janekolszak/idp

View on GitHub

Showing 25 of 25 total issues

Similar blocks of code found in 2 locations. Consider refactoring.
Open

func (c *Challenge) Save(w http.ResponseWriter, r *http.Request) error {
    session, err := c.idp.config.ChallengeStore.New(r, SessionCookieName)
    if err != nil {
        return err
    }
Severity: Major
Found in challenge.go and 1 other location - About 1 hr to fix
challenge.go on lines 59..69

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 146.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

func (c *Challenge) Update(w http.ResponseWriter, r *http.Request) error {
    session, err := c.idp.config.ChallengeStore.Get(r, SessionCookieName)
    if err != nil {
        return err
    }
Severity: Major
Found in challenge.go and 1 other location - About 1 hr to fix
challenge.go on lines 46..56

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 146.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

func (idp *IDP) downloadConsentKey() (*rsa.PrivateKey, error) {
    jwk, err := idp.hc.JSONWebKeys.GetKey(hoauth2.ConsentEndpointKey, "private")
    if err != nil {
        return nil, err
    }
Severity: Minor
Found in idp.go and 1 other location - About 1 hr to fix
idp.go on lines 149..162

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 128.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

func (idp *IDP) downloadVerificationKey() (*rsa.PublicKey, error) {

    jwk, err := idp.hc.JSONWebKeys.GetKey(hoauth2.ConsentChallengeKey, "public")
    if err != nil {
        return nil, err
Severity: Minor
Found in idp.go and 1 other location - About 1 hr to fix
idp.go on lines 165..177

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 128.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Method IDP.NewChallenge has 5 return statements (exceeds 4 allowed).
Open

func (idp *IDP) NewChallenge(ctx context.Context, r *http.Request, user string) (challenge *Challenge, err error) {
    tokenStr := r.FormValue("challenge")
    if tokenStr == "" {
        // No challenge token
        err = ErrorBadRequest
Severity: Major
Found in idp.go - About 35 mins to fix

    Method Challenge.GrantAccessToAll has 5 return statements (exceeds 4 allowed).
    Open

    func (c *Challenge) GrantAccessToAll(w http.ResponseWriter, r *http.Request) error {
        now := time.Now()
    
        token := jwt.New(jwt.SigningMethodRS256)
    
    
    Severity: Major
    Found in challenge.go - About 35 mins to fix

      Method IDP.getChallengeToken has 5 return statements (exceeds 4 allowed).
      Open

      func (idp *IDP) getChallengeToken(challengeString string) (*jwt.Token, error) {
          token, err := jwt.Parse(challengeString, func(token *jwt.Token) (interface{}, error) {
              _, ok := token.Method.(*jwt.SigningMethodRSA)
              if !ok {
                  return nil, ErrorBadSigningMethod
      Severity: Major
      Found in idp.go - About 35 mins to fix

        type name will be used as idp.IDPConfig by other packages, and that stutters; consider calling this Config
        Open

        type IDPConfig struct {
        Severity: Minor
        Found in idp.go by golint

        package comment should be of the form "Package idp ..."
        Open

        // Package for handling challenge requests from Hydra(https://github.com/ory/hydra).
        Severity: Minor
        Found in challenge.go by golint

        2: cannot find package "github.com/dgrijalva/jwt-go" in any of:
        Open

            jwt "github.com/dgrijalva/jwt-go"
        Severity: Minor
        Found in challenge.go by govet

        exported const VerifyPublicKey should have comment (or a comment on this block) or be unexported
        Open

            VerifyPublicKey   = "VerifyPublic"
        Severity: Minor
        Found in idp.go by golint

        comment on exported type IDP should be of the form "IDP ..." (with optional leading article)
        Open

        // Identity Provider helper
        Severity: Minor
        Found in idp.go by golint

        comment on exported method Challenge.Delete should be of the form "Delete ..."
        Open

        // Deletes the challenge from the store
        Severity: Minor
        Found in challenge.go by golint

        comment on exported type IDPConfig should be of the form "IDPConfig ..." (with optional leading article)
        Open

        // Identity Provider's options
        Severity: Minor
        Found in idp.go by golint

        comment on exported function NewIDP should be of the form "NewIDP ..."
        Open

        // Create the Identity Provider helper
        Severity: Minor
        Found in idp.go by golint

        comment on exported method Challenge.RefuseAccess should be of the form "RefuseAccess ..."
        Open

        // User refused access to requested scopes, forward the desicion to Hydra via redirection.
        Severity: Minor
        Found in challenge.go by golint

        exported function ClientInfoKey should have comment or be unexported
        Open

        func ClientInfoKey(clientID string) string {
        Severity: Minor
        Found in idp.go by golint

        comment on exported method IDP.GetChallenge should be of the form "GetChallenge ..."
        Open

        // Get the Challenge from a cookie, using Gorilla sessions
        Severity: Minor
        Found in idp.go by golint

        exported const SessionCookieName should have comment (or a comment on this block) or be unexported
        Open

            SessionCookieName = "challenge"
        Severity: Minor
        Found in challenge.go by golint

        comment on exported method IDP.NewChallenge should be of the form "NewChallenge ..."
        Open

        // Create a new Challenge. The request will contain all the necessary information from Hydra, passed in the URL.
        Severity: Minor
        Found in idp.go by golint
        Severity
        Category
        Status
        Source
        Language