Sign upLogin

ory-am/hydra

View on GitHub
Star

Showing 849 of 849 total issues

File client.go has 546 lines of code (exceeds 500 allowed). Consider refactoring.
Open

/*
Ory Hydra API

Documentation for all of Ory Hydra's APIs.
Severity: Minor
Found in internal/httpclient/client.go - About 3 hrs to fix

    Function parameterAddToHeaderOrQuery has a Cognitive Complexity of 37 (exceeds 20 allowed). Consider refactoring.
    Open

    func parameterAddToHeaderOrQuery(headerOrQueryParams interface{}, keyPrefix string, obj interface{}, collectionType string) {
    var v = reflect.ValueOf(obj)
    var value = ""
    if v == reflect.ValueOf(nil) {
        value = "null"
    Severity: Minor
    Found in internal/httpclient/client.go - About 3 hrs to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method Client.GetEffectiveLifespan has a Cognitive Complexity of 37 (exceeds 20 allowed). Consider refactoring.
    Open

    func (c *Client) GetEffectiveLifespan(gt fosite.GrantType, tt fosite.TokenType, fallback time.Duration) time.Duration {
    var cl *time.Duration
    if gt == fosite.GrantTypeAuthorizationCode {
        if tt == fosite.AccessToken && c.AuthorizationCodeGrantAccessTokenLifespan.Valid {
            cl = &c.AuthorizationCodeGrantAccessTokenLifespan.Duration
    Severity: Minor
    Found in client/client.go - About 3 hrs to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Similar blocks of code found in 2 locations. Consider refactoring.
    Open

    func (j *JanitorConsentTestHelper) RefreshTokenNotAfterValidate(ctx context.Context, notAfter time.Time, store x.FositeStorer) func(t *testing.T) {
    return func(t *testing.T) {
        var err error
        ds := new(oauth2.Session)
    Severity: Major
    Found in internal/testhelpers/janitor_test_helper.go and 1 other location - About 3 hrs to fix
    internal/testhelpers/janitor_test_helper.go on lines 105..122

    Duplicated Code

    Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

    Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

    When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

    Tuning

    This issue has a mass of 254.

    We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

    The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

    If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

    See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

    Refactorings

    Further Reading

    Similar blocks of code found in 2 locations. Consider refactoring.
    Open

    func (j *JanitorConsentTestHelper) AccessTokenNotAfterValidate(ctx context.Context, notAfter time.Time, store x.FositeStorer) func(t *testing.T) {
    return func(t *testing.T) {
        var err error
        ds := new(oauth2.Session)
    Severity: Major
    Found in internal/testhelpers/janitor_test_helper.go and 1 other location - About 3 hrs to fix
    internal/testhelpers/janitor_test_helper.go on lines 134..151

    Duplicated Code

    Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

    Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

    When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

    Tuning

    This issue has a mass of 254.

    We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

    The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

    If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

    See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

    Refactorings

    Further Reading

    Identical blocks of code found in 2 locations. Consider refactoring.
    Open

      fetch(new URL("/oauth2/introspect", config.admin).toString(), {
    method: "POST",
    body: params,
  })
    .then(isStatusOk)
    Severity: Major
    Found in test/e2e/oauth2-client/src/index.js and 1 other location - About 3 hrs to fix
    test/e2e/oauth2-client/src/index.js on lines 228..237

    Duplicated Code

    Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

    Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

    When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

    Tuning

    This issue has a mass of 96.

    We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

    The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

    If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

    See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

    Refactorings

    Further Reading

    Identical blocks of code found in 2 locations. Consider refactoring.
    Open

      fetch(new URL("/oauth2/introspect", config.admin).toString(), {
    method: "POST",
    body: params,
  })
    .then(isStatusOk)
    Severity: Major
    Found in test/e2e/oauth2-client/src/index.js and 1 other location - About 3 hrs to fix
    test/e2e/oauth2-client/src/index.js on lines 211..221

    Duplicated Code

    Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

    Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

    When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

    Tuning

    This issue has a mass of 96.

    We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

    The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

    If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

    See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

    Refactorings

    Further Reading

    Function TestAEAD has 100 lines of code (exceeds 50 allowed). Consider refactoring.
    Open

    func TestAEAD(t *testing.T) {
    t.Parallel()
    for _, tc := range []struct {
        name string
        new  func(aead.Dependencies) aead.Cipher
    Severity: Major
    Found in aead/aead_test.go - About 3 hrs to fix

      OAuth2TokenExchange has 26 methods (exceeds 20 allowed). Consider refactoring.
      Open

      type OAuth2TokenExchange struct {
    // The access token issued by the authorization server.
    AccessToken *string `json:"access_token,omitempty"`
    // The lifetime in seconds of the access token. For example, the value \"3600\" denotes that the access token will expire in one hour from the time the response was generated.
    ExpiresIn *int64 `json:"expires_in,omitempty"`
      Severity: Minor
      Found in internal/httpclient/model_o_auth2_token_exchange.go - About 3 hrs to fix

        OAuth2LogoutRequest has 26 methods (exceeds 20 allowed). Consider refactoring.
        Open

        type OAuth2LogoutRequest struct {
    // Challenge is the identifier (\"logout challenge\") of the logout authentication request. It is used to identify the session.
    Challenge *string       `json:"challenge,omitempty"`
    Client    *OAuth2Client `json:"client,omitempty"`
    // RequestURL is the original Logout URL requested.
        Severity: Minor
        Found in internal/httpclient/model_o_auth2_logout_request.go - About 3 hrs to fix

          JanitorConsentTestHelper has 26 methods (exceeds 20 allowed). Consider refactoring.
          Open

          type JanitorConsentTestHelper struct {
    uniqueName           string
    flushLoginRequests   []*flow.LoginRequest
    flushConsentRequests []*flow.OAuth2ConsentRequest
    flushAccessRequests  []*fosite.Request
          Severity: Minor
          Found in internal/testhelpers/janitor_test_helper.go - About 3 hrs to fix

            File handler_test.go has 540 lines of code (exceeds 500 allowed). Consider refactoring.
            Open

            // Copyright © 2022 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package client_test
            Severity: Minor
            Found in client/handler_test.go - About 2 hrs to fix

              Function NewKeysImportCmd has 99 lines of code (exceeds 50 allowed). Consider refactoring.
              Open

              func NewKeysImportCmd() *cobra.Command {
    cmd := &cobra.Command{
        Use:  "jwk set-id file-1 [file-2] [file-n]",
        Args: cobra.MinimumNArgs(1),
        Example: `{{ .CommandPath }} my-set ./path/to/jwk.json ./path/to/jwk-2.json --format json
              Severity: Major
              Found in cmd/cmd_import_jwk.go - About 2 hrs to fix

                Function NewImportClientCmd has 99 lines of code (exceeds 50 allowed). Consider refactoring.
                Open

                func NewImportClientCmd() *cobra.Command {
    cmd := &cobra.Command{
        Use:     "oauth2-client <file-1.json> [<file-2.json> ...]",
        Aliases: []string{"client", "clients", "oauth2-clients"},
        Short:   "Import one or more OAuth 2.0 Clients from files or STDIN",
                Severity: Major
                Found in cmd/cmd_import_client.go - About 2 hrs to fix

                  Function BenchmarkClientCredentials has 99 lines of code (exceeds 50 allowed). Consider refactoring.
                  Open

                  func BenchmarkClientCredentials(b *testing.B) {
    ctx := context.Background()

    spans := tracetest.NewSpanRecorder()
    tracer := trace.NewTracerProvider(trace.WithSpanProcessor(spans)).Tracer("")
                  Severity: Major
                  Found in oauth2/oauth2_client_credentials_bench_test.go - About 2 hrs to fix

                    File provider.go has 539 lines of code (exceeds 500 allowed). Consider refactoring.
                    Open

                    // Copyright © 2022 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package config
                    Severity: Minor
                    Found in driver/config/provider.go - About 2 hrs to fix

                      Similar blocks of code found in 3 locations. Consider refactoring.
                      Open

                      func testHelperCreateGetDeleteAccessTokenSession(x InternalRegistry) func(t *testing.T) {
    return func(t *testing.T) {
        m := x.OAuth2Storage()

        ctx := context.Background()
                      Severity: Major
                      Found in oauth2/fosite_store_helpers.go and 2 other locations - About 2 hrs to fix
                      oauth2/fosite_store_helpers.go on lines 281..302
                      oauth2/fosite_store_helpers.go on lines 555..576

                      Duplicated Code

                      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                      Tuning

                      This issue has a mass of 246.

                      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                      Refactorings

                      Further Reading

                      Similar blocks of code found in 3 locations. Consider refactoring.
                      Open

                      func testHelperCreateGetDeletePKCERequestSession(x InternalRegistry) func(t *testing.T) {
    return func(t *testing.T) {
        m := x.OAuth2Storage()

        ctx := context.Background()
                      Severity: Major
                      Found in oauth2/fosite_store_helpers.go and 2 other locations - About 2 hrs to fix
                      oauth2/fosite_store_helpers.go on lines 281..302
                      oauth2/fosite_store_helpers.go on lines 492..513

                      Duplicated Code

                      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                      Tuning

                      This issue has a mass of 246.

                      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                      Refactorings

                      Further Reading

                      Similar blocks of code found in 3 locations. Consider refactoring.
                      Open

                      func testHelperCreateGetDeleteRefreshTokenSession(x InternalRegistry) func(t *testing.T) {
    return func(t *testing.T) {
        m := x.OAuth2Storage()

        ctx := context.Background()
                      Severity: Major
                      Found in oauth2/fosite_store_helpers.go and 2 other locations - About 2 hrs to fix
                      oauth2/fosite_store_helpers.go on lines 492..513
                      oauth2/fosite_store_helpers.go on lines 555..576

                      Duplicated Code

                      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                      Tuning

                      This issue has a mass of 246.

                      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                      Refactorings

                      Further Reading

                      Similar blocks of code found in 5 locations. Consider refactoring.
                      Open

                              {
            d: "should accept client origin when basic auth client exists and origin is set at the client as well as the server",
            prep: func(t *testing.T, r driver.Registry) {
                r.Config().MustSet(ctx, "serve.public.cors.enabled", true)
                r.Config().MustSet(ctx, "serve.public.cors.allowed_origins", []string{"http://**.example.com"})
                      Severity: Major
                      Found in x/oauth2cors/cors_test.go and 4 other locations - About 2 hrs to fix
                      x/oauth2cors/cors_test.go on lines 157..169
                      x/oauth2cors/cors_test.go on lines 170..182
                      x/oauth2cors/cors_test.go on lines 183..195
                      x/oauth2cors/cors_test.go on lines 263..275

                      Duplicated Code

                      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                      Tuning

                      This issue has a mass of 243.

                      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                      Refactorings

                      Further Reading

                      Severity
                      Category
                      Status
                      Source
                      Language