chore(lint): fix staticcheck issues (#3061)

* chores: fix staticcheck QF1012

Fix use of fmt.Sprintf when writing to a writer.
https://staticcheck.dev/docs/checks/#QF1012
https://github.com/oauth2-proxy/oauth2-proxy/issues/3060

* chores: fix staticcheck QF1003

Use switch instead of multiple if/else.
https://staticcheck.dev/docs/checks/#QF1003
https://github.com/oauth2-proxy/oauth2-proxy/issues/3060

* chores: exclude staticcheck QF1008 for now

We aim to migrate golangci-lint to v2
Let's disable QF1008 (Omit embedded fields from selector expression)
for now.
https://staticcheck.dev/docs/checks/#QF1008

* chores: fix golangci config: run.deadline -> timeout

Rename config option to match v1 documentation: deadline -> timeout.
https://golangci.github.io/legacy-v1-doc/usage/configuration/#run-configuration

This error has been spotted by golangci-lint v2 migration tool.

* chores: fix staticcheck QF1012

.golangci.yml

@@ -1,5 +1,5 @@
 run:
-  deadline: 120s
+  timeout: 120s
 linters:
   enable:
     - govet
@@ -24,6 +24,10 @@ linters:
     - revive
   disable-all: true
 issues:
+  exclude:
+    # To ease migration to golangci-lint v2.1
+    # https://staticcheck.dev/docs/checks/#QF1008
+    - QF1008
   exclude-rules:
     - path: _test\.go
       linters:

pkg/app/pagewriter/pagewriter_test.go

@@ -167,7 +167,7 @@ var _ = Describe("Writer", func() {
 				writer: &WriterFuncs{
 					SignInPageFunc: func(rw http.ResponseWriter, req *http.Request, redirectURL string, statusCode int) {
 						rw.WriteHeader(202)
-						rw.Write([]byte(fmt.Sprintf("%s %s", req.URL.Path, redirectURL)))
+						fmt.Fprintf(rw, "%s %s", req.URL.Path, redirectURL)
 					},
 				},
 				expectedStatus: 202,
@@ -200,7 +200,7 @@ var _ = Describe("Writer", func() {
 				writer: &WriterFuncs{
 					ErrorPageFunc: func(rw http.ResponseWriter, opts ErrorPageOpts) {
 						rw.WriteHeader(503)
-						rw.Write([]byte(fmt.Sprintf("%s %s", opts.RequestID, opts.RedirectURL)))
+						fmt.Fprintf(rw, "%s %s", opts.RequestID, opts.RedirectURL)
 					},
 				},
 				expectedStatus: 503,
@@ -230,7 +230,7 @@ var _ = Describe("Writer", func() {
 				writer: &WriterFuncs{
 					ProxyErrorFunc: func(rw http.ResponseWriter, req *http.Request, proxyErr error) {
 						rw.WriteHeader(503)
-						rw.Write([]byte(fmt.Sprintf("%s %v", req.URL.Path, proxyErr)))
+						fmt.Fprintf(rw, "%s %v", req.URL.Path, proxyErr)
 					},
 				},
 				expectedStatus: 503,

providers/google_test.go

@@ -237,30 +237,31 @@ func TestGoogleProviderGetEmailAddressEmailMissing(t *testing.T) {
 
 func TestGoogleProvider_userInGroup(t *testing.T) {
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		if r.URL.Path == "/admin/directory/v1/groups/group@example.com/hasMember/member-in-domain@example.com" {
+		switch r.URL.Path {
+		case "/admin/directory/v1/groups/group@example.com/hasMember/member-in-domain@example.com":
 			fmt.Fprintln(w, `{"isMember":true}`)
-		} else if r.URL.Path == "/admin/directory/v1/groups/group@example.com/hasMember/non-member-in-domain@example.com" {
+		case "/admin/directory/v1/groups/group@example.com/hasMember/non-member-in-domain@example.com":
 			fmt.Fprintln(w, `{"isMember":false}`)
-		} else if r.URL.Path == "/admin/directory/v1/groups/group@example.com/hasMember/member-out-of-domain@otherexample.com" {
+		case "/admin/directory/v1/groups/group@example.com/hasMember/member-out-of-domain@otherexample.com":
 			http.Error(
 				w,
 				`{"error":{"errors":[{"domain":"global","reason":"invalid","message":"Invalid Input: memberKey"}],"code":400,"message":"Invalid Input: memberKey"}}`,
 				http.StatusBadRequest,
 			)
-		} else if r.URL.Path == "/admin/directory/v1/groups/group@example.com/hasMember/non-member-out-of-domain@otherexample.com" {
+		case "/admin/directory/v1/groups/group@example.com/hasMember/non-member-out-of-domain@otherexample.com":
 			http.Error(
 				w,
 				`{"error":{"errors":[{"domain":"global","reason":"invalid","message":"Invalid Input: memberKey"}],"code":400,"message":"Invalid Input: memberKey"}}`,
 				http.StatusBadRequest,
 			)
-		} else if r.URL.Path == "/admin/directory/v1/groups/group@example.com/members/non-member-out-of-domain@otherexample.com" {
+		case "/admin/directory/v1/groups/group@example.com/members/non-member-out-of-domain@otherexample.com":
 			// note that the client currently doesn't care what this response text or code is - any error here results in failure to match the group
 			http.Error(
 				w,
 				`{"kind":"admin#directory#member","etag":"12345","id":"1234567890","email":"member-out-of-domain@otherexample.com","role":"MEMBER","type":"USER","status":"ACTIVE","delivery_settings":"ALL_MAIL"}`,
 				http.StatusNotFound,
 			)
-		} else if r.URL.Path == "/admin/directory/v1/groups/group@example.com/members/member-out-of-domain@otherexample.com" {
+		case "/admin/directory/v1/groups/group@example.com/members/member-out-of-domain@otherexample.com":
 			fmt.Fprintln(w,
 				`{"kind":"admin#directory#member","etag":"12345","id":"1234567890","email":"member-out-of-domain@otherexample.com","role":"MEMBER","type":"USER","status":"ACTIVE","delivery_settings":"ALL_MAIL"}`,
 			)

providers/ms_entra_id_test.go

@@ -149,7 +149,7 @@ func mockGraphAPI(noGroupMemberPermissions bool) *httptest.Server {
 
 			} else if r.URL.Path == groupsPath && r.Method == http.MethodGet {
 				// First page (pagination)
-				w.Write([]byte(fmt.Sprintf(`{
+				fmt.Fprintf(w, `{
 					"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#directoryObjects(id)",
 					"@odata.nextLink": "http://%s/v1.0/me/transitiveMemberOf?$select=id&$top=2&$skiptoken=TEST_TOKEN",
 					"value": [
@@ -162,7 +162,7 @@ func mockGraphAPI(noGroupMemberPermissions bool) *httptest.Server {
 							"id": "916f0604-8a3b-4a69-bda9-06db11a8f0cd"
 						  }
 					]
-				}`, r.Host)))
+				}`, r.Host)
 			}
 		},
 	))