Sign upLogin

ory-am/hydra

View on GitHub
Star

Showing 853 of 853 total issues

Method PersisterTestSuite.TestListUserAuthenticatedClientsWithBackChannelLogout has 71 lines of code (exceeds 50 allowed). Consider refactoring.
Open

func (s *PersisterTestSuite) TestListUserAuthenticatedClientsWithBackChannelLogout() {
    t := s.T()
    for k, r := range s.registries {
        t.Run(k, func(t *testing.T) {
            c1 := &client.Client{ID: "client-1", BackChannelLogoutURI: "not-null"}
Severity: Minor
Found in persistence/sql/persister_nid_test.go - About 1 hr to fix

    Method PersisterTestSuite.TestListUserAuthenticatedClientsWithFrontChannelLogout has 71 lines of code (exceeds 50 allowed). Consider refactoring.
    Open

    func (s *PersisterTestSuite) TestListUserAuthenticatedClientsWithFrontChannelLogout() {
    t := s.T()
    for k, r := range s.registries {
        t.Run(k, func(t *testing.T) {
            c1 := &client.Client{ID: "client-1", FrontChannelLogoutURI: "not-null"}
    Severity: Minor
    Found in persistence/sql/persister_nid_test.go - About 1 hr to fix

      Method DefaultStrategy.issueLogoutVerifier has 20 return statements (exceeds 4 allowed).
      Open

      func (s *DefaultStrategy) issueLogoutVerifier(ctx context.Context, w http.ResponseWriter, r *http.Request) (*flow.LogoutResult, error) {
    // There are two types of log out flows:
    //
    // - RP initiated logout
    // - OP initiated logout
      Severity: Major
      Found in consent/strategy_default.go - About 1 hr to fix

        Similar blocks of code found in 4 locations. Consider refactoring.
        Open

                t.Run("case=CreatePKCERequestSession", func(t *testing.T) {
            id := uuid.New()
            err := m.CreatePKCERequestSession(ctx, id, &request)
            require.NoError(t, err)
        Severity: Major
        Found in oauth2/fosite_store_helpers.go and 3 other locations - About 1 hr to fix
        oauth2/fosite_store_helpers.go on lines 431..439
        oauth2/fosite_store_helpers.go on lines 441..449
        oauth2/fosite_store_helpers.go on lines 461..469

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 178.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Similar blocks of code found in 4 locations. Consider refactoring.
        Open

                t.Run("case=CreateOpenIDConnectSession", func(t *testing.T) {
            id := uuid.New()
            err := m.CreateOpenIDConnectSession(ctx, id, &request)
            require.NoError(t, err)
        Severity: Major
        Found in oauth2/fosite_store_helpers.go and 3 other locations - About 1 hr to fix
        oauth2/fosite_store_helpers.go on lines 431..439
        oauth2/fosite_store_helpers.go on lines 441..449
        oauth2/fosite_store_helpers.go on lines 451..459

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 178.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Similar blocks of code found in 4 locations. Consider refactoring.
        Open

                t.Run("case=CreateRefreshTokenSession", func(t *testing.T) {
            id := uuid.New()
            err := m.CreateRefreshTokenSession(ctx, id, &request)
            require.NoError(t, err)
        Severity: Major
        Found in oauth2/fosite_store_helpers.go and 3 other locations - About 1 hr to fix
        oauth2/fosite_store_helpers.go on lines 441..449
        oauth2/fosite_store_helpers.go on lines 451..459
        oauth2/fosite_store_helpers.go on lines 461..469

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 178.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Similar blocks of code found in 4 locations. Consider refactoring.
        Open

                t.Run("case=CreateAuthorizeCodeSession", func(t *testing.T) {
            id := uuid.New()
            err := m.CreateAuthorizeCodeSession(ctx, id, &request)
            require.NoError(t, err)
        Severity: Major
        Found in oauth2/fosite_store_helpers.go and 3 other locations - About 1 hr to fix
        oauth2/fosite_store_helpers.go on lines 431..439
        oauth2/fosite_store_helpers.go on lines 451..459
        oauth2/fosite_store_helpers.go on lines 461..469

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 178.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Similar blocks of code found in 2 locations. Consider refactoring.
        Open

                const nc = () => ({
          client_secret: prng(),
          scope: "offline_access openid",
          subject_type: "public",
          token_endpoint_auth_method: "client_secret_basic",
        Severity: Major
        Found in cypress/integration/oauth2/authorize_error.js and 1 other location - About 1 hr to fix
        cypress/integration/openid/authorize_code.js on lines 11..19

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 71.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Similar blocks of code found in 2 locations. Consider refactoring.
        Open

              const nc = () => ({
        client_secret: prng(),
        scope: "openid",
        subject_type: "public",
        token_endpoint_auth_method: "client_secret_basic",
        Severity: Major
        Found in cypress/integration/openid/authorize_code.js and 1 other location - About 1 hr to fix
        cypress/integration/oauth2/authorize_error.js on lines 13..21

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 71.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Similar blocks of code found in 3 locations. Consider refactoring.
        Open

            t.Run("case=remote-matches-cidr", func(t *testing.T) {
        c.MustSet(context.Background(), config.KeyTLSAllowTerminationFrom, []string{"126.0.0.1/24", "127.0.0.1/24"})

        res := httptest.NewRecorder()
        RejectInsecureRequests(r, c.TLS(context.Background(), config.PublicInterface))(res, &http.Request{
        Severity: Major
        Found in x/tls_termination_test.go and 2 other locations - About 1 hr to fix
        x/tls_termination_test.go on lines 56..68
        x/tls_termination_test.go on lines 78..88

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 176.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Similar blocks of code found in 3 locations. Consider refactoring.
        Open

            t.Run("case=remote-not-in-cidr", func(t *testing.T) {
        c.MustSet(context.Background(), config.KeyTLSAllowTerminationFrom, []string{"126.0.0.1/24", "127.0.0.1/24"})

        res := httptest.NewRecorder()
        RejectInsecureRequests(r, c.TLS(context.Background(), config.PublicInterface))(res, &http.Request{
        Severity: Major
        Found in x/tls_termination_test.go and 2 other locations - About 1 hr to fix
        x/tls_termination_test.go on lines 56..68
        x/tls_termination_test.go on lines 105..117

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 176.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Similar blocks of code found in 3 locations. Consider refactoring.
        Open

            t.Run("case=x-forwarded-proto-is-http", func(t *testing.T) {
        c.MustSet(context.Background(), config.KeyTLSAllowTerminationFrom, []string{"126.0.0.1/24", "127.0.0.1/24"})

        res := httptest.NewRecorder()
        RejectInsecureRequests(r, c.TLS(context.Background(), config.PublicInterface))(res, &http.Request{
        Severity: Major
        Found in x/tls_termination_test.go and 2 other locations - About 1 hr to fix
        x/tls_termination_test.go on lines 78..88
        x/tls_termination_test.go on lines 105..117

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 176.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Method Handler.acceptOAuth2LoginRequest has 69 lines of code (exceeds 50 allowed). Consider refactoring.
        Open

        func (h *Handler) acceptOAuth2LoginRequest(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
    ctx := r.Context()

    challenge := stringsx.Coalesce(
        r.URL.Query().Get("login_challenge"),
        Severity: Minor
        Found in consent/handler.go - About 1 hr to fix

          Method OAuth2APIService.IntrospectOAuth2TokenExecute has 69 lines of code (exceeds 50 allowed). Consider refactoring.
          Open

          func (a *OAuth2APIService) IntrospectOAuth2TokenExecute(r ApiIntrospectOAuth2TokenRequest) (*IntrospectedOAuth2Token, *http.Response, error) {
    var (
        localVarHTTPMethod  = http.MethodPost
        localVarPostBody    interface{}
        formFiles           []formFile
          Severity: Minor
          Found in internal/httpclient/api_o_auth2.go - About 1 hr to fix

            Method Validator.Validate has 19 return statements (exceeds 4 allowed).
            Open

            func (v *Validator) Validate(ctx context.Context, c *Client) error {
    if c.TokenEndpointAuthMethod == "" {
        c.TokenEndpointAuthMethod = "client_secret_basic"
    } else if c.TokenEndpointAuthMethod == "private_key_jwt" {
        if len(c.JSONWebKeysURI) == 0 && c.JSONWebKeys == nil {
            Severity: Major
            Found in client/validator.go - About 1 hr to fix

              Function MockConsentRequest has 68 lines of code (exceeds 50 allowed). Consider refactoring.
              Open

              func MockConsentRequest(key string, remember bool, rememberFor int, hasError bool, skip bool, authAt bool, loginChallengeBase string, network string) (c *flow.OAuth2ConsentRequest, h *flow.AcceptOAuth2ConsentRequest, f *flow.Flow) {
    c = &flow.OAuth2ConsentRequest{
        ID:                makeID("challenge", network, key),
        RequestedScope:    []string{"scopea" + key, "scopeb" + key},
        RequestedAudience: []string{"auda" + key, "audb" + key},
              Severity: Minor
              Found in consent/test/manager_test_helpers.go - About 1 hr to fix

                Method Handler.getOidcUserInfo has 68 lines of code (exceeds 50 allowed). Consider refactoring.
                Open

                func (h *Handler) getOidcUserInfo(w http.ResponseWriter, r *http.Request) {
    ctx := r.Context()
    session := NewSessionWithCustomClaims(ctx, h.c, "")
    tokenType, ar, err := h.r.OAuth2Provider().IntrospectToken(ctx, fosite.AccessTokenFromRequest(r), fosite.AccessToken, session)
    if err != nil {
                Severity: Minor
                Found in oauth2/handler.go - About 1 hr to fix

                  Similar blocks of code found in 2 locations. Consider refactoring.
                  Open

                          {
            ID:             fmt.Sprintf("%s_flush-access-3", uniqueName),
            RequestedAt:    time.Now().Round(time.Second).Add(-(lifespan + time.Hour)),
            Client:         &client.Client{ID: fmt.Sprintf("%s_flush-access-3", uniqueName)},
            RequestedScope: fosite.Arguments{"fa", "ba"},
                  Severity: Major
                  Found in internal/testhelpers/janitor_test_helper.go and 1 other location - About 1 hr to fix
                  internal/testhelpers/janitor_test_helper.go on lines 691..699

                  Duplicated Code

                  Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                  Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                  When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                  Tuning

                  This issue has a mass of 172.

                  We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                  The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                  If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                  See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                  Refactorings

                  Further Reading

                  Similar blocks of code found in 2 locations. Consider refactoring.
                  Open

                          {
            ID:             fmt.Sprintf("%s_flush-access-2", uniqueName),
            RequestedAt:    time.Now().Round(time.Second).Add(-(lifespan + time.Minute)),
            Client:         &client.Client{ID: fmt.Sprintf("%s_flush-access-2", uniqueName)},
            RequestedScope: fosite.Arguments{"fa", "ba"},
                  Severity: Major
                  Found in internal/testhelpers/janitor_test_helper.go and 1 other location - About 1 hr to fix
                  internal/testhelpers/janitor_test_helper.go on lines 700..708

                  Duplicated Code

                  Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                  Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                  When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                  Tuning

                  This issue has a mass of 172.

                  We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                  The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                  If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                  See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                  Refactorings

                  Further Reading

                  Method OAuth2APIService.AcceptOAuth2ConsentRequestExecute has 67 lines of code (exceeds 50 allowed). Consider refactoring.
                  Open

                  func (a *OAuth2APIService) AcceptOAuth2ConsentRequestExecute(r ApiAcceptOAuth2ConsentRequestRequest) (*OAuth2RedirectTo, *http.Response, error) {
    var (
        localVarHTTPMethod  = http.MethodPut
        localVarPostBody    interface{}
        formFiles           []formFile
                  Severity: Minor
                  Found in internal/httpclient/api_o_auth2.go - About 1 hr to fix
                    Severity
                    Category
                    Status
                    Source
                    Language