From 9f2d2d331bca255427c85adf35103a6299b387ec Mon Sep 17 00:00:00 2001
From: shynome <shynome@gmail.com>
Date: Mon, 13 Mar 2023 17:06:21 +0800
Subject: [PATCH 1/3] support ed25519 sign method

---
 generates/jwt_access.go | 10 ++++++++++
 go.mod                  |  2 +-
 go.sum                  |  2 ++
 3 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/generates/jwt_access.go b/generates/jwt_access.go
index 0b79020..f1f7c7b 100755
--- a/generates/jwt_access.go
+++ b/generates/jwt_access.go
@@ -70,6 +70,12 @@ func (a *JWTAccessGenerate) Token(ctx context.Context, data *oauth2.GenerateBasi
 		key = v
 	} else if a.isHs() {
 		key = a.SignedKey
+	} else if a.isEd() {
+		v, err := jwt.ParseEdPrivateKeyFromPEM(a.SignedKey)
+		if err != nil {
+			return "", "", err
+		}
+		key = v
 	} else {
 		return "", "", errors.New("unsupported sign method")
 	}
@@ -102,3 +108,7 @@ func (a *JWTAccessGenerate) isRsOrPS() bool {
 func (a *JWTAccessGenerate) isHs() bool {
 	return strings.HasPrefix(a.SignedMethod.Alg(), "HS")
 }
+
+func (a *JWTAccessGenerate) isEd() bool {
+	return strings.HasPrefix(a.SignedMethod.Alg(), "Ed")
+}
diff --git a/go.mod b/go.mod
index 3bd26f5..12e9f09 100644
--- a/go.mod
+++ b/go.mod
@@ -8,7 +8,7 @@ require (
 	github.com/fatih/structs v1.1.0 // indirect
 	github.com/gavv/httpexpect v2.0.0+incompatible
 	github.com/go-session/session v3.1.2+incompatible
-	github.com/golang-jwt/jwt v3.2.1+incompatible
+	github.com/golang-jwt/jwt v3.2.2+incompatible
 	github.com/google/go-querystring v1.0.0 // indirect
 	github.com/google/uuid v1.1.1
 	github.com/gorilla/websocket v1.4.2 // indirect
diff --git a/go.sum b/go.sum
index 01039d6..b82b3db 100644
--- a/go.sum
+++ b/go.sum
@@ -19,6 +19,8 @@ github.com/go-session/session v3.1.2+incompatible h1:yStchEObKg4nk2F7JGE7KoFIrA/
 github.com/go-session/session v3.1.2+incompatible/go.mod h1:8B3iivBQjrz/JtC68Np2T1yBBLxTan3mn/3OM0CyRt0=
 github.com/golang-jwt/jwt v3.2.1+incompatible h1:73Z+4BJcrTC+KczS6WvTPvRGOp1WmfEP4Q1lOd9Z/+c=
 github.com/golang-jwt/jwt v3.2.1+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
+github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
+github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=

From b7de272e1fa81c64d44cf88000804571a4135663 Mon Sep 17 00:00:00 2001
From: Jerome Bidault <djedje.thai.ok@gmail.com>
Date: Fri, 9 Jun 2023 15:38:02 +0700
Subject: [PATCH 2/3] Add SetModeAPI() to allow returning the token within the
 ResponseWriter

---
 server/server.go | 38 +++++++++++++++++++++++++++++---------
 1 file changed, 29 insertions(+), 9 deletions(-)

diff --git a/server/server.go b/server/server.go
index df19d1f..9a7ed1f 100755
--- a/server/server.go
+++ b/server/server.go
@@ -21,8 +21,9 @@ func NewDefaultServer(manager oauth2.Manager) *Server {
 // NewServer create authorization server
 func NewServer(cfg *Config, manager oauth2.Manager) *Server {
 	srv := &Server{
-		Config:  cfg,
-		Manager: manager,
+		Config:    cfg,
+		Manager:   manager,
+		IsModeAPI: false,
 	}
 
 	// default handler
@@ -56,6 +57,7 @@ type Server struct {
 	AccessTokenExpHandler        AccessTokenExpHandler
 	AuthorizeScopeHandler        AuthorizeScopeHandler
 	ResponseTokenHandler         ResponseTokenHandler
+	IsModeAPI                    bool
 }
 
 func (s *Server) handleError(w http.ResponseWriter, req *AuthorizeRequest, err error) error {
@@ -76,14 +78,24 @@ func (s *Server) redirectError(w http.ResponseWriter, req *AuthorizeRequest, err
 }
 
 func (s *Server) redirect(w http.ResponseWriter, req *AuthorizeRequest, data map[string]interface{}) error {
-	uri, err := s.GetRedirectURI(req, data)
-	if err != nil {
-		return err
-	}
+	if !s.IsModeAPI {
+		uri, err := s.GetRedirectURI(req, data)
+		if err != nil {
+			return err
+		}
+
+		w.Header().Set("Location", uri)
+		w.WriteHeader(302)
+		return nil
 
-	w.Header().Set("Location", uri)
-	w.WriteHeader(302)
-	return nil
+	} else {
+		w.Header().Set("Content-Type", "application/json")
+		w.Header().Set("Cache-Control", "no-store")
+		w.Header().Set("Pragma", "no-cache")
+
+		w.WriteHeader(http.StatusOK)
+		return json.NewEncoder(w).Encode(data)
+	}
 }
 
 func (s *Server) tokenError(w http.ResponseWriter, err error) error {
@@ -112,6 +124,11 @@ func (s *Server) token(w http.ResponseWriter, data map[string]interface{}, heade
 	return json.NewEncoder(w).Encode(data)
 }
 
+// SetModeAPI allow the token to be return within the ResponseWriter instead of being redirected
+func (s *Server) SetModeAPI() {
+	s.IsModeAPI = true
+}
+
 // GetRedirectURI get redirect uri
 func (s *Server) GetRedirectURI(req *AuthorizeRequest, data map[string]interface{}) (string, error) {
 	u, err := url.Parse(req.RedirectURI)
@@ -165,6 +182,7 @@ func (s *Server) CheckCodeChallengeMethod(ccm oauth2.CodeChallengeMethod) bool {
 
 // ValidationAuthorizeRequest the authorization request validation
 func (s *Server) ValidationAuthorizeRequest(r *http.Request) (*AuthorizeRequest, error) {
+
 	redirectURI := r.FormValue("redirect_uri")
 	clientID := r.FormValue("client_id")
 	if !(r.Method == "GET" || r.Method == "POST") ||
@@ -263,6 +281,7 @@ func (s *Server) GetAuthorizeData(rt oauth2.ResponseType, ti oauth2.TokenInfo) m
 
 // HandleAuthorizeRequest the authorization request handling
 func (s *Server) HandleAuthorizeRequest(w http.ResponseWriter, r *http.Request) error {
+
 	ctx := r.Context()
 
 	req, err := s.ValidationAuthorizeRequest(r)
@@ -277,6 +296,7 @@ func (s *Server) HandleAuthorizeRequest(w http.ResponseWriter, r *http.Request)
 	} else if userID == "" {
 		return nil
 	}
+
 	req.UserID = userID
 
 	// specify the scope of authorization

From d69b3296d93bf5740755db88a25f0cf71fdba6d4 Mon Sep 17 00:00:00 2001
From: Jerome Bidault <djedje.thai.ok@gmail.com>
Date: Fri, 9 Jun 2023 16:16:40 +0700
Subject: [PATCH 3/3] Add example secureYourMicroservices

---
 .gitignore                                    |   3 +
 .../authorization/go.mod                      |  29 ++
 .../authorization/go.sum                      | 421 ++++++++++++++++++
 .../internal/handlers/authentication.go       | 229 ++++++++++
 .../internal/handlers/handlers.go             | 114 +++++
 .../authorization/server.go                   | 184 ++++++++
 example/secureYourMicroservices/client/go.mod |  12 +
 example/secureYourMicroservices/client/go.sum |  23 +
 .../secureYourMicroservices/client/main.go    | 344 ++++++++++++++
 .../client/static/createOrders.html           |  87 ++++
 .../client/static/getOrders.html              |  62 +++
 .../client/static/login.html                  |  42 ++
 .../client/static/portail.html                |  45 ++
 .../client/static/signup.html                 |  41 ++
 .../client/static/welcome.html                |  70 +++
 .../docker-compose.yaml                       |  20 +
 example/secureYourMicroservices/order/go.mod  |   5 +
 example/secureYourMicroservices/order/go.sum  |   2 +
 .../order/internal/service/service.go         |  36 ++
 .../order/internal/types/types.go             |  12 +
 example/secureYourMicroservices/order/main.go | 172 +++++++
 .../secureYourMicroservices/preOrder/go.mod   |  12 +
 .../secureYourMicroservices/preOrder/go.sum   |  23 +
 .../secureYourMicroservices/preOrder/main.go  | 274 ++++++++++++
 example/{ => workFlow}/README.md              |   0
 example/{ => workFlow}/client/client.go       |   0
 example/{ => workFlow}/server/server.go       |   0
 .../{ => workFlow}/server/static/auth.html    |   0
 example/{ => workFlow}/server/static/auth.png | Bin
 .../{ => workFlow}/server/static/login.html   |   0
 .../{ => workFlow}/server/static/login.png    | Bin
 .../{ => workFlow}/server/static/token.png    | Bin
 go.sum                                        |   2 -
 33 files changed, 2262 insertions(+), 2 deletions(-)
 create mode 100644 example/secureYourMicroservices/authorization/go.mod
 create mode 100644 example/secureYourMicroservices/authorization/go.sum
 create mode 100644 example/secureYourMicroservices/authorization/internal/handlers/authentication.go
 create mode 100644 example/secureYourMicroservices/authorization/internal/handlers/handlers.go
 create mode 100644 example/secureYourMicroservices/authorization/server.go
 create mode 100644 example/secureYourMicroservices/client/go.mod
 create mode 100644 example/secureYourMicroservices/client/go.sum
 create mode 100644 example/secureYourMicroservices/client/main.go
 create mode 100644 example/secureYourMicroservices/client/static/createOrders.html
 create mode 100644 example/secureYourMicroservices/client/static/getOrders.html
 create mode 100644 example/secureYourMicroservices/client/static/login.html
 create mode 100644 example/secureYourMicroservices/client/static/portail.html
 create mode 100644 example/secureYourMicroservices/client/static/signup.html
 create mode 100644 example/secureYourMicroservices/client/static/welcome.html
 create mode 100644 example/secureYourMicroservices/docker-compose.yaml
 create mode 100644 example/secureYourMicroservices/order/go.mod
 create mode 100644 example/secureYourMicroservices/order/go.sum
 create mode 100644 example/secureYourMicroservices/order/internal/service/service.go
 create mode 100644 example/secureYourMicroservices/order/internal/types/types.go
 create mode 100644 example/secureYourMicroservices/order/main.go
 create mode 100644 example/secureYourMicroservices/preOrder/go.mod
 create mode 100644 example/secureYourMicroservices/preOrder/go.sum
 create mode 100644 example/secureYourMicroservices/preOrder/main.go
 rename example/{ => workFlow}/README.md (100%)
 rename example/{ => workFlow}/client/client.go (100%)
 rename example/{ => workFlow}/server/server.go (100%)
 rename example/{ => workFlow}/server/static/auth.html (100%)
 rename example/{ => workFlow}/server/static/auth.png (100%)
 rename example/{ => workFlow}/server/static/login.html (100%)
 rename example/{ => workFlow}/server/static/login.png (100%)
 rename example/{ => workFlow}/server/static/token.png (100%)

diff --git a/.gitignore b/.gitignore
index 2a8538b..3f16a8e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -31,3 +31,6 @@ coverage.txt
 *.swp
 /example/client/client
 /example/server/server
+/example/secureYourMicroservices/db-oauth
+
+
diff --git a/example/secureYourMicroservices/authorization/go.mod b/example/secureYourMicroservices/authorization/go.mod
new file mode 100644
index 0000000..396c35e
--- /dev/null
+++ b/example/secureYourMicroservices/authorization/go.mod
@@ -0,0 +1,29 @@
+module server
+
+go 1.20
+
+replace github.com/go-oauth2/oauth2/v4 => ../../../
+
+require (
+	github.com/go-oauth2/oauth2/v4 v4.4.3
+	github.com/jackc/pgx/v4 v4.18.1
+	github.com/vgarvardt/go-oauth2-pg/v4 v4.4.3
+	github.com/vgarvardt/go-pg-adapter v1.0.0
+)
+
+require (
+	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
+	github.com/google/uuid v1.1.1 // indirect
+	github.com/jackc/chunkreader/v2 v2.0.1 // indirect
+	github.com/jackc/pgconn v1.14.0 // indirect
+	github.com/jackc/pgio v1.0.0 // indirect
+	github.com/jackc/pgpassfile v1.0.0 // indirect
+	github.com/jackc/pgproto3/v2 v2.3.2 // indirect
+	github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a // indirect
+	github.com/jackc/pgtype v1.14.0 // indirect
+	github.com/jackc/puddle v1.3.0 // indirect
+	github.com/jmoiron/sqlx v1.3.4 // indirect
+	github.com/vgarvardt/pgx-helpers/v4 v4.0.0-20200225100150-876aee3d1a22 // indirect
+	golang.org/x/crypto v0.6.0 // indirect
+	golang.org/x/text v0.7.0 // indirect
+)
diff --git a/example/secureYourMicroservices/authorization/go.sum b/example/secureYourMicroservices/authorization/go.sum
new file mode 100644
index 0000000..32a6016
--- /dev/null
+++ b/example/secureYourMicroservices/authorization/go.sum
@@ -0,0 +1,421 @@
+bazil.org/fuse v0.0.0-20160811212531-371fbbdaa898/go.mod h1:Xbm+BRKSBEpa4q4hTSxohYNQpsxXPbPry4JJWOB3LB8=
+cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
+github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 h1:w+iIsaOQNcT7OZ575w+acHgRric5iCyQh+xv+KJ4HB8=
+github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8=
+github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
+github.com/Masterminds/semver/v3 v3.1.1/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs=
+github.com/Microsoft/go-winio v0.4.14 h1:+hMXMk01us9KgxGb7ftKQt2Xpf5hH/yky+TDA+qxleU=
+github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA=
+github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 h1:TngWCqHvy9oXAN6lEVMRuU21PR1EtLVZJmdB18Gu3Rw=
+github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5/go.mod h1:lmUJ/7eu/Q8D7ML55dXQrVaamCz2vxCfdQBasLZfHKk=
+github.com/ajg/form v1.5.1 h1:t9c7v8JUKu/XxOGBU0yjNpaMloxGEJhUkqFRq0ibGeU=
+github.com/ajg/form v1.5.1/go.mod h1:uL1WgH+h2mgNtvBq0339dVnzXdBETtL2LeUXaIv25UY=
+github.com/andybalholm/brotli v1.0.4 h1:V7DdXeJtZscaqfNuAdSRuRFzuiKlHSC/Zh3zl9qY3JY=
+github.com/andybalholm/brotli v1.0.4/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
+github.com/cenkalti/backoff v2.2.1+incompatible h1:tNowT99t7UNflLxfYYSlKYsBpXdEet03Pg2g16Swow4=
+github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM=
+github.com/cockroachdb/apd v1.1.0 h1:3LFP3629v+1aKXU5Q37mxmRxX/pIu1nijXydLShEq5I=
+github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ=
+github.com/containerd/continuity v0.0.0-20200107194136-26c1120b8d41 h1:kIFnQBO7rQ0XkMe6xEwbybYHBEaWmh/f++laI6Emt7M=
+github.com/containerd/continuity v0.0.0-20200107194136-26c1120b8d41/go.mod h1:Dq467ZllaHgAtVp4p1xUQWBrFXR9s/wyoTpG8zOJGkY=
+github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
+github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
+github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=
+github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
+github.com/docker/go-units v0.4.0 h1:3uh0PgVws3nIA0Q+MwDC8yjEPf9zjRfZZWXZYDct3Tw=
+github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
+github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
+github.com/fasthttp-contrib/websocket v0.0.0-20160511215533-1f3b11f56072/go.mod h1:duJ4Jxv5lDcvg4QuQr0oowTf7dz4/CR8NtyCooz9HL8=
+github.com/fatih/structs v1.1.0 h1:Q7juDM0QtcnhCpeyLGQKyg4TOIghuNXrkL32pHAUMxo=
+github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M=
+github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
+github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
+github.com/gavv/httpexpect v2.0.0+incompatible h1:1X9kcRshkSKEjNJJxX9Y9mQ5BRfbxU5kORdjhlA1yX8=
+github.com/gavv/httpexpect v2.0.0+incompatible/go.mod h1:x+9tiU1YnrOvnB725RkpoLv1M62hOWzwo5OXotisrKc=
+github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY=
+github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
+github.com/go-session/session v3.1.2+incompatible/go.mod h1:8B3iivBQjrz/JtC68Np2T1yBBLxTan3mn/3OM0CyRt0=
+github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w=
+github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
+github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
+github.com/gofrs/uuid v3.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
+github.com/gofrs/uuid v4.0.0+incompatible h1:1SD/1F5pU8p29ybwgQSwpQk+mwdRrXCYuPhW6m+TnJw=
+github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
+github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
+github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
+github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
+github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
+github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
+github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
+github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
+github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
+github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-querystring v1.0.0 h1:Xkwi/a1rcvNg1PPYe5vI8GbeBY/jrVuDX5ASuANWTrk=
+github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
+github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
+github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY=
+github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8=
+github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
+github.com/gorilla/websocket v1.4.2 h1:+/TMaTYc4QFitKJxsQ7Yye35DkWvkdLcvGKqM+x0Ufc=
+github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
+github.com/gotestyourself/gotestyourself v2.2.0+incompatible/go.mod h1:zZKM6oeNM8k+FRljX1mnzVYeS8wiGgQyvST1/GafPbY=
+github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
+github.com/imkira/go-interpol v1.1.0 h1:KIiKr0VSG2CUW1hl1jpiyuzuJeKUUpC8iM1AIE7N1Vk=
+github.com/imkira/go-interpol v1.1.0/go.mod h1:z0h2/2T3XF8kyEPpRgJ3kmNv+C43p+I/CoI+jC3w2iA=
+github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
+github.com/jackc/chunkreader v1.0.0/go.mod h1:RT6O25fNZIuasFJRyZ4R/Y2BbhasbmZXF9QQ7T3kePo=
+github.com/jackc/chunkreader/v2 v2.0.0/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk=
+github.com/jackc/chunkreader/v2 v2.0.1 h1:i+RDz65UE+mmpjTfyz0MoVTnzeYxroil2G82ki7MGG8=
+github.com/jackc/chunkreader/v2 v2.0.1/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk=
+github.com/jackc/fake v0.0.0-20150926172116-812a484cc733/go.mod h1:WrMFNQdiFJ80sQsxDoMokWK1W5TQtxBFNpzWTD84ibQ=
+github.com/jackc/pgconn v0.0.0-20190420214824-7e0022ef6ba3/go.mod h1:jkELnwuX+w9qN5YIfX0fl88Ehu4XC3keFuOJJk9pcnA=
+github.com/jackc/pgconn v0.0.0-20190824142844-760dd75542eb/go.mod h1:lLjNuW/+OfW9/pnVKPazfWOgNfH2aPem8YQ7ilXGvJE=
+github.com/jackc/pgconn v0.0.0-20190831204454-2fabfa3c18b7/go.mod h1:ZJKsE/KZfsUgOEh9hBm+xYTstcNHg7UPMVJqRfQxq4s=
+github.com/jackc/pgconn v1.3.0/go.mod h1:2Ze5IP7prCiM28C4nc5LUoRaSyMDYZFE32L4gMJVtcU=
+github.com/jackc/pgconn v1.5.0/go.mod h1:QeD3lBfpTFe8WUnPZWN5KY/mB8FGMIYRdd8P8Jr0fAI=
+github.com/jackc/pgconn v1.6.0/go.mod h1:yeseQo4xhQbgyJs2c87RAXOH2i624N0Fh1KSPJya7qo=
+github.com/jackc/pgconn v1.8.0/go.mod h1:1C2Pb36bGIP9QHGBYCjnyhqu7Rv3sGshaQUvmfGIB/o=
+github.com/jackc/pgconn v1.9.0/go.mod h1:YctiPyvzfU11JFxoXokUOOKQXQmDMoJL9vJzHH8/2JY=
+github.com/jackc/pgconn v1.9.1-0.20210724152538-d89c8390a530/go.mod h1:4z2w8XhRbP1hYxkpTuBjTS3ne3J48K83+u0zoyvg2pI=
+github.com/jackc/pgconn v1.10.1/go.mod h1:4z2w8XhRbP1hYxkpTuBjTS3ne3J48K83+u0zoyvg2pI=
+github.com/jackc/pgconn v1.14.0 h1:vrbA9Ud87g6JdFWkHTJXppVce58qPIdP7N8y0Ml/A7Q=
+github.com/jackc/pgconn v1.14.0/go.mod h1:9mBNlny0UvkgJdCDvdVHYSjI+8tD2rnKK69Wz8ti++E=
+github.com/jackc/pgio v1.0.0 h1:g12B9UwVnzGhueNavwioyEEpAmqMe1E/BN9ES+8ovkE=
+github.com/jackc/pgio v1.0.0/go.mod h1:oP+2QK2wFfUWgr+gxjoBH9KGBb31Eio69xUb0w5bYf8=
+github.com/jackc/pgmock v0.0.0-20190831213851-13a1b77aafa2/go.mod h1:fGZlG77KXmcq05nJLRkk0+p82V8B8Dw8KN2/V9c/OAE=
+github.com/jackc/pgmock v0.0.0-20201204152224-4fe30f7445fd/go.mod h1:hrBW0Enj2AZTNpt/7Y5rr2xe/9Mn757Wtb2xeBzPv2c=
+github.com/jackc/pgmock v0.0.0-20210724152146-4ad1a8207f65 h1:DadwsjnMwFjfWc9y5Wi/+Zz7xoE5ALHsRQlOctkOiHc=
+github.com/jackc/pgmock v0.0.0-20210724152146-4ad1a8207f65/go.mod h1:5R2h2EEX+qri8jOWMbJCtaPWkrrNc7OHwsp2TCqp7ak=
+github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM=
+github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg=
+github.com/jackc/pgproto3 v1.1.0/go.mod h1:eR5FA3leWg7p9aeAqi37XOTgTIbkABlvcPB3E5rlc78=
+github.com/jackc/pgproto3/v2 v2.0.0-alpha1.0.20190420180111-c116219b62db/go.mod h1:bhq50y+xrl9n5mRYyCBFKkpRVTLYJVWeCc+mEAI3yXA=
+github.com/jackc/pgproto3/v2 v2.0.0-alpha1.0.20190609003834-432c2951c711/go.mod h1:uH0AWtUmuShn0bcesswc4aBTWGvw0cAxIJp+6OB//Wg=
+github.com/jackc/pgproto3/v2 v2.0.0-rc3/go.mod h1:ryONWYqW6dqSg1Lw6vXNMXoBJhpzvWKnT95C46ckYeM=
+github.com/jackc/pgproto3/v2 v2.0.0-rc3.0.20190831210041-4c03ce451f29/go.mod h1:ryONWYqW6dqSg1Lw6vXNMXoBJhpzvWKnT95C46ckYeM=
+github.com/jackc/pgproto3/v2 v2.0.1/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA=
+github.com/jackc/pgproto3/v2 v2.0.2/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA=
+github.com/jackc/pgproto3/v2 v2.0.6/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA=
+github.com/jackc/pgproto3/v2 v2.1.1/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA=
+github.com/jackc/pgproto3/v2 v2.2.0/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA=
+github.com/jackc/pgproto3/v2 v2.3.2 h1:7eY55bdBeCz1F2fTzSz69QC+pG46jYq9/jtSPiJ5nn0=
+github.com/jackc/pgproto3/v2 v2.3.2/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA=
+github.com/jackc/pgservicefile v0.0.0-20200307190119-3430c5407db8/go.mod h1:vsD4gTJCa9TptPL8sPkXrLZ+hDuNrZCnj29CQpr4X1E=
+github.com/jackc/pgservicefile v0.0.0-20200714003250-2b9c44734f2b/go.mod h1:vsD4gTJCa9TptPL8sPkXrLZ+hDuNrZCnj29CQpr4X1E=
+github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a h1:bbPeKD0xmW/Y25WS6cokEszi5g+S0QxI/d45PkRi7Nk=
+github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM=
+github.com/jackc/pgtype v0.0.0-20190421001408-4ed0de4755e0/go.mod h1:hdSHsc1V01CGwFsrv11mJRHWJ6aifDLfdV3aVjFF0zg=
+github.com/jackc/pgtype v0.0.0-20190824184912-ab885b375b90/go.mod h1:KcahbBH1nCMSo2DXpzsoWOAfFkdEtEJpPbVLq8eE+mc=
+github.com/jackc/pgtype v0.0.0-20190828014616-a8802b16cc59/go.mod h1:MWlu30kVJrUS8lot6TQqcg7mtthZ9T0EoIBFiJcmcyw=
+github.com/jackc/pgtype v1.1.0/go.mod h1:5m2OfMh1wTK7x+Fk952IDmI4nw3nPrvtQdM0ZT4WpC0=
+github.com/jackc/pgtype v1.3.0/go.mod h1:b0JqxHvPmljG+HQ5IsvQ0yqeSi4nGcDTVjFoiLDb0Ik=
+github.com/jackc/pgtype v1.8.1-0.20210724151600-32e20a603178/go.mod h1:C516IlIV9NKqfsMCXTdChteoXmwgUceqaLfjg2e3NlM=
+github.com/jackc/pgtype v1.9.1/go.mod h1:LUMuVrfsFfdKGLw+AFFVv6KtHOFMwRgDDzBt76IqCA4=
+github.com/jackc/pgtype v1.14.0 h1:y+xUdabmyMkJLyApYuPj38mW+aAIqCe5uuBB51rH3Vw=
+github.com/jackc/pgtype v1.14.0/go.mod h1:LUMuVrfsFfdKGLw+AFFVv6KtHOFMwRgDDzBt76IqCA4=
+github.com/jackc/pgx v3.5.0+incompatible/go.mod h1:0ZGrqGqkRlliWnWB4zKnWtjbSWbGkVEFm4TeybAXq+I=
+github.com/jackc/pgx v3.6.2+incompatible/go.mod h1:0ZGrqGqkRlliWnWB4zKnWtjbSWbGkVEFm4TeybAXq+I=
+github.com/jackc/pgx/v4 v4.0.0-20190420224344-cc3461e65d96/go.mod h1:mdxmSJJuR08CZQyj1PVQBHy9XOp5p8/SHH6a0psbY9Y=
+github.com/jackc/pgx/v4 v4.0.0-20190421002000-1b8f0016e912/go.mod h1:no/Y67Jkk/9WuGR0JG/JseM9irFbnEPbuWV2EELPNuM=
+github.com/jackc/pgx/v4 v4.0.0-pre1.0.20190824185557-6972a5742186/go.mod h1:X+GQnOEnf1dqHGpw7JmHqHc1NxDoalibchSk9/RWuDc=
+github.com/jackc/pgx/v4 v4.3.0/go.mod h1:BiIGdCptiC/hXZI8EkeixUG0xzTPn9J6S2YSXEBFidE=
+github.com/jackc/pgx/v4 v4.6.0/go.mod h1:vPh43ZzxijXUVJ+t/EmXBtFmbFVO72cuneCT9oAlxAg=
+github.com/jackc/pgx/v4 v4.12.1-0.20210724153913-640aa07df17c/go.mod h1:1QD0+tgSXP7iUjYm9C1NxKhny7lq6ee99u/z+IHFcgs=
+github.com/jackc/pgx/v4 v4.14.1/go.mod h1:RgDuE4Z34o7XE92RpLsvFiOEfrAUT0Xt2KxvX73W06M=
+github.com/jackc/pgx/v4 v4.18.1 h1:YP7G1KABtKpB5IHrO9vYwSrCOhs7p3uqhvhhQBptya0=
+github.com/jackc/pgx/v4 v4.18.1/go.mod h1:FydWkUyadDmdNH/mHnGob881GawxeEm7TcMCzkb+qQE=
+github.com/jackc/puddle v0.0.0-20190413234325-e4ced69a3a2b/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
+github.com/jackc/puddle v0.0.0-20190608224051-11cab39313c9/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
+github.com/jackc/puddle v1.0.0/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
+github.com/jackc/puddle v1.1.0/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
+github.com/jackc/puddle v1.1.3/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
+github.com/jackc/puddle v1.2.0/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
+github.com/jackc/puddle v1.3.0 h1:eHK/5clGOatcjX3oWGBO/MpxpbHzSwud5EWTSCI+MX0=
+github.com/jackc/puddle v1.3.0/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
+github.com/jmoiron/sqlx v1.2.0/go.mod h1:1FEQNm3xlJgrMD+FBdI9+xvCksHtbpVBBw5dYhBSsks=
+github.com/jmoiron/sqlx v1.3.4 h1:wv+0IJZfL5z0uZoUjlpKgHkgaFSYD+r9CfrXjEXsO7w=
+github.com/jmoiron/sqlx v1.3.4/go.mod h1:2BljVx/86SuTyjE+aPYlHCTNvZrnJXghYGpNiXLBMCQ=
+github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo=
+github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
+github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88/go.mod h1:3w7q1U84EfirKl04SVQ/s7nPm1ZPhiXd34z40TNz36k=
+github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
+github.com/klauspost/compress v1.15.0 h1:xqfchp4whNFxn5A4XFyyYtitiWI8Hy5EW59jEwcyL6U=
+github.com/klauspost/compress v1.15.0/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
+github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
+github.com/konsorten/go-windows-terminal-sequences v1.0.2 h1:DB17ag19krx9CFsz4o3enTrPXyIXCl+2iCXH/aMAp9s=
+github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
+github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/pty v1.1.8/go.mod h1:O1sed60cT9XZ5uDucP5qwvh+TE3NnUj51EiZO/lmSfw=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
+github.com/lib/pq v1.1.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
+github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
+github.com/lib/pq v1.10.2 h1:AqzbZs4ZoCBp+GtejcpCpcxM3zlSMx29dXbUSeVtJb8=
+github.com/lib/pq v1.10.2/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
+github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ=
+github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
+github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
+github.com/mattn/go-colorable v0.1.7/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
+github.com/mattn/go-isatty v0.0.5/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
+github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
+github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
+github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ=
+github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
+github.com/mattn/go-sqlite3 v1.9.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc=
+github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
+github.com/moul/http2curl v1.0.0 h1:dRMWoAtb+ePxMlLkrCbAqh4TlPHXvoGUSQ323/9Zahs=
+github.com/moul/http2curl v1.0.0/go.mod h1:8UbvGypXm98wA/IqH45anm5Y2Z6ep6O31QGOAZ3H0fQ=
+github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
+github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
+github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
+github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
+github.com/onsi/ginkgo v1.13.0/go.mod h1:+REjRxOmWfHCjfv9TTWB1jD1Frx4XydAD3zm1lskyM0=
+github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
+github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
+github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
+github.com/opencontainers/go-digest v1.0.0-rc1 h1:WzifXhOVOEOuFYOJAW6aQqW0TooG2iki3E3Ii+WN7gQ=
+github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s=
+github.com/opencontainers/image-spec v1.0.1 h1:JMemWkRwHx4Zj+fVxWoMCFm/8sYGGrUVojFA6h/TRcI=
+github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0=
+github.com/opencontainers/runc v0.1.1 h1:GlxAyO6x8rfZYN9Tt0Kti5a/cP41iuiO2yYT0IJGY8Y=
+github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U=
+github.com/ory/dockertest v3.3.5+incompatible h1:iLLK6SQwIhcbrG783Dghaaa3WPzGc+4Emza6EbVUUGA=
+github.com/ory/dockertest v3.3.5+incompatible/go.mod h1:1vX4m9wsvi00u5bseYwXaSnhNrne+V0E6LAcBILJdPs=
+github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
+github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
+github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ=
+github.com/rs/zerolog v1.13.0/go.mod h1:YbFCdg8HfsridGWAh22vktObvhZbQsZXe4/zB0OKkWU=
+github.com/rs/zerolog v1.15.0/go.mod h1:xYTKnLHcpfU2225ny5qZjxnj9NvkumZYjJHlAThCjNc=
+github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
+github.com/sclevine/agouti v3.0.0+incompatible/go.mod h1:b4WX9W9L1sfQKXeJf1mUTLZKJ48R1S7H23Ji7oFO5Bw=
+github.com/sergi/go-diff v1.1.0 h1:we8PVUC3FE2uYfodKH/nBHMSetSfHDR6scGdBi+erh0=
+github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
+github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24/go.mod h1:M+9NzErvs504Cn4c5DxATwIqPbtswREoFCre64PpcG4=
+github.com/shopspring/decimal v1.2.0 h1:abSATXmQEYyShuxI4/vyW3tV1MrKAJzCZ/0zLUXYbsQ=
+github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
+github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc=
+github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q=
+github.com/sirupsen/logrus v1.4.2 h1:SPIRibHv4MatM3XXNO2BJeFLZwZ2LvZgfQ5+UNI2im4=
+github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
+github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykElWQ6/NYmHa3jpm/yHnI4xSofP+UP6SpjHcSeM=
+github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
+github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIKYqbNC9s=
+github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
+github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
+github.com/spf13/pflag v1.0.1-0.20171106142849-4c012f6dcd95/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
+github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c=
+github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
+github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
+github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
+github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
+github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+github.com/tidwall/btree v0.0.0-20191029221954-400434d76274 h1:G6Z6HvJuPjG6XfNGi/feOATzeJrfgTNJY+rGrHbA04E=
+github.com/tidwall/btree v0.0.0-20191029221954-400434d76274/go.mod h1:huei1BkDWJ3/sLXmO+bsCNELL+Bp2Kks9OLyQFkzvA8=
+github.com/tidwall/buntdb v1.1.2 h1:noCrqQXL9EKMtcdwJcmuVKSEjqu1ua99RHHgbLTEHRo=
+github.com/tidwall/buntdb v1.1.2/go.mod h1:xAzi36Hir4FarpSHyfuZ6JzPJdjRZ8QlLZSntE2mqlI=
+github.com/tidwall/gjson v1.3.4/go.mod h1:P256ACg0Mn+j1RXIDXoss50DeIABTYK1PULOJHhxOls=
+github.com/tidwall/gjson v1.12.1 h1:ikuZsLdhr8Ws0IdROXUS1Gi4v9Z4pGqpX/CvJkxvfpo=
+github.com/tidwall/gjson v1.12.1/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
+github.com/tidwall/grect v0.0.0-20161006141115-ba9a043346eb h1:5NSYaAdrnblKByzd7XByQEJVT8+9v0W/tIY0Oo4OwrE=
+github.com/tidwall/grect v0.0.0-20161006141115-ba9a043346eb/go.mod h1:lKYYLFIr9OIgdgrtgkZ9zgRxRdvPYsExnYBsEAd8W5M=
+github.com/tidwall/match v1.0.1/go.mod h1:LujAq0jyVjBy028G1WhWfIzbpQfMO8bBZ6Tyb0+pL9E=
+github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA=
+github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM=
+github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
+github.com/tidwall/pretty v1.2.0 h1:RWIZEg2iJ8/g6fDDYzMpobmaoGh5OLl4AXtGUGPcqCs=
+github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
+github.com/tidwall/rtree v0.0.0-20180113144539-6cd427091e0e h1:+NL1GDIUOKxVfbp2KoJQD9cTQ6dyP2co9q4yzmT9FZo=
+github.com/tidwall/rtree v0.0.0-20180113144539-6cd427091e0e/go.mod h1:/h+UnNGt0IhNNJLkGikcdcJqm66zGD/uJGMRxK/9+Ao=
+github.com/tidwall/tinyqueue v0.0.0-20180302190814-1e39f5511563 h1:Otn9S136ELckZ3KKDyCkxapfufrqDqwmGjcHfAyXRrE=
+github.com/tidwall/tinyqueue v0.0.0-20180302190814-1e39f5511563/go.mod h1:mLqSmt7Dv/CNneF2wfcChfN1rvapyQr01LGKnKex0DQ=
+github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
+github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
+github.com/valyala/fasthttp v1.34.0 h1:d3AAQJ2DRcxJYHm7OXNXtXt2as1vMDfxeIcFvhmGGm4=
+github.com/valyala/fasthttp v1.34.0/go.mod h1:epZA5N+7pY6ZaEKRmstzOuYJx9HI8DI1oaCGZpdH4h0=
+github.com/valyala/tcplisten v1.0.0/go.mod h1:T0xQ8SeCZGxckz9qRXTfG43PvQ/mcWh7FwZEA7Ioqkc=
+github.com/vgarvardt/go-oauth2-pg/v4 v4.4.3 h1:OmbpDamjDknR5R7b3/kLFztDaWVq81UCGP1MhpNK1Ug=
+github.com/vgarvardt/go-oauth2-pg/v4 v4.4.3/go.mod h1:oCItSgiIg2jkDMEso1Gn78mYq/mrG7zlXYp5TLQfYqA=
+github.com/vgarvardt/go-pg-adapter v1.0.0 h1:sKCbcCqI1l3pQ74usNO0QlXfjeNp3lXhVLa4CGMrtbQ=
+github.com/vgarvardt/go-pg-adapter v1.0.0/go.mod h1:zXzBevepLuEmQkLo5Uw+0bu8335is8xGJKXeZhQQSeM=
+github.com/vgarvardt/pgx-helpers v0.0.0-20190703163610-cbb413594454/go.mod h1:xp2aDvL8NKu92fXxNr9kbH03+OJ+dIVu/dYfPxt3LWs=
+github.com/vgarvardt/pgx-helpers/v4 v4.0.0-20200225100150-876aee3d1a22 h1:4FALl8RvmCRmHOy1z0fDRCdf8NQBg5rP9sGPxP1haoQ=
+github.com/vgarvardt/pgx-helpers/v4 v4.0.0-20200225100150-876aee3d1a22/go.mod h1:vFsMp4/TQkKX4HeOynXa6npSFBWUusa3S+fFW7IejqE=
+github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f h1:J9EGpcZtP0E/raorCMxlFGSTBrsSlaDGf3jU/qvAE2c=
+github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU=
+github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHovont7NscjpAxXsDA8S8BMYve8Y5+7cuRE7R0=
+github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ=
+github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17UxZ74=
+github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y=
+github.com/yalp/jsonpath v0.0.0-20180802001716-5cc68e5049a0 h1:6fRhSjgLCkTD3JnJxvaJ4Sj+TYblw757bqYgZaOq5ZY=
+github.com/yalp/jsonpath v0.0.0-20180802001716-5cc68e5049a0/go.mod h1:/LWChgwKmvncFJFHJ7Gvn9wZArjbV5/FppcK2fKk/tI=
+github.com/yudai/gojsondiff v1.0.0 h1:27cbfqXLVEJ1o8I6v3y9lg8Ydm53EKqHXAOMxEGlCOA=
+github.com/yudai/gojsondiff v1.0.0/go.mod h1:AY32+k2cwILAkW1fbgxQ5mUmMiZFgLIV+FBNExI05xg=
+github.com/yudai/golcs v0.0.0-20170316035057-ecda9a501e82 h1:BHyfKlQyqbsFN5p3IfnEUduWvb9is428/nNb5L3U01M=
+github.com/yudai/golcs v0.0.0-20170316035057-ecda9a501e82/go.mod h1:lgjkn3NuSvDfVJdfcVVdX+jpBxNmX4rDAzaS45IcYoM=
+github.com/yudai/pp v2.0.1+incompatible/go.mod h1:PuxR/8QJ7cyCkFp/aUDS+JY727OFEZkTdatxwunjIkc=
+github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
+github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q=
+go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
+go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
+go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
+go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
+go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
+go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4=
+go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU=
+go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA=
+go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
+go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
+go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM=
+golang.org/x/crypto v0.0.0-20171113213409-9f005a07e0d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20190411191339-88737f569e3a/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE=
+golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20201203163018-be400aefbc4c/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
+golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+golang.org/x/crypto v0.6.0 h1:qfktjS5LUO+fFKeJXZ+ikTRijMmljikvG68fpMMruSc=
+golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58=
+golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
+golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
+golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
+golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
+golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
+golang.org/x/net v0.6.0 h1:L4ZwwTvKW9gr0ZMS1yrHD9GZhIuVjOBBnaKH+SPQK0Q=
+golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
+golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
+golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU=
+golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
+golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo=
+golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190425163242-31fd60d6bfdc/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
+golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
+golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
+golang.org/x/tools v0.0.0-20190823170909-c4a336ef6a2f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20200103221440-774c71fcf114/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
+golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
+golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0=
+google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
+google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
+google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
+google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
+google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
+google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
+google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
+gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
+gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo=
+gopkg.in/inconshreveable/log15.v2 v2.0.0-20180818164646-67afb5ed74ec/go.mod h1:aPpfJ7XW+gOuirDoZ8gHhLh3kZ1B08FtV2bbmy7Jv3s=
+gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
+gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw=
+honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
diff --git a/example/secureYourMicroservices/authorization/internal/handlers/authentication.go b/example/secureYourMicroservices/authorization/internal/handlers/authentication.go
new file mode 100644
index 0000000..884c0cc
--- /dev/null
+++ b/example/secureYourMicroservices/authorization/internal/handlers/authentication.go
@@ -0,0 +1,229 @@
+package handlers
+
+import (
+	"fmt"
+	"github.com/go-oauth2/oauth2/v4/server"
+	"net/http"
+	"os"
+	"sync"
+)
+
+// List of the allowed services
+var apiWhiteList = map[string]string{
+	"888888": "88888888",
+}
+
+// DBRepo is the db repo
+type Authentication struct {
+	srv           *server.Server
+	extStore      map[string]interface{} // like a redis store
+	databaseUsers map[string]interface{} // use a db
+	// one mutex for 2 stores, ok for the demo
+	sync.RWMutex
+}
+
+// NewPostgresqlHandlers creates db repo for postgres
+func NewAuthentication(srv *server.Server) Authentication {
+
+	return Authentication{
+		srv:           srv,
+		extStore:      make(map[string]interface{}),
+		databaseUsers: make(map[string]interface{}),
+	}
+}
+
+func (a Authentication) Authorize(w http.ResponseWriter, r *http.Request) {
+	if dumpvar {
+		dumpRequest(os.Stdout, "authorize", r)
+	}
+
+	err := a.srv.HandleAuthorizeRequest(w, r)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+	}
+
+}
+
+func (a Authentication) UserAuthorizeHandler(w http.ResponseWriter, r *http.Request) (userID string, err error) {
+	if dumpvar {
+		_ = dumpRequest(os.Stdout, "userAuthorizeHandler", r) // Ignore the error
+	}
+
+	clientID := r.Form.Get("client_id")
+
+	switch clientID {
+	case "222222":
+
+		a.RLock()
+		uid, ok := a.extStore[fmt.Sprintf("LoggedInUserID-%v", r.Form.Get("email"))]
+		a.RUnlock()
+		if !ok {
+			if r.Form == nil {
+				r.ParseForm()
+			}
+
+			w.WriteHeader(http.StatusOK)
+			return
+		}
+
+		userID = uid.(string)
+
+		a.Lock()
+		delete(a.extStore, fmt.Sprintf("LoggedInUserID-%v", r.Form.Get("email")))
+		a.Unlock()
+		return
+	case "888888":
+
+		a.RLock()
+		uid, ok := a.extStore[fmt.Sprintf("LoggedInUserID-%v", r.Form.Get("client_id"))]
+		a.RUnlock()
+		if !ok {
+			if r.Form == nil {
+				r.ParseForm()
+			}
+
+			w.WriteHeader(http.StatusOK)
+			return
+		}
+
+		userID = uid.(string)
+
+		a.Lock()
+		delete(a.extStore, fmt.Sprintf("LoggedInUserID-%v", r.Form.Get("client_id")))
+		a.Unlock()
+		return
+	default:
+		userID = ""
+		return
+	}
+}
+
+func (a Authentication) Token(w http.ResponseWriter, r *http.Request) {
+	if dumpvar {
+		_ = dumpRequest(os.Stdout, "token", r) // Ignore the error
+	}
+
+	err := a.srv.HandleTokenRequest(w, r)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+	}
+}
+
+// Endpoint specific for the APIs
+func (a Authentication) ApiAuthHandler(w http.ResponseWriter, r *http.Request) {
+	if dumpvar {
+		_ = dumpRequest(os.Stdout, "apiAuthHandler", r) // Ignore the error
+	}
+
+	if r.Method == "POST" {
+
+		if r.Form == nil {
+			if err := r.ParseForm(); err != nil {
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				return
+			}
+		}
+
+		// make sure the client's api is allow
+		_, ok := apiWhiteList[r.Form.Get("client_id")]
+		if ok {
+			// save user in a temporary store for the user to be reconized later on
+			a.Lock()
+			a.extStore[fmt.Sprintf("LoggedInUserID-%v", r.Form.Get("client_id"))] = r.Form.Get("client_id")
+			a.Unlock()
+
+			a.Authorize(w, r)
+			return
+		} else {
+
+			http.Error(w, "Bad Request", http.StatusBadRequest)
+			return
+		}
+
+	}
+
+	http.Error(w, "Bad Request", http.StatusBadRequest)
+}
+
+func (a Authentication) SignupHandler(w http.ResponseWriter, r *http.Request) {
+	if dumpvar {
+		_ = dumpRequest(os.Stdout, "signup", r) // Ignore the error
+	}
+
+	if r.Method == "POST" {
+
+		if r.Form == nil {
+			if err := r.ParseForm(); err != nil {
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				return
+			}
+		}
+
+		// some logic
+		if len(r.Form.Get("email")) < 1 && len(r.Form.Get("password")) < 1 {
+
+			http.Error(w, "Unauthorized", http.StatusUnauthorized)
+			return
+		} else {
+			// Save the user in db(simplistic, for example)
+			a.Lock()
+			a.databaseUsers[fmt.Sprintf(r.Form.Get("email"))] = r.Form.Get("password")
+			a.Unlock()
+		}
+
+		// save user in a temporary store for the user to be reconized later on
+		a.Lock()
+		a.extStore[fmt.Sprintf("LoggedInUserID-%v", r.Form.Get("email"))] = r.Form.Get("email")
+		a.Unlock()
+
+		a.Authorize(w, r)
+		return
+	}
+
+	http.Error(w, "Bad Request", http.StatusBadRequest)
+}
+
+func (a Authentication) LoginHandler(w http.ResponseWriter, r *http.Request) {
+	if dumpvar {
+		_ = dumpRequest(os.Stdout, "login", r) // Ignore the error
+	}
+
+	if r.Method == "POST" {
+
+		if r.Form == nil {
+			if err := r.ParseForm(); err != nil {
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				return
+			}
+		}
+
+		if len(r.Form.Get("email")) < 1 && len(r.Form.Get("password")) < 1 {
+
+			http.Error(w, "Unauthorized", http.StatusUnauthorized)
+			return
+		} else {
+			a.RLock()
+			password, ok := a.databaseUsers[fmt.Sprintf(r.Form.Get("email"))]
+			a.RUnlock()
+			if !ok {
+				http.Error(w, "Unauthorized", http.StatusUnauthorized)
+				return
+			}
+
+			if password != r.Form.Get("password") {
+				http.Error(w, "Unauthorized", http.StatusUnauthorized)
+				return
+			}
+
+			// save user in a temporary store for the user to be reconized later on
+			a.Lock()
+			a.extStore[fmt.Sprintf("LoggedInUserID-%v", r.Form.Get("email"))] = r.Form.Get("email")
+			a.Unlock()
+
+		}
+
+		a.Authorize(w, r)
+		return
+	}
+	http.Error(w, "Bad Request", http.StatusBadRequest)
+}
diff --git a/example/secureYourMicroservices/authorization/internal/handlers/handlers.go b/example/secureYourMicroservices/authorization/internal/handlers/handlers.go
new file mode 100644
index 0000000..32b35b0
--- /dev/null
+++ b/example/secureYourMicroservices/authorization/internal/handlers/handlers.go
@@ -0,0 +1,114 @@
+package handlers
+
+import (
+	"encoding/json"
+	"fmt"
+	"github.com/go-oauth2/oauth2/v4/server"
+	"io"
+	"log"
+	"net/http"
+	"net/http/httputil"
+	"os"
+	"strings"
+	"time"
+)
+
+var dumpvar bool
+
+const (
+	authServerURL string = "http://localhost:9096"
+)
+
+type Handlers struct {
+	Permissions
+	Authentication
+}
+
+func NewHandlers(dv bool, srv *server.Server) *Handlers {
+	dumpvar = dv
+
+	perm := NewPermissions(srv)
+	auth := NewAuthentication(srv)
+
+	return &Handlers{
+		Permissions:    perm,
+		Authentication: auth,
+	}
+
+}
+
+type Permissions struct {
+	srv *server.Server
+}
+
+func NewPermissions(srv *server.Server) Permissions {
+	return Permissions{
+		srv: srv,
+	}
+}
+
+// Endpoint to validate token and permission
+func (p Permissions) ValidPermission(w http.ResponseWriter, r *http.Request) {
+	if dumpvar {
+		_ = dumpRequest(os.Stdout, "validPermission", r) // Ignore the error
+	}
+
+	// validate the token
+	token, err := p.srv.ValidationBearerToken(r)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+
+	permission := r.URL.Query().Get("permission")
+
+	// validate the permission
+	switch permission {
+	case "read":
+		log.Println("In read permission")
+		if !strings.Contains(token.GetScope(), "read") && !strings.Contains(token.GetScope(), "all") {
+			http.Error(w, "Unauthorized", http.StatusBadRequest)
+			return
+		}
+
+	case "write":
+		log.Println("In write permission")
+		if !strings.Contains(token.GetScope(), "write") && !strings.Contains(token.GetScope(), "all") {
+			fmt.Println("do not have Write permission.")
+			http.Error(w, "Unauthorized", http.StatusBadRequest)
+			return
+		}
+
+	case "all":
+		log.Println("In all permission")
+		if !strings.Contains(token.GetScope(), "all") {
+			fmt.Println("do not have All permission.")
+			http.Error(w, "Unauthorized", http.StatusBadRequest)
+			return
+		}
+	default:
+		log.Println("In default permission")
+		http.Error(w, "Unauthorized", http.StatusBadRequest)
+		return
+	}
+
+	data := map[string]interface{}{
+		"expires_in": int64(token.GetAccessCreateAt().Add(token.GetAccessExpiresIn()).Sub(time.Now()).Seconds()),
+		"client_id":  token.GetClientID(),
+		"user_id":    token.GetUserID(),
+		"permission": token.GetScope(),
+	}
+	e := json.NewEncoder(w)
+	e.SetIndent("", "  ")
+	e.Encode(data)
+}
+
+func dumpRequest(writer io.Writer, header string, r *http.Request) error {
+	data, err := httputil.DumpRequest(r, true)
+	if err != nil {
+		return err
+	}
+	writer.Write([]byte("\n" + header + ": \n"))
+	writer.Write(data)
+	return nil
+}
diff --git a/example/secureYourMicroservices/authorization/server.go b/example/secureYourMicroservices/authorization/server.go
new file mode 100644
index 0000000..0355c50
--- /dev/null
+++ b/example/secureYourMicroservices/authorization/server.go
@@ -0,0 +1,184 @@
+package main
+
+import (
+	"context"
+	"flag"
+	"fmt"
+	"io"
+	"log"
+	"net/http"
+	"net/http/httputil"
+	"time"
+
+	"github.com/go-oauth2/oauth2/v4/generates"
+	"server/internal/handlers"
+
+	"github.com/go-oauth2/oauth2/v4/errors"
+	"github.com/go-oauth2/oauth2/v4/manage"
+	"github.com/go-oauth2/oauth2/v4/models"
+	"github.com/go-oauth2/oauth2/v4/server"
+	"github.com/jackc/pgx/v4"
+	pg "github.com/vgarvardt/go-oauth2-pg/v4"
+	"github.com/vgarvardt/go-pg-adapter/pgx4adapter"
+)
+
+var (
+	dumpvar   bool
+	idvar     string
+	secretvar string
+	domainvar string
+	portvar   int
+)
+
+func init() {
+	// credential for the client
+	flag.BoolVar(&dumpvar, "d", true, "Dump requests and responses")
+	flag.StringVar(&idvar, "i", "222222", "The client id being passed in")
+	flag.StringVar(&secretvar, "s", "22222222", "The client secret being passed in")
+	flag.StringVar(&domainvar, "r", "http://localhost:9094", "The domain of the redirect url")
+	flag.IntVar(&portvar, "p", 9096, "the base port for the server")
+}
+
+const (
+	// credential for the preOrder service
+	idPreorder     string = "888888"
+	secretPreorder string = "88888888"
+	domainPreorder string = "http://localhost:8081"
+
+	dbUser     = "postgres"
+	dbHost     = "localhost"
+	dbPassword = "password"
+	dbDatabase = "users"
+	dbSSL      = "disable"
+	dbPort     = "5432"
+)
+
+func main() {
+	flag.Parse()
+
+	dsn := fmt.Sprintf("postgres://%s:%s@%s:%s/%s?sslmode=%s",
+		dbUser,
+		dbPassword,
+		dbHost,
+		dbPort,
+		dbDatabase,
+		dbSSL,
+	)
+
+	pgxConn, _ := pgx.Connect(context.TODO(), dsn)
+
+	manager := manage.NewDefaultManager()
+
+	// use PostgreSQL token store with pgx.Connection adapter
+	adapter := pgx4adapter.NewConn(pgxConn)
+	tokenStore, _ := pg.NewTokenStore(adapter, pg.WithTokenStoreGCInterval(time.Minute))
+	defer tokenStore.Close()
+
+	clientStore, _ := pg.NewClientStore(adapter)
+
+	manager.MapTokenStorage(tokenStore)
+	manager.MapClientStorage(clientStore)
+
+	// generate jwt access token
+	// manager.MapAccessGenerate(generates.NewJWTAccessGenerate("", []byte("00000000"), jwt.SigningMethodHS512))
+	manager.MapAccessGenerate(generates.NewAccessGenerate())
+
+	manager.MapClientStorage(clientStore)
+
+	// register the front-end
+	clientStore.Create(&models.Client{
+		ID:     idvar,
+		Secret: secretvar,
+		Domain: domainvar,
+	})
+
+	// register prePost service
+	clientStore.Create(&models.Client{
+		ID:     idPreorder,
+		Secret: secretPreorder,
+		Domain: domainPreorder,
+	})
+
+	srv := server.NewServer(server.NewConfig(), manager)
+
+	// set the oauth package to work without browser
+	// the token will be return as a json payload
+	srv.SetModeAPI()
+
+	// handlers will handle all handlers
+	handler := handlers.NewHandlers(dumpvar, srv)
+
+	srv.SetUserAuthorizationHandler(handler.UserAuthorizeHandler)
+
+	srv.SetInternalErrorHandler(func(err error) (re *errors.Response) {
+		log.Println("Internal Error:", err.Error())
+		return
+	})
+
+	srv.SetResponseErrorHandler(func(re *errors.Response) {
+		log.Println("Response Error:", re.Error.Error())
+	})
+
+	// Endpoints for the front-end
+	// (use this service for the example but a specific users' service may be better)
+	http.HandleFunc("/signup", handler.SignupHandler)
+	http.HandleFunc("/login", handler.LoginHandler)
+
+	// Endpoints for the backend services to authenticate and get their token
+	http.HandleFunc("/apiauth", handler.ApiAuthHandler)
+
+	// Endpoints specific to validate the authorization
+	http.HandleFunc("/oauth/authorize", handler.Authorize)
+	http.HandleFunc("/oauth/token", handler.Token)
+
+	// Endpoint which validate a client's token and the given permission
+	http.HandleFunc("/permission", handler.ValidPermission)
+
+	log.Printf("Server is running at %d port.\n", portvar)
+	log.Printf("Point your OAuth client Auth endpoint to %s:%d%s", "http://localhost", portvar, "/oauth/authorize")
+	log.Printf("Point your OAuth client Token endpoint to %s:%d%s", "http://localhost", portvar, "/oauth/token")
+	log.Fatal(http.ListenAndServe(fmt.Sprintf(":%d", portvar), nil))
+}
+
+func dumpRequest(writer io.Writer, header string, r *http.Request) error {
+	data, err := httputil.DumpRequest(r, true)
+	if err != nil {
+		return err
+	}
+	writer.Write([]byte("\n" + header + ": \n"))
+	writer.Write(data)
+	return nil
+}
+
+func createDsn() string {
+	// dbHost := os.Getenv("DATABASE_HOST")
+	// dbPort := os.Getenv("DATABASE_PORT")
+	// dbUser := os.Getenv("DATABASE_USER")
+	// dbPass := os.Getenv("DATABASE_PASS")
+	// databaseName := os.Getenv("DATABASE_NAME")
+
+	dbHost := "localhost"
+	dbPort := "5432"
+	dbUser := "postgres"
+	dbPass := "password"
+	databaseName := "users"
+
+	dsnString := ""
+	if dbPass == "" {
+		dsnString = fmt.Sprintf("host=%s port=%s user=%s dbname=%s sslmode=%s timezone=UTC connect_timeout=5",
+			dbHost,
+			dbPort,
+			dbUser,
+			databaseName,
+			"disable")
+	} else {
+		dsnString = fmt.Sprintf("host=%s port=%s user=%s password=%s dbname=%s sslmode=%s timezone=UTC connect_timeout=5",
+			dbHost,
+			dbPort,
+			dbUser,
+			dbPass,
+			databaseName,
+			"disable")
+	}
+	return dsnString
+}
diff --git a/example/secureYourMicroservices/client/go.mod b/example/secureYourMicroservices/client/go.mod
new file mode 100644
index 0000000..43cd8e3
--- /dev/null
+++ b/example/secureYourMicroservices/client/go.mod
@@ -0,0 +1,12 @@
+module client
+
+go 1.20
+
+require golang.org/x/oauth2 v0.8.0
+
+require (
+	github.com/golang/protobuf v1.5.2 // indirect
+	golang.org/x/net v0.10.0 // indirect
+	google.golang.org/appengine v1.6.7 // indirect
+	google.golang.org/protobuf v1.28.0 // indirect
+)
diff --git a/example/secureYourMicroservices/client/go.sum b/example/secureYourMicroservices/client/go.sum
new file mode 100644
index 0000000..45e0c97
--- /dev/null
+++ b/example/secureYourMicroservices/client/go.sum
@@ -0,0 +1,23 @@
+github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
+github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
+github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
+golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M=
+golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
+golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8=
+golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c=
+google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
+google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
+google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
+google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw=
+google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
diff --git a/example/secureYourMicroservices/client/main.go b/example/secureYourMicroservices/client/main.go
new file mode 100644
index 0000000..866fdab
--- /dev/null
+++ b/example/secureYourMicroservices/client/main.go
@@ -0,0 +1,344 @@
+package main
+
+import (
+	"context"
+	"crypto/sha256"
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"html/template"
+	"sync"
+
+	"io/ioutil"
+	"log"
+	"net/http"
+	"net/url"
+	"strings"
+
+	"golang.org/x/oauth2"
+	// "golang.org/x/oauth2/clientcredentials"
+)
+
+const (
+	authServerURL = "http://localhost:9096"
+	clientID      = "222222"
+)
+
+var (
+	config = oauth2.Config{
+		ClientID:     clientID,
+		ClientSecret: "22222222",
+		Scopes:       []string{"write, read"},
+		RedirectURL:  "http://localhost:9094",
+		Endpoint: oauth2.Endpoint{
+			AuthURL:  authServerURL + "/oauth/authorize",
+			TokenURL: authServerURL + "/oauth/token",
+		},
+	}
+	globalTokens = make(map[string]*oauth2.Token) // should be persisted outside, keep it stateless
+	// globalToken  *oauth2.Token // for mobile app that is ok as each app run its own instance
+	appUrlParams string
+	mu           = sync.RWMutex{}
+)
+
+type CodeStruct struct {
+	Code string `json:"code"`
+}
+
+func main() {
+
+	http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
+
+		u := config.AuthCodeURL("xyz",
+			oauth2.SetAuthURLParam("code_challenge", genCodeChallengeS256("s256example")),
+			oauth2.SetAuthURLParam("code_challenge_method", "S256"))
+
+		// extract the url params which will be use later on
+		parsedURL, err := url.Parse(u)
+		if err != nil {
+			log.Println("Error parsing URL:", err)
+			return
+		}
+
+		appUrlParams = parsedURL.RawQuery
+
+		resp, err := http.Get(u)
+		if err != nil {
+			// Handle error if unable to make the request
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+		defer resp.Body.Close()
+
+		if resp.StatusCode == http.StatusOK {
+			http.Redirect(w, r, fmt.Sprintf("/portail?id=%v", clientID), http.StatusFound)
+		} else {
+
+			http.Error(w, "An err occur", http.StatusInternalServerError)
+		}
+	})
+
+	// Portail shows the signup or login buttons
+	http.HandleFunc("/portail", func(w http.ResponseWriter, r *http.Request) {
+
+		outputHTML(w, r, "static/portail.html")
+	})
+
+	// Render the form for signup
+	http.HandleFunc("/signupfront", func(w http.ResponseWriter, r *http.Request) {
+
+		outputHTML(w, r, "static/signup.html")
+	})
+
+	// Handle the data from the form signup
+	http.HandleFunc("/signupdata", func(w http.ResponseWriter, r *http.Request) {
+
+		err := helperHandleAuth(w, r, "signup")
+		if err != nil {
+			log.Println("Error in signupdata: ", err)
+		}
+	})
+
+	// Render the form for login
+	http.HandleFunc("/loginfront", func(w http.ResponseWriter, r *http.Request) {
+
+		outputHTML(w, r, "static/login.html")
+	})
+
+	// Handle the data for login
+	http.HandleFunc("/logindata", func(w http.ResponseWriter, r *http.Request) {
+		err := helperHandleAuth(w, r, "login")
+		if err != nil {
+			log.Println("Error in logindata: ", err)
+		}
+	})
+
+	// After login/signup show the menu
+	http.HandleFunc("/welcome", func(w http.ResponseWriter, r *http.Request) {
+
+		outputHTML(w, r, "static/welcome.html")
+
+	})
+
+	// Render the page to create order
+	http.HandleFunc("/createorder", func(w http.ResponseWriter, r *http.Request) {
+		email := r.URL.Query().Get("email")
+
+		mu.RLock()
+		_, ok := globalTokens[email]
+		mu.RUnlock()
+		if ok {
+
+			outputHTML(w, r, "static/createOrders.html")
+		} else {
+			http.Redirect(w, r, "/", http.StatusSeeOther)
+		}
+	})
+
+	// Render the page to get an order
+	http.HandleFunc("/getorder", func(w http.ResponseWriter, r *http.Request) {
+
+		email := r.URL.Query().Get("email")
+
+		mu.RLock()
+		_, ok := globalTokens[email]
+		mu.RUnlock()
+		if ok {
+
+			outputHTML(w, r, "static/getOrders.html")
+		} else {
+
+			http.Redirect(w, r, "/", http.StatusSeeOther)
+		}
+	})
+
+	http.HandleFunc("/signout", func(w http.ResponseWriter, r *http.Request) {
+
+		email := r.URL.Query().Get("email")
+
+		mu.RLock()
+		_, ok := globalTokens[email]
+		mu.RUnlock()
+		if ok {
+			// delete the token
+			mu.Lock()
+			delete(globalTokens, email)
+			mu.Unlock()
+
+			http.Redirect(w, r, "/", http.StatusSeeOther)
+		} else {
+
+			http.Redirect(w, r, "/", http.StatusSeeOther)
+		}
+	})
+
+	// Other functionalities
+	// NOTE for the reader to finish the implementation if needed
+	// http.HandleFunc("/refresh", func(w http.ResponseWriter, r *http.Request) {
+	// 	if globalToken == nil {
+	// 		http.Redirect(w, r, "/", http.StatusFound)
+	// 		return
+	// 	}
+
+	// 	globalToken.Expiry = time.Now()
+	// 	token, err := config.TokenSource(context.Background(), globalToken).Token()
+	// 	if err != nil {
+	// 		http.Error(w, err.Error(), http.StatusInternalServerError)
+	// 		return
+	// 	}
+
+	// 	globalToken = token
+	// 	e := json.NewEncoder(w)
+	// 	e.SetIndent("", "  ")
+	// 	e.Encode(token)
+	// })
+
+	// http.HandleFunc("/pwd", func(w http.ResponseWriter, r *http.Request) {
+	// 	token, err := config.PasswordCredentialsToken(context.Background(), "test", "test")
+	// 	if err != nil {
+	// 		http.Error(w, err.Error(), http.StatusInternalServerError)
+	// 		return
+	// 	}
+
+	// 	globalToken = token
+	// 	e := json.NewEncoder(w)
+	// 	e.SetIndent("", "  ")
+	// 	e.Encode(token)
+	// })
+
+	// http.HandleFunc("/client", func(w http.ResponseWriter, r *http.Request) {
+	// 	cfg := clientcredentials.Config{
+	// 		ClientID:     config.ClientID,
+	// 		ClientSecret: config.ClientSecret,
+	// 		TokenURL:     config.Endpoint.TokenURL,
+	// 	}
+
+	// 	token, err := cfg.Token(context.Background())
+	// 	if err != nil {
+	// 		http.Error(w, err.Error(), http.StatusInternalServerError)
+	// 		return
+	// 	}
+
+	// 	e := json.NewEncoder(w)
+	// 	e.SetIndent("", "  ")
+	// 	e.Encode(token)
+	// })
+
+	log.Println("Client is running at 9094 port.Please open http://localhost:9094")
+	log.Fatal(http.ListenAndServe(":9094", nil))
+}
+
+// Target the  auth server to get a token, and extract it
+func helperHandleAuth(w http.ResponseWriter, r *http.Request, path string) error {
+	err := r.ParseForm()
+	if err != nil {
+		return err
+	}
+
+	u, err := url.Parse(fmt.Sprintf("%s/%s", authServerURL, path))
+	if err != nil {
+		fmt.Println("Error parsing URL:", err)
+		return err
+	}
+
+	// Add the form data to the existing query parameters
+	queryParams := u.Query()
+	for key, values := range r.Form {
+		for _, value := range values {
+			queryParams.Add(key, value)
+		}
+	}
+
+	// Add the app parmeters
+	appParams, err := url.ParseQuery(appUrlParams)
+	if err != nil {
+		fmt.Println("Error parsing query string:", err)
+		return err
+	}
+
+	for key, values := range appParams {
+		for _, value := range values {
+			queryParams.Add(key, value)
+		}
+	}
+
+	u.RawQuery = queryParams.Encode()
+
+	resp, err := http.Post(u.String(), "application/x-www-form-urlencoded", strings.NewReader(""))
+	if err != nil {
+		fmt.Println("Error making POST request:", err)
+		return err
+	}
+
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		http.Redirect(w, r, fmt.Sprintf("/portail?id=%v", clientID), http.StatusFound)
+		return nil
+	}
+
+	// Read the response body
+	body, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		fmt.Println("Error reading response body:", err)
+		return err
+	}
+
+	// Parse the response body into CodeStruct
+	var codeResponse CodeStruct
+	err = json.Unmarshal(body, &codeResponse)
+	if err != nil {
+		fmt.Println("Error parsing response body:", err)
+		return err
+	}
+
+	// extract the token
+	token, err := config.Exchange(context.Background(), codeResponse.Code, oauth2.SetAuthURLParam("code_verifier", "s256example"))
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return err
+	}
+
+	// save the token for a specific user
+	email := r.Form.Get("email")
+	mu.Lock()
+	globalTokens[email] = token
+	mu.Unlock()
+
+	outputHTML(w, r, "static/welcome.html")
+	return nil
+
+}
+
+func outputHTML(w http.ResponseWriter, req *http.Request, filename string) {
+	tmpl, err := template.ParseFiles(filename)
+	if err != nil {
+		http.Error(w, err.Error(), 500)
+		return
+	}
+
+	email := req.URL.Query().Get("email")
+
+	tk := ""
+	t, ok := globalTokens[email]
+	if ok {
+		tk = t.AccessToken
+	}
+
+	data := struct {
+		Token string
+	}{
+		Token: tk,
+	}
+
+	err = tmpl.Execute(w, data)
+	if err != nil {
+		http.Error(w, err.Error(), 500)
+		return
+	}
+}
+
+func genCodeChallengeS256(s string) string {
+	s256 := sha256.Sum256([]byte(s))
+	return base64.URLEncoding.EncodeToString(s256[:])
+}
diff --git a/example/secureYourMicroservices/client/static/createOrders.html b/example/secureYourMicroservices/client/static/createOrders.html
new file mode 100644
index 0000000..8015115
--- /dev/null
+++ b/example/secureYourMicroservices/client/static/createOrders.html
@@ -0,0 +1,87 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <title>Login</title>
+    <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css">
+    <script src="//code.jquery.com/jquery-2.2.4.min.js"></script>
+    <script src="//maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script>
+</head>
+
+<body>
+    <div class="container">
+        <h1>Create an order</h1>
+	<form id="orderForm" action="http://127.0.0.1:8080/orders?access_token={{.Token}}" method="POST">
+            <div class="form-group">
+                <label for="item1code">Item 1 code</label>
+                <input type="text" class="form-control" name="item1code" required placeholder="Please enter the code">
+		<label for="item1quantity">Item 1 quantity</label>
+                <input type="text" class="form-control" name="item1quantity" required placeholder="Please enter the quantity">
+		<label for="item2code">Item 2 code</label>
+                <input type="text" class="form-control" name="item2code" required placeholder="Please enter the code">
+		<label for="item2quantity">Item 2 quantity</label>
+                <input type="text" class="form-control" name="item2quantity" required placeholder="Please enter the quantity">
+
+            </div>
+            <div class="form-group">
+                <label for="shippingaddress">Shipping address</label>
+                <input type="text" class="form-control" name="shippingaddress" placeholder="Please enter your address">
+            </div>
+	    <input type="hidden" id="tokenField" value="{{.Token}}">
+            <button type="submit" class="btn btn-success">submit</button>
+        </form>
+
+	<div style="color: red;" id="responseContainer"></div>
+    </div>
+
+    <script>
+        document.addEventListener('DOMContentLoaded', function() {
+            document.getElementById('orderForm').addEventListener('submit', function(event) {
+                event.preventDefault();
+
+		var token = document.getElementById('tokenField').value;
+		var responseContainer = document.getElementById('responseContainer');
+
+		// const inputs = form.querySelectorAll('input');
+		const inputs = document.getElementById('orderForm').querySelectorAll('input');
+
+  		// Create a FormData object to store the input values
+  		const formData = new FormData();
+
+  		// Iterate over the input elements and add their values to the FormData object
+  		inputs.forEach(input => {
+  		  formData.append(input.name, input.value);
+  		});
+
+                fetch('http://127.0.0.1:8080/orders', {
+                    method: 'POST',
+                    headers: {
+                        'Authorization': 'Bearer ' + token
+                    },
+                    body: formData 
+                })
+                .then(function(response) {
+                    if (response.ok) {
+                        return response.text();
+                    } else {
+                        throw new Error('Error: ' + response.status);
+                    }
+                })
+                .then(function(data) {
+                    console.log('Response:', data);
+  		    responseContainer.innerText = "Order created. Id to see it in 'Get an Order': " + data;		    
+                    // Handle the response
+                })
+                .catch(function(error) {
+                    console.error('Error:', error);
+                    // Handle the error
+                });
+            });
+        });
+    </script>
+
+</body>
+
+</html>
+
diff --git a/example/secureYourMicroservices/client/static/getOrders.html b/example/secureYourMicroservices/client/static/getOrders.html
new file mode 100644
index 0000000..03e415c
--- /dev/null
+++ b/example/secureYourMicroservices/client/static/getOrders.html
@@ -0,0 +1,62 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <title>Login</title>
+    <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css">
+    <script src="//code.jquery.com/jquery-2.2.4.min.js"></script>
+    <script src="//maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script>
+</head>
+
+<body>
+    <div class="container">
+        <h1>Get an order</h1>
+	<form id="orderForm" action="http://127.0.0.1:8081/order?access_token={{.Token}}" method="POST">
+            <div class="form-group">
+                <label for="orderid">Order ID</label>
+                <input type="text" class="form-control" name="orderid" required placeholder="Please enter the order id">
+            </div>
+	    <input type="hidden" id="tokenField" value="{{.Token}}">
+            <button type="submit" class="btn btn-success">Get order</button>
+        </form>
+	 <div style="color: red;" id="responseContainer"></div>
+    </div>
+
+    <script>
+        document.addEventListener('DOMContentLoaded', function() {
+            document.getElementById('orderForm').addEventListener('submit', function(event) {
+                event.preventDefault();
+
+		var token = document.getElementById('tokenField').value;
+                var orderID = document.getElementsByName('orderid')[0].value;
+		var responseContainer = document.getElementById('responseContainer');
+
+                fetch('http://127.0.0.1:8081/order', {
+                    method: 'POST',
+                    headers: {
+                        'Content-Type': 'application/x-www-form-urlencoded',
+                        'Authorization': 'Bearer '+ token
+                    },
+                    body: 'orderid=' + encodeURIComponent(orderID)
+                })
+                .then(function(response) {
+                    if (response.ok) {
+                        return response.text();
+                    } else {
+                        throw new Error('Error: ' + response.status);
+                    }
+                })
+                .then(function(data) {
+  		    responseContainer.innerText = JSON.stringify(data);		    
+                })
+                .catch(function(error) {
+                    console.error('Error:', error);
+                    // Handle the error
+                });
+            });
+        });
+    </script>
+</body>
+</html>
+
diff --git a/example/secureYourMicroservices/client/static/login.html b/example/secureYourMicroservices/client/static/login.html
new file mode 100644
index 0000000..7ba9566
--- /dev/null
+++ b/example/secureYourMicroservices/client/static/login.html
@@ -0,0 +1,42 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <title>Login</title>
+    <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css">
+    <script src="//code.jquery.com/jquery-2.2.4.min.js"></script>
+    <script src="//maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script>
+</head>
+
+<body>
+    <div class="container">
+        <h1>Login In</h1>
+	<form id="orderForm" action="http://localhost:9094/logindata" method="POST">
+	    <div class="form-group">
+                <label for="email">Email</label>
+                <input type="text" class="form-control" name="email" required placeholder="Please enter your email">
+            </div>
+            <div class="form-group">
+                <label for="password">Password</label>
+                <input type="password" class="form-control" name="password" placeholder="Please enter your password">
+            </div>
+            <button type="submit" class="btn btn-success">Login</button>
+        </form>
+    </div>
+
+    <script>
+        document.addEventListener('DOMContentLoaded', function() {
+            document.getElementById('orderForm').addEventListener('submit', function(event) {
+
+        	var email = document.getElementsByName('email')[0].value;
+		
+		sessionStorage.setItem('email', email);
+	
+	     })
+	})
+     </script>
+</body>
+
+</html>
+
diff --git a/example/secureYourMicroservices/client/static/portail.html b/example/secureYourMicroservices/client/static/portail.html
new file mode 100644
index 0000000..f36a30c
--- /dev/null
+++ b/example/secureYourMicroservices/client/static/portail.html
@@ -0,0 +1,45 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <title>Login</title>
+    <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css">
+    <script src="//code.jquery.com/jquery-2.2.4.min.js"></script>
+    <script src="//maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script>
+    <style>
+    .button-container {
+      margin-top: 50px;
+    }
+
+    .button-container button {
+      margin-right: 10px;
+    }
+    </style>
+</head>
+
+<body>
+  <div class="container">
+    <div class="row">
+      <div class="col-md-6 col-md-offset-3 text-center">
+        <h2>Welcome!</h2>
+        <p>Please choose an option:</p>
+
+	<form action="/signupfront" method="GET">
+            <div class="form-group">
+          	<button class="btn btn-primary btn-lg" type="submit">Sign up</button>
+        	</div>
+        </form>
+	<form action="/loginfront" method="GET">
+            <div class="form-group">
+          	<button class="btn btn-primary btn-lg" type="submit">Sign in</button>
+        	</div>
+        </form>
+      </div>
+    </div>
+  </div>
+
+  </body>
+
+</html>
+
diff --git a/example/secureYourMicroservices/client/static/signup.html b/example/secureYourMicroservices/client/static/signup.html
new file mode 100644
index 0000000..ff02aa8
--- /dev/null
+++ b/example/secureYourMicroservices/client/static/signup.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <title>Login</title>
+    <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css">
+    <script src="//code.jquery.com/jquery-2.2.4.min.js"></script>
+    <script src="//maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script>
+</head>
+
+<body>
+    <div class="container">
+        <h1>Sign up</h1>
+	<form id="orderForm" action="http://localhost:9094/signupdata" method="POST">
+            <div class="form-group">
+                <label for="email">Email</label>
+                <input type="text" class="form-control" name="email" required placeholder="Please enter your email">
+            </div>
+            <div class="form-group">
+                <label for="password">Password</label>
+                <input type="password" class="form-control" name="password" placeholder="Please enter your password">
+            </div>
+            <button type="submit" class="btn btn-success">Login</button>
+        </form>
+    </div>
+
+    <script>
+        document.addEventListener('DOMContentLoaded', function() {
+            document.getElementById('orderForm').addEventListener('submit', function(event) {
+
+        	var email = document.getElementsByName('email')[0].value;
+		
+		sessionStorage.setItem('email', email);
+	     })
+	})
+     </script> 
+</body>
+
+</html>
+
diff --git a/example/secureYourMicroservices/client/static/welcome.html b/example/secureYourMicroservices/client/static/welcome.html
new file mode 100644
index 0000000..59e08a9
--- /dev/null
+++ b/example/secureYourMicroservices/client/static/welcome.html
@@ -0,0 +1,70 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <title>Login</title>
+    <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css">
+    <script src="//code.jquery.com/jquery-2.2.4.min.js"></script>
+    <script src="//maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script>
+</head>
+
+   <body>
+	<h1>Navigation Links</h1>
+  	<a id="createOrderLink" href="http://localhost:9094/createorder">Create an order</a>
+  	<br>
+  	<a id="getOrderLink" href="http://localhost:9094/getorder">Get an order</a>
+  	<br>
+	<a id="signoutLink" href="http://localhost:9094/signout">Signout</a>
+    </body>
+    <script>
+	document.addEventListener('DOMContentLoaded', function() {
+    		var createOrderLink = document.getElementById('createOrderLink');
+    		var getOrderLink = document.getElementById('getOrderLink');
+    		var signoutLink = document.getElementById('signoutLink');
+
+		createOrderLink.addEventListener('click', function(event) {
+    		    event.preventDefault();
+
+    		    // Retrieve the session storage data
+    		    var email = sessionStorage.getItem('email');
+
+    		    // Append the stored value to the redirect URL
+    		    var redirectUrl = 'http://localhost:9094/createorder?email=' + encodeURIComponent(email);
+
+    		    window.location.href = redirectUrl;
+    		});
+
+
+    		getOrderLink.addEventListener('click', function(event) {
+    		    event.preventDefault(); 
+
+    		    // Retrieve the session storage data
+    		    var email = sessionStorage.getItem('email');
+
+    		    // Append the stored value to the redirect URL
+    		    var redirectUrl = 'http://localhost:9094/getorder?email=' + encodeURIComponent(email);
+
+    		    window.location.href = redirectUrl;
+    		});
+
+		signoutLink.addEventListener('click', function(event) {
+    		    event.preventDefault(); 
+
+    		    // Retrieve the session storage data
+    		    var email = sessionStorage.getItem('email');
+
+		    // delete the session storage
+		    sessionStorage.removeItem('email');
+
+    		    // Append the stored value to the redirect URL
+    		    var redirectUrl = 'http://localhost:9094/signout?email=' + encodeURIComponent(email);
+
+    		    window.location.href = redirectUrl;
+    		});
+
+	});
+
+    </script>
+</html>
+
diff --git a/example/secureYourMicroservices/docker-compose.yaml b/example/secureYourMicroservices/docker-compose.yaml
new file mode 100644
index 0000000..a388027
--- /dev/null
+++ b/example/secureYourMicroservices/docker-compose.yaml
@@ -0,0 +1,20 @@
+version: '3'
+
+services:
+  users-database:
+    image: postgres:14.7-alpine
+    ports:
+      - "5432:5432"
+    environment:
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: password
+      POSTGRES_DB: users
+    volumes:
+      - ./db-oauth/postgres/:/var/lib/postgresql/data/
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U postgres"]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+
+        
diff --git a/example/secureYourMicroservices/order/go.mod b/example/secureYourMicroservices/order/go.mod
new file mode 100644
index 0000000..16a8c05
--- /dev/null
+++ b/example/secureYourMicroservices/order/go.mod
@@ -0,0 +1,5 @@
+module order
+
+go 1.20
+
+require github.com/google/uuid v1.3.0
diff --git a/example/secureYourMicroservices/order/go.sum b/example/secureYourMicroservices/order/go.sum
new file mode 100644
index 0000000..3dfe1c9
--- /dev/null
+++ b/example/secureYourMicroservices/order/go.sum
@@ -0,0 +1,2 @@
+github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
+github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
diff --git a/example/secureYourMicroservices/order/internal/service/service.go b/example/secureYourMicroservices/order/internal/service/service.go
new file mode 100644
index 0000000..6ce1186
--- /dev/null
+++ b/example/secureYourMicroservices/order/internal/service/service.go
@@ -0,0 +1,36 @@
+package service
+
+import (
+	"fmt"
+	"order/internal/types"
+	"sync"
+)
+
+type OrderSvc struct {
+	orderMap map[string]types.Order
+	sync.RWMutex
+}
+
+func NewOrderSvc() OrderSvc {
+	om := make(map[string]types.Order)
+	return OrderSvc{orderMap: om}
+}
+
+func (o *OrderSvc) PlaceOrder(order types.Order) {
+	o.Lock()
+	o.orderMap[order.ID] = order
+	o.Unlock()
+}
+
+func (o *OrderSvc) GetOrder(id string) (types.Order, error) {
+	o.RLock()
+	value, ok := o.orderMap[id]
+	o.RUnlock()
+	if ok {
+		orderFromMap := value
+		return orderFromMap, nil
+	} else {
+		no := types.Order{}
+		return no, fmt.Errorf("Order not found")
+	}
+}
diff --git a/example/secureYourMicroservices/order/internal/types/types.go b/example/secureYourMicroservices/order/internal/types/types.go
new file mode 100644
index 0000000..f7d5750
--- /dev/null
+++ b/example/secureYourMicroservices/order/internal/types/types.go
@@ -0,0 +1,12 @@
+package types
+
+type Order struct {
+	ID              string     `json:"id"`
+	Items           []LineItem `json:"items"`
+	ShippingAddress string     `json:"shipping_address"`
+}
+
+type LineItem struct {
+	ItemCode string `json:"item_code"`
+	Quantity int    `json:"quantity"`
+}
diff --git a/example/secureYourMicroservices/order/main.go b/example/secureYourMicroservices/order/main.go
new file mode 100644
index 0000000..bd464db
--- /dev/null
+++ b/example/secureYourMicroservices/order/main.go
@@ -0,0 +1,172 @@
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"github.com/google/uuid"
+	"log"
+	"net/http"
+	"order/internal/service"
+	"order/internal/types"
+	"strconv"
+	"strings"
+)
+
+const (
+	authServerURL = "http://localhost:9096"
+)
+
+func main() {
+
+	// the storage
+	orderStr := service.NewOrderSvc()
+
+	http.HandleFunc("/orders", createOrders(&orderStr))
+	http.HandleFunc("/order", getOrders(&orderStr))
+
+	fmt.Println("start producer-api on port 8080... !!")
+	log.Fatal(http.ListenAndServe(":8080", nil))
+}
+
+func createOrders(orderStr *service.OrderSvc) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		// in the real world, obviously, a proxy/apiGateway would stand in front
+		if carryon := allowCORS(w, r); !carryon {
+			return
+		}
+
+		accessToken := r.Header.Get("Authorization")
+
+		// get the access token
+		accessToken, _ = extractBearerToken(accessToken)
+
+		// make sure the token from the caller(here the frontend) is valid
+		// and make sure it have the right permission
+		resp, err := http.Get(fmt.Sprintf("%s/permission?permission=write&access_token=%s", authServerURL, accessToken))
+		if err != nil || resp.StatusCode == http.StatusBadRequest {
+			log.Println("Http req err or Invalid oauth token")
+			if err != nil {
+				http.Error(w, err.Error(), http.StatusBadRequest)
+				return
+			} else {
+				http.Error(w, "Invalid authentication", http.StatusBadRequest)
+				return
+			}
+		}
+
+		// get the form inputs
+		o := types.Order{}
+		if r.Method == "POST" {
+
+			// Parse the multipartForm
+			if err := r.ParseMultipartForm(0); err != nil {
+				log.Println("Failed to parse form data:", err)
+				http.Error(w, "Internal Server Error", http.StatusInternalServerError)
+				return
+			}
+
+			// Access the form data
+			form := r.MultipartForm
+			values := form.Value
+
+			iq, _ := strconv.Atoi(values["item1quantity"][0])
+			li1 := types.LineItem{
+				ItemCode: values["item1code"][0],
+				Quantity: iq,
+			}
+			iq, _ = strconv.Atoi(values["item2quantity"][0])
+			li2 := types.LineItem{
+				ItemCode: values["item2code"][0],
+				Quantity: iq,
+			}
+
+			o.Items = []types.LineItem{li1, li2}
+			o.ShippingAddress = r.Form.Get("shippingaddress")
+		}
+
+		// create an uid
+		newUUID := uuid.New()
+		uuidString := newUUID.String()
+
+		o.ID = uuidString
+
+		// save the received data
+		orderStr.PlaceOrder(o)
+
+		fmt.Fprintf(w, uuidString)
+	}
+}
+
+func allowCORS(w http.ResponseWriter, r *http.Request) bool {
+	// Set the CORS headers
+	w.Header().Set("Access-Control-Allow-Origin", "http://localhost:9094")
+	w.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS")
+	w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization")
+
+	// Handle preflight requests
+	if r.Method == http.MethodOptions {
+		w.WriteHeader(http.StatusOK)
+		return false
+	}
+
+	return true
+
+}
+
+func extractBearerToken(tokenWithBearer string) (string, bool) {
+	bearerPrefix := "Bearer "
+	if strings.HasPrefix(tokenWithBearer, bearerPrefix) {
+		token := strings.TrimPrefix(tokenWithBearer, bearerPrefix)
+		return token, true
+	}
+	return "", false
+}
+
+func getOrders(orderStr *service.OrderSvc) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+
+		var orderID string
+		if r.Method == "POST" {
+			if r.Form == nil {
+				if err := r.ParseForm(); err != nil {
+					http.Error(w, err.Error(), http.StatusInternalServerError)
+					return
+				}
+			}
+
+			orderID = r.Form.Get("orderid")
+		}
+
+		// get the access_token
+		accessToken := r.URL.Query().Get("access_token")
+
+		// make sure the token from the caller(here the preOrder service) is valid
+		// and make sure it have the right permission
+		resp, err := http.Get(fmt.Sprintf("%s/permission?permission=read&access_token=%s", authServerURL, accessToken))
+		if err != nil || resp.StatusCode == http.StatusBadRequest {
+			log.Println("Http req err or Invalid oauth token")
+			if err != nil {
+				http.Error(w, err.Error(), http.StatusBadRequest)
+				return
+			} else {
+				http.Error(w, "Invalid authentication", http.StatusBadRequest)
+				return
+			}
+		}
+
+		// get the data back(to make sure)
+		v, _ := orderStr.GetOrder(orderID)
+
+		ordeBts, err := json.Marshal(v)
+		if err != nil {
+			log.Println("err marshalling: ", err)
+		}
+
+		w.Header().Set("Content-Type", "application/json")
+
+		_, err = w.Write(ordeBts)
+		if err != nil {
+			log.Println("err sending back the order: ", err)
+		}
+	}
+}
diff --git a/example/secureYourMicroservices/preOrder/go.mod b/example/secureYourMicroservices/preOrder/go.mod
new file mode 100644
index 0000000..8fe75f4
--- /dev/null
+++ b/example/secureYourMicroservices/preOrder/go.mod
@@ -0,0 +1,12 @@
+module order
+
+go 1.20
+
+require golang.org/x/oauth2 v0.8.0
+
+require (
+	github.com/golang/protobuf v1.5.2 // indirect
+	golang.org/x/net v0.10.0 // indirect
+	google.golang.org/appengine v1.6.7 // indirect
+	google.golang.org/protobuf v1.28.0 // indirect
+)
diff --git a/example/secureYourMicroservices/preOrder/go.sum b/example/secureYourMicroservices/preOrder/go.sum
new file mode 100644
index 0000000..45e0c97
--- /dev/null
+++ b/example/secureYourMicroservices/preOrder/go.sum
@@ -0,0 +1,23 @@
+github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
+github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
+github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
+golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M=
+golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
+golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8=
+golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c=
+google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
+google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
+google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
+google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw=
+google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
diff --git a/example/secureYourMicroservices/preOrder/main.go b/example/secureYourMicroservices/preOrder/main.go
new file mode 100644
index 0000000..c2b3975
--- /dev/null
+++ b/example/secureYourMicroservices/preOrder/main.go
@@ -0,0 +1,274 @@
+package main
+
+import (
+	"context"
+	"crypto/sha256"
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"golang.org/x/oauth2"
+	"io/ioutil"
+	"log"
+	"net/http"
+	"net/url"
+	"strings"
+)
+
+const (
+	authServerURL  = "http://localhost:9096"
+	orderServerURL = "http://localhost:8080"
+	clientID       = "888888"
+)
+
+var (
+	config = oauth2.Config{
+		ClientID:     clientID,
+		ClientSecret: "88888888",
+		Scopes:       []string{"read"},
+		RedirectURL:  "http://localhost:8081",
+		Endpoint: oauth2.Endpoint{
+			AuthURL:  authServerURL + "/oauth/authorize",
+			TokenURL: authServerURL + "/oauth/token",
+		},
+	}
+	globalToken  *oauth2.Token // Non-concurrent security
+	appUrlParams string
+)
+
+type CodeStruct struct {
+	Code string `json:"code"`
+}
+
+type LineItem struct {
+	ItemCode string `json:"item_code"`
+	Quantity int    `json:"quantity"`
+}
+
+type Order struct {
+	ID              string     `json:"id"`
+	Items           []LineItem `json:"items"`
+	ShippingAddress string     `json:"shipping_address"`
+}
+
+// authenticate with the authentication server
+func init() {
+	u := config.AuthCodeURL("xyz",
+		oauth2.SetAuthURLParam("code_challenge", genCodeChallengeS256("s256example")),
+		oauth2.SetAuthURLParam("code_challenge_method", "S256"))
+
+	// extract the url params which will be use later on
+	parsedURL, err := url.Parse(u)
+	if err != nil {
+		log.Fatal("Error parsing URL:", err)
+		return
+	}
+
+	appUrlParams = parsedURL.RawQuery
+
+	resp, err := http.Get(u)
+	if err != nil {
+		// Handle error if unable to make the request
+		log.Fatal("Error Authenticating with auth service: ", err)
+		return
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode == http.StatusOK {
+		log.Println("Authentication OK")
+	} else {
+		log.Fatal("Authentication failed, make sure the authentication server is running")
+	}
+
+}
+
+func main() {
+
+	// get the token(/apiauth is the endpoint for the backend services to get their token)
+	getTheToken("apiauth")
+
+	http.HandleFunc("/order", getOrders())
+
+	fmt.Println("start producer-api on port 8081... !!")
+	log.Fatal(http.ListenAndServe(":8081", nil))
+}
+
+func getOrders() http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		// in the real world, obviously, a proxy/apiGateway would stand in front
+		if carryon := allowCORS(w, r); !carryon {
+			return
+		}
+
+		accessToken := r.Header.Get("Authorization")
+
+		accessToken, _ = extractBearerToken(accessToken)
+
+		var orderID string
+		if r.Method == "POST" {
+			if r.Form == nil {
+				if err := r.ParseForm(); err != nil {
+					http.Error(w, err.Error(), http.StatusInternalServerError)
+					return
+				}
+			}
+
+			orderID = r.Form.Get("orderid")
+		}
+
+		// make sure the token from the caller(here the frontend) is valid
+		// and make sure it have the right permission
+		resp, err := http.Get(fmt.Sprintf("%s/permission?permission=read&access_token=%s", authServerURL, accessToken))
+		if err != nil || resp.StatusCode == http.StatusBadRequest {
+			log.Println("Http req err or Invalid oauth token")
+			if err != nil {
+				http.Error(w, err.Error(), http.StatusBadRequest)
+				return
+			} else {
+				http.Error(w, "Invalid authentication", http.StatusBadRequest)
+				return
+			}
+		}
+
+		// Create the form data
+		form := url.Values{}
+		form.Set("orderid", orderID)
+
+		// call the order service the get the order
+		resp, err = http.PostForm(fmt.Sprintf("%s/order?access_token=%s", orderServerURL, globalToken.AccessToken), form)
+		if err != nil || resp.StatusCode == http.StatusBadRequest {
+			log.Println("Http req err or Invalid oauth token")
+			if err != nil {
+				http.Error(w, err.Error(), http.StatusBadRequest)
+				return
+			} else {
+				http.Error(w, "Invalid authentication", http.StatusBadRequest)
+				return
+			}
+		}
+
+		body, err := ioutil.ReadAll(resp.Body)
+		if err != nil {
+			http.Error(w, "Server error", http.StatusInternalServerError)
+		}
+
+		// run the whatever logic of this service, here we change the shippingAddress
+		var order Order
+		err = json.Unmarshal(body, &order)
+		if err != nil {
+			log.Println("Error parsing response body:", err)
+			http.Error(w, "Server error", http.StatusInternalServerError)
+		}
+		order.ShippingAddress = "modified by preOrder"
+
+		// send the order
+		ordeBts, err := json.Marshal(order)
+		if err != nil {
+			log.Println("Error marshaling resp body:", err)
+			http.Error(w, "Server error", http.StatusInternalServerError)
+		}
+
+		w.Header().Set("Content-Type", "application/json")
+
+		_, err = w.Write(ordeBts)
+		if err != nil {
+			log.Println("err sending back the order: ", err)
+			http.Error(w, "Server error", http.StatusInternalServerError)
+		}
+	}
+}
+
+func allowCORS(w http.ResponseWriter, r *http.Request) bool {
+	// Set the CORS headers
+	w.Header().Set("Access-Control-Allow-Origin", "http://localhost:9094")
+	w.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS")
+	w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization")
+
+	// Handle preflight requests
+	if r.Method == http.MethodOptions {
+		w.WriteHeader(http.StatusOK)
+		return false
+	}
+
+	return true
+
+}
+
+func extractBearerToken(tokenWithBearer string) (string, bool) {
+	bearerPrefix := "Bearer "
+	if strings.HasPrefix(tokenWithBearer, bearerPrefix) {
+		token := strings.TrimPrefix(tokenWithBearer, bearerPrefix)
+		return token, true
+	}
+	return "", false
+}
+
+func getTheToken(path string) error {
+
+	u, err := url.Parse(fmt.Sprintf("%s/%s", authServerURL, path))
+	if err != nil {
+		log.Println("Error parsing URL:", err)
+		return err
+	}
+
+	// Add the form data to the existing query parameters
+	queryParams := u.Query()
+
+	// Add the app parmeters
+	appParams, err := url.ParseQuery(appUrlParams)
+	if err != nil {
+		log.Println("Error parsing query string:", err)
+		return err
+	}
+
+	for key, values := range appParams {
+		for _, value := range values {
+			queryParams.Add(key, value)
+		}
+	}
+
+	u.RawQuery = queryParams.Encode()
+
+	resp, err := http.Post(u.String(), "application/x-www-form-urlencoded", strings.NewReader(""))
+	if err != nil {
+		log.Println("Error request the token: ", err)
+		return err
+	}
+
+	defer resp.Body.Close()
+
+	// Handle the response as needed
+	if resp.StatusCode != http.StatusOK {
+		log.Println("Error StatusCode request the token: ", resp)
+		return nil
+	}
+
+	// Read the response body
+	body, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		log.Println("Error reading response body:", err)
+		return err
+	}
+
+	// Parse the response body into CodeStruct
+	var codeResponse CodeStruct
+	err = json.Unmarshal(body, &codeResponse)
+	if err != nil {
+		log.Println("Error parsing response body:", err)
+		return err
+	}
+
+	// Access the extracted code value
+	token, err := config.Exchange(context.Background(), codeResponse.Code, oauth2.SetAuthURLParam("code_verifier", "s256example"))
+	if err != nil {
+		log.Println("Error exchange the token:", err)
+		return err
+	}
+	globalToken = token
+	return nil
+
+}
+
+func genCodeChallengeS256(s string) string {
+	s256 := sha256.Sum256([]byte(s))
+	return base64.URLEncoding.EncodeToString(s256[:])
+}
diff --git a/example/README.md b/example/workFlow/README.md
similarity index 100%
rename from example/README.md
rename to example/workFlow/README.md
diff --git a/example/client/client.go b/example/workFlow/client/client.go
similarity index 100%
rename from example/client/client.go
rename to example/workFlow/client/client.go
diff --git a/example/server/server.go b/example/workFlow/server/server.go
similarity index 100%
rename from example/server/server.go
rename to example/workFlow/server/server.go
diff --git a/example/server/static/auth.html b/example/workFlow/server/static/auth.html
similarity index 100%
rename from example/server/static/auth.html
rename to example/workFlow/server/static/auth.html
diff --git a/example/server/static/auth.png b/example/workFlow/server/static/auth.png
similarity index 100%
rename from example/server/static/auth.png
rename to example/workFlow/server/static/auth.png
diff --git a/example/server/static/login.html b/example/workFlow/server/static/login.html
similarity index 100%
rename from example/server/static/login.html
rename to example/workFlow/server/static/login.html
diff --git a/example/server/static/login.png b/example/workFlow/server/static/login.png
similarity index 100%
rename from example/server/static/login.png
rename to example/workFlow/server/static/login.png
diff --git a/example/server/static/token.png b/example/workFlow/server/static/token.png
similarity index 100%
rename from example/server/static/token.png
rename to example/workFlow/server/static/token.png
diff --git a/go.sum b/go.sum
index b82b3db..ac1757e 100644
--- a/go.sum
+++ b/go.sum
@@ -17,8 +17,6 @@ github.com/gavv/httpexpect v2.0.0+incompatible h1:1X9kcRshkSKEjNJJxX9Y9mQ5BRfbxU
 github.com/gavv/httpexpect v2.0.0+incompatible/go.mod h1:x+9tiU1YnrOvnB725RkpoLv1M62hOWzwo5OXotisrKc=
 github.com/go-session/session v3.1.2+incompatible h1:yStchEObKg4nk2F7JGE7KoFIrA/1Y078peagMWcrncg=
 github.com/go-session/session v3.1.2+incompatible/go.mod h1:8B3iivBQjrz/JtC68Np2T1yBBLxTan3mn/3OM0CyRt0=
-github.com/golang-jwt/jwt v3.2.1+incompatible h1:73Z+4BJcrTC+KczS6WvTPvRGOp1WmfEP4Q1lOd9Z/+c=
-github.com/golang-jwt/jwt v3.2.1+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
 github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
 github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=