+[![GoDoc](https://godoc.org/github.com/gin-contrib/sessions?status.svg)](https://godoc.org/github.com/gin-contrib/sessions)
+[![Join the chat at https://gitter.im/gin-gonic/gin](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/gin-gonic/gin)
+
+Gin middleware for session management with multi-backend support:
+
+- [cookie-based](#cookie-based)
+- [Redis](#redis)
+- [memcached](#memcached)
+- [MongoDB](#mongodb)
+- [memstore](#memstore)
+
+## Usage
+
+### Start using it
+
+Download and install it:
+
+```bash
+$ go get github.com/gin-contrib/sessions
+```
+
+Import it in your code:
+
+```go
+import "github.com/gin-contrib/sessions"
+```
+
+## Basic Examples
+
+### single session
+
+```go
+package main
+
+import (
+	"github.com/gin-contrib/sessions"
+	"github.com/gin-contrib/sessions/cookie"
+	"github.com/gin-gonic/gin"
+)
+
+func main() {
+	r := gin.Default()
+	store := cookie.NewStore([]byte("secret"))
+	r.Use(sessions.Sessions("mysession", store))
+
+	r.GET("/hello", func(c *gin.Context) {
+		session := sessions.Default(c)
+
+		if session.Get("hello") != "world" {
+			session.Set("hello", "world")
+			session.Save()
+		}
+
+		c.JSON(200, gin.H{"hello": session.Get("hello")})
+	})
+	r.Run(":8000")
+}
+```
+
+### multiple sessions
+
+```go
+package main
+
+import (
+	"github.com/gin-contrib/sessions"
+	"github.com/gin-contrib/sessions/cookie"
+	"github.com/gin-gonic/gin"
+)
+
+func main() {
+	r := gin.Default()
+	store := cookie.NewStore([]byte("secret"))
+	sessionNames := []string{"a", "b"}
+	r.Use(sessions.SessionsMany(sessionNames, store))
+
+	r.GET("/hello", func(c *gin.Context) {
+		sessionA := sessions.DefaultMany(c, "a")
+		sessionB := sessions.DefaultMany(c, "b")
+
+		if sessionA.Get("hello") != "world!" {
+			sessionA.Set("hello", "world!")
+			sessionA.Save()
+		}
+
+		if sessionB.Get("hello") != "world?" {
+			sessionB.Set("hello", "world?")
+			sessionB.Save()
+		}
+
+		c.JSON(200, gin.H{
+			"a": sessionA.Get("hello"),
+			"b": sessionB.Get("hello"),
+		})
+	})
+	r.Run(":8000")
+}
+```
+
+## Backend examples
+
+### cookie-based
+
+[embedmd]:# (example/cookie/main.go go)
+```go
+package main
+
+import (
+	"github.com/gin-contrib/sessions"
+	"github.com/gin-contrib/sessions/cookie"
+	"github.com/gin-gonic/gin"
+)
+
+func main() {
+	r := gin.Default()
+	store := cookie.NewStore([]byte("secret"))
+	r.Use(sessions.Sessions("mysession", store))
+
+	r.GET("/incr", func(c *gin.Context) {
+		session := sessions.Default(c)
+		var count int
+		v := session.Get("count")
+		if v == nil {
+			count = 0
+		} else {
+			count = v.(int)
+			count++
+		}
+		session.Set("count", count)
+		session.Save()
+		c.JSON(200, gin.H{"count": count})
+	})
+	r.Run(":8000")
+}
+```
+
+### Redis
+
+[embedmd]:# (example/redis/main.go go)
+```go
+package main
+
+import (
+	"github.com/gin-contrib/sessions"
+	"github.com/gin-contrib/sessions/redis"
+	"github.com/gin-gonic/gin"
+)
+
+func main() {
+	r := gin.Default()
+	store, _ := redis.NewStore(10, "tcp", "localhost:6379", "", []byte("secret"))
+	r.Use(sessions.Sessions("mysession", store))
+
+	r.GET("/incr", func(c *gin.Context) {
+		session := sessions.Default(c)
+		var count int
+		v := session.Get("count")
+		if v == nil {
+			count = 0
+		} else {
+			count = v.(int)
+			count++
+		}
+		session.Set("count", count)
+		session.Save()
+		c.JSON(200, gin.H{"count": count})
+	})
+	r.Run(":8000")
+}
+```
+
+### Memcached
+
+#### ASCII Protocol
+
+[embedmd]:# (example/memcached/ascii.go go)
+```go
+package main
+
+import (
+	"github.com/bradfitz/gomemcache/memcache"
+	"github.com/gin-contrib/sessions"
+	"github.com/gin-contrib/sessions/memcached"
+	"github.com/gin-gonic/gin"
+)
+
+func main() {
+	r := gin.Default()
+	store := memcached.NewStore(memcache.New("localhost:11211"), "", []byte("secret"))
+	r.Use(sessions.Sessions("mysession", store))
+
+	r.GET("/incr", func(c *gin.Context) {
+		session := sessions.Default(c)
+		var count int
+		v := session.Get("count")
+		if v == nil {
+			count = 0
+		} else {
+			count = v.(int)
+			count++
+		}
+		session.Set("count", count)
+		session.Save()
+		c.JSON(200, gin.H{"count": count})
+	})
+	r.Run(":8000")
+}
+```
+
+#### Binary protocol (with optional SASL authentication)
+
+[embedmd]:# (example/memcached/binary.go go)
+```go
+package main
+
+import (
+	"github.com/gin-contrib/sessions"
+	"github.com/gin-contrib/sessions/memcached"
+	"github.com/gin-gonic/gin"
+	"github.com/memcachier/mc"
+)
+
+func main() {
+	r := gin.Default()
+	client := mc.NewMC("localhost:11211", "username", "password")
+	store := memcached.NewMemcacheStore(client, "", []byte("secret"))
+	r.Use(sessions.Sessions("mysession", store))
+
+	r.GET("/incr", func(c *gin.Context) {
+		session := sessions.Default(c)
+		var count int
+		v := session.Get("count")
+		if v == nil {
+			count = 0
+		} else {
+			count = v.(int)
+			count++
+		}
+		session.Set("count", count)
+		session.Save()
+		c.JSON(200, gin.H{"count": count})
+	})
+	r.Run(":8000")
+}
+```
+
+### MongoDB
+
+[embedmd]:# (example/mongo/main.go go)
+```go
+package main
+
+import (
+	"github.com/gin-contrib/sessions"
+	"github.com/gin-contrib/sessions/mongo"
+	"github.com/gin-gonic/gin"
+	"github.com/globalsign/mgo"
+)
+
+func main() {
+	r := gin.Default()
+	session, err := mgo.Dial("localhost:27017/test")
+	if err != nil {
+		// handle err
+	}
+
+	c := session.DB("").C("sessions")
+	store := mongo.NewStore(c, 3600, true, []byte("secret"))
+	r.Use(sessions.Sessions("mysession", store))
+
+	r.GET("/incr", func(c *gin.Context) {
+		session := sessions.Default(c)
+		var count int
+		v := session.Get("count")
+		if v == nil {
+			count = 0
+		} else {
+			count = v.(int)
+			count++
+		}
+		session.Set("count", count)
+		session.Save()
+		c.JSON(200, gin.H{"count": count})
+	})
+	r.Run(":8000")
+}
+```
+
+### memstore
+
+[embedmd]:# (example/memstore/main.go go)
+```go
+package main
+
+import (
+	"github.com/gin-contrib/sessions"
+	"github.com/gin-contrib/sessions/memstore"
+	"github.com/gin-gonic/gin"
+)
+
+func main() {
+	r := gin.Default()
+	store := memstore.NewStore([]byte("secret"))
+	r.Use(sessions.Sessions("mysession", store))
+
+	r.GET("/incr", func(c *gin.Context) {
+		session := sessions.Default(c)
+		var count int
+		v := session.Get("count")
+		if v == nil {
+			count = 0
+		} else {
+			count = v.(int)
+			count++
+		}
+		session.Set("count", count)
+		session.Save()
+		c.JSON(200, gin.H{"count": count})
+	})
+	r.Run(":8000")
+}
+```
+
+

vendor/github.com/gin-contrib/sessions/go.mod

@@ -0,0 +1,17 @@
+module github.com/gin-contrib/sessions
+
+go 1.12
+
+require (
+	github.com/boj/redistore v0.0.0-20180917114910-cd5dcc76aeff
+	github.com/bradfitz/gomemcache v0.0.0-20190329173943-551aad21a668
+	github.com/bradleypeabody/gorilla-sessions-memcache v0.0.0-20181103040241-659414f458e1
+	github.com/gin-gonic/gin v1.5.0
+	github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8
+	github.com/gomodule/redigo v2.0.0+incompatible
+	github.com/gorilla/context v1.1.1
+	github.com/gorilla/sessions v1.1.3
+	github.com/kidstuff/mongostore v0.0.0-20181113001930-e650cd85ee4b
+	github.com/memcachier/mc v2.0.1+incompatible
+	github.com/quasoft/memstore v0.0.0-20180925164028-84a050167438
+)

vendor/github.com/gin-contrib/sessions/go.sum

@@ -0,0 +1,69 @@
+github.com/boj/redistore v0.0.0-20180917114910-cd5dcc76aeff h1:RmdPFa+slIr4SCBg4st/l/vZWVe9QJKMXGO60Bxbe04=
+github.com/boj/redistore v0.0.0-20180917114910-cd5dcc76aeff/go.mod h1:+RTT1BOk5P97fT2CiHkbFQwkK3mjsFAP6zCYV2aXtjw=
+github.com/bradfitz/gomemcache v0.0.0-20190329173943-551aad21a668 h1:U/lr3Dgy4WK+hNk4tyD+nuGjpVLPEHuJSFXMw11/HPA=
+github.com/bradfitz/gomemcache v0.0.0-20190329173943-551aad21a668/go.mod h1:H0wQNHz2YrLsuXOZozoeDmnHXkNCRmMW0gwFWDfEZDA=
+github.com/bradleypeabody/gorilla-sessions-memcache v0.0.0-20181103040241-659414f458e1 h1:4QHxgr7hM4gVD8uOwrk8T1fjkKRLwaLjmTkU0ibhZKU=
+github.com/bradleypeabody/gorilla-sessions-memcache v0.0.0-20181103040241-659414f458e1/go.mod h1:dkChI7Tbtx7H1Tj7TqGSZMOeGpMP5gLHtjroHd4agiI=
+github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE=
+github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI=
+github.com/gin-gonic/gin v1.5.0 h1:fi+bqFAx/oLK54somfCtEZs9HeH1LHVoEPUgARpTqyc=
+github.com/gin-gonic/gin v1.5.0/go.mod h1:Nd6IXA8m5kNZdNEHMBd93KT+mdY3+bewLgRvmCsR2Do=
+github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8 h1:DujepqpGd1hyOd7aW59XpK7Qymp8iy83xq74fLr21is=
+github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q=
+github.com/go-playground/locales v0.12.1 h1:2FITxuFt/xuCNP1Acdhv62OzaCiviiE4kotfhkmOqEc=
+github.com/go-playground/locales v0.12.1/go.mod h1:IUMDtCfWo/w/mtMfIE/IG2K+Ey3ygWanZIBtBW0W2TM=
+github.com/go-playground/universal-translator v0.16.0 h1:X++omBR/4cE2MNg91AoC3rmGrCjJ8eAeUP/K/EKx4DM=
+github.com/go-playground/universal-translator v0.16.0/go.mod h1:1AnU7NaIRDWWzGEKwgtJRd2xk99HeFyHw3yid4rvQIY=
+github.com/golang/protobuf v1.3.2 h1:6nsPYzhq5kReh6QImI3k5qWzO4PEbvbIW2cwSfR/6xs=
+github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/gomodule/redigo v2.0.0+incompatible h1:K/R+8tc58AaqLkqG2Ol3Qk+DR/TlNuhuh457pBFPtt0=
+github.com/gomodule/redigo v2.0.0+incompatible/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4=
+github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/gorilla/context v1.1.1 h1:AWwleXJkX/nhcU9bZSnZoi3h/qGYqQAGhq6zZe/aQW8=
+github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
+github.com/gorilla/securecookie v1.1.1 h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyCS8BvQ=
+github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
+github.com/gorilla/sessions v1.1.1/go.mod h1:8KCfur6+4Mqcc6S0FEfKuN15Vl5MgXW92AE8ovaJD0w=
+github.com/gorilla/sessions v1.1.3 h1:uXoZdcdA5XdXF3QzuSlheVRUvjl+1rKY7zBXL68L9RU=
+github.com/gorilla/sessions v1.1.3/go.mod h1:8KCfur6+4Mqcc6S0FEfKuN15Vl5MgXW92AE8ovaJD0w=
+github.com/json-iterator/go v1.1.7 h1:KfgG9LzI+pYjr4xvmz/5H4FXjokeP+rlHLhv3iH62Fo=
+github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
+github.com/kidstuff/mongostore v0.0.0-20181113001930-e650cd85ee4b h1:TLCm7HR+P9HM2NXaAJaIiHerOUMedtFJeAfaYwZ8YhY=
+github.com/kidstuff/mongostore v0.0.0-20181113001930-e650cd85ee4b/go.mod h1:g2nVr8KZVXJSS97Jo8pJ0jgq29P6H7dG0oplUA86MQw=
+github.com/leodido/go-urn v1.1.0 h1:Sm1gr51B1kKyfD2BlRcLSiEkffoG96g6TPv6eRoEiB8=
+github.com/leodido/go-urn v1.1.0/go.mod h1:+cyI34gQWZcE1eQU7NVgKkkzdXDQHr1dBMtdAPozLkw=
+github.com/mattn/go-isatty v0.0.9 h1:d5US/mDsogSGW37IV293h//ZFaeajb69h+EHFsv2xGg=
+github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ=
+github.com/memcachier/mc v2.0.1+incompatible h1:s8EDz0xrJLP8goitwZOoq1vA/sm0fPS4X3KAF0nyhWQ=
+github.com/memcachier/mc v2.0.1+incompatible/go.mod h1:7bkvFE61leUBvXz+yxsOnGBQSZpBSPIMUQSmmSHvuXc=
+github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421 h1:ZqeYNhU3OHLH3mGKHDcjJRFFRrJa6eAM5H+CtDdOsPc=
+github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
+github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742 h1:Esafd1046DLDQ0W1YjYsBW+p8U2u7vzgW2SQVmlNazg=
+github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/quasoft/memstore v0.0.0-20180925164028-84a050167438 h1:jnz/4VenymvySjE+Ez511s0pqVzkUOmr1fwCVytNNWk=
+github.com/quasoft/memstore v0.0.0-20180925164028-84a050167438/go.mod h1:wTPjTepVu7uJBYgZ0SdWHQlIas582j6cn2jgk4DDdlg=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
+github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
+github.com/ugorji/go v1.1.7 h1:/68gy2h+1mWMrwZFeD1kQialdSzAb432dtpeJ42ovdo=
+github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw=
+github.com/ugorji/go/codec v1.1.7 h1:2SvQaVZ1ouYrrKKwoSk2pzd4A9evlKJb9oTL+OaLUSs=
+github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLYF3GoBXY=
+golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a h1:aYOabOQFp6Vj6W1F80affTUvO9UxmJRx8K0gsfABByQ=
+golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/go-playground/assert.v1 v1.2.1 h1:xoYuJVE7KT85PYWrN730RguIQO0ePzVRfFMXadIrXTM=
+gopkg.in/go-playground/assert.v1 v1.2.1/go.mod h1:9RXL0bg/zibRAgZUYszZSwO/z8Y/a8bDuhia5mkpMnE=
+gopkg.in/go-playground/validator.v9 v9.29.1 h1:SvGtYmN60a5CVKTOzMSyfzWDeZRxRuGvRQyEAKbw1xc=
+gopkg.in/go-playground/validator.v9 v9.29.1/go.mod h1:+c9/zcJMFNgbLvly1L1V+PpxWdVbfP1avr/N00E2vyQ=
+gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=

vendor/github.com/gin-contrib/sessions/memstore/memstore.go

@@ -0,0 +1,31 @@
+package memstore
+
+import (
+	"github.com/gin-contrib/sessions"
+	"github.com/quasoft/memstore"
+)
+
+type Store interface {
+	sessions.Store
+}
+
+// Keys are defined in pairs to allow key rotation, but the common case is to set a single
+// authentication key and optionally an encryption key.
+//
+// The first key in a pair is used for authentication and the second for encryption. The
+// encryption key can be set to nil or omitted in the last pair, but the authentication key
+// is required in all pairs.
+//
+// It is recommended to use an authentication key with 32 or 64 bytes. The encryption key,
+// if set, must be either 16, 24, or 32 bytes to select AES-128, AES-192, or AES-256 modes.
+func NewStore(keyPairs ...[]byte) Store {
+	return &store{memstore.NewMemStore(keyPairs...)}
+}
+
+type store struct {
+	*memstore.MemStore
+}
+
+func (c *store) Options(options sessions.Options) {
+	c.MemStore.Options = options.ToGorillaOptions()
+}

vendor/github.com/gin-contrib/sessions/session_options_go1.10.go

@@ -0,0 +1,30 @@
+// +build !go1.11
+
+package sessions
+
+import (
+	gsessions "github.com/gorilla/sessions"
+)
+
+// Options stores configuration for a session or session store.
+// Fields are a subset of http.Cookie fields.
+type Options struct {
+	Path   string
+	Domain string
+	// MaxAge=0 means no 'Max-Age' attribute specified.
+	// MaxAge<0 means delete cookie now, equivalently 'Max-Age: 0'.
+	// MaxAge>0 means Max-Age attribute present and given in seconds.
+	MaxAge   int
+	Secure   bool
+	HttpOnly bool
+}
+
+func (options Options) ToGorillaOptions() *gsessions.Options {
+	return &gsessions.Options{
+		Path:     options.Path,
+		Domain:   options.Domain,
+		MaxAge:   options.MaxAge,
+		Secure:   options.Secure,
+		HttpOnly: options.HttpOnly,
+	}
+}

vendor/github.com/gin-contrib/sessions/session_options_go1.11.go

@@ -0,0 +1,36 @@
+// +build go1.11
+
+package sessions
+
+import (
+	gsessions "github.com/gorilla/sessions"
+	"net/http"
+)
+
+// Options stores configuration for a session or session store.
+// Fields are a subset of http.Cookie fields.
+type Options struct {
+	Path   string
+	Domain string
+	// MaxAge=0 means no 'Max-Age' attribute specified.
+	// MaxAge<0 means delete cookie now, equivalently 'Max-Age: 0'.
+	// MaxAge>0 means Max-Age attribute present and given in seconds.
+	MaxAge   int
+	Secure   bool
+	HttpOnly bool
+	// rfc-draft to preventing CSRF: https://tools.ietf.org/html/draft-west-first-party-cookies-07
+	//   refer: https://godoc.org/net/http
+	//          https://www.sjoerdlangkemper.nl/2016/04/14/preventing-csrf-with-samesite-cookie-attribute/
+	SameSite http.SameSite
+}
+
+func (options Options) ToGorillaOptions() *gsessions.Options {
+	return &gsessions.Options{
+		Path:     options.Path,
+		Domain:   options.Domain,
+		MaxAge:   options.MaxAge,
+		Secure:   options.Secure,
+		HttpOnly: options.HttpOnly,
+		SameSite: options.SameSite,
+	}
+}

vendor/github.com/gin-contrib/sessions/sessions.go

@@ -0,0 +1,145 @@
+package sessions
+
+import (
+	"log"
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+	"github.com/gorilla/context"
+	"github.com/gorilla/sessions"
+)
+
+const (
+	DefaultKey  = "github.com/gin-contrib/sessions"
+	errorFormat = "[sessions] ERROR! %s\n"
+)
+
+type Store interface {
+	sessions.Store
+	Options(Options)
+}
+
+// Wraps thinly gorilla-session methods.
+// Session stores the values and optional configuration for a session.
+type Session interface {
+	// Get returns the session value associated to the given key.
+	Get(key interface{}) interface{}
+	// Set sets the session value associated to the given key.
+	Set(key interface{}, val interface{})
+	// Delete removes the session value associated to the given key.
+	Delete(key interface{})
+	// Clear deletes all values in the session.
+	Clear()
+	// AddFlash adds a flash message to the session.
+	// A single variadic argument is accepted, and it is optional: it defines the flash key.
+	// If not defined "_flash" is used by default.
+	AddFlash(value interface{}, vars ...string)
+	// Flashes returns a slice of flash messages from the session.
+	// A single variadic argument is accepted, and it is optional: it defines the flash key.
+	// If not defined "_flash" is used by default.
+	Flashes(vars ...string) []interface{}
+	// Options sets configuration for a session.
+	Options(Options)
+	// Save saves all sessions used during the current request.
+	Save() error
+}
+
+func Sessions(name string, store Store) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		s := &session{name, c.Request, store, nil, false, c.Writer}
+		c.Set(DefaultKey, s)
+		defer context.Clear(c.Request)
+		c.Next()
+	}
+}
+
+func SessionsMany(names []string, store Store) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		sessions := make(map[string]Session, len(names))
+		for _, name := range names {
+			sessions[name] = &session{name, c.Request, store, nil, false, c.Writer}
+		}
+		c.Set(DefaultKey, sessions)
+		defer context.Clear(c.Request)
+		c.Next()
+	}
+}
+
+type session struct {
+	name    string
+	request *http.Request
+	store   Store
+	session *sessions.Session
+	written bool
+	writer  http.ResponseWriter
+}
+
+func (s *session) Get(key interface{}) interface{} {
+	return s.Session().Values[key]
+}
+
+func (s *session) Set(key interface{}, val interface{}) {
+	s.Session().Values[key] = val
+	s.written = true
+}
+
+func (s *session) Delete(key interface{}) {
+	delete(s.Session().Values, key)
+	s.written = true
+}
+
+func (s *session) Clear() {
+	for key := range s.Session().Values {
+		s.Delete(key)
+	}
+}
+
+func (s *session) AddFlash(value interface{}, vars ...string) {
+	s.Session().AddFlash(value, vars...)
+	s.written = true
+}
+
+func (s *session) Flashes(vars ...string) []interface{} {
+	s.written = true
+	return s.Session().Flashes(vars...)
+}
+
+func (s *session) Options(options Options) {
+	s.Session().Options = options.ToGorillaOptions()
+}
+
+func (s *session) Save() error {
+	if s.Written() {
+		e := s.Session().Save(s.request, s.writer)
+		if e == nil {
+			s.written = false
+		}
+		return e
+	}
+	return nil
+}
+
+func (s *session) Session() *sessions.Session {
+	if s.session == nil {
+		var err error
+		s.session, err = s.store.Get(s.request, s.name)
+		if err != nil {
+			log.Printf(errorFormat, err)
+		}
+	}
+	return s.session
+}
+
+func (s *session) Written() bool {
+	return s.written
+}
+
+// shortcut to get session
+func Default(c *gin.Context) Session {
+	return c.MustGet(DefaultKey).(Session)
+}
+
+// shortcut to get session with given name
+func DefaultMany(c *gin.Context, name string) Session {
+	return c.MustGet(DefaultKey).(map[string]Session)[name]
+}

vendor/github.com/gin-contrib/sse/.travis.yml

@@ -0,0 +1,26 @@
+language: go
+sudo: false
+go:
+  - 1.8.x
+  - 1.9.x
+  - 1.10.x
+  - 1.11.x
+  - 1.12.x
+  - master
+
+git:
+  depth: 10
+
+matrix:
+  fast_finish: true
+  include:
+  - go: 1.11.x
+    env: GO111MODULE=on
+  - go: 1.12.x
+    env: GO111MODULE=on
+
+script:
+  - go test -v -covermode=count -coverprofile=coverage.out
+
+after_success:
+  - bash <(curl -s https://codecov.io/bash)

vendor/github.com/gin-contrib/sse/LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2014 Manuel Martínez-Almeida
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

vendor/github.com/gin-contrib/sse/README.md

@@ -0,0 +1,58 @@
+# Server-Sent Events
+
+[![GoDoc](https://godoc.org/github.com/gin-contrib/sse?status.svg)](https://godoc.org/github.com/gin-contrib/sse)
+[![Build Status](https://travis-ci.org/gin-contrib/sse.svg)](https://travis-ci.org/gin-contrib/sse)
+[![codecov](https://codecov.io/gh/gin-contrib/sse/branch/master/graph/badge.svg)](https://codecov.io/gh/gin-contrib/sse)
+[![Go Report Card](https://goreportcard.com/badge/github.com/gin-contrib/sse)](https://goreportcard.com/report/github.com/gin-contrib/sse)
+
+Server-sent events (SSE) is a technology where a browser receives automatic updates from a server via HTTP connection. The Server-Sent Events EventSource API is [standardized as part of HTML5[1] by the W3C](http://www.w3.org/TR/2009/WD-eventsource-20091029/).
+
+- [Read this great SSE introduction by the HTML5Rocks guys](http://www.html5rocks.com/en/tutorials/eventsource/basics/)
+- [Browser support](http://caniuse.com/#feat=eventsource)
+
+## Sample code
+
+```go
+import "github.com/gin-contrib/sse"
+
+func httpHandler(w http.ResponseWriter, req *http.Request) {
+	// data can be a primitive like a string, an integer or a float
+	sse.Encode(w, sse.Event{
+		Event: "message",
+		Data:  "some data\nmore data",
+	})
+
+	// also a complex type, like a map, a struct or a slice
+	sse.Encode(w, sse.Event{
+		Id:    "124",
+		Event: "message",
+		Data: map[string]interface{}{
+			"user":    "manu",
+			"date":    time.Now().Unix(),
+			"content": "hi!",
+		},
+	})
+}
+```
+```
+event: message
+data: some data\\nmore data
+
+id: 124
+event: message
+data: {"content":"hi!","date":1431540810,"user":"manu"}
+ 
+```
+
+## Content-Type
+
+```go
+fmt.Println(sse.ContentType)
+```
+```
+text/event-stream
+```
+
+## Decoding support
+
+There is a client-side implementation of SSE coming soon.

vendor/github.com/gin-contrib/sse/go.mod

@@ -0,0 +1,5 @@
+module github.com/gin-contrib/sse
+
+go 1.12
+
+require github.com/stretchr/testify v1.3.0

vendor/github.com/gin-contrib/sse/go.sum

@@ -0,0 +1,7 @@
+github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=

vendor/github.com/gin-contrib/sse/sse-decoder.go

@@ -0,0 +1,116 @@
+// Copyright 2014 Manu Martinez-Almeida.  All rights reserved.
+// Use of this source code is governed by a MIT style
+// license that can be found in the LICENSE file.
+
+package sse
+
+import (
+	"bytes"
+	"io"
+	"io/ioutil"
+)
+
+type decoder struct {
+	events []Event
+}
+
+func Decode(r io.Reader) ([]Event, error) {
+	var dec decoder
+	return dec.decode(r)
+}
+
+func (d *decoder) dispatchEvent(event Event, data string) {
+	dataLength := len(data)
+	if dataLength > 0 {
+		//If the data buffer's last character is a U+000A LINE FEED (LF) character, then remove the last character from the data buffer.
+		data = data[:dataLength-1]
+		dataLength--
+	}
+	if dataLength == 0 && event.Event == "" {
+		return
+	}
+	if event.Event == "" {
+		event.Event = "message"
+	}
+	event.Data = data
+	d.events = append(d.events, event)
+}
+
+func (d *decoder) decode(r io.Reader) ([]Event, error) {
+	buf, err := ioutil.ReadAll(r)
+	if err != nil {
+		return nil, err
+	}
+
+	var currentEvent Event
+	var dataBuffer *bytes.Buffer = new(bytes.Buffer)
+	// TODO (and unit tests)
+	// Lines must be separated by either a U+000D CARRIAGE RETURN U+000A LINE FEED (CRLF) character pair,
+	// a single U+000A LINE FEED (LF) character,
+	// or a single U+000D CARRIAGE RETURN (CR) character.
+	lines := bytes.Split(buf, []byte{'\n'})
+	for _, line := range lines {
+		if len(line) == 0 {
+			// If the line is empty (a blank line). Dispatch the event.
+			d.dispatchEvent(currentEvent, dataBuffer.String())
+
+			// reset current event and data buffer
+			currentEvent = Event{}
+			dataBuffer.Reset()
+			continue
+		}
+		if line[0] == byte(':') {
+			// If the line starts with a U+003A COLON character (:), ignore the line.
+			continue
+		}
+
+		var field, value []byte
+		colonIndex := bytes.IndexRune(line, ':')
+		if colonIndex != -1 {
+			// If the line contains a U+003A COLON character character (:)
+			// Collect the characters on the line before the first U+003A COLON character (:),
+			// and let field be that string.
+			field = line[:colonIndex]
+			// Collect the characters on the line after the first U+003A COLON character (:),
+			// and let value be that string.
+			value = line[colonIndex+1:]
+			// If value starts with a single U+0020 SPACE character, remove it from value.
+			if len(value) > 0 && value[0] == ' ' {
+				value = value[1:]
+			}
+		} else {
+			// Otherwise, the string is not empty but does not contain a U+003A COLON character character (:)
+			// Use the whole line as the field name, and the empty string as the field value.
+			field = line
+			value = []byte{}
+		}
+		// The steps to process the field given a field name and a field value depend on the field name,
+		// as given in the following list. Field names must be compared literally,
+		// with no case folding performed.
+		switch string(field) {
+		case "event":
+			// Set the event name buffer to field value.
+			currentEvent.Event = string(value)
+		case "id":
+			// Set the event stream's last event ID to the field value.
+			currentEvent.Id = string(value)
+		case "retry":
+			// If the field value consists of only characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9),
+			// then interpret the field value as an integer in base ten, and set the event stream's reconnection time to that integer.
+			// Otherwise, ignore the field.
+			currentEvent.Id = string(value)
+		case "data":
+			// Append the field value to the data buffer,
+			dataBuffer.Write(value)
+			// then append a single U+000A LINE FEED (LF) character to the data buffer.
+			dataBuffer.WriteString("\n")
+		default:
+			//Otherwise. The field is ignored.
+			continue
+		}
+	}
+	// Once the end of the file is reached, the user agent must dispatch the event one final time.
+	d.dispatchEvent(currentEvent, dataBuffer.String())
+
+	return d.events, nil
+}

vendor/github.com/gin-contrib/sse/sse-encoder.go

@@ -0,0 +1,110 @@
+// Copyright 2014 Manu Martinez-Almeida.  All rights reserved.
+// Use of this source code is governed by a MIT style
+// license that can be found in the LICENSE file.
+
+package sse
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"reflect"
+	"strconv"
+	"strings"
+)
+
+// Server-Sent Events
+// W3C Working Draft 29 October 2009
+// http://www.w3.org/TR/2009/WD-eventsource-20091029/
+
+const ContentType = "text/event-stream"
+
+var contentType = []string{ContentType}
+var noCache = []string{"no-cache"}
+
+var fieldReplacer = strings.NewReplacer(
+	"\n", "\\n",
+	"\r", "\\r")
+
+var dataReplacer = strings.NewReplacer(
+	"\n", "\ndata:",
+	"\r", "\\r")
+
+type Event struct {
+	Event string
+	Id    string
+	Retry uint
+	Data  interface{}
+}
+
+func Encode(writer io.Writer, event Event) error {
+	w := checkWriter(writer)
+	writeId(w, event.Id)
+	writeEvent(w, event.Event)
+	writeRetry(w, event.Retry)
+	return writeData(w, event.Data)
+}
+
+func writeId(w stringWriter, id string) {
+	if len(id) > 0 {
+		w.WriteString("id:")
+		fieldReplacer.WriteString(w, id)
+		w.WriteString("\n")
+	}
+}
+
+func writeEvent(w stringWriter, event string) {
+	if len(event) > 0 {
+		w.WriteString("event:")
+		fieldReplacer.WriteString(w, event)
+		w.WriteString("\n")
+	}
+}
+
+func writeRetry(w stringWriter, retry uint) {
+	if retry > 0 {
+		w.WriteString("retry:")
+		w.WriteString(strconv.FormatUint(uint64(retry), 10))
+		w.WriteString("\n")
+	}
+}
+
+func writeData(w stringWriter, data interface{}) error {
+	w.WriteString("data:")
+	switch kindOfData(data) {
+	case reflect.Struct, reflect.Slice, reflect.Map:
+		err := json.NewEncoder(w).Encode(data)
+		if err != nil {
+			return err
+		}
+		w.WriteString("\n")
+	default:
+		dataReplacer.WriteString(w, fmt.Sprint(data))
+		w.WriteString("\n\n")
+	}
+	return nil
+}
+
+func (r Event) Render(w http.ResponseWriter) error {
+	r.WriteContentType(w)
+	return Encode(w, r)
+}
+
+func (r Event) WriteContentType(w http.ResponseWriter) {
+	header := w.Header()
+	header["Content-Type"] = contentType
+
+	if _, exist := header["Cache-Control"]; !exist {
+		header["Cache-Control"] = noCache
+	}
+}
+
+func kindOfData(data interface{}) reflect.Kind {
+	value := reflect.ValueOf(data)
+	valueType := value.Kind()
+	if valueType == reflect.Ptr {
+		valueType = value.Elem().Kind()
+	}
+	return valueType
+}

vendor/github.com/gin-contrib/sse/writer.go

@@ -0,0 +1,24 @@
+package sse
+
+import "io"
+
+type stringWriter interface {
+	io.Writer
+	WriteString(string) (int, error)
+}
+
+type stringWrapper struct {
+	io.Writer
+}
+
+func (w stringWrapper) WriteString(str string) (int, error) {
+	return w.Writer.Write([]byte(str))
+}
+
+func checkWriter(writer io.Writer) stringWriter {
+	if w, ok := writer.(stringWriter); ok {
+		return w
+	} else {
+		return stringWrapper{writer}
+	}
+}