Sign upLogin

ory-am/hydra

View on GitHub
Star

Showing 412 of 865 total issues

Function TestCreateRefreshTokenSessionStress has 150 lines of code (exceeds 50 allowed). Consider refactoring.
Open

func TestCreateRefreshTokenSessionStress(t *testing.T) {
    if testing.Short() {
        return
    }
Severity: Major
Found in oauth2/oauth2_refresh_token_test.go - About 5 hrs to fix

    Function TestHandler has a Cognitive Complexity of 48 (exceeds 20 allowed). Consider refactoring.
    Open

    func TestHandler(t *testing.T) {
    ctx := context.Background()
    reg := internal.NewMockedRegistry(t, &contextx.Default{})
    h := client.NewHandler(reg)
    reg.WithContextualizer(&contextx.TestContextualizer{})
    Severity: Minor
    Found in client/handler_test.go - About 4 hrs to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method OAuth2Client.ToMap has a Cognitive Complexity of 48 (exceeds 20 allowed). Consider refactoring.
    Open

    func (o OAuth2Client) ToMap() (map[string]interface{}, error) {
    toSerialize := map[string]interface{}{}
    if !IsNil(o.AccessTokenStrategy) {
        toSerialize["access_token_strategy"] = o.AccessTokenStrategy
    }
    Severity: Minor
    Found in internal/httpclient/model_o_auth2_client.go - About 4 hrs to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method OAuth2Client.ToMap has 146 lines of code (exceeds 50 allowed). Consider refactoring.
    Open

    func (o OAuth2Client) ToMap() (map[string]interface{}, error) {
    toSerialize := map[string]interface{}{}
    if !IsNil(o.AccessTokenStrategy) {
        toSerialize["access_token_strategy"] = o.AccessTokenStrategy
    }
    Severity: Major
    Found in internal/httpclient/model_o_auth2_client.go - About 4 hrs to fix

      Method DefaultStrategy.issueLogoutVerifier has 142 lines of code (exceeds 50 allowed). Consider refactoring.
      Open

      func (s *DefaultStrategy) issueLogoutVerifier(ctx context.Context, w http.ResponseWriter, r *http.Request) (*flow.LogoutResult, error) {
    // There are two types of log out flows:
    //
    // - RP initiated logout
    // - OP initiated logout
      Severity: Major
      Found in consent/strategy_default.go - About 4 hrs to fix

        Persister has 36 methods (exceeds 20 allowed). Consider refactoring.
        Open

        func (p *Persister) RevokeSubjectConsentSession(ctx context.Context, user string) (err error) {
    ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.RevokeSubjectConsentSession")
    defer otelx.End(span, &err)

    return p.Transaction(ctx, p.revokeConsentSession("consent_challenge_id IS NOT NULL AND subject = ?", user))
        Severity: Minor
        Found in persistence/sql/persister_consent.go - About 4 hrs to fix

          Function NewImportClientCmd has a Cognitive Complexity of 46 (exceeds 20 allowed). Consider refactoring.
          Open

          func NewImportClientCmd() *cobra.Command {
    cmd := &cobra.Command{
        Use:     "oauth2-client <file-1.json> [<file-2.json> ...]",
        Aliases: []string{"client", "clients", "oauth2-clients"},
        Short:   "Import one or more OAuth 2.0 Clients from files or STDIN",
          Severity: Minor
          Found in cmd/cmd_import_client.go - About 4 hrs to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Function TestValidate has 139 lines of code (exceeds 50 allowed). Consider refactoring.
          Open

          func TestValidate(t *testing.T) {
    ctx := context.Background()
    c := internal.NewConfigurationWithDefaults()
    c.MustSet(ctx, config.KeySubjectTypesSupported, []string{"pairwise", "public"})
    c.MustSet(ctx, config.KeyDefaultClientScope, []string{"openid"})
          Severity: Major
          Found in client/validator_test.go - About 4 hrs to fix

            Function TestCreateCsrfSession has 138 lines of code (exceeds 50 allowed). Consider refactoring.
            Open

            func TestCreateCsrfSession(t *testing.T) {
    type cookie struct {
        httpOnly bool
        secure   bool
        domain   string
            Severity: Major
            Found in consent/helper_test.go - About 4 hrs to fix

              Function TestKeyManager_GetKeySet has 138 lines of code (exceeds 50 allowed). Consider refactoring.
              Open

              func TestKeyManager_GetKeySet(t *testing.T) {
    ctrl := gomock.NewController(t)
    hsmContext := NewMockContext(ctrl)
    defer ctrl.Finish()
    l := logrusx.New("", "")
              Severity: Major
              Found in hsm/manager_hsm_test.go - About 4 hrs to fix

                Method DefaultStrategy.verifyAuthentication has 134 lines of code (exceeds 50 allowed). Consider refactoring.
                Open

                func (s *DefaultStrategy) verifyAuthentication(
    ctx context.Context,
    w http.ResponseWriter,
    r *http.Request,
    req fosite.AuthorizeRequester,
                Severity: Major
                Found in consent/strategy_default.go - About 4 hrs to fix

                  VerifiableCredentialPrimingResponse has 34 methods (exceeds 20 allowed). Consider refactoring.
                  Open

                  type VerifiableCredentialPrimingResponse struct {
    CNonce           *string `json:"c_nonce,omitempty"`
    CNonceExpiresIn  *int64  `json:"c_nonce_expires_in,omitempty"`
    Error            *string `json:"error,omitempty"`
    ErrorDebug       *string `json:"error_debug,omitempty"`
                  Severity: Minor
                  Found in internal/httpclient/model_verifiable_credential_priming_response.go - About 4 hrs to fix

                    TrustedOAuth2JwtGrantIssuer has 34 methods (exceeds 20 allowed). Consider refactoring.
                    Open

                    type TrustedOAuth2JwtGrantIssuer struct {
    // The \"allow_any_subject\" indicates that the issuer is allowed to have any principal as the subject of the JWT.
    AllowAnySubject *bool `json:"allow_any_subject,omitempty"`
    // The \"created_at\" indicates, when grant was created.
    CreatedAt *time.Time `json:"created_at,omitempty"`
                    Severity: Minor
                    Found in internal/httpclient/model_trusted_o_auth2_jwt_grant_issuer.go - About 4 hrs to fix

                      GenericError has 34 methods (exceeds 20 allowed). Consider refactoring.
                      Open

                      type GenericError struct {
    // The status code
    Code *int64 `json:"code,omitempty"`
    // Debug information  This field is often not exposed to protect against leaking sensitive information.
    Debug *string `json:"debug,omitempty"`
                      Severity: Minor
                      Found in internal/httpclient/model_generic_error.go - About 4 hrs to fix

                        OAuth2LoginRequest has 34 methods (exceeds 20 allowed). Consider refactoring.
                        Open

                        type OAuth2LoginRequest struct {
    // ID is the identifier (\"login challenge\") of the login request. It is used to identify the session.
    Challenge   string                                    `json:"challenge"`
    Client      OAuth2Client                              `json:"client"`
    OidcContext *OAuth2ConsentRequestOpenIDConnectContext `json:"oidc_context,omitempty"`
                        Severity: Minor
                        Found in internal/httpclient/model_o_auth2_login_request.go - About 4 hrs to fix

                          Method Handler.createVerifiableCredential has 126 lines of code (exceeds 50 allowed). Consider refactoring.
                          Open

                          func (h *Handler) createVerifiableCredential(w http.ResponseWriter, r *http.Request) {
    ctx := r.Context()
    session := NewSessionWithCustomClaims(ctx, h.c, "")
    accessToken := fosite.AccessTokenFromRequest(r)
    tokenType, _, err := h.r.OAuth2Provider().IntrospectToken(ctx, accessToken, fosite.AccessToken, session)
                          Severity: Major
                          Found in oauth2/handler.go - About 4 hrs to fix

                            Function TestClientSDK has 125 lines of code (exceeds 50 allowed). Consider refactoring.
                            Open

                            func TestClientSDK(t *testing.T) {
    ctx := context.Background()
    conf := internal.NewConfigurationWithDefaults()
    conf.MustSet(ctx, config.KeySubjectTypesSupported, []string{"public"})
    conf.MustSet(ctx, config.KeyDefaultClientScope, []string{"foo", "bar"})
                            Severity: Major
                            Found in client/sdk_test.go - About 4 hrs to fix

                              Persister has 32 methods (exceeds 20 allowed). Consider refactoring.
                              Open

                              func (p *Persister) sqlSchemaFromRequest(ctx context.Context, signature string, r fosite.Requester, table tableName, expiresAt time.Time) (*OAuth2RequestSQL, error) {
    subject := ""
    if r.GetSession() == nil {
        p.l.Debugf("Got an empty session in sqlSchemaFromRequest")
    } else {
                              Severity: Minor
                              Found in persistence/sql/persister_oauth2.go - About 4 hrs to fix

                                File api_jwk.go has 582 lines of code (exceeds 500 allowed). Consider refactoring.
                                Open

                                /*
Ory Hydra API

Documentation for all of Ory Hydra's APIs.
                                Severity: Minor
                                Found in internal/httpclient/api_jwk.go - About 4 hrs to fix

                                  File cmd_perform_authorization_code.go has 575 lines of code (exceeds 500 allowed). Consider refactoring.
                                  Open

                                  // Copyright © 2022 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package cmd
                                  Severity: Minor
                                  Found in cmd/cmd_perform_authorization_code.go - About 3 hrs to fix
                                    Severity
                                    Category
                                    Status
                                    Source
                                    Language