Sign upLogin

ory-am/hydra

View on GitHub
Star

Showing 849 of 849 total issues

Similar blocks of code found in 3 locations. Consider refactoring.
Open

          cy.request({
            method: "POST",
            url: tokenUrl,
            form: true,
            body: {
Severity: Major
Found in cypress/integration/oauth2/grant_jwtbearer.js and 2 other locations - About 4 hrs to fix
cypress/integration/oauth2/grant_jwtbearer.js on lines 181..197
cypress/integration/oauth2/grant_jwtbearer.js on lines 241..257

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 122.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 3 locations. Consider refactoring.
Open

          cy.request({
            method: "POST",
            url: tokenUrl,
            form: true,
            body: {
Severity: Major
Found in cypress/integration/oauth2/grant_jwtbearer.js and 2 other locations - About 4 hrs to fix
cypress/integration/oauth2/grant_jwtbearer.js on lines 241..257
cypress/integration/oauth2/grant_jwtbearer.js on lines 274..290

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 122.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 3 locations. Consider refactoring.
Open

          cy.request({
            method: "POST",
            url: tokenUrl,
            form: true,
            body: {
Severity: Major
Found in cypress/integration/oauth2/grant_jwtbearer.js and 2 other locations - About 4 hrs to fix
cypress/integration/oauth2/grant_jwtbearer.js on lines 181..197
cypress/integration/oauth2/grant_jwtbearer.js on lines 274..290

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 122.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

TrustedOAuth2JwtGrantIssuer has 34 methods (exceeds 20 allowed). Consider refactoring.
Open

type TrustedOAuth2JwtGrantIssuer struct {
    // The \"allow_any_subject\" indicates that the issuer is allowed to have any principal as the subject of the JWT.
    AllowAnySubject *bool `json:"allow_any_subject,omitempty"`
    // The \"created_at\" indicates, when grant was created.
    CreatedAt *time.Time `json:"created_at,omitempty"`
Severity: Minor
Found in internal/httpclient/model_trusted_o_auth2_jwt_grant_issuer.go - About 4 hrs to fix

    VerifiableCredentialPrimingResponse has 34 methods (exceeds 20 allowed). Consider refactoring.
    Open

    type VerifiableCredentialPrimingResponse struct {
    CNonce           *string `json:"c_nonce,omitempty"`
    CNonceExpiresIn  *int64  `json:"c_nonce_expires_in,omitempty"`
    Error            *string `json:"error,omitempty"`
    ErrorDebug       *string `json:"error_debug,omitempty"`
    Severity: Minor
    Found in internal/httpclient/model_verifiable_credential_priming_response.go - About 4 hrs to fix

      OAuth2LoginRequest has 34 methods (exceeds 20 allowed). Consider refactoring.
      Open

      type OAuth2LoginRequest struct {
    // ID is the identifier (\"login challenge\") of the login request. It is used to identify the session.
    Challenge   string                                    `json:"challenge"`
    Client      OAuth2Client                              `json:"client"`
    OidcContext *OAuth2ConsentRequestOpenIDConnectContext `json:"oidc_context,omitempty"`
      Severity: Minor
      Found in internal/httpclient/model_o_auth2_login_request.go - About 4 hrs to fix

        GenericError has 34 methods (exceeds 20 allowed). Consider refactoring.
        Open

        type GenericError struct {
    // The status code
    Code *int64 `json:"code,omitempty"`
    // Debug information  This field is often not exposed to protect against leaking sensitive information.
    Debug *string `json:"debug,omitempty"`
        Severity: Minor
        Found in internal/httpclient/model_generic_error.go - About 4 hrs to fix

          Similar blocks of code found in 2 locations. Consider refactoring.
          Open

          func (h *Handler) getOAuth2ConsentRequest(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
    challenge := stringsx.Coalesce(
        r.URL.Query().Get("consent_challenge"),
        r.URL.Query().Get("challenge"),
    )
          Severity: Major
          Found in consent/handler.go and 1 other location - About 4 hrs to fix
          consent/handler.go on lines 344..377

          Duplicated Code

          Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

          Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

          When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

          Tuning

          This issue has a mass of 323.

          We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

          The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

          If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

          See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

          Refactorings

          Further Reading

          Similar blocks of code found in 2 locations. Consider refactoring.
          Open

          func (h *Handler) getOAuth2LoginRequest(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
    challenge := stringsx.Coalesce(
        r.URL.Query().Get("login_challenge"),
        r.URL.Query().Get("challenge"),
    )
          Severity: Major
          Found in consent/handler.go and 1 other location - About 4 hrs to fix
          consent/handler.go on lines 652..684

          Duplicated Code

          Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

          Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

          When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

          Tuning

          This issue has a mass of 323.

          We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

          The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

          If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

          See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

          Refactorings

          Further Reading

          Method DefaultStrategy.verifyAuthentication has 130 lines of code (exceeds 50 allowed). Consider refactoring.
          Open

          func (s *DefaultStrategy) verifyAuthentication(
    ctx context.Context,
    w http.ResponseWriter,
    r *http.Request,
    req fosite.AuthorizeRequester,
          Severity: Major
          Found in consent/strategy_default.go - About 4 hrs to fix

            Method Handler.createVerifiableCredential has 126 lines of code (exceeds 50 allowed). Consider refactoring.
            Open

            func (h *Handler) createVerifiableCredential(w http.ResponseWriter, r *http.Request) {
    ctx := r.Context()
    session := NewSessionWithCustomClaims(ctx, h.c, "")
    accessToken := fosite.AccessTokenFromRequest(r)
    tokenType, _, err := h.r.OAuth2Provider().IntrospectToken(ctx, accessToken, fosite.AccessToken, session)
            Severity: Major
            Found in oauth2/handler.go - About 4 hrs to fix

              Function TestClientSDK has 125 lines of code (exceeds 50 allowed). Consider refactoring.
              Open

              func TestClientSDK(t *testing.T) {
    ctx := context.Background()
    conf := internal.NewConfigurationWithDefaults()
    conf.MustSet(ctx, config.KeySubjectTypesSupported, []string{"public"})
    conf.MustSet(ctx, config.KeyDefaultClientScope, []string{"foo", "bar"})
              Severity: Major
              Found in client/sdk_test.go - About 4 hrs to fix

                Persister has 32 methods (exceeds 20 allowed). Consider refactoring.
                Open

                func (p *Persister) sqlSchemaFromRequest(ctx context.Context, signature string, r fosite.Requester, table tableName, expiresAt time.Time) (*OAuth2RequestSQL, error) {
    subject := ""
    if r.GetSession() == nil {
        p.l.Debugf("Got an empty session in sqlSchemaFromRequest")
    } else {
                Severity: Minor
                Found in persistence/sql/persister_oauth2.go - About 4 hrs to fix

                  Similar blocks of code found in 2 locations. Consider refactoring.
                  Open

                      b.Run("strategy=jwt", func(b *testing.B) {
        initialDBSpans := dbSpans(spans)
        B := run(b, "jwt")

        stop := profile(b)
                  Severity: Major
                  Found in oauth2/oauth2_auth_code_bench_test.go and 1 other location - About 4 hrs to fix
                  oauth2/oauth2_auth_code_bench_test.go on lines 267..288

                  Duplicated Code

                  Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                  Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                  When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                  Tuning

                  This issue has a mass of 310.

                  We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                  The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                  If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                  See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                  Refactorings

                  Further Reading

                  Similar blocks of code found in 2 locations. Consider refactoring.
                  Open

                      b.Run("strategy=opaque", func(b *testing.B) {
        initialDBSpans := dbSpans(spans)
        B := run(b, "opaque")

        stop := profile(b)
                  Severity: Major
                  Found in oauth2/oauth2_auth_code_bench_test.go and 1 other location - About 4 hrs to fix
                  oauth2/oauth2_auth_code_bench_test.go on lines 244..265

                  Duplicated Code

                  Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                  Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                  When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                  Tuning

                  This issue has a mass of 310.

                  We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                  The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                  If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                  See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                  Refactorings

                  Further Reading

                  File api_jwk.go has 582 lines of code (exceeds 500 allowed). Consider refactoring.
                  Open

                  /*
Ory Hydra API

Documentation for all of Ory Hydra's APIs.
                  Severity: Minor
                  Found in internal/httpclient/api_jwk.go - About 4 hrs to fix

                    Similar blocks of code found in 3 locations. Consider refactoring.
                    Open

                        t.Run("should fail token if hook response is malformed", func(t *testing.T) {
        run := func(strategy string) func(t *testing.T) {
            return func(t *testing.T) {
                hs := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
                    w.WriteHeader(http.StatusOK)
                    Severity: Major
                    Found in oauth2/oauth2_client_credentials_test.go and 2 other locations - About 3 hrs to fix
                    oauth2/oauth2_client_credentials_test.go on lines 324..346
                    oauth2/oauth2_client_credentials_test.go on lines 348..370

                    Duplicated Code

                    Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                    Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                    When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                    Tuning

                    This issue has a mass of 302.

                    We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                    The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                    If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                    See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                    Refactorings

                    Further Reading

                    Similar blocks of code found in 3 locations. Consider refactoring.
                    Open

                        t.Run("should fail token if hook fails", func(t *testing.T) {
        run := func(strategy string) func(t *testing.T) {
            return func(t *testing.T) {
                hs := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
                    w.WriteHeader(http.StatusInternalServerError)
                    Severity: Major
                    Found in oauth2/oauth2_client_credentials_test.go and 2 other locations - About 3 hrs to fix
                    oauth2/oauth2_client_credentials_test.go on lines 348..370
                    oauth2/oauth2_client_credentials_test.go on lines 372..394

                    Duplicated Code

                    Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                    Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                    When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                    Tuning

                    This issue has a mass of 302.

                    We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                    The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                    If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                    See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                    Refactorings

                    Further Reading

                    Similar blocks of code found in 3 locations. Consider refactoring.
                    Open

                        t.Run("should fail token if hook denied the request", func(t *testing.T) {
        run := func(strategy string) func(t *testing.T) {
            return func(t *testing.T) {
                hs := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
                    w.WriteHeader(http.StatusForbidden)
                    Severity: Major
                    Found in oauth2/oauth2_client_credentials_test.go and 2 other locations - About 3 hrs to fix
                    oauth2/oauth2_client_credentials_test.go on lines 324..346
                    oauth2/oauth2_client_credentials_test.go on lines 372..394

                    Duplicated Code

                    Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                    Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                    When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                    Tuning

                    This issue has a mass of 302.

                    We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                    The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                    If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                    See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                    Refactorings

                    Further Reading

                    Similar blocks of code found in 2 locations. Consider refactoring.
                    Open

                              cy.location().should(({ search, port }) => {
            const query = qs.parse(search.substr(1))
            expect(query.error).to.equal("invalid_scope")

            // This is a client error so we expect the client app to show the error
                    Severity: Major
                    Found in cypress/integration/oauth2/authorize_error.js and 1 other location - About 3 hrs to fix
                    cypress/integration/oauth2/authorize_error.js on lines 85..91

                    Duplicated Code

                    Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                    Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                    When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                    Tuning

                    This issue has a mass of 112.

                    We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                    The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                    If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                    See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                    Refactorings

                    Further Reading

                    Severity
                    Category
                    Status
                    Source
                    Language