Sign upLogin

ory-am/hydra

View on GitHub
Star

Showing 853 of 853 total issues

Function getRefreshRequests has 51 lines of code (exceeds 50 allowed). Consider refactoring.
Open

func getRefreshRequests(uniqueName string, lifespan time.Duration) []*fosite.AccessRequest {
    var tokenSignature = "4c7c7e8b3a77ad0c3ec846a21653c48b45dbfa31" //nolint:gosec
    return []*fosite.AccessRequest{
        {
            GrantTypes: []string{
Severity: Minor
Found in internal/testhelpers/janitor_test_helper.go - About 1 hr to fix

    Function Test_toSDKFriendlyJSONWebKey has 51 lines of code (exceeds 50 allowed). Consider refactoring.
    Open

    func Test_toSDKFriendlyJSONWebKey(t *testing.T) {
    publicJWK := []byte(`{
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
    Severity: Minor
    Found in cmd/cli/handler_jwk_test.go - About 1 hr to fix

      Similar blocks of code found in 2 locations. Consider refactoring.
      Open

      func (p *Persister) CountClients(ctx context.Context) (n int, err error) {
    ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.CountClients")
    defer otelx.End(span, &err)

    n, err = p.QueryWithNetwork(ctx).Count(&client.Client{})
      Severity: Major
      Found in persistence/sql/persister_client.go and 1 other location - About 1 hr to fix
      persistence/sql/persister_grant_jwk.go on lines 103..110

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 132.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Similar blocks of code found in 2 locations. Consider refactoring.
      Open

      func (p *Persister) CountGrants(ctx context.Context) (n int, err error) {
    ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.CountGrants")
    defer otelx.End(span, &err)

    n, err = p.QueryWithNetwork(ctx).
      Severity: Major
      Found in persistence/sql/persister_grant_jwk.go and 1 other location - About 1 hr to fix
      persistence/sql/persister_client.go on lines 162..168

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 132.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Similar blocks of code found in 2 locations. Consider refactoring.
      Open

      func (p *Persister) FlushInactiveAccessTokens(ctx context.Context, notAfter time.Time, limit int, batchSize int) (err error) {
    ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.FlushInactiveAccessTokens")
    defer otelx.End(span, &err)
    return p.flushInactiveTokens(ctx, notAfter, limit, batchSize, sqlTableAccess, p.config.GetAccessTokenLifespan(ctx))
}
      Severity: Major
      Found in persistence/sql/persister_oauth2.go and 1 other location - About 1 hr to fix
      persistence/sql/persister_oauth2.go on lines 538..542

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 132.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Similar blocks of code found in 2 locations. Consider refactoring.
      Open

      func (p *Persister) FlushInactiveRefreshTokens(ctx context.Context, notAfter time.Time, limit int, batchSize int) (err error) {
    ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.FlushInactiveRefreshTokens")
    defer otelx.End(span, &err)
    return p.flushInactiveTokens(ctx, notAfter, limit, batchSize, sqlTableRefresh, p.config.GetRefreshTokenLifespan(ctx))
}
      Severity: Major
      Found in persistence/sql/persister_oauth2.go and 1 other location - About 1 hr to fix
      persistence/sql/persister_oauth2.go on lines 532..536

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 132.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Similar blocks of code found in 6 locations. Consider refactoring.
      Open

      func TestNonEmptySubjectWithAnySubjectFlagIsInvalid(t *testing.T) {
    v := GrantValidator{}

    r := createGrantRequest{
        Issuer:          "valid-issuer",
      Severity: Major
      Found in oauth2/trust/validator_test.go and 5 other locations - About 1 hr to fix
      oauth2/trust/validator_test.go on lines 13..29
      oauth2/trust/validator_test.go on lines 31..47
      oauth2/trust/validator_test.go on lines 49..65
      oauth2/trust/validator_test.go on lines 103..119
      oauth2/trust/validator_test.go on lines 121..137

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 131.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Similar blocks of code found in 6 locations. Consider refactoring.
      Open

      func TestIsValid(t *testing.T) {
    v := GrantValidator{}

    r := createGrantRequest{
        Issuer:          "valid-issuer",
      Severity: Major
      Found in oauth2/trust/validator_test.go and 5 other locations - About 1 hr to fix
      oauth2/trust/validator_test.go on lines 13..29
      oauth2/trust/validator_test.go on lines 31..47
      oauth2/trust/validator_test.go on lines 49..65
      oauth2/trust/validator_test.go on lines 67..83
      oauth2/trust/validator_test.go on lines 103..119

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 131.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Similar blocks of code found in 6 locations. Consider refactoring.
      Open

      func TestEmptySubjectWithAnySubjectFlagIsValid(t *testing.T) {
    v := GrantValidator{}

    r := createGrantRequest{
        Issuer:          "valid-issuer",
      Severity: Major
      Found in oauth2/trust/validator_test.go and 5 other locations - About 1 hr to fix
      oauth2/trust/validator_test.go on lines 13..29
      oauth2/trust/validator_test.go on lines 31..47
      oauth2/trust/validator_test.go on lines 67..83
      oauth2/trust/validator_test.go on lines 103..119
      oauth2/trust/validator_test.go on lines 121..137

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 131.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Similar blocks of code found in 6 locations. Consider refactoring.
      Open

      func TestEmptySubjectAndNoAnySubjectFlagIsInvalid(t *testing.T) {
    v := GrantValidator{}

    r := createGrantRequest{
        Issuer:          "valid-issuer",
      Severity: Major
      Found in oauth2/trust/validator_test.go and 5 other locations - About 1 hr to fix
      oauth2/trust/validator_test.go on lines 13..29
      oauth2/trust/validator_test.go on lines 49..65
      oauth2/trust/validator_test.go on lines 67..83
      oauth2/trust/validator_test.go on lines 103..119
      oauth2/trust/validator_test.go on lines 121..137

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 131.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Similar blocks of code found in 6 locations. Consider refactoring.
      Open

      func TestEmptyIssuerIsInvalid(t *testing.T) {
    v := GrantValidator{}

    r := createGrantRequest{
        Issuer:          "",
      Severity: Major
      Found in oauth2/trust/validator_test.go and 5 other locations - About 1 hr to fix
      oauth2/trust/validator_test.go on lines 31..47
      oauth2/trust/validator_test.go on lines 49..65
      oauth2/trust/validator_test.go on lines 67..83
      oauth2/trust/validator_test.go on lines 103..119
      oauth2/trust/validator_test.go on lines 121..137

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 131.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Similar blocks of code found in 6 locations. Consider refactoring.
      Open

      func TestEmptyPublicKeyIdIsInvalid(t *testing.T) {
    v := GrantValidator{}

    r := createGrantRequest{
        Issuer:          "valid-issuer",
      Severity: Major
      Found in oauth2/trust/validator_test.go and 5 other locations - About 1 hr to fix
      oauth2/trust/validator_test.go on lines 13..29
      oauth2/trust/validator_test.go on lines 31..47
      oauth2/trust/validator_test.go on lines 49..65
      oauth2/trust/validator_test.go on lines 67..83
      oauth2/trust/validator_test.go on lines 121..137

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 131.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Similar blocks of code found in 2 locations. Consider refactoring.
      Open

      func (m *MockOAuth2Provider) NewPushedAuthorizeRequest(arg0 context.Context, arg1 *http.Request) (fosite.AuthorizeRequester, error) {
    m.ctrl.T.Helper()
    ret := m.ctrl.Call(m, "NewPushedAuthorizeRequest", arg0, arg1)
    ret0, _ := ret[0].(fosite.AuthorizeRequester)
    ret1, _ := ret[1].(error)
      Severity: Major
      Found in oauth2/oauth2_provider_mock_test.go and 1 other location - About 1 hr to fix
      oauth2/oauth2_provider_mock_test.go on lines 95..101

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 131.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Similar blocks of code found in 2 locations. Consider refactoring.
      Open

      func (m *MockOAuth2Provider) NewAuthorizeRequest(arg0 context.Context, arg1 *http.Request) (fosite.AuthorizeRequester, error) {
    m.ctrl.T.Helper()
    ret := m.ctrl.Call(m, "NewAuthorizeRequest", arg0, arg1)
    ret0, _ := ret[0].(fosite.AuthorizeRequester)
    ret1, _ := ret[1].(error)
      Severity: Major
      Found in oauth2/oauth2_provider_mock_test.go and 1 other location - About 1 hr to fix
      oauth2/oauth2_provider_mock_test.go on lines 140..146

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 131.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Function SaneMockHandleConsentRequest has 8 arguments (exceeds 4 allowed). Consider refactoring.
      Open

      func SaneMockHandleConsentRequest(t *testing.T, m consent.Manager, f *flow.Flow, c *flow.OAuth2ConsentRequest, authAt time.Time, rememberFor int, remember bool, hasError bool) *flow.AcceptOAuth2ConsentRequest {
      Severity: Major
      Found in consent/test/manager_test_helpers.go - About 1 hr to fix

        Method DefaultStrategy.requestAuthentication has 10 return statements (exceeds 4 allowed).
        Open

        func (s *DefaultStrategy) requestAuthentication(ctx context.Context, w http.ResponseWriter, r *http.Request, ar fosite.AuthorizeRequester) (err error) {
    ctx, span := trace.SpanFromContext(ctx).TracerProvider().Tracer("").Start(ctx, "DefaultStrategy.requestAuthentication")
    defer otelx.End(span, &err)

    prompt := stringsx.Splitx(ar.GetRequestForm().Get("prompt"), " ")
        Severity: Major
        Found in consent/strategy_default.go - About 1 hr to fix

          Function MockConsentRequest has 8 arguments (exceeds 4 allowed). Consider refactoring.
          Open

          func MockConsentRequest(key string, remember bool, rememberFor int, hasError bool, skip bool, authAt bool, loginChallengeBase string, network string) (c *flow.OAuth2ConsentRequest, h *flow.AcceptOAuth2ConsentRequest, f *flow.Flow) {
          Severity: Major
          Found in consent/test/manager_test_helpers.go - About 1 hr to fix

            Method OidcAPIService.CreateVerifiableCredentialExecute has 10 return statements (exceeds 4 allowed).
            Open

            func (a *OidcAPIService) CreateVerifiableCredentialExecute(r ApiCreateVerifiableCredentialRequest) (*VerifiableCredentialResponse, *http.Response, error) {
    var (
        localVarHTTPMethod  = http.MethodPost
        localVarPostBody    interface{}
        formFiles           []formFile
            Severity: Major
            Found in internal/httpclient/api_oidc.go - About 1 hr to fix

              Method Handler.acceptOAuth2LoginRequest has 10 return statements (exceeds 4 allowed).
              Open

              func (h *Handler) acceptOAuth2LoginRequest(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
    ctx := r.Context()

    challenge := stringsx.Coalesce(
        r.URL.Query().Get("login_challenge"),
              Severity: Major
              Found in consent/handler.go - About 1 hr to fix

                Function NewKeysImportCmd has 10 return statements (exceeds 4 allowed).
                Open

                func NewKeysImportCmd() *cobra.Command {
    cmd := &cobra.Command{
        Use:  "jwk set-id file-1 [file-2] [file-n]",
        Args: cobra.MinimumNArgs(1),
        Example: `{{ .CommandPath }} my-set ./path/to/jwk.json ./path/to/jwk-2.json --format json
                Severity: Major
                Found in cmd/cmd_import_jwk.go - About 1 hr to fix
                  Severity
                  Category
                  Status
                  Source
                  Language