Sign upLogin

ory-am/hydra

View on GitHub
Star

Showing 853 of 853 total issues

Similar blocks of code found in 3 locations. Consider refactoring.
Open

        {
            name: "Get RS256 enc",
            args: args{
                ctx: context.TODO(),
                set: x.OpenIDConnectKeyName,
Severity: Major
Found in hsm/manager_hsm_test.go and 2 other locations - About 2 hrs to fix
hsm/manager_hsm_test.go on lines 437..449
hsm/manager_hsm_test.go on lines 463..475

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 195.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Method DefaultStrategy.forwardAuthenticationRequest has 77 lines of code (exceeds 50 allowed). Consider refactoring.
Open

func (s *DefaultStrategy) forwardAuthenticationRequest(ctx context.Context, w http.ResponseWriter, r *http.Request, ar fosite.AuthorizeRequester, subject string, authenticatedAt time.Time, session *flow.LoginSession) error {
    if (subject != "" && authenticatedAt.IsZero()) || (subject == "" && !authenticatedAt.IsZero()) {
        return errorsx.WithStack(fosite.ErrServerError.WithHint("Consent strategy returned a non-empty subject with an empty auth date, or an empty subject with a non-empty auth date."))
    }
Severity: Major
Found in consent/strategy_default.go - About 2 hrs to fix

    Method OAuth2APIService.GetOAuth2LoginRequestExecute has 77 lines of code (exceeds 50 allowed). Consider refactoring.
    Open

    func (a *OAuth2APIService) GetOAuth2LoginRequestExecute(r ApiGetOAuth2LoginRequestRequest) (*OAuth2LoginRequest, *http.Response, error) {
    var (
        localVarHTTPMethod  = http.MethodGet
        localVarPostBody    interface{}
        formFiles           []formFile
    Severity: Major
    Found in internal/httpclient/api_o_auth2.go - About 2 hrs to fix

      Method OAuth2APIService.CreateOAuth2ClientExecute has 77 lines of code (exceeds 50 allowed). Consider refactoring.
      Open

      func (a *OAuth2APIService) CreateOAuth2ClientExecute(r ApiCreateOAuth2ClientRequest) (*OAuth2Client, *http.Response, error) {
    var (
        localVarHTTPMethod  = http.MethodPost
        localVarPostBody    interface{}
        formFiles           []formFile
      Severity: Major
      Found in internal/httpclient/api_o_auth2.go - About 2 hrs to fix

        Method OidcAPIService.CreateOidcDynamicClientExecute has 77 lines of code (exceeds 50 allowed). Consider refactoring.
        Open

        func (a *OidcAPIService) CreateOidcDynamicClientExecute(r ApiCreateOidcDynamicClientRequest) (*OAuth2Client, *http.Response, error) {
    var (
        localVarHTTPMethod  = http.MethodPost
        localVarPostBody    interface{}
        formFiles           []formFile
        Severity: Major
        Found in internal/httpclient/api_oidc.go - About 2 hrs to fix

          Method OAuth2APIService.GetOAuth2LogoutRequestExecute has 77 lines of code (exceeds 50 allowed). Consider refactoring.
          Open

          func (a *OAuth2APIService) GetOAuth2LogoutRequestExecute(r ApiGetOAuth2LogoutRequestRequest) (*OAuth2LogoutRequest, *http.Response, error) {
    var (
        localVarHTTPMethod  = http.MethodGet
        localVarPostBody    interface{}
        formFiles           []formFile
          Severity: Major
          Found in internal/httpclient/api_o_auth2.go - About 2 hrs to fix

            Method OAuth2APIService.GetOAuth2ConsentRequestExecute has 77 lines of code (exceeds 50 allowed). Consider refactoring.
            Open

            func (a *OAuth2APIService) GetOAuth2ConsentRequestExecute(r ApiGetOAuth2ConsentRequestRequest) (*OAuth2ConsentRequest, *http.Response, error) {
    var (
        localVarHTTPMethod  = http.MethodGet
        localVarPostBody    interface{}
        formFiles           []formFile
            Severity: Major
            Found in internal/httpclient/api_o_auth2.go - About 2 hrs to fix

              Function parameterAddToHeaderOrQuery has 77 lines of code (exceeds 50 allowed). Consider refactoring.
              Open

              func parameterAddToHeaderOrQuery(headerOrQueryParams interface{}, keyPrefix string, obj interface{}, collectionType string) {
    var v = reflect.ValueOf(obj)
    var value = ""
    if v == reflect.ValueOf(nil) {
        value = "null"
              Severity: Major
              Found in internal/httpclient/client.go - About 2 hrs to fix

                Method OidcConfiguration.ToMap has 77 lines of code (exceeds 50 allowed). Consider refactoring.
                Open

                func (o OidcConfiguration) ToMap() (map[string]interface{}, error) {
    toSerialize := map[string]interface{}{}
    toSerialize["authorization_endpoint"] = o.AuthorizationEndpoint
    if !IsNil(o.BackchannelLogoutSessionSupported) {
        toSerialize["backchannel_logout_session_supported"] = o.BackchannelLogoutSessionSupported
                Severity: Major
                Found in internal/httpclient/model_oidc_configuration.go - About 2 hrs to fix

                  Function TestKeyManager_DeleteKey has 77 lines of code (exceeds 50 allowed). Consider refactoring.
                  Open

                  func TestKeyManager_DeleteKey(t *testing.T) {
    ctrl := gomock.NewController(t)
    hsmContext := NewMockContext(ctrl)
    defer ctrl.Finish()
    l := logrusx.New("", "")
                  Severity: Major
                  Found in hsm/manager_hsm_test.go - About 2 hrs to fix

                    Function TestKeyManager_HsmKeySetPrefix has 77 lines of code (exceeds 50 allowed). Consider refactoring.
                    Open

                    func TestKeyManager_HsmKeySetPrefix(t *testing.T) {
    ctrl := gomock.NewController(t)
    hsmContext := NewMockContext(ctrl)
    defer ctrl.Finish()
    l := logrusx.New("", "")
                    Severity: Major
                    Found in hsm/manager_hsm_test.go - About 2 hrs to fix

                      Similar blocks of code found in 2 locations. Consider refactoring.
                      Open

                                  require.NoError(t, grantManager.CreateGrant(context.TODO(), trust.Grant{
                ID:              uuid.New(),
                Issuer:          issuer,
                Subject:         subject,
                AllowAnySubject: false,
                      Severity: Major
                      Found in oauth2/fosite_store_helpers.go and 1 other location - About 2 hrs to fix
                      oauth2/fosite_store_helpers.go on lines 943..952

                      Duplicated Code

                      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                      Tuning

                      This issue has a mass of 194.

                      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                      Refactorings

                      Further Reading

                      Similar blocks of code found in 2 locations. Consider refactoring.
                      Open

                                  require.NoError(t, grantManager.CreateGrant(context.Background(), trust.Grant{
                ID:              uuid.New(),
                Issuer:          issuer,
                Subject:         subject,
                AllowAnySubject: false,
                      Severity: Major
                      Found in oauth2/fosite_store_helpers.go and 1 other location - About 2 hrs to fix
                      oauth2/fosite_store_helpers.go on lines 956..965

                      Duplicated Code

                      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                      Tuning

                      This issue has a mass of 194.

                      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                      Refactorings

                      Further Reading

                      File strategy_logout_test.go has 502 lines of code (exceeds 500 allowed). Consider refactoring.
                      Open

                      // Copyright © 2022 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package consent_test
                      Severity: Minor
                      Found in consent/strategy_logout_test.go - About 2 hrs to fix

                        Method DefaultStrategy.verifyAuthentication has 22 return statements (exceeds 4 allowed).
                        Open

                        func (s *DefaultStrategy) verifyAuthentication(
    ctx context.Context,
    w http.ResponseWriter,
    r *http.Request,
    req fosite.AuthorizeRequester,
                        Severity: Major
                        Found in consent/strategy_default.go - About 2 hrs to fix

                          Function TestGetConsentRequest has 75 lines of code (exceeds 50 allowed). Consider refactoring.
                          Open

                          func TestGetConsentRequest(t *testing.T) {
    for k, tc := range []struct {
        exists  bool
        handled bool
        status  int
                          Severity: Minor
                          Found in consent/handler_test.go - About 2 hrs to fix

                            Method OidcAPIService.CreateVerifiableCredentialExecute has 74 lines of code (exceeds 50 allowed). Consider refactoring.
                            Open

                            func (a *OidcAPIService) CreateVerifiableCredentialExecute(r ApiCreateVerifiableCredentialRequest) (*VerifiableCredentialResponse, *http.Response, error) {
    var (
        localVarHTTPMethod  = http.MethodPost
        localVarPostBody    interface{}
        formFiles           []formFile
                            Severity: Minor
                            Found in internal/httpclient/api_oidc.go - About 1 hr to fix

                              Method RegistrySQL.Init has 74 lines of code (exceeds 50 allowed). Consider refactoring.
                              Open

                              func (m *RegistrySQL) Init(
    ctx context.Context,
    skipNetworkInit bool,
    migrate bool,
    ctxer contextx.Contextualizer,
                              Severity: Minor
                              Found in driver/registry_sql.go - About 1 hr to fix

                                Function TestKeyManager_DeleteKeySet has 74 lines of code (exceeds 50 allowed). Consider refactoring.
                                Open

                                func TestKeyManager_DeleteKeySet(t *testing.T) {
    ctrl := gomock.NewController(t)
    hsmContext := NewMockContext(ctrl)
    defer ctrl.Finish()
    l := logrusx.New("", "")
                                Severity: Minor
                                Found in hsm/manager_hsm_test.go - About 1 hr to fix

                                  Similar blocks of code found in 3 locations. Consider refactoring.
                                  Open

                                      t.Run("case=forwarded-matches-cidr", func(t *testing.T) {
        c.MustSet(context.Background(), config.KeyTLSAllowTerminationFrom, []string{"126.0.0.1/24", "127.0.0.1/24"})

        res := httptest.NewRecorder()
        RejectInsecureRequests(r, c.TLS(context.Background(), config.PublicInterface))(res, &http.Request{
                                  Severity: Major
                                  Found in x/tls_termination_test.go and 2 other locations - About 1 hr to fix
                                  x/tls_termination_test.go on lines 90..103
                                  x/tls_termination_test.go on lines 164..177

                                  Duplicated Code

                                  Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                                  Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                                  When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                                  Tuning

                                  This issue has a mass of 187.

                                  We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                                  The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                                  If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                                  See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                                  Refactorings

                                  Further Reading

                                  Severity
                                  Category
                                  Status
                                  Source
                                  Language