public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #1052 from oauth2-proxy/update-linter 

Update golangci-lint to latest version (v1.36.0)
This commit is contained in:
Joel Speed 2021-02-17 20:56:43 +00:00 committed by GitHub
parent 76269a13b7 9cea4ea89b
commit 322308aab5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 23 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/ci.yaml vendored
View File

@ -14,7 +14,7 @@ jobs:
build: build:
env: env:
COVER: true COVER: true
runs-on: ubuntu-18.04 runs-on: ubuntu-20.04
steps: steps:
- name: Check out code - name: Check out code
@ -28,7 +28,7 @@ jobs:
- name: Get dependencies - name: Get dependencies
run: | run: |
curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.24.0 curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.36.0
go mod download go mod download
curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter
chmod +x ./cc-test-reporter chmod +x ./cc-test-reporter
@ -52,7 +52,7 @@ jobs:
./.github/workflows/test.sh ./.github/workflows/test.sh
docker: docker:
runs-on: ubuntu-18.04 runs-on: ubuntu-20.04
steps: steps:
- name: Check out code - name: Check out code

1
CHANGELOG.md
View File

@ -8,6 +8,7 @@
## Changes since v7.0.1 ## Changes since v7.0.1
- [#1052](https://github.com/oauth2-proxy/oauth2-proxy/pull/1052) Update golangci-lint to latest version (v1.36.0) (@JoelSpeed)
- [#1043](https://github.com/oauth2-proxy/oauth2-proxy/pull/1043) Refactor Sign In Page rendering and capture all page rendering code in pagewriter package (@JoelSpeed) - [#1043](https://github.com/oauth2-proxy/oauth2-proxy/pull/1043) Refactor Sign In Page rendering and capture all page rendering code in pagewriter package (@JoelSpeed)
- [#1029](https://github.com/oauth2-proxy/oauth2-proxy/pull/1029) Refactor error page rendering and allow debug messages on error (@JoelSpeed) - [#1029](https://github.com/oauth2-proxy/oauth2-proxy/pull/1029) Refactor error page rendering and allow debug messages on error (@JoelSpeed)
- [#1028](https://github.com/oauth2-proxy/oauth2-proxy/pull/1028) Refactor templates, update theme and provide styled error pages (@JoelSpeed) - [#1028](https://github.com/oauth2-proxy/oauth2-proxy/pull/1028) Refactor templates, update theme and provide styled error pages (@JoelSpeed)

4
oauthproxy.go
View File

@ -805,6 +805,8 @@ func (p *OAuthProxy) redeemCode(req *http.Request) (*sessionsapi.SessionState, e
func (p *OAuthProxy) enrichSessionState(ctx context.Context, s *sessionsapi.SessionState) error { func (p *OAuthProxy) enrichSessionState(ctx context.Context, s *sessionsapi.SessionState) error {
var err error var err error
if s.Email == "" { if s.Email == "" {
// TODO(@NickMeves): Remove once all provider are updated to implement EnrichSession
// nolint:staticcheck
s.Email, err = p.provider.GetEmailAddress(ctx, s) s.Email, err = p.provider.GetEmailAddress(ctx, s)
if err != nil && !errors.Is(err, providers.ErrNotImplemented) { if err != nil && !errors.Is(err, providers.ErrNotImplemented) {
return err return err
@ -1106,7 +1108,7 @@ func (p *OAuthProxy) getAuthenticatedSession(rw http.ResponseWriter, req *http.R
// TODO (@NickMeves): This method is a placeholder to be extended but currently // TODO (@NickMeves): This method is a placeholder to be extended but currently
// fails the linter. Remove the nolint when functionality expands. // fails the linter. Remove the nolint when functionality expands.
// //
//nolint:S1008 //nolint:gosimple
func authOnlyAuthorize(req *http.Request, s *sessionsapi.SessionState) bool { func authOnlyAuthorize(req *http.Request, s *sessionsapi.SessionState) bool {
// Allow secondary group restrictions based on the `allowed_groups` // Allow secondary group restrictions based on the `allowed_groups`
// querystring parameter // querystring parameter

6
pkg/validation/options.go
View File

@ -41,10 +41,10 @@ func Validate(o *options.Options) error {
} else if len(o.ProviderCAFiles) > 0 { } else if len(o.ProviderCAFiles) > 0 {
pool, err := util.GetCertPool(o.ProviderCAFiles) pool, err := util.GetCertPool(o.ProviderCAFiles)
if err == nil { if err == nil {
transport := &http.Transport{ transport := http.DefaultTransport.(*http.Transport).Clone()
TLSClientConfig: &tls.Config{ transport.TLSClientConfig = &tls.Config{
RootCAs: pool, RootCAs: pool,
}, MinVersion: tls.VersionTLS12,
} }
http.DefaultClient = &http.Client{Transport: transport} http.DefaultClient = &http.Client{Transport: transport}

11
providers/logingov.go
View File

@ -3,9 +3,10 @@ package providers
import ( import (
"bytes" "bytes"
"context" "context"
"crypto/rand"
"crypto/rsa" "crypto/rsa"
"fmt" "fmt"
"math/rand" "math/big"
"net/url" "net/url"
"time" "time"
@ -34,7 +35,13 @@ var letters = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ")
func randSeq(n int) string { func randSeq(n int) string {
b := make([]rune, n) b := make([]rune, n)
for i := range b { for i := range b {
b[i] = letters[rand.Intn(len(letters))] max := big.NewInt(int64(len(letters)))
bigN, err := rand.Int(rand.Reader, max)
if err != nil {
// This should never happen
panic(err)
}
b[i] = letters[bigN.Int64()]
} }
return string(b) return string(b)
} }

2
providers/provider_default.go
View File

@ -94,7 +94,7 @@ func (p *ProviderData) GetLoginURL(redirectURI, state string) string {
} }
// GetEmailAddress returns the Account email address // GetEmailAddress returns the Account email address
// DEPRECATED: Migrate to EnrichSession // Deprecated: Migrate to EnrichSession
func (p *ProviderData) GetEmailAddress(_ context.Context, _ *sessions.SessionState) (string, error) { func (p *ProviderData) GetEmailAddress(_ context.Context, _ *sessions.SessionState) (string, error) {
return "", ErrNotImplemented return "", ErrNotImplemented
} }

2
providers/providers.go
View File

@ -9,7 +9,7 @@ import (
// Provider represents an upstream identity provider implementation // Provider represents an upstream identity provider implementation
type Provider interface { type Provider interface {
Data() *ProviderData Data() *ProviderData
// DEPRECATED: Migrate to EnrichSession // Deprecated: Migrate to EnrichSession
GetEmailAddress(ctx context.Context, s *sessions.SessionState) (string, error) GetEmailAddress(ctx context.Context, s *sessions.SessionState) (string, error)
Redeem(ctx context.Context, redirectURI, code string) (*sessions.SessionState, error) Redeem(ctx context.Context, redirectURI, code string) (*sessions.SessionState, error)
EnrichSession(ctx context.Context, s *sessions.SessionState) error EnrichSession(ctx context.Context, s *sessions.SessionState) error