diff --git a/cmd/dex/serve.go b/cmd/dex/serve.go
index 441cbe64fb5a274e72c7abe99c1dc23cff005835..8c5c0516e4088ec3b9dd009ef2c172ea7277cdb5 100644
--- a/cmd/dex/serve.go
+++ b/cmd/dex/serve.go
@@ -136,7 +136,7 @@ func serve(cmd *cobra.Command, args []string) error {
if err != nil {
return fmt.Errorf("invalid config: reading from client CA file: %v", err)
}
- if cPool.AppendCertsFromPEM(clientCert) != true {
+ if !cPool.AppendCertsFromPEM(clientCert) {
return errors.New("invalid config: failed to parse client CA")
}
diff --git a/connector/github/github.go b/connector/github/github.go
index 35fe6b92c63396b7b4980b069b0556d404850981..6fc4cc030403b070406b3a8a05a7bd1f226096f8 100644
--- a/connector/github/github.go
+++ b/connector/github/github.go
@@ -443,7 +443,7 @@ func (c *githubConnector) userOrgs(ctx context.Context, client *http.Client) ([]
// userOrgTeams retrieves teams which current user belongs to.
// Method returns a map where key is an org name and value list of teams under the org.
func (c *githubConnector) userOrgTeams(ctx context.Context, client *http.Client) (map[string][]string, error) {
- groups := make(map[string][]string, 0)
+ groups := make(map[string][]string)
apiURL := c.apiURL + "/user/teams"
for {
// https://developer.github.com/v3/orgs/teams/#list-user-teams
diff --git a/connector/gitlab/gitlab_test.go b/connector/gitlab/gitlab_test.go
index f56621fb678e6c61c3ba2ad8db8eea27e1da2a29..331b486ee40e8d9d38f3a183f1eab47632d2a579 100644
--- a/connector/gitlab/gitlab_test.go
+++ b/connector/gitlab/gitlab_test.go
@@ -185,13 +185,11 @@ func TestLoginWithTeamNonWhitelisted(t *testing.T) {
}
func newTestServer(responses map[string]interface{}) *httptest.Server {
- var s *httptest.Server
- s = httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+ return httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
response := responses[r.RequestURI]
w.Header().Add("Content-Type", "application/json")
json.NewEncoder(w).Encode(response)
}))
- return s
}
func newClient() *http.Client {
diff --git a/connector/keystone/keystone.go b/connector/keystone/keystone.go
index 0a2440db1d28b2fc24c7680f1c14df96ee8b8260..dc74a01f75c20e1017129e42e53390fef13c00c3 100644
--- a/connector/keystone/keystone.go
+++ b/connector/keystone/keystone.go
@@ -241,6 +241,9 @@ func (p *conn) getUserGroups(ctx context.Context, userID string, token string) (
// https://developer.openstack.org/api-ref/identity/v3/#list-groups-to-which-a-user-belongs
groupsURL := p.Host + "/v3/users/" + userID + "/groups"
req, err := http.NewRequest("GET", groupsURL, nil)
+ if err != nil {
+ return nil, err
+ }
req.Header.Set("X-Auth-Token", token)
req = req.WithContext(ctx)
resp, err := client.Do(req)
diff --git a/connector/oidc/oidc.go b/connector/oidc/oidc.go
index 327b10796c9af4438ca47f95e76b6a0386277605..4a64df8b601bc18d8e74052986818e5282936da3 100644
--- a/connector/oidc/oidc.go
+++ b/connector/oidc/oidc.go
@@ -148,7 +148,6 @@ type oidcConnector struct {
redirectURI string
oauth2Config *oauth2.Config
verifier *oidc.IDTokenVerifier
- ctx context.Context
cancel context.CancelFunc
logger log.Logger
hostedDomains []string
diff --git a/connector/saml/saml.go b/connector/saml/saml.go
index 3358583db1b01d29c8b0ca6908138f8902fda287..7bc6730edd5dd0e866ab7a7f870a424424bd6584 100644
--- a/connector/saml/saml.go
+++ b/connector/saml/saml.go
@@ -20,6 +20,7 @@ import (
"github.com/russellhaering/goxmldsig/etreeutils"
)
+// nolint
const (
bindingRedirect = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
bindingPOST = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
diff --git a/connector/saml/saml_test.go b/connector/saml/saml_test.go
index 4497d059c3e577577d398d8debb0d011f05b2e71..d9aaf3f49b6f2f859e5ada9d789c2c747a42f3d6 100644
--- a/connector/saml/saml_test.go
+++ b/connector/saml/saml_test.go
@@ -424,14 +424,6 @@ func TestConfigCAData(t *testing.T) {
}
}
-const (
- defaultSSOIssuer = "http://www.okta.com/exk91cb99lKkKSYoy0h7"
- defaultRedirectURI = "http://localhost:5556/dex/callback"
-
- // Response ID embedded in our testdata.
- testDataResponseID = "_fd1b3ef9-ec09-44a7-a66b-0d39c250f6a0"
-)
-
// Deprecated: Use testing framework established above.
func runVerify(t *testing.T, ca string, resp string, shouldSucceed bool) {
cert, err := loadCert(ca)
@@ -458,27 +450,6 @@ func runVerify(t *testing.T, ca string, resp string, shouldSucceed bool) {
}
}
-// Deprecated: Use testing framework established above.
-func newProvider(ssoIssuer string, redirectURI string) *provider {
- if ssoIssuer == "" {
- ssoIssuer = defaultSSOIssuer
- }
- if redirectURI == "" {
- redirectURI = defaultRedirectURI
- }
- now, _ := time.Parse(time.RFC3339, "2017-01-24T20:48:41Z")
- timeFunc := func() time.Time { return now }
- return &provider{
- ssoIssuer: ssoIssuer,
- ssoURL: "http://idp.org/saml/sso",
- now: timeFunc,
- usernameAttr: "user",
- emailAttr: "email",
- redirectURI: redirectURI,
- logger: logrus.New(),
- }
-}
-
func TestVerify(t *testing.T) {
runVerify(t, "testdata/okta-ca.pem", "testdata/okta-resp.xml", true)
}
diff --git a/server/oauth2.go b/server/oauth2.go
index 79c4bf1ac1a7fc41ead644af733188a0a0e10d1d..6104b549882691ec1d8611d24b9f1a661f93114e 100644
--- a/server/oauth2.go
+++ b/server/oauth2.go
@@ -89,6 +89,7 @@ func tokenErr(w http.ResponseWriter, typ, description string, statusCode int) er
return nil
}
+// nolint
const (
errInvalidRequest = "invalid_request"
errUnauthorizedClient = "unauthorized_client"
diff --git a/server/rotation.go b/server/rotation.go
index 579fe3d17f3d977c3b93cf3a70d01486ad09d4a8..464dccf091465722fc00f8266aa489154f03d91b 100644
--- a/server/rotation.go
+++ b/server/rotation.go
@@ -92,7 +92,6 @@ func (s *Server) startKeyRotation(ctx context.Context, strategy rotationStrategy
}
}
}()
- return
}
func (k keyRotater) rotate() error {
diff --git a/server/server.go b/server/server.go
index 69b4d0d7bccf72714181c3e2a5a41c7a7828e9c8..e125815137a31fe510e77bcd828f336dc2a0c092 100644
--- a/server/server.go
+++ b/server/server.go
@@ -426,7 +426,6 @@ func (s *Server) startGarbageCollection(ctx context.Context, frequency time.Dura
}
}
}()
- return
}
// ConnectorConfig is a configuration that can open a connector.
diff --git a/server/server_test.go b/server/server_test.go
index 2b4c645309157c7b339442f17a3b86ae5c2a61fb..6759f2405fabe51121c5b6f7ed0d41819ecbdec2 100644
--- a/server/server_test.go
+++ b/server/server_test.go
@@ -552,7 +552,6 @@ func TestOAuth2CodeFlow(t *testing.T) {
t.Errorf("state did not match, want=%q got=%q", state, gotState)
}
w.WriteHeader(http.StatusOK)
- return
}))
defer oauth2Client.Close()
@@ -1204,7 +1203,6 @@ func TestRefreshTokenFlow(t *testing.T) {
t.Errorf("state did not match, want=%q got=%q", state, gotState)
}
w.WriteHeader(http.StatusOK)
- return
}))
defer oauth2Client.server.Close()
@@ -1242,8 +1240,7 @@ func TestRefreshTokenFlow(t *testing.T) {
}
// try to refresh expired token with old refresh token.
- newToken, err := oauth2Client.config.TokenSource(ctx, tok).Token()
- if newToken != nil {
- t.Errorf("Token refreshed with invalid refresh token.")
+ if _, err := oauth2Client.config.TokenSource(ctx, tok).Token(); err == nil {
+ t.Errorf("Token refreshed with invalid refresh token, error expected.")
}
}
diff --git a/storage/etcd/types.go b/storage/etcd/types.go
index 8d34e0da4813e205ac9f69b8b727cb69f5ddefcb..0d8f521ad4929e4ee8eb03dedf4076ac29181acd 100644
--- a/storage/etcd/types.go
+++ b/storage/etcd/types.go
@@ -183,24 +183,6 @@ type Keys struct {
NextRotation time.Time `json:"next_rotation"`
}
-func fromStorageKeys(keys storage.Keys) Keys {
- return Keys{
- SigningKey: keys.SigningKey,
- SigningKeyPub: keys.SigningKeyPub,
- VerificationKeys: keys.VerificationKeys,
- NextRotation: keys.NextRotation,
- }
-}
-
-func toStorageKeys(keys Keys) storage.Keys {
- return storage.Keys{
- SigningKey: keys.SigningKey,
- SigningKeyPub: keys.SigningKeyPub,
- VerificationKeys: keys.VerificationKeys,
- NextRotation: keys.NextRotation,
- }
-}
-
// OfflineSessions is a mirrored struct from storage with JSON struct tags
type OfflineSessions struct {
UserID string `json:"user_id,omitempty"`
diff --git a/storage/sql/config.go b/storage/sql/config.go
index c33fcf20e54b030f55b72225fb827e54e3497d22..0095b57dcc20997c3f85caa45735181234653c8d 100644
--- a/storage/sql/config.go
+++ b/storage/sql/config.go
@@ -72,6 +72,7 @@ func (s *SQLite3) open(logger log.Logger) (*conn, error) {
return c, nil
}
+// nolint
const (
// postgres SSL modes
pgSSLDisable = "disable"
@@ -80,6 +81,7 @@ const (
pgSSLVerifyFull = "verify-full"
)
+// nolint
const (
// MySQL SSL modes
mysqlSSLTrue = "true"