go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-10-30 23:47:52 +02:00
Code Issues Releases Activity

Fix Linting Errors (#1835)

Browse Source 
* initial commit: add groups to azure

Signed-off-by: andrewphamade@gmail.com <andrewphamade@gmail.com>

* fix deprecations and linting errors

Signed-off-by: Andrew Hamade <andrewphamade@gmail.com>

* remove groups testing from azure provider

Signed-off-by: Andrew Hamade <andrewphamade@gmail.com>

* fix test error

Signed-off-by: Andrew Hamade <andrewphamade@gmail.com>

* verify-generate

Signed-off-by: Andrew Hamade <andrewphamade@gmail.com>

Signed-off-by: andrewphamade@gmail.com <andrewphamade@gmail.com>
Signed-off-by: Andrew Hamade <andrewphamade@gmail.com>
This commit is contained in:
Andrew Hamade
2022-10-21 12:57:51 +02:00
committed by GitHub
parent a6c8f6f04a
commit 7fe6384f38
43 changed files with 134 additions and 146 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
docs/docs/configuration/alpha_config.md
View File

@@ -306,7 +306,7 @@ the caller provides it, and no value will be sent otherwise.
Examples:
A parameter whose value is fixed
# A parameter whose value is fixed
```
name: organization
@@ -354,8 +354,9 @@ as backslash is not considered to be an escape character. Alternatively
use the "chomped block" format `|-`:
```
- pattern: |-
- pattern: |-
^[^@]*@example\.com$
```
The hyphen is important, a `|` block would have a trailing newline

5
main_test.go
View File

@@ -3,7 +3,6 @@ package main
import (
"errors"
"fmt"
"io/ioutil"
"os"
"strings"
"time"
@@ -191,7 +190,7 @@ redirect_url="http://localhost:4180/oauth2/callback"
if in.configContent != "" {
By("Writing the config to a temporary file", func() {
file, err := ioutil.TempFile("", "oauth2-proxy-test-config-XXXX.cfg")
file, err := os.CreateTemp("", "oauth2-proxy-test-config-XXXX.cfg")
Expect(err).ToNot(HaveOccurred())
defer file.Close()
@@ -204,7 +203,7 @@ redirect_url="http://localhost:4180/oauth2/callback"
if in.alphaConfigContent != "" {
By("Writing the config to a temporary file", func() {
file, err := ioutil.TempFile("", "oauth2-proxy-test-alpha-config-XXXX.yaml")
file, err := os.CreateTemp("", "oauth2-proxy-test-alpha-config-XXXX.yaml")
Expect(err).ToNot(HaveOccurred())
defer file.Close()

17
oauthproxy_test.go
View File

@@ -6,7 +6,6 @@ import (
"encoding/base64"
"fmt"
"io"
"io/ioutil"
"net/http"
"net/http/httptest"
"net/url"
@@ -837,9 +836,9 @@ func NewProcessCookieTest(opts ProcessCookieTestOpts, modifiers ...OptionsModifi
}
groups := pcTest.opts.Providers[0].AllowedGroups
testProvider.AllowedGroups = make(map[string]struct{}, len(groups))
testProvider.ProviderData.AllowedGroups = make(map[string]struct{}, len(groups))
for _, group := range groups {
testProvider.AllowedGroups[group] = struct{}{}
testProvider.ProviderData.AllowedGroups[group] = struct{}{}
}
pcTest.proxy.provider = testProvider
@@ -1043,7 +1042,7 @@ func TestUserInfoEndpointAccepted(t *testing.T) {
test.proxy.ServeHTTP(test.rw, test.req)
assert.Equal(t, http.StatusOK, test.rw.Code)
bodyBytes, _ := ioutil.ReadAll(test.rw.Body)
bodyBytes, _ := io.ReadAll(test.rw.Body)
assert.Equal(t, tc.expectedResponse, string(bodyBytes))
})
}
@@ -1094,7 +1093,7 @@ func TestAuthOnlyEndpointAccepted(t *testing.T) {
test.proxy.ServeHTTP(test.rw, test.req)
assert.Equal(t, http.StatusAccepted, test.rw.Code)
bodyBytes, _ := ioutil.ReadAll(test.rw.Body)
bodyBytes, _ := io.ReadAll(test.rw.Body)
assert.Equal(t, "", string(bodyBytes))
}
@@ -1106,7 +1105,7 @@ func TestAuthOnlyEndpointUnauthorizedOnNoCookieSetError(t *testing.T) {
test.proxy.ServeHTTP(test.rw, test.req)
assert.Equal(t, http.StatusUnauthorized, test.rw.Code)
bodyBytes, _ := ioutil.ReadAll(test.rw.Body)
bodyBytes, _ := io.ReadAll(test.rw.Body)
assert.Equal(t, "Unauthorized\n", string(bodyBytes))
}
@@ -1126,7 +1125,7 @@ func TestAuthOnlyEndpointUnauthorizedOnExpiration(t *testing.T) {
test.proxy.ServeHTTP(test.rw, test.req)
assert.Equal(t, http.StatusUnauthorized, test.rw.Code)
bodyBytes, _ := ioutil.ReadAll(test.rw.Body)
bodyBytes, _ := io.ReadAll(test.rw.Body)
assert.Equal(t, "Unauthorized\n", string(bodyBytes))
}
@@ -1145,7 +1144,7 @@ func TestAuthOnlyEndpointUnauthorizedOnEmailValidationFailure(t *testing.T) {
test.proxy.ServeHTTP(test.rw, test.req)
assert.Equal(t, http.StatusUnauthorized, test.rw.Code)
bodyBytes, _ := ioutil.ReadAll(test.rw.Body)
bodyBytes, _ := io.ReadAll(test.rw.Body)
assert.Equal(t, "Unauthorized\n", string(bodyBytes))
}
@@ -1561,7 +1560,7 @@ func (st *SignatureTest) MakeRequestWithExpectedKey(method, body, key string) er
var bodyBuf io.ReadCloser
if body != "" {
bodyBuf = ioutil.NopCloser(&fakeNetConn{reqBody: body})
bodyBuf = io.NopCloser(&fakeNetConn{reqBody: body})
}
req := httptest.NewRequest(method, "/foo/bar", bodyBuf)
req.Header = st.header

8
pkg/apis/options/load.go
View File

@@ -3,7 +3,7 @@ package options
import (
"errors"
"fmt"
"io/ioutil"
"os"
"reflect"
"strings"
@@ -17,7 +17,9 @@ import (
// variables (prefixed with `OAUTH2_PROXY`) and finally merges in flags from the flagSet.
// If a config value is unset and the flag has a non-zero value default, this default will be used.
// Eg. A field defined:
// FooBar `cfg:"foo_bar" flag:"foo-bar"`
//
// FooBar `cfg:"foo_bar" flag:"foo-bar"`
//
// Can be set in the config file as `foo_bar="baz"`, in the environment as `OAUTH2_PROXY_FOO_BAR=baz`,
// or via the command line flag `--foo-bar=baz`.
func Load(configFileName string, flagSet *pflag.FlagSet, into interface{}) error {
@@ -147,7 +149,7 @@ func LoadYAML(configFileName string, into interface{}) error {
return errors.New("no configuration file provided")
}
data, err := ioutil.ReadFile(configFileName)
data, err := os.ReadFile(configFileName)
if err != nil {
return fmt.Errorf("unable to load config file: %w", err)
}

7
pkg/apis/options/load_test.go
View File

@@ -3,7 +3,6 @@ package options
import (
"errors"
"fmt"
"io/ioutil"
"os"
"time"
@@ -118,7 +117,7 @@ var _ = Describe("Load", func() {
if o.configFile != nil {
By("Creating a config file")
configFile, err := ioutil.TempFile("", "oauth2-proxy-test-legacy-config-file")
configFile, err := os.CreateTemp("", "oauth2-proxy-test-legacy-config-file")
Expect(err).ToNot(HaveOccurred())
defer configFile.Close()
@@ -390,7 +389,7 @@ sub:
if in.configFile != nil {
By("Creating a config file")
configFile, err := ioutil.TempFile("", "oauth2-proxy-test-config-file")
configFile, err := os.CreateTemp("", "oauth2-proxy-test-config-file")
Expect(err).ToNot(HaveOccurred())
defer configFile.Close()
@@ -488,7 +487,7 @@ injectResponseHeaders:
`)
By("Creating a config file")
configFile, err := ioutil.TempFile("", "oauth2-proxy-test-alpha-config-file")
configFile, err := os.CreateTemp("", "oauth2-proxy-test-alpha-config-file")
Expect(err).ToNot(HaveOccurred())
defer configFile.Close()

5
pkg/apis/options/login_url_parameters.go
View File

@@ -14,7 +14,7 @@ package options
//
// Examples:
//
// A parameter whose value is fixed
// # A parameter whose value is fixed
//
// ```
// name: organization
@@ -62,8 +62,9 @@ package options
// use the "chomped block" format `|-`:
//
// ```
// - pattern: |-
// - pattern: |-
// ^[^@]*@example\.com$
//
// ```
//
// The hyphen is important, a `|` block would have a trailing newline

3
pkg/apis/options/util/util.go
View File

@@ -2,7 +2,6 @@ package util
import (
"errors"
"io/ioutil"
"os"
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/options"
@@ -16,7 +15,7 @@ func GetSecretValue(source *options.SecretSource) ([]byte, error) {
case len(source.Value) == 0 && source.FromEnv != "" && source.FromFile == "":
return []byte(os.Getenv(source.FromEnv)), nil
case len(source.Value) == 0 && source.FromEnv == "" && source.FromFile != "":
return ioutil.ReadFile(source.FromFile)
return os.ReadFile(source.FromFile)
default:
return nil, errors.New("secret source is invalid: exactly one entry required, specify either value, fromEnv or fromFile")
}

5
pkg/apis/options/util/util_test.go
View File

@@ -1,7 +1,6 @@
package util
import (
"io/ioutil"
"os"
"path"
@@ -20,9 +19,9 @@ var _ = Describe("GetSecretValue", func() {
os.Setenv(secretEnvKey, secretEnvValue)
var err error
fileDir, err = ioutil.TempDir("", "oauth2-proxy-util-get-secret-value")
fileDir, err = os.MkdirTemp("", "oauth2-proxy-util-get-secret-value")
Expect(err).ToNot(HaveOccurred())
Expect(ioutil.WriteFile(path.Join(fileDir, "secret-file"), secretFileValue, 0600)).To(Succeed())
Expect(os.WriteFile(path.Join(fileDir, "secret-file"), secretFileValue, 0600)).To(Succeed())
})
AfterEach(func() {

5
pkg/apis/sessions/session_state.go
View File

@@ -5,7 +5,6 @@ import (
"context"
"fmt"
"io"
"io/ioutil"
"time"
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/clock"
@@ -225,7 +224,7 @@ func lz4Compress(payload []byte) ([]byte, error) {
return nil, fmt.Errorf("error closing lz4 writer: %w", err)
}
compressed, err := ioutil.ReadAll(buf)
compressed, err := io.ReadAll(buf)
if err != nil {
return nil, fmt.Errorf("error reading lz4 buffer: %w", err)
}
@@ -244,7 +243,7 @@ func lz4Decompress(compressed []byte) ([]byte, error) {
return nil, fmt.Errorf("error copying lz4 stream to buffer: %w", err)
}
payload, err := ioutil.ReadAll(buf)
payload, err := io.ReadAll(buf)
if err != nil {
return nil, fmt.Errorf("error reading lz4 buffer: %w", err)
}

16
pkg/app/pagewriter/error_page_test.go
View File

@@ -3,7 +3,7 @@ package pagewriter
import (
"errors"
"html/template"
"io/ioutil"
"io"
"net/http/httptest"
middlewareapi "github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/middleware"
@@ -36,7 +36,7 @@ var _ = Describe("Error Page Writer", func() {
AppError: "Access Denied",
})
body, err := ioutil.ReadAll(recorder.Result().Body)
body, err := io.ReadAll(recorder.Result().Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal("Forbidden You do not have permission to access this resource. /prefix/ 403 /redirect 11111111-2222-4333-8444-555555555555 Custom Footer Text v0.0.0-test"))
})
@@ -50,7 +50,7 @@ var _ = Describe("Error Page Writer", func() {
AppError: "Access Denied",
})
body, err := ioutil.ReadAll(recorder.Result().Body)
body, err := io.ReadAll(recorder.Result().Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal("Internal Server Error Oops! Something went wrong. For more information contact your server administrator. /prefix/ 500 /redirect 11111111-2222-4333-8444-555555555555 Custom Footer Text v0.0.0-test"))
})
@@ -68,7 +68,7 @@ var _ = Describe("Error Page Writer", func() {
},
})
body, err := ioutil.ReadAll(recorder.Result().Body)
body, err := io.ReadAll(recorder.Result().Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal("Forbidden An extra message: with more context. /prefix/ 403 /redirect 11111111-2222-4333-8444-555555555555 Custom Footer Text v0.0.0-test"))
})
@@ -82,7 +82,7 @@ var _ = Describe("Error Page Writer", func() {
AppError: "Access Denied",
})
body, err := ioutil.ReadAll(recorder.Result().Body)
body, err := io.ReadAll(recorder.Result().Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal("Forbidden You do not have permission to access this resource. /prefix/ 403 /redirect &lt;script&gt;alert(1)&lt;/script&gt; Custom Footer Text v0.0.0-test"))
})
@@ -97,7 +97,7 @@ var _ = Describe("Error Page Writer", func() {
recorder := httptest.NewRecorder()
errorPage.ProxyErrorHandler(recorder, req, errors.New("some upstream error"))
body, err := ioutil.ReadAll(recorder.Result().Body)
body, err := io.ReadAll(recorder.Result().Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal("Bad Gateway There was a problem connecting to the upstream server. /prefix/ 502 11111111-2222-4333-8444-555555555555 Custom Footer Text v0.0.0-test"))
})
@@ -121,7 +121,7 @@ var _ = Describe("Error Page Writer", func() {
AppError: "Debug error",
})
body, err := ioutil.ReadAll(recorder.Result().Body)
body, err := io.ReadAll(recorder.Result().Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal("Debug error"))
})
@@ -136,7 +136,7 @@ var _ = Describe("Error Page Writer", func() {
recorder := httptest.NewRecorder()
errorPage.ProxyErrorHandler(recorder, req, errors.New("some upstream error"))
body, err := ioutil.ReadAll(recorder.Result().Body)
body, err := io.ReadAll(recorder.Result().Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal("some upstream error"))
})

28
pkg/app/pagewriter/pagewriter_test.go
View File

@@ -3,7 +3,7 @@ package pagewriter
import (
"errors"
"fmt"
"io/ioutil"
"io"
"net/http"
"net/http/httptest"
"os"
@@ -50,7 +50,7 @@ var _ = Describe("Writer", func() {
AppError: "Some debug error",
})
body, err := ioutil.ReadAll(recorder.Result().Body)
body, err := io.ReadAll(recorder.Result().Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(HavePrefix("\n<!DOCTYPE html>"))
})
@@ -59,7 +59,7 @@ var _ = Describe("Writer", func() {
recorder := httptest.NewRecorder()
writer.WriteSignInPage(recorder, request, "/redirect", http.StatusOK)
body, err := ioutil.ReadAll(recorder.Result().Body)
body, err := io.ReadAll(recorder.Result().Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(HavePrefix("\n<!DOCTYPE html>"))
})
@@ -70,14 +70,14 @@ var _ = Describe("Writer", func() {
BeforeEach(func() {
var err error
customDir, err = ioutil.TempDir("", "oauth2-proxy-pagewriter-test")
customDir, err = os.MkdirTemp("", "oauth2-proxy-pagewriter-test")
Expect(err).ToNot(HaveOccurred())
templateHTML := `Custom Template`
signInFile := filepath.Join(customDir, signInTemplateName)
Expect(ioutil.WriteFile(signInFile, []byte(templateHTML), 0600)).To(Succeed())
Expect(os.WriteFile(signInFile, []byte(templateHTML), 0600)).To(Succeed())
errorFile := filepath.Join(customDir, errorTemplateName)
Expect(ioutil.WriteFile(errorFile, []byte(templateHTML), 0600)).To(Succeed())
Expect(os.WriteFile(errorFile, []byte(templateHTML), 0600)).To(Succeed())
opts.TemplatesPath = customDir
@@ -97,7 +97,7 @@ var _ = Describe("Writer", func() {
AppError: "Some debug error",
})
body, err := ioutil.ReadAll(recorder.Result().Body)
body, err := io.ReadAll(recorder.Result().Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal("Custom Template"))
})
@@ -106,7 +106,7 @@ var _ = Describe("Writer", func() {
recorder := httptest.NewRecorder()
writer.WriteSignInPage(recorder, request, "/redirect", http.StatusOK)
body, err := ioutil.ReadAll(recorder.Result().Body)
body, err := io.ReadAll(recorder.Result().Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal("Custom Template"))
})
@@ -117,12 +117,12 @@ var _ = Describe("Writer", func() {
BeforeEach(func() {
var err error
customDir, err = ioutil.TempDir("", "oauth2-proxy-pagewriter-test")
customDir, err = os.MkdirTemp("", "oauth2-proxy-pagewriter-test")
Expect(err).ToNot(HaveOccurred())
templateHTML := `{{ Custom Broken Template`
signInFile := filepath.Join(customDir, signInTemplateName)
Expect(ioutil.WriteFile(signInFile, []byte(templateHTML), 0600)).To(Succeed())
Expect(os.WriteFile(signInFile, []byte(templateHTML), 0600)).To(Succeed())
opts.TemplatesPath = customDir
})
@@ -155,7 +155,7 @@ var _ = Describe("Writer", func() {
Expect(rw.Result().StatusCode).To(Equal(in.expectedStatus))
body, err := ioutil.ReadAll(rw.Result().Body)
body, err := io.ReadAll(rw.Result().Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal(in.expectedBody))
},
@@ -188,7 +188,7 @@ var _ = Describe("Writer", func() {
Expect(rw.Result().StatusCode).To(Equal(in.expectedStatus))
body, err := ioutil.ReadAll(rw.Result().Body)
body, err := io.ReadAll(rw.Result().Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal(in.expectedBody))
},
@@ -218,7 +218,7 @@ var _ = Describe("Writer", func() {
Expect(rw.Result().StatusCode).To(Equal(in.expectedStatus))
body, err := ioutil.ReadAll(rw.Result().Body)
body, err := io.ReadAll(rw.Result().Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal(in.expectedBody))
},
@@ -257,7 +257,7 @@ var _ = Describe("Writer", func() {
Expect(rw.Result().StatusCode).To(Equal(in.expectedStatus))
body, err := ioutil.ReadAll(rw.Result().Body)
body, err := io.ReadAll(rw.Result().Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal(in.expectedBody))
},

10
pkg/app/pagewriter/sign_in_page_test.go
View File

@@ -4,7 +4,7 @@ import (
"errors"
"fmt"
"html/template"
"io/ioutil"
"io"
"net/http"
"net/http/httptest"
"os"
@@ -56,7 +56,7 @@ var _ = Describe("SignIn Page", func() {
recorder := httptest.NewRecorder()
signInPage.WriteSignInPage(recorder, request, "/redirect", http.StatusOK)
body, err := ioutil.ReadAll(recorder.Result().Body)
body, err := io.ReadAll(recorder.Result().Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal("/prefix/ My Provider Sign In Here Custom Footer Text v0.0.0-test /redirect true Logo Data"))
})
@@ -70,7 +70,7 @@ var _ = Describe("SignIn Page", func() {
recorder := httptest.NewRecorder()
signInPage.WriteSignInPage(recorder, request, "/redirect", http.StatusOK)
body, err := ioutil.ReadAll(recorder.Result().Body)
body, err := io.ReadAll(recorder.Result().Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal(fmt.Sprintf("Internal Server Error | %s", testRequestID)))
})
@@ -84,12 +84,12 @@ var _ = Describe("SignIn Page", func() {
BeforeEach(func() {
var err error
customDir, err = ioutil.TempDir("", "oauth2-proxy-sign-in-page-test")
customDir, err = os.MkdirTemp("", "oauth2-proxy-sign-in-page-test")
Expect(err).ToNot(HaveOccurred())
for _, ext := range []string{".svg", ".png", ".jpg", ".jpeg", ".gif"} {
fileName := filepath.Join(customDir, fmt.Sprintf("logo%s", ext))
Expect(ioutil.WriteFile(fileName, []byte(fakeImageData), 0600)).To(Succeed())
Expect(os.WriteFile(fileName, []byte(fakeImageData), 0600)).To(Succeed())
}
})

12
pkg/app/pagewriter/static_pages_test.go
View File

@@ -3,7 +3,7 @@ package pagewriter
import (
"errors"
"html/template"
"io/ioutil"
"io"
"net/http"
"net/http/httptest"
"os"
@@ -27,11 +27,11 @@ var _ = Describe("Static Pages", func() {
template: errorTmpl,
}
customDir, err = ioutil.TempDir("", "oauth2-proxy-static-pages-test")
customDir, err = os.MkdirTemp("", "oauth2-proxy-static-pages-test")
Expect(err).ToNot(HaveOccurred())
robotsTxtFile := filepath.Join(customDir, robotsTxtName)
Expect(ioutil.WriteFile(robotsTxtFile, []byte(customRobots), 0400)).To(Succeed())
Expect(os.WriteFile(robotsTxtFile, []byte(customRobots), 0400)).To(Succeed())
request = httptest.NewRequest("", "http://127.0.0.1/", nil)
request = middlewareapi.AddRequestScope(request, &middlewareapi.RequestScope{
@@ -58,7 +58,7 @@ var _ = Describe("Static Pages", func() {
recorder := httptest.NewRecorder()
pageWriter.WriteRobotsTxt(recorder, request)
body, err := ioutil.ReadAll(recorder.Result().Body)
body, err := io.ReadAll(recorder.Result().Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal(customRobots))
@@ -81,7 +81,7 @@ var _ = Describe("Static Pages", func() {
recorder := httptest.NewRecorder()
pageWriter.WriteRobotsTxt(recorder, request)
body, err := ioutil.ReadAll(recorder.Result().Body)
body, err := io.ReadAll(recorder.Result().Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal(string(defaultRobotsTxt)))
@@ -94,7 +94,7 @@ var _ = Describe("Static Pages", func() {
}
pageWriter.WriteRobotsTxt(recorder, request)
body, err := ioutil.ReadAll(recorder.Result().Body)
body, err := io.ReadAll(recorder.Result().Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal(string("Internal Server Error")))

11
pkg/app/pagewriter/templates_test.go
View File

@@ -3,7 +3,6 @@ package pagewriter
import (
"bytes"
"html/template"
"io/ioutil"
"os"
"path/filepath"
@@ -16,14 +15,14 @@ var _ = Describe("Templates", func() {
BeforeEach(func() {
var err error
customDir, err = ioutil.TempDir("", "oauth2-proxy-templates-test")
customDir, err = os.MkdirTemp("", "oauth2-proxy-templates-test")
Expect(err).ToNot(HaveOccurred())
templateHTML := `{{.TestString}} {{.TestString | ToLower}} {{.TestString | ToUpper}}`
signInFile := filepath.Join(customDir, signInTemplateName)
Expect(ioutil.WriteFile(signInFile, []byte(templateHTML), 0600)).To(Succeed())
Expect(os.WriteFile(signInFile, []byte(templateHTML), 0600)).To(Succeed())
errorFile := filepath.Join(customDir, errorTemplateName)
Expect(ioutil.WriteFile(errorFile, []byte(templateHTML), 0600)).To(Succeed())
Expect(os.WriteFile(errorFile, []byte(templateHTML), 0600)).To(Succeed())
})
AfterEach(func() {
@@ -162,7 +161,7 @@ var _ = Describe("Templates", func() {
Context("With an invalid sign_in template", func() {
BeforeEach(func() {
signInFile := filepath.Join(customDir, signInTemplateName)
Expect(ioutil.WriteFile(signInFile, []byte("{{"), 0600))
Expect(os.WriteFile(signInFile, []byte("{{"), 0600))
})
It("Should return an error when loading templates", func() {
@@ -175,7 +174,7 @@ var _ = Describe("Templates", func() {
Context("With an invalid error template", func() {
BeforeEach(func() {
errorFile := filepath.Join(customDir, errorTemplateName)
Expect(ioutil.WriteFile(errorFile, []byte("{{"), 0600))
Expect(os.WriteFile(errorFile, []byte("{{"), 0600))
})
It("Should return an error when loading templates", func() {

5
pkg/header/header_suite_test.go
View File

@@ -1,7 +1,6 @@
package header
import (
"io/ioutil"
"os"
"path"
"testing"
@@ -26,9 +25,9 @@ func TestHeaderSuite(t *testing.T) {
var _ = BeforeSuite(func() {
os.Setenv("SECRET_ENV", "super-secret-env")
dir, err := ioutil.TempDir("", "oauth2-proxy-header-suite")
dir, err := os.MkdirTemp("", "oauth2-proxy-header-suite")
Expect(err).ToNot(HaveOccurred())
Expect(ioutil.WriteFile(path.Join(dir, "secret-file"), []byte("super-secret-file"), 0644)).To(Succeed())
Expect(os.WriteFile(path.Join(dir, "secret-file"), []byte("super-secret-file"), 0644)).To(Succeed())
filesDir = dir
})

2
pkg/http/server.go
View File

@@ -186,7 +186,7 @@ func (s *server) Start(ctx context.Context) error {
// When the given context is cancelled the server will be shutdown.
// If any errors occur, only the first error will be returned.
func (s *server) startServer(ctx context.Context, listener net.Listener) error {
srv := &http.Server{Handler: s.handler}
srv := &http.Server{Handler: s.handler, ReadHeaderTimeout: time.Minute}
g, groupCtx := errgroup.WithContext(ctx)
g.Go(func() error {

18
pkg/http/server_test.go
View File

@@ -4,7 +4,7 @@ import (
"context"
"errors"
"fmt"
"io/ioutil"
"io"
"net/http"
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/options"
@@ -565,7 +565,7 @@ var _ = Describe("Server", func() {
Expect(err).ToNot(HaveOccurred())
Expect(resp.StatusCode).To(Equal(http.StatusOK))
body, err := ioutil.ReadAll(resp.Body)
body, err := io.ReadAll(resp.Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal(hello))
})
@@ -619,7 +619,7 @@ var _ = Describe("Server", func() {
Expect(err).ToNot(HaveOccurred())
Expect(resp.StatusCode).To(Equal(http.StatusOK))
body, err := ioutil.ReadAll(resp.Body)
body, err := io.ReadAll(resp.Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal(hello))
})
@@ -690,7 +690,7 @@ var _ = Describe("Server", func() {
Expect(err).ToNot(HaveOccurred())
Expect(resp.StatusCode).To(Equal(http.StatusOK))
body, err := ioutil.ReadAll(resp.Body)
body, err := io.ReadAll(resp.Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal(hello))
})
@@ -705,7 +705,7 @@ var _ = Describe("Server", func() {
Expect(err).ToNot(HaveOccurred())
Expect(resp.StatusCode).To(Equal(http.StatusOK))
body, err := ioutil.ReadAll(resp.Body)
body, err := io.ReadAll(resp.Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal(hello))
})
@@ -761,7 +761,7 @@ var _ = Describe("Server", func() {
Expect(err).ToNot(HaveOccurred())
Expect(resp.StatusCode).To(Equal(http.StatusOK))
body, err := ioutil.ReadAll(resp.Body)
body, err := io.ReadAll(resp.Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal(hello))
})
@@ -815,7 +815,7 @@ var _ = Describe("Server", func() {
Expect(err).ToNot(HaveOccurred())
Expect(resp.StatusCode).To(Equal(http.StatusOK))
body, err := ioutil.ReadAll(resp.Body)
body, err := io.ReadAll(resp.Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal(hello))
})
@@ -886,7 +886,7 @@ var _ = Describe("Server", func() {
Expect(err).ToNot(HaveOccurred())
Expect(resp.StatusCode).To(Equal(http.StatusOK))
body, err := ioutil.ReadAll(resp.Body)
body, err := io.ReadAll(resp.Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal(hello))
})
@@ -901,7 +901,7 @@ var _ = Describe("Server", func() {
Expect(err).ToNot(HaveOccurred())
Expect(resp.StatusCode).To(Equal(http.StatusOK))
body, err := ioutil.ReadAll(resp.Body)
body, err := io.ReadAll(resp.Body)
Expect(err).ToNot(HaveOccurred())
Expect(string(body)).To(Equal(hello))
})

2
pkg/providers/util/claim_extractor.go
View File

@@ -98,7 +98,7 @@ func (c *claimExtractor) loadProfileClaims() (*simplejson.Json, error) {
WithContext(c.ctx).
WithHeaders(c.requestHeaders).
Do().
UnmarshalJSON()
UnmarshalSimpleJSON()
if err != nil {
return nil, fmt.Errorf("error making request to profile URL: %v", err)
}

3
pkg/requests/builder.go
View File

@@ -4,7 +4,6 @@ import (
"context"
"fmt"
"io"
"io/ioutil"
"net/http"
)
@@ -107,7 +106,7 @@ func (r *builder) do() Result {
}
defer resp.Body.Close()
body, err := ioutil.ReadAll(resp.Body)
body, err := io.ReadAll(resp.Body)
if err != nil {
r.result = &result{err: fmt.Errorf("error reading response body: %v", err)}
return r.result

6
pkg/requests/builder_test.go
View File

@@ -285,7 +285,7 @@ func assertSuccessfulRequest(builder func() Builder, expectedRequest testHTTPReq
BeforeEach(func() {
var err error
response, err = builder().Do().UnmarshalJSON()
response, err = builder().Do().UnmarshalSimpleJSON()
Expect(err).ToNot(HaveOccurred())
})
@@ -340,7 +340,7 @@ func assertRequestError(builder func() Builder, errorMessage string) {
Context("UnmarshalJSON", func() {
It("returns an error", func() {
resp, err := builder().Do().UnmarshalJSON()
resp, err := builder().Do().UnmarshalSimpleJSON()
Expect(err).To(MatchError(ContainSubstring(errorMessage)))
Expect(resp).To(BeNil())
})
@@ -368,7 +368,7 @@ func assertJSONError(builder func() Builder, errorMessage string) {
Context("UnmarshalJSON", func() {
It("returns an error", func() {
resp, err := builder().Do().UnmarshalJSON()
resp, err := builder().Do().UnmarshalSimpleJSON()
Expect(err).To(MatchError(ContainSubstring(errorMessage)))
Expect(resp).To(BeNil())
})

4
pkg/requests/requests_suite_test.go
View File

@@ -3,7 +3,7 @@ package requests
import (
"encoding/json"
"fmt"
"io/ioutil"
"io"
"log"
"net/http"
"net/http/httptest"
@@ -82,7 +82,7 @@ func toTestHTTPRequest(req *http.Request) (testHTTPRequest, error) {
requestBody := []byte{}
if req.Body != http.NoBody {
var err error
requestBody, err = ioutil.ReadAll(req.Body)
requestBody, err = io.ReadAll(req.Body)
if err != nil {
return testHTTPRequest{}, err
}

6
pkg/requests/result.go
View File

@@ -15,7 +15,7 @@ type Result interface {
Headers() http.Header
Body() []byte
UnmarshalInto(interface{}) error
UnmarshalJSON() (*simplejson.Json, error)
UnmarshalSimpleJSON() (*simplejson.Json, error)
}
type result struct {
@@ -66,10 +66,10 @@ func (r *result) UnmarshalInto(into interface{}) error {
return nil
}
// UnmarshalJSON performs the request and attempts to unmarshal the response into a
// UnmarshalSimpleJSON performs the request and attempts to unmarshal the response into a
// simplejson.Json. The response body is assume to be JSON.
// The response must have a 200 status otherwise an error will be returned.
func (r *result) UnmarshalJSON() (*simplejson.Json, error) {
func (r *result) UnmarshalSimpleJSON() (*simplejson.Json, error) {
body, err := r.getBodyForUnmarshal()
if err != nil {
return nil, err

2
pkg/requests/result_test.go
View File

@@ -198,7 +198,7 @@ var _ = Describe("Result suite", func() {
DescribeTable("with a result",
func(in unmarshalJSONTableInput) {
j, err := in.result.UnmarshalJSON()
j, err := in.result.UnmarshalSimpleJSON()
if in.expectedErr != nil {
Expect(err).To(MatchError(in.expectedErr))
Expect(j).To(BeNil())

4
pkg/sessions/redis/redis_store.go
View File

@@ -5,7 +5,7 @@ import (
"crypto/tls"
"crypto/x509"
"fmt"
"io/ioutil"
"os"
"time"
"github.com/go-redis/redis/v8"
@@ -170,7 +170,7 @@ func setupTLSConfig(opts options.RedisStoreOptions, opt *redis.Options) error {
if rootCAs == nil {
rootCAs = x509.NewCertPool()
}
certs, err := ioutil.ReadFile(opts.CAPath)
certs, err := os.ReadFile(opts.CAPath)
if err != nil {
return fmt.Errorf("failed to load %q, %v", opts.CAPath, err)
}

12
pkg/upstream/upstream_suite_test.go
View File

@@ -3,7 +3,7 @@ package upstream
import (
"encoding/json"
"fmt"
"io/ioutil"
"io"
"log"
"net/http"
"net/http/httptest"
@@ -35,12 +35,12 @@ func TestUpstreamSuite(t *testing.T) {
var _ = BeforeSuite(func() {
// Set up files for serving via file servers
dir, err := ioutil.TempDir("", "oauth2-proxy-upstream-suite")
dir, err := os.MkdirTemp("", "oauth2-proxy-upstream-suite")
Expect(err).ToNot(HaveOccurred())
Expect(ioutil.WriteFile(path.Join(dir, "foo"), []byte("foo"), 0644)).To(Succeed())
Expect(ioutil.WriteFile(path.Join(dir, "bar"), []byte("bar"), 0644)).To(Succeed())
Expect(os.WriteFile(path.Join(dir, "foo"), []byte("foo"), 0644)).To(Succeed())
Expect(os.WriteFile(path.Join(dir, "bar"), []byte("bar"), 0644)).To(Succeed())
Expect(os.Mkdir(path.Join(dir, "subdir"), os.ModePerm)).To(Succeed())
Expect(ioutil.WriteFile(path.Join(dir, "subdir", "baz"), []byte("baz"), 0644)).To(Succeed())
Expect(os.WriteFile(path.Join(dir, "subdir", "baz"), []byte("baz"), 0644)).To(Succeed())
filesDir = dir
// Set up a webserver that reflects requests
@@ -148,7 +148,7 @@ func toTestHTTPRequest(req *http.Request) (testHTTPRequest, error) {
requestBody := []byte{}
if req.Body != http.NoBody {
var err error
requestBody, err = ioutil.ReadAll(req.Body)
requestBody, err = io.ReadAll(req.Body)
if err != nil {
return testHTTPRequest{}, err
}

4
pkg/util/util.go
View File

@@ -6,10 +6,10 @@ import (
"crypto/x509"
"crypto/x509/pkix"
"fmt"
"io/ioutil"
"math/big"
"net"
"net/url"
"os"
"strings"
"time"
)
@@ -21,7 +21,7 @@ func GetCertPool(paths []string) (*x509.CertPool, error) {
pool := x509.NewCertPool()
for _, path := range paths {
// Cert paths are a configurable option
data, err := ioutil.ReadFile(path) // #nosec G304
data, err := os.ReadFile(path) // #nosec G304
if err != nil {
return nil, fmt.Errorf("certificate authority file (%s) could not be read - %s", path, err)
}

5
pkg/util/util_test.go
View File

@@ -3,7 +3,6 @@ package util
import (
"crypto/x509"
"encoding/pem"
"io/ioutil"
"os"
"testing"
@@ -183,7 +182,7 @@ WrW4JMzLaGDtoHxRNNfo8E7fGkQ=
)
func makeTestCertFile(t *testing.T, pem, dir string) *os.File {
file, err := ioutil.TempFile(dir, "test-certfile")
file, err := os.CreateTemp(dir, "test-certfile")
assert.NoError(t, err)
_, err = file.Write([]byte(pem))
assert.NoError(t, err)
@@ -196,7 +195,7 @@ func TestGetCertPool_NoRoots(t *testing.T) {
}
func TestGetCertPool(t *testing.T) {
tempDir, err := ioutil.TempDir("", "certtest")
tempDir, err := os.MkdirTemp("", "certtest")
assert.NoError(t, err)
defer func(path string) {
rerr := os.RemoveAll(path)

3
pkg/validation/common_test.go
View File

@@ -1,7 +1,6 @@
package validation
import (
"io/ioutil"
"os"
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/options"
@@ -18,7 +17,7 @@ var _ = Describe("Common", func() {
BeforeEach(func() {
validSecretSourceValue = []byte("This is a secret source value")
Expect(os.Setenv(validSecretSourceEnv, "This is a secret source env")).To(Succeed())
tmp, err := ioutil.TempFile("", "oauth2-proxy-secret-source-test")
tmp, err := os.CreateTemp("", "oauth2-proxy-secret-source-test")
Expect(err).ToNot(HaveOccurred())
defer tmp.Close()

3
pkg/validation/options_test.go
View File

@@ -2,7 +2,6 @@ package validation
import (
"crypto"
"io/ioutil"
"net/url"
"os"
"strings"
@@ -205,7 +204,7 @@ func TestRealClientIPHeader(t *testing.T) {
}
func TestProviderCAFilesError(t *testing.T) {
file, err := ioutil.TempFile("", "absent.*.crt")
file, err := os.CreateTemp("", "absent.*.crt")
assert.NoError(t, err)
assert.NoError(t, file.Close())
assert.NoError(t, os.Remove(file.Name()))

3
pkg/validation/providers.go
View File

@@ -2,7 +2,6 @@ package validation
import (
"fmt"
"io/ioutil"
"os"
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/options"
@@ -53,7 +52,7 @@ func validateProvider(provider options.Provider, providerIDs map[string]struct{}
msgs = append(msgs, "missing setting: client-secret or client-secret-file")
}
if provider.ClientSecret == "" && provider.ClientSecretFile != "" {
_, err := ioutil.ReadFile(provider.ClientSecretFile)
_, err := os.ReadFile(provider.ClientSecretFile)
if err != nil {
msgs = append(msgs, "could not read client secret file: "+provider.ClientSecretFile)
}

4
pkg/watcher/watcher.go
View File

@@ -44,8 +44,8 @@ func WatchFileForUpdates(filename string, done <-chan bool, action func()) error
// Filter file operations based on the events sent by the watcher.
// Execute the action() function when the following conditions are met:
// - the real path of the file was changed (Kubernetes ConfigMap/Secret)
// - the file is modified or created
// - the real path of the file was changed (Kubernetes ConfigMap/Secret)
// - the file is modified or created
func filterEvent(watcher *fsnotify.Watcher, event fsnotify.Event, filename string, action func()) {
switch filepath.Clean(event.Name) == filename {
// In Kubernetes the file path is a symlink, so we should take action

2
providers/azure.go
View File

@@ -347,7 +347,7 @@ func (p *AzureProvider) getEmailFromProfileAPI(ctx context.Context, accessToken
WithContext(ctx).
WithHeaders(makeAzureHeader(accessToken)).
Do().
UnmarshalJSON()
UnmarshalSimpleJSON()
if err != nil {
return "", err
}

2
providers/digitalocean.go
View File

@@ -72,7 +72,7 @@ func (p *DigitalOceanProvider) GetEmailAddress(ctx context.Context, s *sessions.
WithContext(ctx).
WithHeaders(makeOIDCHeader(s.AccessToken)).
Do().
UnmarshalJSON()
UnmarshalSimpleJSON()
if err != nil {
return "", err
}

3
providers/google.go
View File

@@ -8,7 +8,6 @@ import (
"errors"
"fmt"
"io"
"io/ioutil"
"net/url"
"os"
"strings"
@@ -231,7 +230,7 @@ func (p *GoogleProvider) setGroupRestriction(groups []string, adminEmail string,
}
func getAdminService(adminEmail string, credentialsReader io.Reader) *admin.Service {
data, err := ioutil.ReadAll(credentialsReader)
data, err := io.ReadAll(credentialsReader)
if err != nil {
logger.Fatal("can't read Google credentials file:", err)
}

1
providers/google_test.go
View File

@@ -166,7 +166,6 @@ func TestGoogleProviderGroupValidator(t *testing.T) {
}
}
//
func TestGoogleProviderGetEmailAddressInvalidEncoding(t *testing.T) {
p := newGoogleProvider(t)
body, err := json.Marshal(redeemResponse{

2
providers/keycloak.go
View File

@@ -77,7 +77,7 @@ func (p *KeycloakProvider) EnrichSession(ctx context.Context, s *sessions.Sessio
WithContext(ctx).
SetHeader("Authorization", "Bearer "+s.AccessToken).
Do().
UnmarshalJSON()
UnmarshalSimpleJSON()
if err != nil {
logger.Errorf("failed making request %v", err)
return err

29
providers/keycloak_oidc.go
View File

@@ -124,20 +124,21 @@ func (p *KeycloakOIDCProvider) getAccessClaims(ctx context.Context, s *sessions.
// the format `client:role`.
//
// ResourceAccess format:
// "resource_access": {
// "clientA": {
// "roles": [
// "roleA"
// ]
// },
// "clientB": {
// "roles": [
// "roleA",
// "roleB",
// "roleC"
// ]
// }
// }
//
// "resource_access": {
// "clientA": {
// "roles": [
// "roleA"
// ]
// },
// "clientB": {
// "roles": [
// "roleA",
// "roleB",
// "roleC"
// ]
// }
// }
func getClientRoles(claims *accessClaims) []string {
var clientRoles []string
for clientName, access := range claims.ResourceAccess {

2
providers/linkedin.go
View File

@@ -90,7 +90,7 @@ func (p *LinkedInProvider) GetEmailAddress(ctx context.Context, s *sessions.Sess
WithContext(ctx).
WithHeaders(makeLinkedInHeader(s.AccessToken)).
Do().
UnmarshalJSON()
UnmarshalSimpleJSON()
if err != nil {
return "", err
}

4
providers/logingov.go
View File

@@ -7,9 +7,9 @@ import (
"crypto/rsa"
"errors"
"fmt"
"io/ioutil"
"math/big"
"net/url"
"os"
"time"
"github.com/golang-jwt/jwt"
@@ -123,7 +123,7 @@ func (p *LoginGovProvider) configure(opts options.LoginGovOptions) error {
p.JWTKey = signKey
case opts.JWTKeyFile != "":
// The JWT key is in the filesystem
keyData, err := ioutil.ReadFile(opts.JWTKeyFile)
keyData, err := os.ReadFile(opts.JWTKeyFile)
if err != nil {
return fmt.Errorf("could not read key file: %v", opts.JWTKeyFile)
}

2
providers/nextcloud.go
View File

@@ -44,7 +44,7 @@ func (p *NextcloudProvider) EnrichSession(ctx context.Context, s *sessions.Sessi
WithContext(ctx).
SetHeader("Authorization", "Bearer "+s.AccessToken).
Do().
UnmarshalJSON()
UnmarshalSimpleJSON()
if err != nil {
logger.Errorf("failed making request %v", err)
return err

4
providers/provider_data.go
View File

@@ -4,9 +4,9 @@ import (
"context"
"errors"
"fmt"
"io/ioutil"
"net/http"
"net/url"
"os"
"regexp"
"strings"
@@ -67,7 +67,7 @@ func (p *ProviderData) GetClientSecret() (clientSecret string, err error) {
}
// Getting ClientSecret can fail in runtime so we need to report it without returning the file name to the user
fileClientSecret, err := ioutil.ReadFile(p.ClientSecretFile)
fileClientSecret, err := os.ReadFile(p.ClientSecretFile)
if err != nil {
logger.Errorf("error reading client secret file %s: %s", p.ClientSecretFile, err)
return "", errors.New("could not read client secret file")

3
providers/providers_test.go
View File

@@ -1,7 +1,6 @@
package providers
import (
"io/ioutil"
"os"
"testing"
@@ -43,7 +42,7 @@ func TestClientSecretFileOptionFails(t *testing.T) {
func TestClientSecretFileOption(t *testing.T) {
g := NewWithT(t)
f, err := ioutil.TempFile("", "client_secret_temp_file_")
f, err := os.CreateTemp("", "client_secret_temp_file_")
g.Expect(err).ToNot(HaveOccurred())
clientSecretFileName := f.Name()

3
validator_test.go
View File

@@ -1,7 +1,6 @@
package main
import (
"io/ioutil"
"os"
"strings"
"testing"
@@ -18,7 +17,7 @@ type ValidatorTest struct {
func NewValidatorTest(t *testing.T) *ValidatorTest {
vt := &ValidatorTest{}
var err error
f, err := ioutil.TempFile("", "test_auth_emails_")
f, err := os.CreateTemp("", "test_auth_emails_")
if err != nil {
t.Fatalf("failed to create temp file: %v", err)
}