Sign upLogin

ory-am/hydra

View on GitHub
Star

Showing 849 of 849 total issues

Function Middleware has 92 lines of code (exceeds 50 allowed). Consider refactoring.
Open

func Middleware(
    reg interface {
        x.RegistryLogger
        oauth2.Registry
        client.Registry
Severity: Major
Found in x/oauth2cors/cors.go - About 2 hrs to fix

    Method Handler.oAuth2Authorize has 91 lines of code (exceeds 50 allowed). Consider refactoring.
    Open

    func (h *Handler) oAuth2Authorize(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
    ctx := r.Context()

    authorizeRequest, err := h.r.OAuth2Provider().NewAuthorizeRequest(ctx, r)
    if err != nil {
    Severity: Major
    Found in oauth2/handler.go - About 2 hrs to fix

      Function TestStrategyLoginConsentNext has 29 return statements (exceeds 4 allowed).
      Open

      func TestStrategyLoginConsentNext(t *testing.T) {
    ctx := context.Background()
    reg := internal.NewMockedRegistry(t, &contextx.Default{})
    reg.Config().MustSet(ctx, config.KeyAccessTokenStrategy, "opaque")
    reg.Config().MustSet(ctx, config.KeyConsentRequestMaxAge, time.Hour)
      Severity: Major
      Found in consent/strategy_oauth_test.go - About 2 hrs to fix

        Similar blocks of code found in 2 locations. Consider refactoring.
        Open

        func (o OAuth2TokenExchange) ToMap() (map[string]interface{}, error) {
    toSerialize := map[string]interface{}{}
    if !IsNil(o.AccessToken) {
        toSerialize["access_token"] = o.AccessToken
    }
        Severity: Major
        Found in internal/httpclient/model_o_auth2_token_exchange.go and 1 other location - About 2 hrs to fix
        internal/httpclient/model_o_auth2_logout_request.go on lines 253..274

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 224.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Similar blocks of code found in 2 locations. Consider refactoring.
        Open

        func (o OAuth2LogoutRequest) ToMap() (map[string]interface{}, error) {
    toSerialize := map[string]interface{}{}
    if !IsNil(o.Challenge) {
        toSerialize["challenge"] = o.Challenge
    }
        Severity: Major
        Found in internal/httpclient/model_o_auth2_logout_request.go and 1 other location - About 2 hrs to fix
        internal/httpclient/model_o_auth2_token_exchange.go on lines 254..275

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 224.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Method OAuth2ApiService.SetOAuth2ClientExecute has 89 lines of code (exceeds 50 allowed). Consider refactoring.
        Open

        func (a *OAuth2ApiService) SetOAuth2ClientExecute(r ApiSetOAuth2ClientRequest) (*OAuth2Client, *http.Response, error) {
    var (
        localVarHTTPMethod  = http.MethodPut
        localVarPostBody    interface{}
        formFiles           []formFile
        Severity: Major
        Found in internal/httpclient/api_o_auth2.go - About 2 hrs to fix

          TrustOAuth2JwtGrantIssuer has 23 methods (exceeds 20 allowed). Consider refactoring.
          Open

          type TrustOAuth2JwtGrantIssuer struct {
    // The \"allow_any_subject\" indicates that the issuer is allowed to have any principal as the subject of the JWT.
    AllowAnySubject *bool `json:"allow_any_subject,omitempty"`
    // The \"expires_at\" indicates, when grant will expire, so we will reject assertion from \"issuer\" targeting \"subject\".
    ExpiresAt time.Time `json:"expires_at"`
          Severity: Minor
          Found in internal/httpclient/model_trust_o_auth2_jwt_grant_issuer.go - About 2 hrs to fix

            Similar blocks of code found in 2 locations. Consider refactoring.
            Open

            func (p *Persister) Commit(ctx context.Context) (err error) {
    ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.Commit")
    defer otelx.End(span, &err)

    if skip, ok := ctx.Value(skipCommitKey).(bool); ok && skip {
            Severity: Major
            Found in persistence/sql/persister.go and 1 other location - About 2 hrs to fix
            persistence/sql/persister.go on lines 105..120

            Duplicated Code

            Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

            Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

            When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

            Tuning

            This issue has a mass of 220.

            We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

            The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

            If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

            See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

            Refactorings

            Further Reading

            Similar blocks of code found in 2 locations. Consider refactoring.
            Open

            func (p *Persister) Rollback(ctx context.Context) (err error) {
    ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.Rollback")
    defer otelx.End(span, &err)

    if skip, ok := ctx.Value(skipCommitKey).(bool); ok && skip {
            Severity: Major
            Found in persistence/sql/persister.go and 1 other location - About 2 hrs to fix
            persistence/sql/persister.go on lines 88..103

            Duplicated Code

            Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

            Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

            When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

            Tuning

            This issue has a mass of 220.

            We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

            The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

            If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

            See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

            Refactorings

            Further Reading

            File handler.go has 519 lines of code (exceeds 500 allowed). Consider refactoring.
            Open

            // Copyright © 2022 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package consent
            Severity: Minor
            Found in consent/handler.go - About 2 hrs to fix

              Similar blocks of code found in 2 locations. Consider refactoring.
              Open

              func (o *TrustOAuth2JwtGrantIssuer) UnmarshalJSON(data []byte) (err error) {
    // This validates that all required properties are included in the JSON object
    // by unmarshalling the object into a generic map with string keys and checking
    // that every required field exists as a key in the generic map.
    requiredProperties := []string{
              Severity: Major
              Found in internal/httpclient/model_trust_o_auth2_jwt_grant_issuer.go and 1 other location - About 2 hrs to fix
              internal/httpclient/model_json_web_key.go on lines 640..678

              Duplicated Code

              Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

              Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

              When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

              Tuning

              This issue has a mass of 214.

              We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

              The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

              If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

              See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

              Refactorings

              Further Reading

              Similar blocks of code found in 2 locations. Consider refactoring.
              Open

              func (o *JsonWebKey) UnmarshalJSON(data []byte) (err error) {
    // This validates that all required properties are included in the JSON object
    // by unmarshalling the object into a generic map with string keys and checking
    // that every required field exists as a key in the generic map.
    requiredProperties := []string{
              Severity: Major
              Found in internal/httpclient/model_json_web_key.go and 1 other location - About 2 hrs to fix
              internal/httpclient/model_trust_o_auth2_jwt_grant_issuer.go on lines 245..283

              Duplicated Code

              Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

              Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

              When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

              Tuning

              This issue has a mass of 214.

              We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

              The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

              If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

              See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

              Refactorings

              Further Reading

              Identical blocks of code found in 2 locations. Consider refactoring.
              Open

                oauth2
    .create(req.session.credentials)
    .authorizationCode.getToken({
      redirect_uri: `${redirect_uri}/oauth2/callback`,
      scope: req.session.scope,
              Severity: Major
              Found in test/e2e/oauth2-client/src/index.js and 1 other location - About 2 hrs to fix
              test/e2e/oauth2-client/src/index.js on lines 257..270

              Duplicated Code

              Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

              Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

              When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

              Tuning

              This issue has a mass of 83.

              We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

              The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

              If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

              See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

              Refactorings

              Further Reading

              Identical blocks of code found in 2 locations. Consider refactoring.
              Open

                oauth2
    .create(credentials)
    .clientCredentials.getToken({ scope: req.query.scope.split(" ") })
    .then((token) => {
      res.send({ result: "success", token })
              Severity: Major
              Found in test/e2e/oauth2-client/src/index.js and 1 other location - About 2 hrs to fix
              test/e2e/oauth2-client/src/index.js on lines 135..152

              Duplicated Code

              Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

              Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

              When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

              Tuning

              This issue has a mass of 83.

              We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

              The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

              If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

              See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

              Refactorings

              Further Reading

              Similar blocks of code found in 2 locations. Consider refactoring.
              Open

                      {
            name: "Generate ES512 GenerateECDSAKeyPairWithAttributes Error",
            args: args{
                ctx: context.TODO(),
                set: x.OpenIDConnectKeyName,
              Severity: Major
              Found in hsm/manager_hsm_test.go and 1 other location - About 2 hrs to fix
              hsm/manager_hsm_test.go on lines 248..263

              Duplicated Code

              Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

              Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

              When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

              Tuning

              This issue has a mass of 212.

              We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

              The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

              If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

              See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

              Refactorings

              Further Reading

              Similar blocks of code found in 2 locations. Consider refactoring.
              Open

                      {
            name: "Generate ES256 with GenerateECDSAKeyPairWithAttributes Error",
            args: args{
                ctx: context.TODO(),
                set: x.OpenIDConnectKeyName,
              Severity: Major
              Found in hsm/manager_hsm_test.go and 1 other location - About 2 hrs to fix
              hsm/manager_hsm_test.go on lines 280..295

              Duplicated Code

              Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

              Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

              When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

              Tuning

              This issue has a mass of 212.

              We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

              The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

              If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

              See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

              Refactorings

              Further Reading

              Similar blocks of code found in 5 locations. Consider refactoring.
              Open

              func (o *GenericError) UnmarshalJSON(data []byte) (err error) {
    // This validates that all required properties are included in the JSON object
    // by unmarshalling the object into a generic map with string keys and checking
    // that every required field exists as a key in the generic map.
    requiredProperties := []string{
              Severity: Major
              Found in internal/httpclient/model_generic_error.go and 4 other locations - About 2 hrs to fix
              internal/httpclient/model_accept_o_auth2_login_request.go on lines 382..417
              internal/httpclient/model_introspected_o_auth2_token.go on lines 568..603
              internal/httpclient/model_o_auth2_consent_request.go on lines 526..561
              internal/httpclient/model_o_auth2_redirect_to.go on lines 87..122

              Duplicated Code

              Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

              Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

              When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

              Tuning

              This issue has a mass of 211.

              We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

              The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

              If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

              See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

              Refactorings

              Further Reading

              Similar blocks of code found in 2 locations. Consider refactoring.
              Open

                      {
            name: "Generate ES512",
            args: args{
                ctx: context.TODO(),
                set: x.OpenIDConnectKeyName,
              Severity: Major
              Found in hsm/manager_hsm_test.go and 1 other location - About 2 hrs to fix
              hsm/manager_hsm_test.go on lines 232..247

              Duplicated Code

              Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

              Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

              When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

              Tuning

              This issue has a mass of 211.

              We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

              The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

              If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

              See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

              Refactorings

              Further Reading

              Similar blocks of code found in 5 locations. Consider refactoring.
              Open

              func (o *OAuth2RedirectTo) UnmarshalJSON(data []byte) (err error) {
    // This validates that all required properties are included in the JSON object
    // by unmarshalling the object into a generic map with string keys and checking
    // that every required field exists as a key in the generic map.
    requiredProperties := []string{
              Severity: Major
              Found in internal/httpclient/model_o_auth2_redirect_to.go and 4 other locations - About 2 hrs to fix
              internal/httpclient/model_accept_o_auth2_login_request.go on lines 382..417
              internal/httpclient/model_generic_error.go on lines 347..382
              internal/httpclient/model_introspected_o_auth2_token.go on lines 568..603
              internal/httpclient/model_o_auth2_consent_request.go on lines 526..561

              Duplicated Code

              Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

              Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

              When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

              Tuning

              This issue has a mass of 211.

              We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

              The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

              If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

              See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

              Refactorings

              Further Reading

              Similar blocks of code found in 5 locations. Consider refactoring.
              Open

              func (o *OAuth2ConsentRequest) UnmarshalJSON(data []byte) (err error) {
    // This validates that all required properties are included in the JSON object
    // by unmarshalling the object into a generic map with string keys and checking
    // that every required field exists as a key in the generic map.
    requiredProperties := []string{
              Severity: Major
              Found in internal/httpclient/model_o_auth2_consent_request.go and 4 other locations - About 2 hrs to fix
              internal/httpclient/model_accept_o_auth2_login_request.go on lines 382..417
              internal/httpclient/model_generic_error.go on lines 347..382
              internal/httpclient/model_introspected_o_auth2_token.go on lines 568..603
              internal/httpclient/model_o_auth2_redirect_to.go on lines 87..122

              Duplicated Code

              Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

              Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

              When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

              Tuning

              This issue has a mass of 211.

              We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

              The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

              If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

              See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

              Refactorings

              Further Reading

              Severity
              Category
              Status
              Source
              Language