From 81dfc4f84905a9d33f2cb68def032d350628b5ff Mon Sep 17 00:00:00 2001 From: Micah Parks Date: Wed, 6 Apr 2022 10:00:05 -0400 Subject: [PATCH] Change var declarations for if statements, prefer short declarations --- checksum_test.go | 9 ++++-- ecdsa.go | 8 +++--- eddsa.go | 4 +-- examples/aws_cognito/main.go | 4 +-- examples/ctx/main.go | 4 +-- examples/custom/main.go | 4 +-- examples/given/main.go | 10 ++++--- examples/hmac/main.go | 4 +-- examples/interval/main.go | 4 +-- examples/json/main.go | 4 +-- examples/keycloak/main.go | 4 +-- examples/recommended_options/main.go | 4 +-- get.go | 28 +++++++++++-------- given_test.go | 17 +++++++----- jwks.go | 18 +++++++----- jwks_test.go | 41 +++++++++++++++++----------- oct.go | 3 +- override_test.go | 31 +++++++++++---------- rsa.go | 8 +++--- 19 files changed, 119 insertions(+), 90 deletions(-) diff --git a/checksum_test.go b/checksum_test.go index 3381247..b1b4e40 100644 --- a/checksum_test.go +++ b/checksum_test.go @@ -24,7 +24,8 @@ func TestChecksum(t *testing.T) { t.FailNow() } defer func() { - if err = os.RemoveAll(tempDir); err != nil { + err = os.RemoveAll(tempDir) + if err != nil { t.Errorf("Failed to remove temporary directory.\nError: %s", err.Error()) t.FailNow() } @@ -34,7 +35,8 @@ func TestChecksum(t *testing.T) { jwksFile := filepath.Join(tempDir, jwksFilePath) // Write the JWKS. - if err = ioutil.WriteFile(jwksFile, []byte(jwksJSON), 0600); err != nil { + err = ioutil.WriteFile(jwksFile, []byte(jwksJSON), 0600) + if err != nil { t.Errorf("Failed to write JWKS file to temporary directory.\nError: %s", err.Error()) t.FailNow() } @@ -101,7 +103,8 @@ func TestChecksum(t *testing.T) { } // Write a different JWKS. - if err = ioutil.WriteFile(jwksFile, jwksBytes, 0600); err != nil { + err = ioutil.WriteFile(jwksFile, jwksBytes, 0600) + if err != nil { t.Errorf("Failed to write JWKS file to temporary directory.\nError: %s", err.Error()) t.FailNow() } diff --git a/ecdsa.go b/ecdsa.go index 62fe0c9..9b7f662 100644 --- a/ecdsa.go +++ b/ecdsa.go @@ -35,14 +35,14 @@ func (j *jsonWebKey) ECDSA() (publicKey *ecdsa.PublicKey, err error) { // // According to RFC 7518, this is a Base64 URL unsigned integer. // https://tools.ietf.org/html/rfc7518#section-6.3 - var xCoordinate []byte - if xCoordinate, err = base64.RawURLEncoding.DecodeString(j.X); err != nil { + xCoordinate, err := base64.RawURLEncoding.DecodeString(j.X) + if err != nil { return nil, err } // Decode the Y coordinate from Base64. - var yCoordinate []byte - if yCoordinate, err = base64.RawURLEncoding.DecodeString(j.Y); err != nil { + yCoordinate, err := base64.RawURLEncoding.DecodeString(j.Y) + if err != nil { return nil, err } diff --git a/eddsa.go b/eddsa.go index 51b48ce..8b5856e 100644 --- a/eddsa.go +++ b/eddsa.go @@ -24,8 +24,8 @@ func (j *jsonWebKey) EdDSA() (publicKey ed25519.PublicKey, err error) { // // According to RFC 8037, this is from Base64 URL bytes. // https://datatracker.ietf.org/doc/html/rfc8037#appendix-A.2 - var publicBytes []byte - if publicBytes, err = base64.RawURLEncoding.DecodeString(j.X); err != nil { + publicBytes, err := base64.RawURLEncoding.DecodeString(j.X) + if err != nil { return nil, err } diff --git a/examples/aws_cognito/main.go b/examples/aws_cognito/main.go index 54dab92..9cd6b30 100644 --- a/examples/aws_cognito/main.go +++ b/examples/aws_cognito/main.go @@ -43,8 +43,8 @@ func main() { jwtB64 := "eyJraWQiOiJmNTVkOWE0ZSIsInR5cCI6IkpXVCIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiJLZXNoYSIsImF1ZCI6IlRhc2h1YW4iLCJpc3MiOiJqd2tzLXNlcnZpY2UuYXBwc3BvdC5jb20iLCJleHAiOjE2MTkwMjUyMTEsImlhdCI6MTYxOTAyNTE3NywianRpIjoiMWY3MTgwNzAtZTBiOC00OGNmLTlmMDItMGE1M2ZiZWNhYWQwIn0.vetsI8W0c4Z-bs2YCVcPb9HsBm1BrMhxTBSQto1koG_lV-2nHwksz8vMuk7J7Q1sMa7WUkXxgthqu9RGVgtGO2xor6Ub0WBhZfIlFeaRGd6ZZKiapb-ASNK7EyRIeX20htRf9MzFGwpWjtrS5NIGvn1a7_x9WcXU9hlnkXaAWBTUJ2H73UbjDdVtlKFZGWM5VGANY4VG7gSMaJqCIKMxRPn2jnYbvPIYz81sjjbd-sc2-ePRjso7Rk6s382YdOm-lDUDl2APE-gqkLWdOJcj68fc6EBIociradX_ADytj-JYEI6v0-zI-8jSckYIGTUF5wjamcDfF5qyKpjsmdrZJA" // Parse the JWT. - var token *jwt.Token - if token, err = jwt.Parse(jwtB64, jwks.Keyfunc); err != nil { + token, err := jwt.Parse(jwtB64, jwks.Keyfunc) + if err != nil { log.Fatalf("Failed to parse the JWT.\nError: %s", err.Error()) } diff --git a/examples/ctx/main.go b/examples/ctx/main.go index 730df0d..530a580 100644 --- a/examples/ctx/main.go +++ b/examples/ctx/main.go @@ -35,8 +35,8 @@ func main() { jwtB64 := "eyJraWQiOiJlZThkNjI2ZCIsInR5cCI6IkpXVCIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiJXZWlkb25nIiwiYXVkIjoiVGFzaHVhbiIsImlzcyI6Imp3a3Mtc2VydmljZS5hcHBzcG90LmNvbSIsImlhdCI6MTYzMTM2OTk1NSwianRpIjoiNDY2M2E5MTAtZWU2MC00NzcwLTgxNjktY2I3NDdiMDljZjU0In0.LwD65d5h6U_2Xco81EClMa_1WIW4xXZl8o4b7WzY_7OgPD2tNlByxvGDzP7bKYA9Gj--1mi4Q4li4CAnKJkaHRYB17baC0H5P9lKMPuA6AnChTzLafY6yf-YadA7DmakCtIl7FNcFQQL2DXmh6gS9J6TluFoCIXj83MqETbDWpL28o3XAD_05UP8VLQzH2XzyqWKi97mOuvz-GsDp9mhBYQUgN3csNXt2v2l-bUPWe19SftNej0cxddyGu06tXUtaS6K0oe0TTbaqc3hmfEiu5G0J8U6ztTUMwXkBvaknE640NPgMQJqBaey0E4u0txYgyvMvvxfwtcOrDRYqYPBnA" // Parse the JWT. - var token *jwt.Token - if token, err = jwt.Parse(jwtB64, jwks.Keyfunc); err != nil { + token, err := jwt.Parse(jwtB64, jwks.Keyfunc) + if err != nil { log.Fatalf("Failed to parse the JWT.\nError: %s", err.Error()) } diff --git a/examples/custom/main.go b/examples/custom/main.go index 15f7c1c..05e5340 100644 --- a/examples/custom/main.go +++ b/examples/custom/main.go @@ -34,8 +34,8 @@ func main() { }) // Parse the token. - var token *jwt.Token - if token, err = jwt.Parse(jwtB64, jwks.Keyfunc); err != nil { + token, err := jwt.Parse(jwtB64, jwks.Keyfunc) + if err != nil { log.Fatalf("Failed to parse the JWT.\nError: %s", err.Error()) } diff --git a/examples/given/main.go b/examples/given/main.go index ae776da..8b13691 100644 --- a/examples/given/main.go +++ b/examples/given/main.go @@ -57,13 +57,14 @@ func main() { // Create a JWT signed by the give HMAC key. token := jwt.New(jwt.SigningMethodHS256) token.Header["kid"] = givenKID - var jwtB64 string - if jwtB64, err = token.SignedString(hmacSecret); err != nil { + jwtB64, err := token.SignedString(hmacSecret) + if err != nil { log.Fatalf("Failed to sign a JWT with the HMAC secret.\nError: %s.", err.Error()) } // Parse and validate a JWT. This one is signed by the given HMAC key. - if token, err = jwt.Parse(jwtB64, jwks.Keyfunc); err != nil { + token, err = jwt.Parse(jwtB64, jwks.Keyfunc) + if err != nil { log.Fatalf("Failed to parse the JWT signed by the given HMAC key.\nError: %s.", err.Error()) } if !token.Valid { @@ -73,7 +74,8 @@ func main() { // Parse and validate a JWT. This one is signed by a non-given key and is expired. jwtB64 = "eyJraWQiOiJlZThkNjI2ZCIsInR5cCI6IkpXVCIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiJXZWlkb25nIiwiYXVkIjoiVGFzaHVhbiIsImlzcyI6Imp3a3Mtc2VydmljZS5hcHBzcG90LmNvbSIsImlhdCI6MTYzMTM2OTk1NSwianRpIjoiNDY2M2E5MTAtZWU2MC00NzcwLTgxNjktY2I3NDdiMDljZjU0In0.LwD65d5h6U_2Xco81EClMa_1WIW4xXZl8o4b7WzY_7OgPD2tNlByxvGDzP7bKYA9Gj--1mi4Q4li4CAnKJkaHRYB17baC0H5P9lKMPuA6AnChTzLafY6yf-YadA7DmakCtIl7FNcFQQL2DXmh6gS9J6TluFoCIXj83MqETbDWpL28o3XAD_05UP8VLQzH2XzyqWKi97mOuvz-GsDp9mhBYQUgN3csNXt2v2l-bUPWe19SftNej0cxddyGu06tXUtaS6K0oe0TTbaqc3hmfEiu5G0J8U6ztTUMwXkBvaknE640NPgMQJqBaey0E4u0txYgyvMvvxfwtcOrDRYqYPBnA" - if token, err = jwt.Parse(jwtB64, jwks.Keyfunc); err != nil { + token, err = jwt.Parse(jwtB64, jwks.Keyfunc) + if err != nil { log.Fatalf("Failed to parse the JWT signed by a non-given key in the remote JWKS.\nError: %s.", err.Error()) } if !token.Valid { diff --git a/examples/hmac/main.go b/examples/hmac/main.go index 53674e3..63b6540 100644 --- a/examples/hmac/main.go +++ b/examples/hmac/main.go @@ -28,8 +28,8 @@ func main() { }) // Parse the token. - var token *jwt.Token - if token, err = jwt.Parse(jwtB64, jwks.Keyfunc); err != nil { + token, err := jwt.Parse(jwtB64, jwks.Keyfunc) + if err != nil { log.Fatalf("Failed to parse the JWT.\nError: %s", err.Error()) } diff --git a/examples/interval/main.go b/examples/interval/main.go index 827c6c3..6eb9a2e 100644 --- a/examples/interval/main.go +++ b/examples/interval/main.go @@ -36,8 +36,8 @@ func main() { jwtB64 := "eyJraWQiOiJlZThkNjI2ZCIsInR5cCI6IkpXVCIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiJXZWlkb25nIiwiYXVkIjoiVGFzaHVhbiIsImlzcyI6Imp3a3Mtc2VydmljZS5hcHBzcG90LmNvbSIsImlhdCI6MTYzMTM2OTk1NSwianRpIjoiNDY2M2E5MTAtZWU2MC00NzcwLTgxNjktY2I3NDdiMDljZjU0In0.LwD65d5h6U_2Xco81EClMa_1WIW4xXZl8o4b7WzY_7OgPD2tNlByxvGDzP7bKYA9Gj--1mi4Q4li4CAnKJkaHRYB17baC0H5P9lKMPuA6AnChTzLafY6yf-YadA7DmakCtIl7FNcFQQL2DXmh6gS9J6TluFoCIXj83MqETbDWpL28o3XAD_05UP8VLQzH2XzyqWKi97mOuvz-GsDp9mhBYQUgN3csNXt2v2l-bUPWe19SftNej0cxddyGu06tXUtaS6K0oe0TTbaqc3hmfEiu5G0J8U6ztTUMwXkBvaknE640NPgMQJqBaey0E4u0txYgyvMvvxfwtcOrDRYqYPBnA" // Parse the JWT. - var token *jwt.Token - if token, err = jwt.Parse(jwtB64, jwks.Keyfunc); err != nil { + token, err := jwt.Parse(jwtB64, jwks.Keyfunc) + if err != nil { log.Fatalf("Failed to parse the JWT.\nError: %s", err.Error()) } diff --git a/examples/json/main.go b/examples/json/main.go index dd89561..7664474 100644 --- a/examples/json/main.go +++ b/examples/json/main.go @@ -24,8 +24,8 @@ func main() { jwtB64 := "eyJraWQiOiJlZThkNjI2ZCIsInR5cCI6IkpXVCIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiJXZWlkb25nIiwiYXVkIjoiVGFzaHVhbiIsImlzcyI6Imp3a3Mtc2VydmljZS5hcHBzcG90LmNvbSIsImlhdCI6MTYzMTM2OTk1NSwianRpIjoiNDY2M2E5MTAtZWU2MC00NzcwLTgxNjktY2I3NDdiMDljZjU0In0.LwD65d5h6U_2Xco81EClMa_1WIW4xXZl8o4b7WzY_7OgPD2tNlByxvGDzP7bKYA9Gj--1mi4Q4li4CAnKJkaHRYB17baC0H5P9lKMPuA6AnChTzLafY6yf-YadA7DmakCtIl7FNcFQQL2DXmh6gS9J6TluFoCIXj83MqETbDWpL28o3XAD_05UP8VLQzH2XzyqWKi97mOuvz-GsDp9mhBYQUgN3csNXt2v2l-bUPWe19SftNej0cxddyGu06tXUtaS6K0oe0TTbaqc3hmfEiu5G0J8U6ztTUMwXkBvaknE640NPgMQJqBaey0E4u0txYgyvMvvxfwtcOrDRYqYPBnA" // Parse the JWT. - var token *jwt.Token - if token, err = jwt.Parse(jwtB64, jwks.Keyfunc); err != nil { + token, err := jwt.Parse(jwtB64, jwks.Keyfunc) + if err != nil { log.Fatalf("Failed to parse the JWT.\nError: %s", err.Error()) } diff --git a/examples/keycloak/main.go b/examples/keycloak/main.go index f096591..c56775a 100644 --- a/examples/keycloak/main.go +++ b/examples/keycloak/main.go @@ -39,8 +39,8 @@ func main() { jwtB64 := "eyJhbGciOiJQUzM4NCIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJMeDFGbWF5UDJZQnR4YXFTMVNLSlJKR2lYUktudzJvdjVXbVlJTUctQkxFIn0.eyJleHAiOjE2MTU0MDY5ODIsImlhdCI6MTYxNTQwNjkyMiwianRpIjoiMGY2NGJjYTktYjU4OC00MWFhLWFkNDEtMmFmZDM2OGRmNTFkIiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL2F1dGgvcmVhbG1zL21hc3RlciIsImF1ZCI6ImFjY291bnQiLCJzdWIiOiJhZDEyOGRmMS0xMTQwLTRlNGMtYjA5Ny1hY2RjZTcwNWJkOWIiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJ0b2tlbmRlbG1lIiwiYWNyIjoiMSIsInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJlbWFpbCBwcm9maWxlIiwiY2xpZW50SG9zdCI6IjE3Mi4yMC4wLjEiLCJjbGllbnRJZCI6InRva2VuZGVsbWUiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsInByZWZlcnJlZF91c2VybmFtZSI6InNlcnZpY2UtYWNjb3VudC10b2tlbmRlbG1lIiwiY2xpZW50QWRkcmVzcyI6IjE3Mi4yMC4wLjEifQ.Rxrq41AxbWKIQHWv-Tkb7rqwel3sKT_R_AGvn9mPIHqhw1m7nsQWcL9t2a_8MI2hCwgWtYdgTF1xxBNmb2IW3CZkML5nGfcRrFvNaBHd3UQEqbFKZgnIX29h5VoxekyiwFaGD-0RXL83jF7k39hytEzTatwoVjZ-frga0KFl-nLce3OwncRXVCGmxoFzUsyu9TQFS2Mm_p0AMX1y1MAX1JmLC3WFhH3BohhRqpzBtjSfs_f46nE1-HKjqZ1ERrAc2fmiVJjmG7sT702JRuuzrgUpHlMy2juBG4DkVcMlj4neJUmCD1vZyZBRggfaIxNkwUhHtmS2Cp9tOcwNu47tSg" // Parse the JWT. - var token *jwt.Token - if token, err = jwt.Parse(jwtB64, jwks.Keyfunc); err != nil { + token, err := jwt.Parse(jwtB64, jwks.Keyfunc) + if err != nil { log.Fatalf("Failed to parse the JWT.\nError: %s", err.Error()) } diff --git a/examples/recommended_options/main.go b/examples/recommended_options/main.go index e24104a..87d60e7 100644 --- a/examples/recommended_options/main.go +++ b/examples/recommended_options/main.go @@ -44,8 +44,8 @@ func main() { jwtB64 := "eyJraWQiOiJlZThkNjI2ZCIsInR5cCI6IkpXVCIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiJXZWlkb25nIiwiYXVkIjoiVGFzaHVhbiIsImlzcyI6Imp3a3Mtc2VydmljZS5hcHBzcG90LmNvbSIsImlhdCI6MTYzMTM2OTk1NSwianRpIjoiNDY2M2E5MTAtZWU2MC00NzcwLTgxNjktY2I3NDdiMDljZjU0In0.LwD65d5h6U_2Xco81EClMa_1WIW4xXZl8o4b7WzY_7OgPD2tNlByxvGDzP7bKYA9Gj--1mi4Q4li4CAnKJkaHRYB17baC0H5P9lKMPuA6AnChTzLafY6yf-YadA7DmakCtIl7FNcFQQL2DXmh6gS9J6TluFoCIXj83MqETbDWpL28o3XAD_05UP8VLQzH2XzyqWKi97mOuvz-GsDp9mhBYQUgN3csNXt2v2l-bUPWe19SftNej0cxddyGu06tXUtaS6K0oe0TTbaqc3hmfEiu5G0J8U6ztTUMwXkBvaknE640NPgMQJqBaey0E4u0txYgyvMvvxfwtcOrDRYqYPBnA" // Parse the JWT. - var token *jwt.Token - if token, err = jwt.Parse(jwtB64, jwks.Keyfunc); err != nil { + token, err := jwt.Parse(jwtB64, jwks.Keyfunc) + if err != nil { log.Fatalf("Failed to parse the JWT.\nError: %s", err.Error()) } diff --git a/get.go b/get.go index a122a58..a7718b8 100644 --- a/get.go +++ b/get.go @@ -36,7 +36,8 @@ func Get(jwksURL string, options Options) (jwks *JWKS, err error) { } // Get the keys for the JWKS. - if err = jwks.refresh(); err != nil { + err = jwks.refresh() + if err != nil { return nil, err } @@ -120,7 +121,8 @@ func (j *JWKS) backgroundRefresh() { // Refresh the JWKS. refreshMux.Lock() defer refreshMux.Unlock() - if err := j.refresh(); err != nil && j.refreshErrorHandler != nil { + err := j.refresh() + if err != nil && j.refreshErrorHandler != nil { j.refreshErrorHandler(err) } @@ -134,7 +136,8 @@ func (j *JWKS) backgroundRefresh() { } else { // Refresh the JWKS. - if err := j.refresh(); err != nil && j.refreshErrorHandler != nil { + err := j.refresh() + if err != nil && j.refreshErrorHandler != nil { j.refreshErrorHandler(err) } @@ -167,21 +170,22 @@ func (j *JWKS) refresh() (err error) { defer cancel() // Create the HTTP request. - var req *http.Request - if req, err = http.NewRequestWithContext(ctx, http.MethodGet, j.jwksURL, bytes.NewReader(nil)); err != nil { + req, err := http.NewRequestWithContext(ctx, http.MethodGet, j.jwksURL, bytes.NewReader(nil)) + if err != nil { return err } // Get the JWKS as JSON from the given URL. - var resp *http.Response - if resp, err = j.client.Do(req); err != nil { + resp, err := j.client.Do(req) + if err != nil { return err } - defer resp.Body.Close() // Ignore any error. + //goland:noinspection GoUnhandledErrorResult + defer resp.Body.Close() // Read the raw JWKS from the body of the response. - var jwksBytes []byte - if jwksBytes, err = ioutil.ReadAll(resp.Body); err != nil { + jwksBytes, err := ioutil.ReadAll(resp.Body) + if err != nil { return err } @@ -192,8 +196,8 @@ func (j *JWKS) refresh() (err error) { j.raw = jwksBytes // Create an updated JWKS. - var updated *JWKS - if updated, err = NewJSON(jwksBytes); err != nil { + updated, err := NewJSON(jwksBytes) + if err != nil { return err } diff --git a/given_test.go b/given_test.go index 3852327..1086abe 100644 --- a/given_test.go +++ b/given_test.go @@ -151,7 +151,8 @@ func addCustom(givenKeys map[string]keyfunc.GivenKey, kid string) (key string) { func addECDSA(givenKeys map[string]keyfunc.GivenKey, kid string) (key *ecdsa.PrivateKey, err error) { // Create the ECDSA key. - if key, err = ecdsa.GenerateKey(elliptic.P256(), rand.Reader); err != nil { + key, err = ecdsa.GenerateKey(elliptic.P256(), rand.Reader) + if err != nil { return nil, fmt.Errorf("failed to create ECDSA key: %w", err) } @@ -165,8 +166,8 @@ func addECDSA(givenKeys map[string]keyfunc.GivenKey, kid string) (key *ecdsa.Pri func addEdDSA(givenKeys map[string]keyfunc.GivenKey, kid string) (key ed25519.PrivateKey, err error) { // Create the ECDSA key. - var pub ed25519.PublicKey - if pub, key, err = ed25519.GenerateKey(rand.Reader); err != nil { + pub, key, err := ed25519.GenerateKey(rand.Reader) + if err != nil { return nil, fmt.Errorf("failed to create ECDSA key: %w", err) } @@ -181,7 +182,8 @@ func addHMAC(givenKeys map[string]keyfunc.GivenKey, kid string) (secret []byte, // Create the HMAC secret. secret = make([]byte, sha256.BlockSize) - if _, err = rand.Read(secret); err != nil { + _, err = rand.Read(secret) + if err != nil { return nil, fmt.Errorf("failed to create HMAC secret: %w", err) } @@ -195,7 +197,8 @@ func addHMAC(givenKeys map[string]keyfunc.GivenKey, kid string) (secret []byte, func addRSA(givenKeys map[string]keyfunc.GivenKey, kid string) (key *rsa.PrivateKey, err error) { // Create the RSA key. - if key, err = rsa.GenerateKey(rand.Reader, 2048); err != nil { + key, err = rsa.GenerateKey(rand.Reader, 2048) + if err != nil { return nil, fmt.Errorf("failed to create RSA key: %w", err) } @@ -216,8 +219,8 @@ func signParseValidate(t *testing.T, token *jwt.Token, key interface{}, jwks *ke } // Parse the JWT using the JWKS. - var parsed *jwt.Token - if parsed, err = jwt.Parse(jwtB64, jwks.Keyfunc); err != nil { + parsed, err := jwt.Parse(jwtB64, jwks.Keyfunc) + if err != nil { t.Errorf("Failed to parse the JWT.\nError: %s.", err.Error()) t.FailNow() } diff --git a/jwks.go b/jwks.go index 68ddad4..1b2dffc 100644 --- a/jwks.go +++ b/jwks.go @@ -62,7 +62,8 @@ func NewJSON(jwksBytes json.RawMessage) (jwks *JWKS, err error) { // Turn the raw JWKS into the correct Go type. var rawKS rawJWKS - if err = json.Unmarshal(jwksBytes, &rawKS); err != nil { + err = json.Unmarshal(jwksBytes, &rawKS) + if err != nil { return nil, err } @@ -76,19 +77,23 @@ func NewJSON(jwksBytes json.RawMessage) (jwks *JWKS, err error) { var keyInter interface{} switch keyType := key.Type; keyType { case ktyEC: - if keyInter, err = key.ECDSA(); err != nil { + keyInter, err = key.ECDSA() + if err != nil { continue } case ktyOKP: - if keyInter, err = key.EdDSA(); err != nil { + keyInter, err = key.EdDSA() + if err != nil { continue } case ktyOct: - if keyInter, err = key.Oct(); err != nil { + keyInter, err = key.Oct() + if err != nil { continue } case ktyRSA: - if keyInter, err = key.RSA(); err != nil { + keyInter, err = key.RSA() + if err != nil { continue } default: @@ -138,9 +143,8 @@ func (j *JWKS) ReadOnlyKeys() map[string]interface{} { func (j *JWKS) getKey(kid string) (jsonKey interface{}, err error) { // Get the jsonWebKey from the JWKS. - var ok bool j.mux.RLock() - jsonKey, ok = j.keys[kid] + jsonKey, ok := j.keys[kid] j.mux.RUnlock() // Check if the key was present. diff --git a/jwks_test.go b/jwks_test.go index 8328697..f29a622 100644 --- a/jwks_test.go +++ b/jwks_test.go @@ -37,7 +37,8 @@ func TestInvalidServer(t *testing.T) { // Create the HTTP test server. server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { - if _, err := w.Write(nil); err != nil { + _, err := w.Write(nil) + if err != nil { t.Errorf("Failed to write empty response.\nError: %s", err.Error()) t.FailNow() } @@ -58,7 +59,8 @@ func TestInvalidServer(t *testing.T) { } // Create the JWKS. - if _, err := keyfunc.Get(server.URL, options); err == nil { + _, err := keyfunc.Get(server.URL, options) + if err == nil { t.Errorf("Creation of *keyfunc.JWKS with invalid server must fail.") t.FailNow() } @@ -74,7 +76,8 @@ func TestJWKS(t *testing.T) { t.FailNow() } defer func() { - if err = os.RemoveAll(tempDir); err != nil { + err = os.RemoveAll(tempDir) + if err != nil { t.Errorf("Failed to remove temporary directory.\nError: %s", err.Error()) t.FailNow() } @@ -84,7 +87,8 @@ func TestJWKS(t *testing.T) { jwksFile := filepath.Join(tempDir, jwksFilePath) // Write the JWKS. - if err = ioutil.WriteFile(jwksFile, []byte(jwksJSON), 0600); err != nil { + err = ioutil.WriteFile(jwksFile, []byte(jwksJSON), 0600) + if err != nil { t.Errorf("Failed to write JWKS file to temporary directory.\nError: %s", err.Error()) t.FailNow() } @@ -170,7 +174,8 @@ func TestJWKS(t *testing.T) { // // Don't check for general errors. Unfortunately, an error occurs when a token is expired. All hard // coded tokens are expired. - if _, err = jwt.Parse(tc.token, jwks.Keyfunc); err != nil { + _, err = jwt.Parse(tc.token, jwks.Keyfunc) + if err != nil { if errors.Is(err, jwt.ErrInvalidKeyType) { t.Errorf("Invaild key type selected.\nError: %s", err.Error()) t.FailNow() @@ -221,9 +226,8 @@ func TestJWKS_KIDs(t *testing.T) { } // Confirm all expected keys are present. - var found bool for _, expectedKID := range expectedKIDs { - found = false + found := false for _, kid := range actual { if kid == expectedKID { found = true @@ -246,7 +250,8 @@ func TestRateLimit(t *testing.T) { t.FailNow() } defer func() { - if err = os.RemoveAll(tempDir); err != nil { + err = os.RemoveAll(tempDir) + if err != nil { t.Errorf("Failed to remove temporary directory.\nError: %s", err.Error()) t.FailNow() } @@ -290,8 +295,8 @@ func TestRateLimit(t *testing.T) { } // Create the JWKS. - var jwks *keyfunc.JWKS - if jwks, err = keyfunc.Get(jwksURL, options); err != nil { + jwks, err := keyfunc.Get(jwksURL, options) + if err != nil { t.Errorf("Failed to create *keyfunc.JWKS.\nError: %s", err.Error()) t.FailNow() } @@ -384,7 +389,8 @@ func TestUnknownKIDRefresh(t *testing.T) { t.FailNow() } defer func() { - if err = os.RemoveAll(tempDir); err != nil { + err = os.RemoveAll(tempDir) + if err != nil { t.Errorf("Failed to remove temporary directory.\nError: %s", err.Error()) t.FailNow() } @@ -394,7 +400,8 @@ func TestUnknownKIDRefresh(t *testing.T) { jwksFile := filepath.Join(tempDir, strings.TrimPrefix(jwksFilePath, "/")) // Write the empty JWKS. - if err = ioutil.WriteFile(jwksFile, []byte(emptyJWKSJSON), 0600); err != nil { + err = ioutil.WriteFile(jwksFile, []byte(emptyJWKSJSON), 0600) + if err != nil { t.Errorf("Failed to write JWKS file to temporary directory.\nError: %s", err.Error()) t.FailNow() } @@ -419,15 +426,16 @@ func TestUnknownKIDRefresh(t *testing.T) { } // Create the JWKS. - var jwks *keyfunc.JWKS - if jwks, err = keyfunc.Get(jwksURL, options); err != nil { + jwks, err := keyfunc.Get(jwksURL, options) + if err != nil { t.Errorf("Failed to create *keyfunc.JWKS.\nError: %s", err.Error()) t.FailNow() } defer jwks.EndBackground() // Write the populated JWKS. - if err = ioutil.WriteFile(jwksFile, []byte(jwksJSON), 0600); err != nil { + err = ioutil.WriteFile(jwksFile, []byte(jwksJSON), 0600) + if err != nil { t.Errorf("Failed to write JWKS file to temporary directory.\nError: %s", err.Error()) t.FailNow() } @@ -439,7 +447,8 @@ func TestUnknownKIDRefresh(t *testing.T) { // // Don't check for general errors. Unfortunately, an error occurs when a token is expired. All hard // coded tokens are expired. - if _, err = jwt.Parse(token, jwks.Keyfunc); err != nil { + _, err = jwt.Parse(token, jwks.Keyfunc) + if err != nil { if errors.Is(err, jwt.ErrInvalidKeyType) { t.Errorf("Invaild key type selected.\nError: %s", err.Error()) t.FailNow() diff --git a/oct.go b/oct.go index d2f7efb..0f4dcb8 100644 --- a/oct.go +++ b/oct.go @@ -23,7 +23,8 @@ func (j *jsonWebKey) Oct() (publicKey []byte, err error) { // // According to RFC 7517, this is Base64 URL bytes. // https://datatracker.ietf.org/doc/html/rfc7517#section-1.1 - if publicKey, err = base64.RawURLEncoding.DecodeString(j.K); err != nil { + publicKey, err = base64.RawURLEncoding.DecodeString(j.K) + if err != nil { return nil, err } diff --git a/override_test.go b/override_test.go index 0297f39..d7455fb 100644 --- a/override_test.go +++ b/override_test.go @@ -52,7 +52,8 @@ func TestNewGiven(t *testing.T) { t.FailNow() } defer func() { - if err = os.RemoveAll(tempDir); err != nil { + err = os.RemoveAll(tempDir) + if err != nil { t.Errorf("Failed to remove temporary directory.\nError: %s", err.Error()) t.FailNow() } @@ -69,7 +70,8 @@ func TestNewGiven(t *testing.T) { } // Write the empty JWKS. - if err = ioutil.WriteFile(jwksFile, jwksBytes, 0600); err != nil { + err = ioutil.WriteFile(jwksFile, jwksBytes, 0600) + if err != nil { t.Errorf("Failed to write JWKS file to temporary directory.\nError: %s", err.Error()) t.FailNow() } @@ -93,8 +95,8 @@ func TestNewGiven(t *testing.T) { } // Get the remote JWKS. - var jwks *keyfunc.JWKS - if jwks, err = keyfunc.Get(jwksURL, options); err != nil { + jwks, err := keyfunc.Get(jwksURL, options) + if err != nil { t.Errorf("Failed to get the JWKS the testing URL.\nError: %s", err.Error()) t.FailNow() } @@ -110,7 +112,8 @@ func TestNewGiven(t *testing.T) { // Change the JWKS options to overwrite remote keys. options.GivenKIDOverride = true - if jwks, err = keyfunc.Get(jwksURL, options); err != nil { + jwks, err = keyfunc.Get(jwksURL, options) + if err != nil { t.Errorf("Failed to recreate JWKS.\nError: %s.", err.Error()) t.FailNow() } @@ -140,8 +143,7 @@ func createSignParseValidate(t *testing.T, keys map[string]*rsa.PrivateKey, jwks } // Parse the JWT. - var token *jwt.Token - token, err = jwt.Parse(jwtB64, jwks.Keyfunc) + token, err := jwt.Parse(jwtB64, jwks.Keyfunc) if err != nil { if !shouldValidate && !errors.Is(err, rsa.ErrVerification) { return @@ -172,22 +174,22 @@ func keysAndJWKS() (givenKeys map[string]keyfunc.GivenKey, givenPrivateKeys map[ remotePrivateKeys = make(map[string]*rsa.PrivateKey) // Create a key not in the remote JWKS. - var key1 *rsa.PrivateKey - if key1, err = addRSA(givenKeys, givenKID); err != nil { + key1, err := addRSA(givenKeys, givenKID) + if err != nil { return nil, nil, nil, nil, fmt.Errorf(rsaErrMessage, err) } givenPrivateKeys[givenKID] = key1 // Create a key to be overwritten by or override the one with the same key ID in the remote JWKS. - var key2 *rsa.PrivateKey - if key2, err = addRSA(givenKeys, remoteKID); err != nil { + key2, err := addRSA(givenKeys, remoteKID) + if err != nil { return nil, nil, nil, nil, fmt.Errorf(rsaErrMessage, err) } givenPrivateKeys[remoteKID] = key2 // Create a key that exists in the remote JWKS. - var key3 *rsa.PrivateKey - if key3, err = rsa.GenerateKey(rand.Reader, 2048); err != nil { + key3, err := rsa.GenerateKey(rand.Reader, 2048) + if err != nil { return nil, nil, nil, nil, fmt.Errorf(rsaErrMessage, err) } remotePrivateKeys[remoteKID] = key3 @@ -201,7 +203,8 @@ func keysAndJWKS() (givenKeys map[string]keyfunc.GivenKey, givenPrivateKeys map[ }}} // Marshal the JWKS to JSON. - if jwksBytes, err = json.Marshal(jwks); err != nil { + jwksBytes, err = json.Marshal(jwks) + if err != nil { return nil, nil, nil, nil, fmt.Errorf("failed to marshal the JWKS to JSON: %w", err) } diff --git a/rsa.go b/rsa.go index 7214763..79915e8 100644 --- a/rsa.go +++ b/rsa.go @@ -25,14 +25,14 @@ func (j *jsonWebKey) RSA() (publicKey *rsa.PublicKey, err error) { // // According to RFC 7518, this is a Base64 URL unsigned integer. // https://tools.ietf.org/html/rfc7518#section-6.3 - var exponent []byte - if exponent, err = base64.RawURLEncoding.DecodeString(j.Exponent); err != nil { + exponent, err := base64.RawURLEncoding.DecodeString(j.Exponent) + if err != nil { return nil, err } // Decode the modulus from Base64. - var modulus []byte - if modulus, err = base64.RawURLEncoding.DecodeString(j.Modulus); err != nil { + modulus, err := base64.RawURLEncoding.DecodeString(j.Modulus) + if err != nil { return nil, err }