Sign upLogin

ory-am/hydra

View on GitHub
Star

Showing 853 of 853 total issues

Identical blocks of code found in 2 locations. Consider refactoring.
Open

  if (req.query.state !== req.session.state) {
    res.send(JSON.stringify({ result: "error", error: "states mismatch" }))
    return
  }
Severity: Major
Found in test/e2e/oauth2-client/src/index.js and 1 other location - About 1 hr to fix
test/e2e/oauth2-client/src/index.js on lines 125..128

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 58.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Identical blocks of code found in 2 locations. Consider refactoring.
Open

                return cy
                  .refreshTokenBrowser(client, originalToken)
                  .then((response) => {
                    expect(response.status).to.eq(401)
                    expect(response.body.error).to.eq("token_inactive")
Severity: Major
Found in cypress/integration/oauth2/refresh_token.js and 1 other location - About 1 hr to fix
cypress/integration/oauth2/refresh_token.js on lines 87..97

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 58.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Identical blocks of code found in 2 locations. Consider refactoring.
Open

  if (req.query.state !== req.session.state) {
    res.send(JSON.stringify({ result: "error", error: "states mismatch" }))
    return
  }
Severity: Major
Found in test/e2e/oauth2-client/src/index.js and 1 other location - About 1 hr to fix
test/e2e/oauth2-client/src/index.js on lines 307..310

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 58.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Identical blocks of code found in 3 locations. Consider refactoring.
Open

        testhelpers.NewLoginConsentUI(t, reg.Config(),
            acceptLoginHandler(t, subject, &hydra.AcceptOAuth2LoginRequest{
                Remember: pointerx.Bool(true),
            }),
            acceptConsentHandler(t, &hydra.AcceptOAuth2ConsentRequest{
Severity: Major
Found in consent/strategy_oauth_test.go and 2 other locations - About 1 hr to fix
consent/strategy_oauth_test.go on lines 460..471
consent/strategy_oauth_test.go on lines 560..571

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 138.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Identical blocks of code found in 3 locations. Consider refactoring.
Open

        testhelpers.NewLoginConsentUI(t, reg.Config(),
            acceptLoginHandler(t, subject, &hydra.AcceptOAuth2LoginRequest{
                Remember: pointerx.Bool(true),
            }),
            acceptConsentHandler(t, &hydra.AcceptOAuth2ConsentRequest{
Severity: Major
Found in consent/strategy_oauth_test.go and 2 other locations - About 1 hr to fix
consent/strategy_oauth_test.go on lines 382..393
consent/strategy_oauth_test.go on lines 560..571

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 138.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Identical blocks of code found in 3 locations. Consider refactoring.
Open

        testhelpers.NewLoginConsentUI(t, reg.Config(),
            acceptLoginHandler(t, subject, &hydra.AcceptOAuth2LoginRequest{
                Remember: pointerx.Bool(true),
            }),
            acceptConsentHandler(t, &hydra.AcceptOAuth2ConsentRequest{
Severity: Major
Found in consent/strategy_oauth_test.go and 2 other locations - About 1 hr to fix
consent/strategy_oauth_test.go on lines 382..393
consent/strategy_oauth_test.go on lines 460..471

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 138.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Function NewOidcConfiguration has 9 arguments (exceeds 4 allowed). Consider refactoring.
Open

func NewOidcConfiguration(authorizationEndpoint string, idTokenSignedResponseAlg []string, idTokenSigningAlgValuesSupported []string, issuer string, jwksUri string, responseTypesSupported []string, subjectTypesSupported []string, tokenEndpoint string, userinfoSignedResponseAlg []string) *OidcConfiguration {
Severity: Major
Found in internal/httpclient/model_oidc_configuration.go - About 1 hr to fix

    Function initTestKeyPairs has 28 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

    const initTestKeyPairs = async () => {
  const algorithm = {
    name: "RSASSA-PKCS1-v1_5",
    modulusLength: 2048,
    publicExponent: new Uint8Array([1, 0, 1]),
    Severity: Minor
    Found in cypress/integration/oauth2/grant_jwtbearer.js - About 1 hr to fix

      Similar blocks of code found in 4 locations. Consider refactoring.
      Open

      func AssertObjectKeysEqual(t *testing.T, a, b interface{}, keys ...string) {
    assert.True(t, len(keys) > 0, "No keys provided.")
    for _, k := range keys {
        c, err := reflections.GetField(a, k)
        assert.Nil(t, err)
      Severity: Major
      Found in oauth2/equalKeys.go and 3 other locations - About 1 hr to fix
      oauth2/equalKeys.go on lines 25..34
      oauth2/equalKeys.go on lines 36..45
      oauth2/equalKeys.go on lines 46..55

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 137.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Similar blocks of code found in 4 locations. Consider refactoring.
      Open

      func RequireObjectKeysEqual(t *testing.T, a, b interface{}, keys ...string) {
    assert.True(t, len(keys) > 0, "No keys provided.")
    for _, k := range keys {
        c, err := reflections.GetField(a, k)
        assert.Nil(t, err)
      Severity: Major
      Found in oauth2/equalKeys.go and 3 other locations - About 1 hr to fix
      oauth2/equalKeys.go on lines 14..23
      oauth2/equalKeys.go on lines 25..34
      oauth2/equalKeys.go on lines 46..55

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 137.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Similar blocks of code found in 4 locations. Consider refactoring.
      Open

      func RequireObjectKeysNotEqual(t *testing.T, a, b interface{}, keys ...string) {
    assert.True(t, len(keys) > 0, "No keys provided.")
    for _, k := range keys {
        c, err := reflections.GetField(a, k)
        assert.Nil(t, err)
      Severity: Major
      Found in oauth2/equalKeys.go and 3 other locations - About 1 hr to fix
      oauth2/equalKeys.go on lines 14..23
      oauth2/equalKeys.go on lines 25..34
      oauth2/equalKeys.go on lines 36..45

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 137.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Similar blocks of code found in 4 locations. Consider refactoring.
      Open

      func AssertObjectKeysNotEqual(t *testing.T, a, b interface{}, keys ...string) {
    assert.True(t, len(keys) > 0, "No keys provided.")
    for _, k := range keys {
        c, err := reflections.GetField(a, k)
        assert.Nil(t, err)
      Severity: Major
      Found in oauth2/equalKeys.go and 3 other locations - About 1 hr to fix
      oauth2/equalKeys.go on lines 14..23
      oauth2/equalKeys.go on lines 36..45
      oauth2/equalKeys.go on lines 46..55

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 137.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Identical blocks of code found in 2 locations. Consider refactoring.
      Open

              {
            name: "FindKeyPair Error",
            args: args{
                ctx: context.TODO(),
                set: x.OpenIDConnectKeyName,
      Severity: Major
      Found in hsm/manager_hsm_test.go and 1 other location - About 1 hr to fix
      hsm/manager_hsm_test.go on lines 727..738

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 136.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Identical blocks of code found in 2 locations. Consider refactoring.
      Open

              {
            name: "FindKeyPair Error",
            args: args{
                ctx: context.TODO(),
                set: x.OpenIDConnectKeyName,
      Severity: Major
      Found in hsm/manager_hsm_test.go and 1 other location - About 1 hr to fix
      hsm/manager_hsm_test.go on lines 488..499

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 136.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Method OidcAPIService.CreateOidcDynamicClientExecute has 11 return statements (exceeds 4 allowed).
      Open

      func (a *OidcAPIService) CreateOidcDynamicClientExecute(r ApiCreateOidcDynamicClientRequest) (*OAuth2Client, *http.Response, error) {
    var (
        localVarHTTPMethod  = http.MethodPost
        localVarPostBody    interface{}
        formFiles           []formFile
      Severity: Major
      Found in internal/httpclient/api_oidc.go - About 1 hr to fix

        Method OAuth2APIService.CreateOAuth2ClientExecute has 11 return statements (exceeds 4 allowed).
        Open

        func (a *OAuth2APIService) CreateOAuth2ClientExecute(r ApiCreateOAuth2ClientRequest) (*OAuth2Client, *http.Response, error) {
    var (
        localVarHTTPMethod  = http.MethodPost
        localVarPostBody    interface{}
        formFiles           []formFile
        Severity: Major
        Found in internal/httpclient/api_o_auth2.go - About 1 hr to fix

          Method OAuth2APIService.GetOAuth2ConsentRequestExecute has 11 return statements (exceeds 4 allowed).
          Open

          func (a *OAuth2APIService) GetOAuth2ConsentRequestExecute(r ApiGetOAuth2ConsentRequestRequest) (*OAuth2ConsentRequest, *http.Response, error) {
    var (
        localVarHTTPMethod  = http.MethodGet
        localVarPostBody    interface{}
        formFiles           []formFile
          Severity: Major
          Found in internal/httpclient/api_o_auth2.go - About 1 hr to fix

            Method DefaultStrategy.verifyConsent has 11 return statements (exceeds 4 allowed).
            Open

            func (s *DefaultStrategy) verifyConsent(ctx context.Context, _ http.ResponseWriter, r *http.Request, verifier string) (_ *flow.AcceptOAuth2ConsentRequest, _ *flow.Flow, err error) {
    ctx, span := trace.SpanFromContext(ctx).TracerProvider().Tracer("").Start(ctx, "DefaultStrategy.verifyConsent")
    defer otelx.End(span, &err)

    // We decode the flow here once again because VerifyAndInvalidateConsentRequest does not return the flow
            Severity: Major
            Found in consent/strategy_default.go - About 1 hr to fix

              Method OidcAPIService.SetOidcDynamicClientExecute has 11 return statements (exceeds 4 allowed).
              Open

              func (a *OidcAPIService) SetOidcDynamicClientExecute(r ApiSetOidcDynamicClientRequest) (*OAuth2Client, *http.Response, error) {
    var (
        localVarHTTPMethod  = http.MethodPut
        localVarPostBody    interface{}
        formFiles           []formFile
              Severity: Major
              Found in internal/httpclient/api_oidc.go - About 1 hr to fix

                Method OAuth2APIService.PatchOAuth2ClientExecute has 11 return statements (exceeds 4 allowed).
                Open

                func (a *OAuth2APIService) PatchOAuth2ClientExecute(r ApiPatchOAuth2ClientRequest) (*OAuth2Client, *http.Response, error) {
    var (
        localVarHTTPMethod  = http.MethodPatch
        localVarPostBody    interface{}
        formFiles           []formFile
                Severity: Major
                Found in internal/httpclient/api_o_auth2.go - About 1 hr to fix
                  Severity
                  Category
                  Status
                  Source
                  Language