branchmispredictor
/
api
forked from vikunja/vikunja
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix golint errors

This commit is contained in:
branchmispredictor 2020-12-28 16:30:00 -05:00
parent 27891e4492
commit 93dee49b25
7 changed files with 22 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.golangci.yml
View File

@ -80,3 +80,11 @@ issues:
- text: "Missed string"
linters:
- goheader
- path: pkg/modules/auth/identityawareproxy/middleware_test.go
text: "G101:" # We don't care about hardcoded credentials in this test
linters:
- gosec
- path: pkg/modules/auth/auth.go
text: "stutters"
linters:
- golint

2
pkg/config/config.go
View File

@ -60,7 +60,7 @@ const (
AuthOpenIDRedirectURL Key = `auth.openid.redirecturl`
AuthOpenIDProviders Key = `auth.openid.providers`
AuthIdentityAwareProxyEnabled Key = `auth.identityawareproxy.enabled`
AuthIdentityAwareProxyJwksUri Key = `auth.identityawareproxy.jwksuri`
AuthIdentityAwareProxyJwksURI Key = `auth.identityawareproxy.jwksuri`
AuthIdentityAwareProxyJwtHeader Key = `auth.identityawareproxy.jwtheader`
LegalImprintURL Key = `legal.imprinturl`

9
pkg/modules/auth/auth.go
View File

@ -153,7 +153,7 @@ func GetAuthFromClaims(c echo.Context) (a web.Auth, err error) {
return getLinkShareFromClaims(claims)
}
if claims.Type == AuthTypeUser {
return getUserFromClaims(claims)
return getUserFromClaims(claims), nil
}
if authProvider, ok := authProviders[claims.Type]; ok {
return authProvider.GetWebAuth(c, claims)
@ -178,7 +178,7 @@ func getLinkShareFromClaims(claims *AuthClaims) (share *models.LinkSharing, err
}
// getUserFromClaims Returns a new user from jwt claims
func getUserFromClaims(claims *AuthClaims) (u *user.User, err error) {
func getUserFromClaims(claims *AuthClaims) (u *user.User) {
u = &user.User{
ID: claims.UserID,
Email: claims.UserEmail,
@ -223,10 +223,7 @@ func RenewToken(s *xorm.Session, c echo.Context) (token string, err error) {
return NewLinkShareJWTAuthtoken(share)
}
if claims.Type == AuthTypeUser {
oldUser, err := getUserFromClaims(claims)
if err != nil {
return "", err
}
oldUser := getUserFromClaims(claims)
u, err := user.GetUserWithEmail(s, &user.User{ID: oldUser.ID})
if err != nil {
return "", err

1
pkg/modules/auth/auth_test.go
View File

@ -32,6 +32,7 @@ func TestGetOrCreateUser(t *testing.T) {
u, err := GetOrCreateUserFromExternalAuth(s, "https://some.issuer", "12345", "test@example.com", "", "someUserWhoDoesNotExistYet")
assert.NoError(t, err)
err = s.Commit()
assert.NoError(t, err)
db.AssertExists(t, "users", map[string]interface{}{
"id": u.ID,

6
pkg/modules/auth/identityawareproxy/error.go
View File

@ -48,7 +48,7 @@ func (err ErrIAPTokenMissing) HTTPError() web.HTTPError {
// ErrIAPPublicKeysetMissing represents a "IAPPublicKeysetMissing" kind of error.
type ErrIAPPublicKeysetMissing struct {
Url string
URL string
}
// IsErrIAPPublicKeysetMissing checks if an error is a ErrIAPPublicKeysetMissing.
@ -58,7 +58,7 @@ func IsErrIAPPublicKeysetMissing(err error) bool {
}
func (err ErrIAPPublicKeysetMissing) Error() string {
return fmt.Sprintf("Failed to retrive the identity-aware proxy's signing public key at URL: %s", err.Url)
return fmt.Sprintf("Failed to retrieve the identity-aware proxy's signing public key at URL: %s", err.URL)
}
// ErrorCodeIAPPublicKeysetMissing holds the unique world-error code of this error
@ -66,7 +66,7 @@ const ErrorCodeIAPPublicKeysetMissing = 12002
// HTTPError holds the http error description
func (err ErrIAPPublicKeysetMissing) HTTPError() web.HTTPError {
return web.HTTPError{HTTPCode: http.StatusServiceUnavailable, Code: ErrorCodeIAPPublicKeysetMissing, Message: "Failed to retrive the identity-aware proxy's signing public keys."}
return web.HTTPError{HTTPCode: http.StatusServiceUnavailable, Code: ErrorCodeIAPPublicKeysetMissing, Message: "Failed to retrieve the identity-aware proxy's signing public keys."}
}
// ErrIAPUserFrontendMismatch represents a "IAPUserDoesNotMatchFrontendUser" kind of error.

6
pkg/modules/auth/identityawareproxy/identityawareproxy.go
View File

@ -52,7 +52,7 @@ func init() {
// These are intentionally short lived because they can be regenerated at
// any time from the IAP authn information. They are not related to
// session length and are only used to provide user info to the frontend
// and a hint to auth.go to retreive auth data from the IAP.
// and a hint to auth.go to retrieve auth data from the IAP.
func NewIAPUserJWTAuthtoken(u *user.User) (token string, err error) {
// Set claims
claims := &auth.AuthClaims{
@ -141,11 +141,11 @@ func (c *IAPClaims) Valid() error {
// Validate that expiresAt and issuedAt are set and valid (with up to 1 minute of skew)
now := TimeFunc()
skew := time.Minute
if c.VerifyExpiresAt(now.Add(-skew).Unix(), true) == false {
if !c.VerifyExpiresAt(now.Add(-skew).Unix(), true) {
delta := now.Sub(time.Unix(c.ExpiresAt, 0))
return fmt.Errorf("token is expired by %v", delta)
}
if c.VerifyIssuedAt(now.Add(skew).Unix(), true) == false {
if !c.VerifyIssuedAt(now.Add(skew).Unix(), true) {
return fmt.Errorf("token used before issued")
}

6
pkg/modules/auth/identityawareproxy/middleware.go
View File

@ -55,10 +55,10 @@ func (cache *iapCache) GetKeyset() (*jwk.Set, error) {
}
// Fetch the public key(s) from the identity-aware proxy
keyset, err := jwk.FetchHTTP(config.AuthIdentityAwareProxyJwksUri.GetString())
keyset, err := jwk.FetchHTTP(config.AuthIdentityAwareProxyJwksURI.GetString())
if err != nil {
log.Error("Failed to retrive the identity-aware proxy's signing public key at URL %s: %v", config.AuthIdentityAwareProxyJwksUri.GetString(), err)
return nil, ErrIAPPublicKeysetMissing{Url: config.AuthIdentityAwareProxyJwksUri.GetString()}
log.Error("Failed to retrieve the identity-aware proxy's signing public key at URL %s: %v", config.AuthIdentityAwareProxyJwksURI.GetString(), err)
return nil, ErrIAPPublicKeysetMissing{URL: config.AuthIdentityAwareProxyJwksURI.GetString()}
}
cache.keyset = keyset
return cache.keyset, nil