From 9a14186a26cb7a12e51d39ed3a10ff0299d5e354 Mon Sep 17 00:00:00 2001 From: Jan Larwig Date: Mon, 8 Jun 2026 12:54:40 +0200 Subject: [PATCH] chore(goconsts): use proper constants for http methods Signed-off-by: Jan Larwig --- oauthproxy.go | 4 +- oauthproxy_test.go | 150 +++++++++---------- pkg/apis/options/load.go | 2 +- pkg/authentication/hmacauth/hmacauth_test.go | 2 +- pkg/requests/builder_test.go | 30 ++-- providers/azure.go | 4 +- providers/google.go | 4 +- providers/logingov.go | 3 +- providers/ms_entra_id.go | 3 +- providers/provider_default.go | 3 +- providers/srht.go | 3 +- 11 files changed, 106 insertions(+), 102 deletions(-) diff --git a/oauthproxy.go b/oauthproxy.go index e2357c8d..f8dc5471 100644 --- a/oauthproxy.go +++ b/oauthproxy.go @@ -587,7 +587,7 @@ func (p *OAuthProxy) ErrorPage(rw http.ResponseWriter, req *http.Request, code i // IsAllowedRequest is used to check if auth should be skipped for this request func (p *OAuthProxy) IsAllowedRequest(req *http.Request) bool { - isPreflightRequestAllowed := p.skipAuthPreflight && req.Method == "OPTIONS" + isPreflightRequestAllowed := p.skipAuthPreflight && req.Method == http.MethodOptions return isPreflightRequestAllowed || p.isAllowedRoute(req) || p.isTrustedIP(req) } @@ -669,7 +669,7 @@ func (p *OAuthProxy) SignInPage(rw http.ResponseWriter, req *http.Request, code // ManualSignIn handles basic auth logins to the proxy func (p *OAuthProxy) ManualSignIn(req *http.Request) (string, bool, int) { - if req.Method != "POST" || p.basicAuthValidator == nil { + if req.Method != http.MethodPost || p.basicAuthValidator == nil { return "", false, http.StatusOK } user := req.FormValue("username") diff --git a/oauthproxy_test.go b/oauthproxy_test.go index e1235a4e..b3271e5b 100644 --- a/oauthproxy_test.go +++ b/oauthproxy_test.go @@ -54,7 +54,7 @@ func TestRobotsTxt(t *testing.T) { t.Fatal(err) } rw := httptest.NewRecorder() - req, _ := http.NewRequest("GET", "/robots.txt", nil) + req, _ := http.NewRequest(http.MethodGet, "/robots.txt", nil) proxy.ServeHTTP(rw, req) assert.Equal(t, 200, rw.Code) assert.Equal(t, "User-agent: *\nDisallow: /\n", rw.Body.String()) @@ -241,7 +241,7 @@ func TestBasicAuthPassword(t *testing.T) { // Save the required session rw := httptest.NewRecorder() - req, _ := http.NewRequest("GET", "/", nil) + req, _ := http.NewRequest(http.MethodGet, "/", nil) err = proxy.sessionStore.Save(rw, req, &sessions.SessionState{ Email: emailAddress, }) @@ -250,7 +250,7 @@ func TestBasicAuthPassword(t *testing.T) { // Extract the cookie value to inject into the test request cookie := rw.Header().Values("Set-Cookie")[0] - req, _ = http.NewRequest("GET", "/", nil) + req, _ = http.NewRequest(http.MethodGet, "/", nil) req.Header.Set("Cookie", cookie) rw = httptest.NewRecorder() proxy.ServeHTTP(rw, req) @@ -300,14 +300,14 @@ func TestPassGroupsHeadersWithGroups(t *testing.T) { // Save the required session rw := httptest.NewRecorder() - req, _ := http.NewRequest("GET", "/", nil) + req, _ := http.NewRequest(http.MethodGet, "/", nil) err = proxy.sessionStore.Save(rw, req, session) assert.NoError(t, err) // Extract the cookie value to inject into the test request cookie := rw.Header().Values("Set-Cookie")[0] - req, _ = http.NewRequest("GET", "/", nil) + req, _ = http.NewRequest(http.MethodGet, "/", nil) req.Header.Set("Cookie", cookie) rw = httptest.NewRecorder() proxy.ServeHTTP(rw, req) @@ -457,7 +457,7 @@ func (patTest *PassAccessTokenTest) getEndpointWithCookie(cookie string, endpoin return 0, "" } - req, err := http.NewRequest("GET", endpoint, strings.NewReader("")) + req, err := http.NewRequest(http.MethodGet, endpoint, strings.NewReader("")) if err != nil { return 0, "" } @@ -608,7 +608,7 @@ func NewSignInPageTest(skipProvider bool) (*SignInPageTest, error) { func (sipTest *SignInPageTest) GetEndpoint(endpoint string) (int, string) { rw := httptest.NewRecorder() - req, _ := http.NewRequest("GET", endpoint, strings.NewReader("")) + req, _ := http.NewRequest(http.MethodGet, endpoint, strings.NewReader("")) sipTest.proxy.ServeHTTP(rw, req) return rw.Code, rw.Body.String() } @@ -894,7 +894,7 @@ func NewProcessCookieTest(opts ProcessCookieTestOpts, modifiers ...OptionsModifi // access_token validation. pcTest.proxy.CookieOptions.Refresh = time.Duration(0) pcTest.rw = httptest.NewRecorder() - pcTest.req, _ = http.NewRequest("GET", "/", strings.NewReader("")) + pcTest.req, _ = http.NewRequest(http.MethodGet, "/", strings.NewReader("")) pcTest.validateUser = true return &pcTest, nil } @@ -1027,7 +1027,7 @@ func NewUserInfoEndpointTest() (*ProcessCookieTest, error) { if err != nil { return nil, err } - pcTest.req, _ = http.NewRequest("GET", + pcTest.req, _ = http.NewRequest(http.MethodGet, pcTest.opts.ProxyPrefix+"/userinfo", nil) return pcTest, nil } @@ -1135,7 +1135,7 @@ func NewAuthOnlyEndpointTest(querystring string, modifiers ...OptionsModifier) ( return nil, err } pcTest.req, _ = http.NewRequest( - "GET", + http.MethodGet, fmt.Sprintf("%s/auth%s", pcTest.opts.ProxyPrefix, querystring), nil) return pcTest, nil @@ -1274,7 +1274,7 @@ func TestAuthOnlyEndpointSetXAuthRequestHeaders(t *testing.T) { pcTest.validateUser = true pcTest.rw = httptest.NewRecorder() - pcTest.req, _ = http.NewRequest("GET", + pcTest.req, _ = http.NewRequest(http.MethodGet, pcTest.opts.ProxyPrefix+authOnlyPath, nil) created := time.Now() @@ -1367,7 +1367,7 @@ func TestAuthOnlyEndpointSetBasicAuthTrueRequestHeaders(t *testing.T) { pcTest.validateUser = true pcTest.rw = httptest.NewRecorder() - pcTest.req, _ = http.NewRequest("GET", + pcTest.req, _ = http.NewRequest(http.MethodGet, pcTest.opts.ProxyPrefix+authOnlyPath, nil) created := time.Now() @@ -1447,7 +1447,7 @@ func TestAuthOnlyEndpointSetBasicAuthFalseRequestHeaders(t *testing.T) { pcTest.validateUser = true pcTest.rw = httptest.NewRecorder() - pcTest.req, _ = http.NewRequest("GET", + pcTest.req, _ = http.NewRequest(http.MethodGet, pcTest.opts.ProxyPrefix+authOnlyPath, nil) created := time.Now() @@ -1495,7 +1495,7 @@ func TestAuthSkippedForPreflightRequests(t *testing.T) { } proxy.provider = NewTestProvider(upstreamURL, "") rw := httptest.NewRecorder() - req, _ := http.NewRequest("OPTIONS", "/preflight-request", nil) + req, _ := http.NewRequest(http.MethodOptions, "/preflight-request", nil) proxy.ServeHTTP(rw, req) assert.Equal(t, 200, rw.Code) @@ -1652,19 +1652,19 @@ func TestRequestSignature(t *testing.T) { resp string }{ "No request signature": { - method: "GET", + method: http.MethodGet, body: "", key: "", resp: "no signature received", }, "Get request": { - method: "GET", + method: http.MethodGet, body: "", key: "7d9e1aa87a5954e6f9fc59266b3af9d7c35fda2d", resp: "signatures match", }, "Post request": { - method: "POST", + method: http.MethodPost, body: `{ "hello": "world!" }`, key: "d90df39e2d19282840252612dd7c81421a372f61", resp: "signatures match", @@ -2189,7 +2189,7 @@ func TestTrustedIPs(t *testing.T) { reverseProxy: false, realClientIPHeader: "X-Real-IP", // Default value req: func() *http.Request { - req, _ := http.NewRequest("GET", "/", nil) + req, _ := http.NewRequest(http.MethodGet, "/", nil) return req }(), expectTrusted: false, @@ -2201,7 +2201,7 @@ func TestTrustedIPs(t *testing.T) { reverseProxy: false, realClientIPHeader: "X-Real-IP", req: func() *http.Request { - req, _ := http.NewRequest("GET", "/", nil) + req, _ := http.NewRequest(http.MethodGet, "/", nil) req.RemoteAddr = "@" return req }(), @@ -2214,7 +2214,7 @@ func TestTrustedIPs(t *testing.T) { reverseProxy: false, realClientIPHeader: "X-Real-IP", req: func() *http.Request { - req, _ := http.NewRequest("GET", "/", nil) + req, _ := http.NewRequest(http.MethodGet, "/", nil) req.RemoteAddr = "@" return req }(), @@ -2227,7 +2227,7 @@ func TestTrustedIPs(t *testing.T) { reverseProxy: false, realClientIPHeader: "X-Real-IP", // Default value req: func() *http.Request { - req, _ := http.NewRequest("GET", "/", nil) + req, _ := http.NewRequest(http.MethodGet, "/", nil) req.RemoteAddr = "127.0.0.1:43670" return req }(), @@ -2240,7 +2240,7 @@ func TestTrustedIPs(t *testing.T) { reverseProxy: true, realClientIPHeader: "X-Real-IP", // Default value req: func() *http.Request { - req, _ := http.NewRequest("GET", "/", nil) + req, _ := http.NewRequest(http.MethodGet, "/", nil) req.RemoteAddr = "127.0.0.1:44324" return req }(), @@ -2253,7 +2253,7 @@ func TestTrustedIPs(t *testing.T) { reverseProxy: true, realClientIPHeader: "X-Forwarded-For", req: func() *http.Request { - req, _ := http.NewRequest("GET", "/", nil) + req, _ := http.NewRequest(http.MethodGet, "/", nil) req.Header.Add("X-Forwarded-For", "127.0.0.1") return req }(), @@ -2266,7 +2266,7 @@ func TestTrustedIPs(t *testing.T) { reverseProxy: true, realClientIPHeader: "X-Forwarded-For", req: func() *http.Request { - req, _ := http.NewRequest("GET", "/", nil) + req, _ := http.NewRequest(http.MethodGet, "/", nil) req.Header.Add("X-Forwarded-For", "::1") return req }(), @@ -2279,7 +2279,7 @@ func TestTrustedIPs(t *testing.T) { reverseProxy: true, realClientIPHeader: "X-Forwarded-For", req: func() *http.Request { - req, _ := http.NewRequest("GET", "/", nil) + req, _ := http.NewRequest(http.MethodGet, "/", nil) req.Header.Add("X-Forwarded-For", "12.34.56.78") return req }(), @@ -2292,7 +2292,7 @@ func TestTrustedIPs(t *testing.T) { reverseProxy: true, realClientIPHeader: "X-Forwarded-For", req: func() *http.Request { - req, _ := http.NewRequest("GET", "/", nil) + req, _ := http.NewRequest(http.MethodGet, "/", nil) req.Header.Add("X-Forwarded-For", "::2") return req }(), @@ -2305,7 +2305,7 @@ func TestTrustedIPs(t *testing.T) { reverseProxy: true, realClientIPHeader: "X-Forwarded-For", req: func() *http.Request { - req, _ := http.NewRequest("GET", "/", nil) + req, _ := http.NewRequest(http.MethodGet, "/", nil) req.Header.Add("X-Real-IP", "::1") return req }(), @@ -2318,7 +2318,7 @@ func TestTrustedIPs(t *testing.T) { reverseProxy: true, realClientIPHeader: "X-Forwarded-For", req: func() *http.Request { - req, _ := http.NewRequest("GET", "/", nil) + req, _ := http.NewRequest(http.MethodGet, "/", nil) req.Header.Add("X-Forwarded-For", "adsfljk29242as!!") return req }(), @@ -2331,7 +2331,7 @@ func TestTrustedIPs(t *testing.T) { reverseProxy: false, realClientIPHeader: "X-Real-IP", req: func() *http.Request { - req, _ := http.NewRequest("GET", "/", nil) + req, _ := http.NewRequest(http.MethodGet, "/", nil) req.RemoteAddr = "adsfljk29242as!!" return req }(), @@ -2427,12 +2427,12 @@ func Test_buildRoutesAllowlist(t *testing.T) { }, expectedRoutes: []expectedAllowedRoute{ { - method: "GET", + method: http.MethodGet, negate: false, regexString: "^/foo/bar", }, { - method: "POST", + method: http.MethodPost, negate: false, regexString: "^/baz/[0-9]+/thing", }, @@ -2485,11 +2485,11 @@ func Test_buildRoutesAllowlist(t *testing.T) { regexString: "^/baz/[0-9]+/thing/regex", }, { - method: "GET", + method: http.MethodGet, regexString: "^/foo/bar", }, { - method: "POST", + method: http.MethodPost, regexString: "^/baz/[0-9]+/thing", }, { @@ -2641,7 +2641,7 @@ func TestApiRoutes(t *testing.T) { for _, tc := range testCases { t.Run(tc.name, func(t *testing.T) { - req, err := http.NewRequest("GET", tc.url, nil) + req, err := http.NewRequest(http.MethodGet, tc.url, nil) req.Header.Set("Accept", tc.contentType) assert.NoError(t, err) @@ -2700,37 +2700,37 @@ func TestAllowedRequest(t *testing.T) { }{ { name: "Regex GET allowed", - method: "GET", + method: http.MethodGet, url: "/skip/auth/regex", allowed: true, }, { name: "Regex POST allowed ", - method: "POST", + method: http.MethodPost, url: "/skip/auth/regex", allowed: true, }, { name: "Regex denied", - method: "GET", + method: http.MethodGet, url: "/wrong/denied", allowed: false, }, { name: "Regex allowed with fragment-free path", - method: "GET", + method: http.MethodGet, url: "/public/legit/endpoint", allowed: true, }, { name: "Regex denied when path contains encoded fragment suffix", - method: "GET", + method: http.MethodGet, url: "/public/secret%23/endpoint", allowed: false, }, { name: "Route allowed", - method: "GET", + method: http.MethodGet, url: "/skip/auth/routes/get", allowed: true, }, @@ -2742,25 +2742,25 @@ func TestAllowedRequest(t *testing.T) { }, { name: "Route denied with wrong path", - method: "GET", + method: http.MethodGet, url: "/skip/auth/routes/wrong/path", allowed: false, }, { name: "Route denied with wrong path and method", - method: "POST", + method: http.MethodPost, url: "/skip/auth/routes/wrong/path", allowed: false, }, { name: "Route allowed with fragment-free path", - method: "GET", + method: http.MethodGet, url: "/foo/public/bar", allowed: true, }, { name: "Route denied when path contains encoded fragment suffix", - method: "GET", + method: http.MethodGet, url: "/foo/secret%23/bar", allowed: false, }, @@ -2825,37 +2825,37 @@ func TestAllowedRequestWithForwardedUriHeader(t *testing.T) { }{ { name: "Regex GET allowed", - method: "GET", + method: http.MethodGet, url: "/skip/auth/regex", allowed: true, }, { name: "Regex POST allowed ", - method: "POST", + method: http.MethodPost, url: "/skip/auth/regex", allowed: true, }, { name: "Regex denied", - method: "GET", + method: http.MethodGet, url: "/wrong/denied", allowed: false, }, { name: "Regex allowed with fragment-free path", - method: "GET", + method: http.MethodGet, url: "/public/legit/endpoint", allowed: true, }, { name: "Regex denied when X-Forwarded-Uri contains an encoded fragment suffix", - method: "GET", + method: http.MethodGet, url: "/public/secret%23/endpoint", allowed: false, }, { name: "Route allowed", - method: "GET", + method: http.MethodGet, url: "/skip/auth/routes/get", allowed: true, }, @@ -2867,25 +2867,25 @@ func TestAllowedRequestWithForwardedUriHeader(t *testing.T) { }, { name: "Route denied with wrong path", - method: "GET", + method: http.MethodGet, url: "/skip/auth/routes/wrong/path", allowed: false, }, { name: "Route denied with wrong path and method", - method: "POST", + method: http.MethodPost, url: "/skip/auth/routes/wrong/path", allowed: false, }, { name: "Route allowed with fragment-free path", - method: "GET", + method: http.MethodGet, url: "/foo/public/bar", allowed: true, }, { name: "Route denied when X-Forwarded-Uri contains an encoded fragment suffix", - method: "GET", + method: http.MethodGet, url: "/foo/secret%23/bar", allowed: false, }, @@ -2986,37 +2986,37 @@ func TestAllowedRequestNegateWithoutMethod(t *testing.T) { }{ { name: "Some static file allowed", - method: "GET", + method: http.MethodGet, url: "/static/file.txt", allowed: true, }, { name: "POST to contact form allowed", - method: "POST", + method: http.MethodPost, url: "/contact", allowed: true, }, { name: "Regex POST allowed", - method: "POST", + method: http.MethodPost, url: "/api/public-entity", allowed: true, }, { name: "Regex POST with trailing slash allowed", - method: "POST", + method: http.MethodPost, url: "/api/public-entity/", allowed: true, }, { name: "Regex GET api route denied", - method: "GET", + method: http.MethodGet, url: "/api/users", allowed: false, }, { name: "Regex POST api route denied", - method: "POST", + method: http.MethodPost, url: "/api/users", allowed: false, }, @@ -3086,37 +3086,37 @@ func TestAllowedRequestNegateWithMethod(t *testing.T) { }{ { name: "Some static file allowed", - method: "GET", + method: http.MethodGet, url: "/static/file.txt", allowed: true, }, { name: "POST to contact form not allowed", - method: "POST", + method: http.MethodPost, url: "/contact", allowed: false, }, { name: "Regex POST allowed", - method: "POST", + method: http.MethodPost, url: "/api/public-entity", allowed: true, }, { name: "Regex POST with trailing slash allowed", - method: "POST", + method: http.MethodPost, url: "/api/public-entity/", allowed: true, }, { name: "Regex GET api route denied", - method: "GET", + method: http.MethodGet, url: "/api/users", allowed: false, }, { name: "Regex POST api route denied", - method: "POST", + method: http.MethodPost, url: "/api/users", allowed: false, }, @@ -3256,7 +3256,7 @@ func TestProxyAllowedGroups(t *testing.T) { t.Fatal(err) } - test.req, _ = http.NewRequest("GET", fmt.Sprintf("/%s", tt.querystring), nil) + test.req, _ = http.NewRequest(http.MethodGet, fmt.Sprintf("/%s", tt.querystring), nil) test.req.Header.Add("accept", applicationJSON) err = test.SaveSession(session) @@ -3400,7 +3400,7 @@ func TestAuthOnlyAllowedGroupsWithSkipMethods(t *testing.T) { { name: "UserWithGroupSkipAuthPreflight", groups: []string{"a", "c"}, - method: "OPTIONS", + method: http.MethodOptions, ip: "1.2.3.5:43670", withSession: true, expectedStatusCode: http.StatusAccepted, @@ -3408,7 +3408,7 @@ func TestAuthOnlyAllowedGroupsWithSkipMethods(t *testing.T) { { name: "UserWithGroupTrustedIp", groups: []string{"a", "c"}, - method: "GET", + method: http.MethodGet, ip: "1.2.3.4:43670", withSession: true, expectedStatusCode: http.StatusAccepted, @@ -3416,7 +3416,7 @@ func TestAuthOnlyAllowedGroupsWithSkipMethods(t *testing.T) { { name: "UserWithoutGroupSkipAuthPreflight", groups: []string{"c"}, - method: "OPTIONS", + method: http.MethodOptions, ip: "1.2.3.5:43670", withSession: true, expectedStatusCode: http.StatusForbidden, @@ -3424,21 +3424,21 @@ func TestAuthOnlyAllowedGroupsWithSkipMethods(t *testing.T) { { name: "UserWithoutGroupTrustedIp", groups: []string{"c"}, - method: "GET", + method: http.MethodGet, ip: "1.2.3.4:43670", withSession: true, expectedStatusCode: http.StatusForbidden, }, { name: "UserWithoutSessionSkipAuthPreflight", - method: "OPTIONS", + method: http.MethodOptions, ip: "1.2.3.5:43670", withSession: false, expectedStatusCode: http.StatusAccepted, }, { name: "UserWithoutSessionTrustedIp", - method: "GET", + method: http.MethodGet, ip: "1.2.3.4:43670", withSession: false, expectedStatusCode: http.StatusAccepted, @@ -3790,14 +3790,14 @@ func TestIdTokenPlaceholderInSignOut(t *testing.T) { // Save the required session rw := httptest.NewRecorder() - req, _ := http.NewRequest("GET", "/", nil) + req, _ := http.NewRequest(http.MethodGet, "/", nil) err = proxy.sessionStore.Save(rw, req, session) assert.NoError(t, err) rw = httptest.NewRecorder() rdUrl := url.QueryEscape("https://my-oidc-provider.example.com/sign_out_page?id_token_hint={id_token}&post_logout_redirect_uri=https://my-app.example.com/") - req, _ = http.NewRequest("GET", "/oauth2/sign_out?rd="+rdUrl, nil) + req, _ = http.NewRequest(http.MethodGet, "/oauth2/sign_out?rd="+rdUrl, nil) req = middlewareapi.AddRequestScope(req, &middlewareapi.RequestScope{ RequestID: "11111111-2222-4333-8444-555555555555", Session: session, diff --git a/pkg/apis/options/load.go b/pkg/apis/options/load.go index d0dd22df..f5b300b0 100644 --- a/pkg/apis/options/load.go +++ b/pkg/apis/options/load.go @@ -145,7 +145,7 @@ func loadAndSubstituteEnvs(configFileName string) ([]byte, error) { func registerFlags(v *viper.Viper, prefix string, flagSet *pflag.FlagSet, options interface{}) error { val := reflect.ValueOf(options) var typ reflect.Type - if val.Kind() == reflect.Ptr { + if val.Kind() == reflect.Pointer { typ = val.Elem().Type() } else { typ = val.Type() diff --git a/pkg/authentication/hmacauth/hmacauth_test.go b/pkg/authentication/hmacauth/hmacauth_test.go index 84f257d9..00cce008 100644 --- a/pkg/authentication/hmacauth/hmacauth_test.go +++ b/pkg/authentication/hmacauth/hmacauth_test.go @@ -286,7 +286,7 @@ func TestSendAuthenticatedPostRequestToServer(t *testing.T) { upstream := httptest.NewServer( http.HandlerFunc(authenticator.Authenticate)) - req, err := http.NewRequest("POST", upstream.URL+"/foo/bar", + req, err := http.NewRequest(http.MethodPost, upstream.URL+"/foo/bar", io.NopCloser(&fakeNetConn{reqBody: payload})) if err != nil { panic(err) diff --git a/pkg/requests/builder_test.go b/pkg/requests/builder_test.go index fc12209f..4fd85f5f 100644 --- a/pkg/requests/builder_test.go +++ b/pkg/requests/builder_test.go @@ -31,7 +31,7 @@ var _ = Describe("Builder suite", func() { Context("with a basic request", func() { assertSuccessfulRequest(getBuilder, testHTTPRequest{ - Method: "GET", + Method: http.MethodGet, Header: baseHeaders, Body: []byte{}, RequestURI: "/json/path", @@ -52,7 +52,7 @@ var _ = Describe("Builder suite", func() { }) assertSuccessfulRequest(getBuilder, testHTTPRequest{ - Method: "GET", + Method: http.MethodGet, Header: baseHeaders, Body: []byte{}, RequestURI: "/json/path", @@ -78,7 +78,7 @@ var _ = Describe("Builder suite", func() { }) assertSuccessfulRequest(getBuilder, testHTTPRequest{ - Method: "GET", + Method: http.MethodGet, Header: header, Body: []byte(body), RequestURI: "/json/path", @@ -93,11 +93,11 @@ var _ = Describe("Builder suite", func() { BeforeEach(func() { buf := bytes.NewBuffer([]byte(body)) - b = b.WithMethod("POST").WithBody(buf) + b = b.WithMethod(http.MethodPost).WithBody(buf) }) assertSuccessfulRequest(getBuilder, testHTTPRequest{ - Method: "POST", + Method: http.MethodPost, Header: header, Body: []byte(body), RequestURI: "/json/path", @@ -109,11 +109,11 @@ var _ = Describe("Builder suite", func() { header.Set("Content-Length", "0") BeforeEach(func() { - b = b.WithMethod("POST") + b = b.WithMethod(http.MethodPost) }) assertSuccessfulRequest(getBuilder, testHTTPRequest{ - Method: "POST", + Method: http.MethodPost, Header: header, Body: []byte{}, RequestURI: "/json/path", @@ -122,11 +122,11 @@ var _ = Describe("Builder suite", func() { Context("OPTIONS", func() { BeforeEach(func() { - b = b.WithMethod("OPTIONS") + b = b.WithMethod(http.MethodOptions) }) assertSuccessfulRequest(getBuilder, testHTTPRequest{ - Method: "OPTIONS", + Method: http.MethodOptions, Header: baseHeaders, Body: []byte{}, RequestURI: "/json/path", @@ -152,7 +152,7 @@ var _ = Describe("Builder suite", func() { }) assertSuccessfulRequest(getBuilder, testHTTPRequest{ - Method: "GET", + Method: http.MethodGet, Header: header, Body: []byte{}, RequestURI: "/json/path", @@ -170,7 +170,7 @@ var _ = Describe("Builder suite", func() { }) assertSuccessfulRequest(getBuilder, testHTTPRequest{ - Method: "GET", + Method: http.MethodGet, Header: replacementHeaders, Body: []byte{}, RequestURI: "/json/path", @@ -190,7 +190,7 @@ var _ = Describe("Builder suite", func() { }) assertSuccessfulRequest(getBuilder, testHTTPRequest{ - Method: "GET", + Method: http.MethodGet, Header: replacementHeaders, Body: []byte{}, RequestURI: "/json/path", @@ -205,7 +205,7 @@ var _ = Describe("Builder suite", func() { }) assertSuccessfulRequest(getBuilder, testHTTPRequest{ - Method: "GET", + Method: http.MethodGet, Header: header, Body: []byte{}, RequestURI: "/json/path", @@ -219,12 +219,12 @@ var _ = Describe("Builder suite", func() { result := b.Do() Expect(result.Error()).ToNot(HaveOccurred()) - b.WithMethod("POST") + b.WithMethod(http.MethodPost) }) Context("should not redo the request", func() { assertSuccessfulRequest(getBuilder, testHTTPRequest{ - Method: "GET", + Method: http.MethodGet, Header: baseHeaders, Body: []byte{}, RequestURI: "/json/path", diff --git a/providers/azure.go b/providers/azure.go index b5610cfa..ff22ebc3 100644 --- a/providers/azure.go +++ b/providers/azure.go @@ -166,7 +166,7 @@ func (p *AzureProvider) Redeem(ctx context.Context, redirectURL, code, codeVerif err = requests.New(p.RedeemURL.String()). WithContext(ctx). - WithMethod("POST"). + WithMethod(http.MethodPost). WithBody(bytes.NewBufferString(params.Encode())). SetHeader("Content-Type", "application/x-www-form-urlencoded"). Do(). @@ -334,7 +334,7 @@ func (p *AzureProvider) redeemRefreshToken(ctx context.Context, s *sessions.Sess err = requests.New(p.RedeemURL.String()). WithContext(ctx). - WithMethod("POST"). + WithMethod(http.MethodPost). WithBody(bytes.NewBufferString(params.Encode())). SetHeader("Content-Type", "application/x-www-form-urlencoded"). Do(). diff --git a/providers/google.go b/providers/google.go index d8e4dec8..d28fb62d 100644 --- a/providers/google.go +++ b/providers/google.go @@ -219,7 +219,7 @@ func (p *GoogleProvider) Redeem(ctx context.Context, redirectURL, code, codeVeri err = requests.New(p.RedeemURL.String()). WithContext(ctx). - WithMethod("POST"). + WithMethod(http.MethodPost). WithBody(bytes.NewBufferString(params.Encode())). SetHeader("Content-Type", "application/x-www-form-urlencoded"). Do(). @@ -543,7 +543,7 @@ func (p *GoogleProvider) redeemRefreshToken(ctx context.Context, s *sessions.Ses err = requests.New(p.RedeemURL.String()). WithContext(ctx). - WithMethod("POST"). + WithMethod(http.MethodPost). WithBody(bytes.NewBufferString(params.Encode())). SetHeader("Content-Type", "application/x-www-form-urlencoded"). Do(). diff --git a/providers/logingov.go b/providers/logingov.go index eb848218..e80989f4 100644 --- a/providers/logingov.go +++ b/providers/logingov.go @@ -8,6 +8,7 @@ import ( "errors" "fmt" "math/big" + "net/http" "net/url" "os" "time" @@ -237,7 +238,7 @@ func (p *LoginGovProvider) Redeem(ctx context.Context, _, code, codeVerifier str } err = requests.New(p.RedeemURL.String()). WithContext(ctx). - WithMethod("POST"). + WithMethod(http.MethodPost). WithBody(bytes.NewBufferString(params.Encode())). SetHeader("Content-Type", "application/x-www-form-urlencoded"). Do(). diff --git a/providers/ms_entra_id.go b/providers/ms_entra_id.go index f30176fd..97a18e48 100644 --- a/providers/ms_entra_id.go +++ b/providers/ms_entra_id.go @@ -5,6 +5,7 @@ import ( "context" "encoding/json" "fmt" + "net/http" "net/url" "os" "regexp" @@ -304,7 +305,7 @@ func (p *MicrosoftEntraIDProvider) checkTenantMatchesTenantList(tenant string, a func (p *MicrosoftEntraIDProvider) fetchToken(ctx context.Context, params url.Values) (*oauth2.Token, error) { resp := requests.New(p.RedeemURL.String()). WithContext(ctx). - WithMethod("POST"). + WithMethod(http.MethodPost). WithBody(bytes.NewBufferString(params.Encode())). SetHeader("Content-Type", "application/x-www-form-urlencoded"). Do() diff --git a/providers/provider_default.go b/providers/provider_default.go index dbd93c91..8db79b54 100644 --- a/providers/provider_default.go +++ b/providers/provider_default.go @@ -5,6 +5,7 @@ import ( "context" "errors" "fmt" + "net/http" "net/url" "github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/middleware" @@ -71,7 +72,7 @@ func (p *ProviderData) Redeem(ctx context.Context, redirectURL, code, codeVerifi result := requests.New(p.RedeemURL.String()). WithContext(ctx). - WithMethod("POST"). + WithMethod(http.MethodPost). WithBody(bytes.NewBufferString(params.Encode())). SetHeader("Content-Type", "application/x-www-form-urlencoded"). Do() diff --git a/providers/srht.go b/providers/srht.go index aa72229c..e927629e 100644 --- a/providers/srht.go +++ b/providers/srht.go @@ -4,6 +4,7 @@ import ( "bytes" "context" "fmt" + "net/http" "net/url" "github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/sessions" @@ -75,7 +76,7 @@ func NewSourceHutProvider(p *ProviderData) *SourceHutProvider { func (p *SourceHutProvider) EnrichSession(ctx context.Context, s *sessions.SessionState) error { json, err := requests.New(p.ProfileURL.String()). WithContext(ctx). - WithMethod("POST"). + WithMethod(http.MethodPost). SetHeader("Content-Type", "application/json"). SetHeader("Authorization", "Bearer "+s.AccessToken). WithBody(bytes.NewBufferString(`{"query": "{ me { username, email } }"}`)).