Sign upLogin

pac4j/pac4j

View on GitHub
Star

Showing 391 of 391 total issues

Method tryCreateSaml2Client has a Cognitive Complexity of 61 (exceeds 5 allowed). Consider refactoring.
Open

    public void tryCreateSaml2Client(final Collection<Client> clients) {
        for (var i = 0; i <= MAX_NUM_CLIENTS; i++) {
            val keystorePassword = getProperty(SAML_KEYSTORE_PASSWORD, i);
            val privateKeyPassword = getProperty(SAML_PRIVATE_KEY_PASSWORD, i);
            val keystorePath = getProperty(SAML_KEYSTORE_PATH, i);
Severity: Minor
Found in pac4j-config/src/main/java/org/pac4j/config/builder/Saml2ClientBuilder.java - About 1 day to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method perform has a Cognitive Complexity of 50 (exceeds 5 allowed). Consider refactoring.
Open

    @Override
    public Object perform(final Config config, final String defaultUrl, final String inputLogoutUrlPattern, final Boolean inputLocalLogout,
                          final Boolean inputDestroySession, final Boolean inputCentralLogout, final FrameworkParameters parameters) {

        LOGGER.debug("=== LOGOUT ===");
Severity: Minor
Found in pac4j-core/src/main/java/org/pac4j/core/engine/DefaultLogoutLogic.java - About 7 hrs to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method tryCreateOidcClient has a Cognitive Complexity of 46 (exceeds 5 allowed). Consider refactoring.
Open

    public void tryCreateOidcClient(final Collection<Client> clients) {
        for (var i = 0; i <= MAX_NUM_CLIENTS; i++) {
            val id = getProperty(OIDC_ID, i);
            if (isNotBlank(id)) {
                val configuration = new OidcConfiguration();
Severity: Minor
Found in pac4j-config/src/main/java/org/pac4j/config/builder/OidcClientBuilder.java - About 7 hrs to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method tryCreatePasswordEncoder has a Cognitive Complexity of 39 (exceeds 5 allowed). Consider refactoring.
Open

    public void tryCreatePasswordEncoder(final Map<String, org.pac4j.core.credentials.password.PasswordEncoder> encoders) {
        for (var i = 0; i <= MAX_NUM_ENCODERS; i++) {
            val type = getProperty(SPRING_ENCODER_TYPE, i);
            if (isNotBlank(type)) {
                final PasswordEncoder encoder;
Severity: Minor
Found in pac4j-config/src/main/java/org/pac4j/config/builder/SpringEncoderBuilder.java - About 5 hrs to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Identical blocks of code found in 2 locations. Consider refactoring.
Open

package org.pac4j.jee.config;

import jakarta.servlet.*;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
Severity: Major
Found in pac4j-jakartaee/src/main/java/org/pac4j/jee/config/AbstractConfigFilter.java and 1 other location - About 5 hrs to fix
pac4j-javaee/src/main/java/org/pac4j/jee/config/AbstractConfigFilter.java on lines 1..128

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 328.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Identical blocks of code found in 2 locations. Consider refactoring.
Open

package org.pac4j.jee.config;

import lombok.Getter;
import lombok.val;
import org.pac4j.core.config.Config;
Severity: Major
Found in pac4j-javaee/src/main/java/org/pac4j/jee/config/AbstractConfigFilter.java and 1 other location - About 5 hrs to fix
pac4j-jakartaee/src/main/java/org/pac4j/jee/config/AbstractConfigFilter.java on lines 1..128

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 328.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

package org.pac4j.jwt.config.signature;

import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
Severity: Major
Found in pac4j-jwt/src/main/java/org/pac4j/jwt/config/signature/RSASignatureConfiguration.java and 1 other location - About 5 hrs to fix
pac4j-jwt/src/main/java/org/pac4j/jwt/config/signature/ECSignatureConfiguration.java on lines 1..129

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 319.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

package org.pac4j.jwt.config.signature;

import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
Severity: Major
Found in pac4j-jwt/src/main/java/org/pac4j/jwt/config/signature/ECSignatureConfiguration.java and 1 other location - About 5 hrs to fix
pac4j-jwt/src/main/java/org/pac4j/jwt/config/signature/RSASignatureConfiguration.java on lines 1..128

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 319.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Method create has a Cognitive Complexity of 32 (exceeds 5 allowed). Consider refactoring.
Open

    @Override
    @SuppressWarnings("unchecked")
    public Optional<UserProfile> create(final CallContext ctx, final Credentials credentials) {
        init();
Severity: Minor
Found in pac4j-oidc/src/main/java/org/pac4j/oidc/profile/creator/OidcProfileCreator.java - About 4 hrs to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

FacebookProfile has 36 methods (exceeds 20 allowed). Consider refactoring.
Open

@SuppressWarnings("unchecked")
public class FacebookProfile extends OAuth20Profile {

    @Serial
    private static final long serialVersionUID = 6339376303764855109L;
Severity: Minor
Found in pac4j-oauth/src/main/java/org/pac4j/oauth/profile/facebook/FacebookProfile.java - About 4 hrs to fix

    BasicUserProfile has 35 methods (exceeds 20 allowed). Consider refactoring.
    Open

    @EqualsAndHashCode
@ToString
public class BasicUserProfile implements UserProfile, Externalizable {

    @Serial
    Severity: Minor
    Found in pac4j-core/src/main/java/org/pac4j/core/profile/BasicUserProfile.java - About 4 hrs to fix

      TwitterProfile has 35 methods (exceeds 20 allowed). Consider refactoring.
      Open

      public class TwitterProfile extends OAuth10Profile {

    @Serial
    private static final long serialVersionUID = -6473348745856820192L;
      Severity: Minor
      Found in pac4j-oauth/src/main/java/org/pac4j/oauth/profile/twitter/TwitterProfile.java - About 4 hrs to fix

        VkProfile has 34 methods (exceeds 20 allowed). Consider refactoring.
        Open

        public class VkProfile extends OAuth20Profile {

    @Serial
    private static final long serialVersionUID = -7889265305949082980L;
        Severity: Minor
        Found in pac4j-oauth/src/main/java/org/pac4j/oauth/profile/vk/VkProfile.java - About 4 hrs to fix

          File LinkedIn2ProfilePicture.java has 343 lines of code (exceeds 250 allowed). Consider refactoring.
          Open

          package org.pac4j.oauth.profile.linkedin2;

import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.util.TokenBuffer;
          Severity: Minor
          Found in pac4j-oauth/src/main/java/org/pac4j/oauth/profile/linkedin2/LinkedIn2ProfilePicture.java - About 4 hrs to fix

            Method buildLdapProperties has a Cognitive Complexity of 28 (exceeds 5 allowed). Consider refactoring.
            Open

                private LdapAuthenticationProperties buildLdapProperties(final int i) {
        val ldapProp = new LdapAuthenticationProperties();
        val type = getProperty(LDAP_TYPE, i);
        ldapProp.setType(LdapAuthenticationProperties.AuthenticationTypes.valueOf(type.toUpperCase()));
        ldapProp.setDnFormat(getProperty(LDAP_DN_FORMAT, i));
            Severity: Minor
            Found in pac4j-config/src/main/java/org/pac4j/config/builder/LdapAuthenticatorBuilder.java - About 4 hrs to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Method buildDataSource has a Cognitive Complexity of 28 (exceeds 5 allowed). Consider refactoring.
            Open

                private DataSource buildDataSource(final int i) throws SQLException {
        val ds = new HikariDataSource();
        if (containsProperty(DB_DATASOURCE_CLASS_NAME, i)) {
            ds.setDataSourceClassName(getProperty(DB_DATASOURCE_CLASS_NAME, i));
        } else if (containsProperty(DB_JDBC_URL, i)) {
            Severity: Minor
            Found in pac4j-config/src/main/java/org/pac4j/config/builder/DbAuthenticatorBuilder.java - About 4 hrs to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Method buildProfile has a Cognitive Complexity of 28 (exceeds 5 allowed). Consider refactoring.
            Open

                protected void buildProfile(final SAML2AuthenticationCredentials credentials) {
        UserProfile profile = (SAML2Profile) getProfileDefinition().newProfile();

        val nameId = credentials.getNameId();
        profile.setId(nameId.getValue());
            Severity: Minor
            Found in pac4j-saml/src/main/java/org/pac4j/saml/credentials/authenticator/SAML2Authenticator.java - About 4 hrs to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            File Pac4jHTTPArtifactDecoder.java has 334 lines of code (exceeds 250 allowed). Consider refactoring.
            Open

            package org.pac4j.saml.transport;


import lombok.Getter;
import lombok.Setter;
            Severity: Minor
            Found in pac4j-saml/src/main/java/org/pac4j/saml/transport/Pac4jHTTPArtifactDecoder.java - About 4 hrs to fix

              Method matches has a Cognitive Complexity of 27 (exceeds 5 allowed). Consider refactoring.
              Open

                  @Override
    public boolean matches(final CallContext ctx) {
        val webContext = ctx.webContext();

        CommonHelper.assertNotNull("csrfTokenGenerator", csrfTokenGenerator);
              Severity: Minor
              Found in pac4j-core/src/main/java/org/pac4j/core/matching/matcher/csrf/CsrfTokenGeneratorMatcher.java - About 3 hrs to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Method generateAuth has a Cognitive Complexity of 27 (exceeds 5 allowed). Consider refactoring.
              Open

                  private void generateAuth(final UserProfile profile, final Iterable<String> attributes) {
        if (attributes == null) {
            return;
        }
              Severity: Minor
              Found in pac4j-core/src/main/java/org/pac4j/core/authorization/generator/FromAttributesAuthorizationGenerator.java - About 3 hrs to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Severity
              Category
              Status
              Source
              Language