ory-am/hydra

View on GitHub

Showing 402 of 849 total issues

Function createAccessTokenSession has 5 arguments (exceeds 4 allowed). Consider refactoring.
Open

func createAccessTokenSession(subject, client string, token string, expiresAt time.Time, fs x.FositeStorer, scopes fosite.Arguments) {
Severity: Minor
Found in oauth2/revocator_test.go - About 35 mins to fix

    Function doTestRollback has 5 arguments (exceeds 4 allowed). Consider refactoring.
    Open

    func doTestRollback(m InternalRegistry, t *testing.T,
        createFn func(context.Context, string, fosite.Requester) error,
        getFn func(context.Context, string, fosite.Session) (fosite.Requester, error),
        revokeFn func(context.Context, string) error,
    Severity: Minor
    Found in oauth2/fosite_store_helpers.go - About 35 mins to fix

      Method MockOAuth2Provider.IntrospectToken has 5 arguments (exceeds 4 allowed). Consider refactoring.
      Open

      func (m *MockOAuth2Provider) IntrospectToken(arg0 context.Context, arg1 string, arg2 fosite.TokenType, arg3 fosite.Session, arg4 ...string) (fosite.TokenType, fosite.AccessRequester, error) {
      Severity: Minor
      Found in oauth2/oauth2_provider_mock_test.go - About 35 mins to fix

        Method Persister.createSession has 5 arguments (exceeds 4 allowed). Consider refactoring.
        Open

        func (p *Persister) createSession(ctx context.Context, signature string, requester fosite.Requester, table tableName, expiresAt time.Time) error {
        Severity: Minor
        Found in persistence/sql/persister_oauth2.go - About 35 mins to fix

          Function assertCreateVerifiableCredential has 5 arguments (exceeds 4 allowed). Consider refactoring.
          Open

          func assertCreateVerifiableCredential(t *testing.T, reg driver.Registry, nonce string, accessToken *oauth2.Token, alg jose.SignatureAlgorithm) {
          Severity: Minor
          Found in oauth2/oauth2_auth_code_test.go - About 35 mins to fix

            Function executeHookAndUpdateSession has 5 arguments (exceeds 4 allowed). Consider refactoring.
            Open

            func executeHookAndUpdateSession(ctx context.Context, reg x.HTTPClientProvider, hookConfig *config.HookConfig, reqBodyBytes []byte, session *Session) error {
            Severity: Minor
            Found in oauth2/token_hook.go - About 35 mins to fix

              Method DefaultStrategy.HandleOAuth2AuthorizationRequest has 5 return statements (exceeds 4 allowed).
              Open

              func (s *DefaultStrategy) HandleOAuth2AuthorizationRequest(
                  ctx context.Context,
                  w http.ResponseWriter,
                  r *http.Request,
                  req fosite.AuthorizeRequester,
              Severity: Major
              Found in consent/strategy_default.go - About 35 mins to fix

                Method DefaultStrategy.ObfuscateSubjectIdentifier has 5 return statements (exceeds 4 allowed).
                Open

                func (s *DefaultStrategy) ObfuscateSubjectIdentifier(ctx context.Context, cl fosite.Client, subject, forcedIdentifier string) (string, error) {
                    if c, ok := cl.(*client.Client); ok && c.SubjectType == "pairwise" {
                        algorithm, ok := s.r.SubjectIdentifierAlgorithm(ctx)[c.SubjectType]
                        if !ok {
                            return "", errorsx.WithStack(fosite.ErrInvalidRequest.WithHintf(`Subject Identifier Algorithm '%s' was requested by OAuth 2.0 Client '%s' but is not configured.`, c.SubjectType, c.GetID()))
                Severity: Major
                Found in consent/strategy_default.go - About 35 mins to fix

                  Method OAuth2ApiService.SetOAuth2ClientExecute has a Cognitive Complexity of 22 (exceeds 20 allowed). Consider refactoring.
                  Open

                  func (a *OAuth2ApiService) SetOAuth2ClientExecute(r ApiSetOAuth2ClientRequest) (*OAuth2Client, *http.Response, error) {
                      var (
                          localVarHTTPMethod  = http.MethodPut
                          localVarPostBody    interface{}
                          formFiles           []formFile
                  Severity: Minor
                  Found in internal/httpclient/api_o_auth2.go - About 35 mins to fix

                  Cognitive Complexity

                  Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                  A method's cognitive complexity is based on a few simple rules:

                  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                  • Code is considered more complex for each "break in the linear flow of the code"
                  • Code is considered more complex when "flow breaking structures are nested"

                  Further reading

                  Method XChaCha20Poly1305.Decrypt has 5 return statements (exceeds 4 allowed).
                  Open

                  func (x *XChaCha20Poly1305) Decrypt(ctx context.Context, ciphertext string, aad []byte) (plaintext []byte, err error) {
                      msg, err := base64.URLEncoding.DecodeString(ciphertext)
                      if err != nil {
                          return nil, errorsx.WithStack(err)
                      }
                  Severity: Major
                  Found in aead/xchacha20.go - About 35 mins to fix

                    Method Flow.HandleConsentRequest has 5 return statements (exceeds 4 allowed).
                    Open

                    func (f *Flow) HandleConsentRequest(r *AcceptOAuth2ConsentRequest) error {
                        if time.Time(r.HandledAt).IsZero() {
                            return errors.New("refusing to handle a consent request with null HandledAt")
                        }
                    
                    
                    Severity: Major
                    Found in flow/flow.go - About 35 mins to fix

                      Method XChaCha20Poly1305.Encrypt has 5 return statements (exceeds 4 allowed).
                      Open

                      func (x *XChaCha20Poly1305) Encrypt(ctx context.Context, plaintext, additionalData []byte) (string, error) {
                          key, err := encryptionKey(ctx, x.d, chacha20poly1305.KeySize)
                          if err != nil {
                              return "", err
                          }
                      Severity: Major
                      Found in aead/xchacha20.go - About 35 mins to fix

                        Method tlsConfig.GetCertificateFunc has 5 return statements (exceeds 4 allowed).
                        Open

                        func (c *tlsConfig) GetCertificateFunc(stopReload <-chan struct{}, log *logrusx.Logger) (func(*tls.ClientHelloInfo) (*tls.Certificate, error), error) {
                            if c.certPath != "" && c.keyPath != "" { // attempt to load from disk first (enables hot-reloading)
                                ctx, cancel := context.WithCancel(context.Background())
                                go func() {
                                    <-stopReload
                        Severity: Major
                        Found in driver/config/tls.go - About 35 mins to fix

                          Function NewGetJWKSCmd has 5 return statements (exceeds 4 allowed).
                          Open

                          func NewGetJWKSCmd() *cobra.Command {
                              cmd := &cobra.Command{
                                  Use:     "jwk set-1 [set-2] ...",
                                  Aliases: []string{"jwks"},
                                  Args:    cobra.MinimumNArgs(1),
                          Severity: Major
                          Found in cmd/cmd_get_jwks.go - About 35 mins to fix

                            Method DefaultProvider.getHookConfig has 5 return statements (exceeds 4 allowed).
                            Open

                            func (p *DefaultProvider) getHookConfig(ctx context.Context, key string) *HookConfig {
                                if hookURL := p.getProvider(ctx).RequestURIF(key, nil); hookURL != nil {
                                    return &HookConfig{
                                        URL: hookURL.String(),
                                    }
                            Severity: Major
                            Found in driver/config/provider.go - About 35 mins to fix

                              Method MigrateHandler.makePersister has 5 return statements (exceeds 4 allowed).
                              Open

                              func (h *MigrateHandler) makePersister(cmd *cobra.Command, args []string) (p persistence.Persister, err error) {
                                  var d driver.Registry
                              
                                  if flagx.MustGetBool(cmd, "read-from-env") {
                                      d, err = driver.New(
                              Severity: Major
                              Found in cmd/cli/handler_migrate.go - About 35 mins to fix

                                Method OidcConfiguration.ToMap has a Cognitive Complexity of 22 (exceeds 20 allowed). Consider refactoring.
                                Open

                                func (o OidcConfiguration) ToMap() (map[string]interface{}, error) {
                                    toSerialize := map[string]interface{}{}
                                    toSerialize["authorization_endpoint"] = o.AuthorizationEndpoint
                                    if !IsNil(o.BackchannelLogoutSessionSupported) {
                                        toSerialize["backchannel_logout_session_supported"] = o.BackchannelLogoutSessionSupported
                                Severity: Minor
                                Found in internal/httpclient/model_oidc_configuration.go - About 35 mins to fix

                                Cognitive Complexity

                                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                                A method's cognitive complexity is based on a few simple rules:

                                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                                • Code is considered more complex for each "break in the linear flow of the code"
                                • Code is considered more complex when "flow breaking structures are nested"

                                Further reading

                                Function NewCreateJWKSCmd has 5 return statements (exceeds 4 allowed).
                                Open

                                func NewCreateJWKSCmd() *cobra.Command {
                                    const alg = "alg"
                                    const use = "use"
                                
                                    cmd := &cobra.Command{
                                Severity: Major
                                Found in cmd/cmd_create_jwks.go - About 35 mins to fix

                                  Function NewPerformClientCredentialsCmd has 5 return statements (exceeds 4 allowed).
                                  Open

                                  func NewPerformClientCredentialsCmd() *cobra.Command {
                                      cmd := &cobra.Command{
                                          Use:     "client-credentials",
                                          Args:    cobra.NoArgs,
                                          Example: `{{ .CommandPath }} --client-id ... --client-secret`,
                                  Severity: Major
                                  Found in cmd/cmd_perform_client_credentials.go - About 35 mins to fix

                                    Method Validator.ValidateDynamicRegistration has 5 return statements (exceeds 4 allowed).
                                    Open

                                    func (v *Validator) ValidateDynamicRegistration(ctx context.Context, c *Client) error {
                                        if c.Metadata != nil {
                                            return errorsx.WithStack(ErrInvalidClientMetadata.
                                                WithHint(`"metadata" cannot be set for dynamic client registration`),
                                            )
                                    Severity: Major
                                    Found in client/validator.go - About 35 mins to fix
                                      Severity
                                      Category
                                      Status
                                      Source
                                      Language