Merge pull request #1500 from dexidp/sr/fix-some-lint-issues
*: fix some lint issues
This commit is contained in:
commit
128d5da89e
@ -116,7 +116,7 @@ func serve(cmd *cobra.Command, args []string) error {
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("invalid config: reading from client CA file: %v", err)
|
return fmt.Errorf("invalid config: reading from client CA file: %v", err)
|
||||||
}
|
}
|
||||||
if cPool.AppendCertsFromPEM(clientCert) != true {
|
if !cPool.AppendCertsFromPEM(clientCert) {
|
||||||
return errors.New("invalid config: failed to parse client CA")
|
return errors.New("invalid config: failed to parse client CA")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -443,7 +443,7 @@ func (c *githubConnector) userOrgs(ctx context.Context, client *http.Client) ([]
|
|||||||
// userOrgTeams retrieves teams which current user belongs to.
|
// userOrgTeams retrieves teams which current user belongs to.
|
||||||
// Method returns a map where key is an org name and value list of teams under the org.
|
// Method returns a map where key is an org name and value list of teams under the org.
|
||||||
func (c *githubConnector) userOrgTeams(ctx context.Context, client *http.Client) (map[string][]string, error) {
|
func (c *githubConnector) userOrgTeams(ctx context.Context, client *http.Client) (map[string][]string, error) {
|
||||||
groups := make(map[string][]string, 0)
|
groups := make(map[string][]string)
|
||||||
apiURL := c.apiURL + "/user/teams"
|
apiURL := c.apiURL + "/user/teams"
|
||||||
for {
|
for {
|
||||||
// https://developer.github.com/v3/orgs/teams/#list-user-teams
|
// https://developer.github.com/v3/orgs/teams/#list-user-teams
|
||||||
|
@ -185,13 +185,11 @@ func TestLoginWithTeamNonWhitelisted(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func newTestServer(responses map[string]interface{}) *httptest.Server {
|
func newTestServer(responses map[string]interface{}) *httptest.Server {
|
||||||
var s *httptest.Server
|
return httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
s = httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
||||||
response := responses[r.RequestURI]
|
response := responses[r.RequestURI]
|
||||||
w.Header().Add("Content-Type", "application/json")
|
w.Header().Add("Content-Type", "application/json")
|
||||||
json.NewEncoder(w).Encode(response)
|
json.NewEncoder(w).Encode(response)
|
||||||
}))
|
}))
|
||||||
return s
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func newClient() *http.Client {
|
func newClient() *http.Client {
|
||||||
|
@ -241,6 +241,9 @@ func (p *conn) getUserGroups(ctx context.Context, userID string, token string) (
|
|||||||
// https://developer.openstack.org/api-ref/identity/v3/#list-groups-to-which-a-user-belongs
|
// https://developer.openstack.org/api-ref/identity/v3/#list-groups-to-which-a-user-belongs
|
||||||
groupsURL := p.Host + "/v3/users/" + userID + "/groups"
|
groupsURL := p.Host + "/v3/users/" + userID + "/groups"
|
||||||
req, err := http.NewRequest("GET", groupsURL, nil)
|
req, err := http.NewRequest("GET", groupsURL, nil)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
req.Header.Set("X-Auth-Token", token)
|
req.Header.Set("X-Auth-Token", token)
|
||||||
req = req.WithContext(ctx)
|
req = req.WithContext(ctx)
|
||||||
resp, err := client.Do(req)
|
resp, err := client.Do(req)
|
||||||
|
@ -148,7 +148,6 @@ type oidcConnector struct {
|
|||||||
redirectURI string
|
redirectURI string
|
||||||
oauth2Config *oauth2.Config
|
oauth2Config *oauth2.Config
|
||||||
verifier *oidc.IDTokenVerifier
|
verifier *oidc.IDTokenVerifier
|
||||||
ctx context.Context
|
|
||||||
cancel context.CancelFunc
|
cancel context.CancelFunc
|
||||||
logger log.Logger
|
logger log.Logger
|
||||||
hostedDomains []string
|
hostedDomains []string
|
||||||
|
@ -20,6 +20,7 @@ import (
|
|||||||
"github.com/russellhaering/goxmldsig/etreeutils"
|
"github.com/russellhaering/goxmldsig/etreeutils"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// nolint
|
||||||
const (
|
const (
|
||||||
bindingRedirect = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
|
bindingRedirect = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
|
||||||
bindingPOST = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
|
bindingPOST = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
|
||||||
|
@ -424,14 +424,6 @@ func TestConfigCAData(t *testing.T) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
const (
|
|
||||||
defaultSSOIssuer = "http://www.okta.com/exk91cb99lKkKSYoy0h7"
|
|
||||||
defaultRedirectURI = "http://localhost:5556/dex/callback"
|
|
||||||
|
|
||||||
// Response ID embedded in our testdata.
|
|
||||||
testDataResponseID = "_fd1b3ef9-ec09-44a7-a66b-0d39c250f6a0"
|
|
||||||
)
|
|
||||||
|
|
||||||
// Deprecated: Use testing framework established above.
|
// Deprecated: Use testing framework established above.
|
||||||
func runVerify(t *testing.T, ca string, resp string, shouldSucceed bool) {
|
func runVerify(t *testing.T, ca string, resp string, shouldSucceed bool) {
|
||||||
cert, err := loadCert(ca)
|
cert, err := loadCert(ca)
|
||||||
@ -458,27 +450,6 @@ func runVerify(t *testing.T, ca string, resp string, shouldSucceed bool) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Deprecated: Use testing framework established above.
|
|
||||||
func newProvider(ssoIssuer string, redirectURI string) *provider {
|
|
||||||
if ssoIssuer == "" {
|
|
||||||
ssoIssuer = defaultSSOIssuer
|
|
||||||
}
|
|
||||||
if redirectURI == "" {
|
|
||||||
redirectURI = defaultRedirectURI
|
|
||||||
}
|
|
||||||
now, _ := time.Parse(time.RFC3339, "2017-01-24T20:48:41Z")
|
|
||||||
timeFunc := func() time.Time { return now }
|
|
||||||
return &provider{
|
|
||||||
ssoIssuer: ssoIssuer,
|
|
||||||
ssoURL: "http://idp.org/saml/sso",
|
|
||||||
now: timeFunc,
|
|
||||||
usernameAttr: "user",
|
|
||||||
emailAttr: "email",
|
|
||||||
redirectURI: redirectURI,
|
|
||||||
logger: logrus.New(),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func TestVerify(t *testing.T) {
|
func TestVerify(t *testing.T) {
|
||||||
runVerify(t, "testdata/okta-ca.pem", "testdata/okta-resp.xml", true)
|
runVerify(t, "testdata/okta-ca.pem", "testdata/okta-resp.xml", true)
|
||||||
}
|
}
|
||||||
|
@ -89,6 +89,7 @@ func tokenErr(w http.ResponseWriter, typ, description string, statusCode int) er
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// nolint
|
||||||
const (
|
const (
|
||||||
errInvalidRequest = "invalid_request"
|
errInvalidRequest = "invalid_request"
|
||||||
errUnauthorizedClient = "unauthorized_client"
|
errUnauthorizedClient = "unauthorized_client"
|
||||||
|
@ -92,7 +92,6 @@ func (s *Server) startKeyRotation(ctx context.Context, strategy rotationStrategy
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}()
|
}()
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (k keyRotater) rotate() error {
|
func (k keyRotater) rotate() error {
|
||||||
|
@ -426,7 +426,6 @@ func (s *Server) startGarbageCollection(ctx context.Context, frequency time.Dura
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}()
|
}()
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// ConnectorConfig is a configuration that can open a connector.
|
// ConnectorConfig is a configuration that can open a connector.
|
||||||
|
@ -552,7 +552,6 @@ func TestOAuth2CodeFlow(t *testing.T) {
|
|||||||
t.Errorf("state did not match, want=%q got=%q", state, gotState)
|
t.Errorf("state did not match, want=%q got=%q", state, gotState)
|
||||||
}
|
}
|
||||||
w.WriteHeader(http.StatusOK)
|
w.WriteHeader(http.StatusOK)
|
||||||
return
|
|
||||||
}))
|
}))
|
||||||
|
|
||||||
defer oauth2Client.Close()
|
defer oauth2Client.Close()
|
||||||
@ -1204,7 +1203,6 @@ func TestRefreshTokenFlow(t *testing.T) {
|
|||||||
t.Errorf("state did not match, want=%q got=%q", state, gotState)
|
t.Errorf("state did not match, want=%q got=%q", state, gotState)
|
||||||
}
|
}
|
||||||
w.WriteHeader(http.StatusOK)
|
w.WriteHeader(http.StatusOK)
|
||||||
return
|
|
||||||
}))
|
}))
|
||||||
defer oauth2Client.server.Close()
|
defer oauth2Client.server.Close()
|
||||||
|
|
||||||
@ -1242,8 +1240,7 @@ func TestRefreshTokenFlow(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// try to refresh expired token with old refresh token.
|
// try to refresh expired token with old refresh token.
|
||||||
newToken, err := oauth2Client.config.TokenSource(ctx, tok).Token()
|
if _, err := oauth2Client.config.TokenSource(ctx, tok).Token(); err == nil {
|
||||||
if newToken != nil {
|
t.Errorf("Token refreshed with invalid refresh token, error expected.")
|
||||||
t.Errorf("Token refreshed with invalid refresh token.")
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -183,24 +183,6 @@ type Keys struct {
|
|||||||
NextRotation time.Time `json:"next_rotation"`
|
NextRotation time.Time `json:"next_rotation"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func fromStorageKeys(keys storage.Keys) Keys {
|
|
||||||
return Keys{
|
|
||||||
SigningKey: keys.SigningKey,
|
|
||||||
SigningKeyPub: keys.SigningKeyPub,
|
|
||||||
VerificationKeys: keys.VerificationKeys,
|
|
||||||
NextRotation: keys.NextRotation,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func toStorageKeys(keys Keys) storage.Keys {
|
|
||||||
return storage.Keys{
|
|
||||||
SigningKey: keys.SigningKey,
|
|
||||||
SigningKeyPub: keys.SigningKeyPub,
|
|
||||||
VerificationKeys: keys.VerificationKeys,
|
|
||||||
NextRotation: keys.NextRotation,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// OfflineSessions is a mirrored struct from storage with JSON struct tags
|
// OfflineSessions is a mirrored struct from storage with JSON struct tags
|
||||||
type OfflineSessions struct {
|
type OfflineSessions struct {
|
||||||
UserID string `json:"user_id,omitempty"`
|
UserID string `json:"user_id,omitempty"`
|
||||||
|
@ -72,6 +72,7 @@ func (s *SQLite3) open(logger log.Logger) (*conn, error) {
|
|||||||
return c, nil
|
return c, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// nolint
|
||||||
const (
|
const (
|
||||||
// postgres SSL modes
|
// postgres SSL modes
|
||||||
pgSSLDisable = "disable"
|
pgSSLDisable = "disable"
|
||||||
@ -80,6 +81,7 @@ const (
|
|||||||
pgSSLVerifyFull = "verify-full"
|
pgSSLVerifyFull = "verify-full"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// nolint
|
||||||
const (
|
const (
|
||||||
// MySQL SSL modes
|
// MySQL SSL modes
|
||||||
mysqlSSLTrue = "true"
|
mysqlSSLTrue = "true"
|
||||||
|
Reference in New Issue
Block a user