pkg/validation/validation.go
Method TokenValidator.Validate
has 6 return statements (exceeds 4 allowed). Open
Open
func (tv *TokenValidator) Validate(tokenString string) (*jwt.Token, error) {
// Extract token
token, err := jwt.Parse(tokenString, tv.getTokenAssociatedPublicKey)
if err != nil {
switch err.(type) {
Method TokenValidator.getTokenAssociatedPublicKey
has 6 return statements (exceeds 4 allowed). Open
Open
func (tv *TokenValidator) getTokenAssociatedPublicKey(token *jwt.Token) (interface{}, error) {
// Verify ALG: it should at least be not "none". We decided to restrict it further to a set of trusted algorithms.
// See vulnerability: https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/
algHeader := token.Header["alg"]
if algHeader == nil {