diff --git a/api/api.pb.go b/api/api.pb.go index 5bac4e95..f940063c 100644 --- a/api/api.pb.go +++ b/api/api.pb.go @@ -281,7 +281,7 @@ func (m *DeleteClientResp) GetNotFound() bool { return false } -// UpdateClientReq is a request to update an exisitng client. +// UpdateClientReq is a request to update an existing client. type UpdateClientReq struct { Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` RedirectUris []string `protobuf:"bytes,2,rep,name=redirect_uris,json=redirectUris,proto3" json:"redirect_uris,omitempty"` @@ -353,7 +353,7 @@ func (m *UpdateClientReq) GetLogoUrl() string { return "" } -// UpdateClientResp returns the reponse form updating a client. +// UpdateClientResp returns the response from updating a client. type UpdateClientResp struct { NotFound bool `protobuf:"varint,1,opt,name=not_found,json=notFound,proto3" json:"not_found,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` diff --git a/api/api.proto b/api/api.proto index 5d9ce1a1..3effea29 100644 --- a/api/api.proto +++ b/api/api.proto @@ -36,7 +36,7 @@ message DeleteClientResp { bool not_found = 1; } -// UpdateClientReq is a request to update an exisitng client. +// UpdateClientReq is a request to update an existing client. message UpdateClientReq { string id = 1; repeated string redirect_uris = 2; @@ -45,7 +45,7 @@ message UpdateClientReq { string logo_url = 5; } -// UpdateClientResp returns the reponse form updating a client. +// UpdateClientResp returns the response from updating a client. message UpdateClientResp { bool not_found = 1; } diff --git a/api/v2/api.pb.go b/api/v2/api.pb.go index 203407f9..5f54ceff 100644 --- a/api/v2/api.pb.go +++ b/api/v2/api.pb.go @@ -281,7 +281,7 @@ func (m *DeleteClientResp) GetNotFound() bool { return false } -// UpdateClientReq is a request to update an exisitng client. +// UpdateClientReq is a request to update an existing client. type UpdateClientReq struct { Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` RedirectUris []string `protobuf:"bytes,2,rep,name=redirect_uris,json=redirectUris,proto3" json:"redirect_uris,omitempty"` @@ -353,7 +353,7 @@ func (m *UpdateClientReq) GetLogoUrl() string { return "" } -// UpdateClientResp returns the reponse form updating a client. +// UpdateClientResp returns the response from updating a client. type UpdateClientResp struct { NotFound bool `protobuf:"varint,1,opt,name=not_found,json=notFound,proto3" json:"not_found,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` diff --git a/api/v2/api.proto b/api/v2/api.proto index 5d9ce1a1..3effea29 100644 --- a/api/v2/api.proto +++ b/api/v2/api.proto @@ -36,7 +36,7 @@ message DeleteClientResp { bool not_found = 1; } -// UpdateClientReq is a request to update an exisitng client. +// UpdateClientReq is a request to update an existing client. message UpdateClientReq { string id = 1; repeated string redirect_uris = 2; @@ -45,7 +45,7 @@ message UpdateClientReq { string logo_url = 5; } -// UpdateClientResp returns the reponse form updating a client. +// UpdateClientResp returns the response from updating a client. message UpdateClientResp { bool not_found = 1; } diff --git a/connector/ldap/ldap.go b/connector/ldap/ldap.go index 9b061dc9..37937f85 100644 --- a/connector/ldap/ldap.go +++ b/connector/ldap/ldap.go @@ -29,7 +29,7 @@ import ( // # The following field is required if using port 389. // # insecureNoSSL: true // rootCA: /etc/dex/ldap.ca -// bindDN: uid=seviceaccount,cn=users,dc=example,dc=com +// bindDN: uid=serviceaccount,cn=users,dc=example,dc=com // bindPW: password // userSearch: // # Would translate to the query "(&(objectClass=person)(uid=))" diff --git a/connector/microsoft/microsoft.go b/connector/microsoft/microsoft.go index ff27182d..33034cc5 100644 --- a/connector/microsoft/microsoft.go +++ b/connector/microsoft/microsoft.go @@ -204,7 +204,7 @@ func (c *microsoftConnector) HandleCallback(s connector.Scopes, r *http.Request) type tokenNotifyFunc func(*oauth2.Token) error -// notifyRefreshTokenSource is essentially `oauth2.ResuseTokenSource` with `TokenNotifyFunc` added. +// notifyRefreshTokenSource is essentially `oauth2.ReuseTokenSource` with `TokenNotifyFunc` added. type notifyRefreshTokenSource struct { new oauth2.TokenSource mu sync.Mutex // guards t diff --git a/connector/oidc/oidc.go b/connector/oidc/oidc.go index b8e543d4..8da454f9 100644 --- a/connector/oidc/oidc.go +++ b/connector/oidc/oidc.go @@ -38,7 +38,7 @@ type Config struct { // If this field is nonempty, only users from a listed domain will be allowed to log in HostedDomains []string `json:"hostedDomains"` - // Override the value of email_verifed to true in the returned claims + // Override the value of email_verified to true in the returned claims InsecureSkipEmailVerified bool `json:"insecureSkipEmailVerified"` // InsecureEnableGroups enables groups claims. This is disabled by default until https://github.com/dexidp/dex/issues/1065 is resolved diff --git a/connector/saml/saml.go b/connector/saml/saml.go index 08ff6cbc..877bf4ac 100644 --- a/connector/saml/saml.go +++ b/connector/saml/saml.go @@ -452,7 +452,7 @@ func (p *provider) HandlePOST(s connector.Scopes, samlResponse, inResponseTo str } // validateStatus verifies that the response has a good status code or -// formats a human readble error based on the bad status. +// formats a human readable error based on the bad status. func (p *provider) validateStatus(status *status) error { // StatusCode is mandatory in the Status type statusCode := status.StatusCode @@ -480,7 +480,7 @@ func (p *provider) validateStatus(status *status) error { // see https://www.oasis-open.org/committees/download.php/35389/sstc-saml-profiles-errata-2.0-wd-06-diff.pdf // // Some of these fields are optional, but we're going to be strict here since -// we have no other way of guarenteeing that this is actually the response to +// we have no other way of guaranteeing that this is actually the response to // the request we expect. func (p *provider) validateSubject(subject *subject, inResponseTo string) error { // Optional according to the spec, but again, we're going to be strict here. diff --git a/connector/saml/saml_test.go b/connector/saml/saml_test.go index aa07aae7..67d7efb1 100644 --- a/connector/saml/saml_test.go +++ b/connector/saml/saml_test.go @@ -562,7 +562,7 @@ func runVerify(t *testing.T, ca string, resp string, shouldSucceed bool) { } } else { if !shouldSucceed { - t.Fatalf("expected an invalid signatrue but verification has been successful") + t.Fatalf("expected an invalid signature but verification has been successful") } } } diff --git a/server/api_test.go b/server/api_test.go index 573e52b3..e7725063 100644 --- a/server/api_test.go +++ b/server/api_test.go @@ -23,7 +23,7 @@ import ( type apiClient struct { // Embedded gRPC client to talk to the server. api.DexClient - // Close releases resources associated with this client, includuing shutting + // Close releases resources associated with this client, including shutting // down the background server. Close func() } @@ -226,7 +226,7 @@ func TestCheckCost(t *testing.T) { } } -// Attempts to list and revoke an exisiting refresh token. +// Attempts to list and revoke an existing refresh token. func TestRefreshToken(t *testing.T) { logger := &logrus.Logger{ Out: os.Stderr, diff --git a/server/handlers.go b/server/handlers.go index 5a7244fa..b9da32d1 100644 --- a/server/handlers.go +++ b/server/handlers.go @@ -855,7 +855,7 @@ func (s *Server) handleAuthCode(w http.ResponseWriter, r *http.Request, client s s.writeAccessToken(w, tokenResponse) } -func (s *Server) exchangeAuthCode(w http.ResponseWriter, authCode storage.AuthCode, client storage.Client) (*accessTokenReponse, error) { +func (s *Server) exchangeAuthCode(w http.ResponseWriter, authCode storage.AuthCode, client storage.Client) (*accessTokenResponse, error) { accessToken, err := s.newAccessToken(client.ID, authCode.Claims, authCode.Scopes, authCode.Nonce, authCode.ConnectorID) if err != nil { s.logger.Errorf("failed to create new access token: %v", err) @@ -1449,7 +1449,7 @@ func (s *Server) handlePasswordGrant(w http.ResponseWriter, r *http.Request, cli s.writeAccessToken(w, resp) } -type accessTokenReponse struct { +type accessTokenResponse struct { AccessToken string `json:"access_token"` TokenType string `json:"token_type"` ExpiresIn int `json:"expires_in"` @@ -1457,8 +1457,8 @@ type accessTokenReponse struct { IDToken string `json:"id_token"` } -func (s *Server) toAccessTokenResponse(idToken, accessToken, refreshToken string, expiry time.Time) *accessTokenReponse { - return &accessTokenReponse{ +func (s *Server) toAccessTokenResponse(idToken, accessToken, refreshToken string, expiry time.Time) *accessTokenResponse { + return &accessTokenResponse{ accessToken, "bearer", int(expiry.Sub(s.now()).Seconds()), @@ -1467,7 +1467,7 @@ func (s *Server) toAccessTokenResponse(idToken, accessToken, refreshToken string } } -func (s *Server) writeAccessToken(w http.ResponseWriter, resp *accessTokenReponse) { +func (s *Server) writeAccessToken(w http.ResponseWriter, resp *accessTokenResponse) { data, err := json.Marshal(resp) if err != nil { s.logger.Errorf("failed to marshal access token response: %v", err) diff --git a/server/handlers_test.go b/server/handlers_test.go index 12dce3a8..df83e866 100644 --- a/server/handlers_test.go +++ b/server/handlers_test.go @@ -129,7 +129,7 @@ func TestConnectorLoginDoesNotAllowToChangeConnectorForAuthRequest(t *testing.T) templates, err := loadTemplates(webConfig{}, "../web/templates") if err != nil { - t.Fatal("failed to load tempalates") + t.Fatal("failed to load templates") } s := &Server{ diff --git a/server/oauth2.go b/server/oauth2.go index 18146d61..145403c4 100644 --- a/server/oauth2.go +++ b/server/oauth2.go @@ -194,7 +194,7 @@ func signPayload(key *jose.JSONWebKey, alg jose.SignatureAlgorithm, payload []by signer, err := jose.NewSigner(signingKey, &jose.SignerOptions{}) if err != nil { - return "", fmt.Errorf("new signier: %v", err) + return "", fmt.Errorf("new signer: %v", err) } signature, err := signer.Sign(payload) if err != nil { diff --git a/server/rotation.go b/server/rotation.go index 464dccf0..b7dd8116 100644 --- a/server/rotation.go +++ b/server/rotation.go @@ -25,7 +25,7 @@ type rotationStrategy struct { rotationFrequency time.Duration // After being rotated how long should the key be kept around for validating - // signatues? + // signatures? idTokenValidFor time.Duration // Keys are always RSA keys. Though cryptopasta recommends ECDSA keys, not every @@ -55,7 +55,7 @@ func defaultRotationStrategy(rotationFrequency, idTokenValidFor time.Duration) r } } -type keyRotater struct { +type keyRotator struct { storage.Storage strategy rotationStrategy @@ -69,10 +69,10 @@ type keyRotater struct { // The method blocks until after the first attempt to rotate keys has completed. That way // healthy storages will return from this call with valid keys. func (s *Server) startKeyRotation(ctx context.Context, strategy rotationStrategy, now func() time.Time) { - rotater := keyRotater{s.storage, strategy, now, s.logger} + rotator := keyRotator{s.storage, strategy, now, s.logger} // Try to rotate immediately so properly configured storages will have keys. - if err := rotater.rotate(); err != nil { + if err := rotator.rotate(); err != nil { if err == errAlreadyRotated { s.logger.Infof("Key rotation not needed: %v", err) } else { @@ -86,7 +86,7 @@ func (s *Server) startKeyRotation(ctx context.Context, strategy rotationStrategy case <-ctx.Done(): return case <-time.After(time.Second * 30): - if err := rotater.rotate(); err != nil { + if err := rotator.rotate(); err != nil { s.logger.Errorf("failed to rotate keys: %v", err) } } @@ -94,7 +94,7 @@ func (s *Server) startKeyRotation(ctx context.Context, strategy rotationStrategy }() } -func (k keyRotater) rotate() error { +func (k keyRotator) rotate() error { keys, err := k.GetKeys() if err != nil && err != storage.ErrNotFound { return fmt.Errorf("get keys: %v", err) diff --git a/server/rotation_test.go b/server/rotation_test.go index 66c269ce..6f9b2ecb 100644 --- a/server/rotation_test.go +++ b/server/rotation_test.go @@ -57,7 +57,7 @@ func slicesEq(s1, s2 []string) bool { return true } -func TestKeyRotater(t *testing.T) { +func TestKeyRotator(t *testing.T) { now := time.Now() delta := time.Millisecond @@ -73,7 +73,7 @@ func TestKeyRotater(t *testing.T) { Level: logrus.DebugLevel, } - r := &keyRotater{ + r := &keyRotator{ Storage: memory.New(l), strategy: defaultRotationStrategy(rotationFrequency, validFor), now: func() time.Time { return now }, diff --git a/server/server_test.go b/server/server_test.go index a909d98b..fdf23d8f 100644 --- a/server/server_test.go +++ b/server/server_test.go @@ -435,7 +435,7 @@ func makeOAuth2Tests(clientID string, clientSecret string, now func() time.Time) v.Add("client_secret", clientSecret) v.Add("grant_type", "refresh_token") v.Add("refresh_token", token.RefreshToken) - // Request a scope that wasn't requestd initially. + // Request a scope that wasn't requested initially. v.Add("scope", "oidc email profile") resp, err := http.PostForm(p.Endpoint().TokenURL, v) if err != nil { @@ -721,7 +721,7 @@ func TestOAuth2CodeFlow(t *testing.T) { defer oauth2Client.Close() - // Regester the client above with dex. + // Register the client above with dex. redirectURL := oauth2Client.URL + "/callback" client := storage.Client{ ID: clientID, @@ -1560,7 +1560,7 @@ func TestOAuth2DeviceFlow(t *testing.T) { } // Parse the response - var tokenRes accessTokenReponse + var tokenRes accessTokenResponse if err := json.Unmarshal(responseBody, &tokenRes); err != nil { t.Errorf("Unexpected Device Access Token Response Format %v", string(responseBody)) } diff --git a/storage/conformance/conformance.go b/storage/conformance/conformance.go index 92611cc1..baf3948d 100644 --- a/storage/conformance/conformance.go +++ b/storage/conformance/conformance.go @@ -406,7 +406,7 @@ func testRefreshTokenCRUD(t *testing.T, s storage.Storage) { return r, nil } if err := s.UpdateRefreshToken(id, updater); err != nil { - t.Errorf("failed to udpate refresh token: %v", err) + t.Errorf("failed to update refresh token: %v", err) } refresh.Token = "spam" refresh.LastUsed = updatedAt @@ -616,7 +616,7 @@ func testConnectorCRUD(t *testing.T, s storage.Storage) { mustBeErrAlreadyExists(t, "connector", err) id2 := storage.NewID() - config2 := []byte(`{"redirectURIi": "http://127.0.0.1:5556/dex/callback"}`) + config2 := []byte(`{"redirectURI": "http://127.0.0.1:5556/dex/callback"}`) c2 := storage.Connector{ ID: id2, Type: "Mock", diff --git a/storage/conformance/gen_jwks.go b/storage/conformance/gen_jwks.go index 3fbfa9a7..8fb12789 100644 --- a/storage/conformance/gen_jwks.go +++ b/storage/conformance/gen_jwks.go @@ -32,7 +32,7 @@ func newUUID() string { } var tmpl = template.Must(template.New("jwks.go").Parse(` -// This file was generaged by gen_jwks.go +// This file was generated by gen_jwks.go package conformance diff --git a/storage/kubernetes/k8sapi/client.go b/storage/kubernetes/k8sapi/client.go index 97829bdd..261f7007 100644 --- a/storage/kubernetes/k8sapi/client.go +++ b/storage/kubernetes/k8sapi/client.go @@ -32,11 +32,11 @@ type Config struct { APIVersion string `json:"apiVersion,omitempty"` // Preferences holds general information to be use for cli interactions Preferences Preferences `json:"preferences"` - // Clusters is a map of referencable names to cluster configs + // Clusters is a map of referenceable names to cluster configs Clusters []NamedCluster `json:"clusters"` - // AuthInfos is a map of referencable names to user configs + // AuthInfos is a map of referenceable names to user configs AuthInfos []NamedAuthInfo `json:"users"` - // Contexts is a map of referencable names to context configs + // Contexts is a map of referenceable names to context configs Contexts []NamedContext `json:"contexts"` // CurrentContext is the name of the context that you would like to use by default CurrentContext string `json:"current-context"` @@ -85,7 +85,7 @@ type AuthInfo struct { ClientKeyData string `json:"client-key-data,omitempty"` // Token is the bearer token for authentication to the kubernetes cluster. Token string `json:"token,omitempty"` - // Impersonate is the username to imperonate. The name matches the flag. + // Impersonate is the username to impersonate. The name matches the flag. Impersonate string `json:"as,omitempty"` // Username is the username for basic authentication to the kubernetes cluster. Username string `json:"username,omitempty"` diff --git a/storage/kubernetes/storage.go b/storage/kubernetes/storage.go index 04c59171..b670244a 100644 --- a/storage/kubernetes/storage.go +++ b/storage/kubernetes/storage.go @@ -405,7 +405,7 @@ func (cli *client) DeleteAuthCode(code string) error { } func (cli *client) DeleteClient(id string) error { - // Check for hash collition. + // Check for hash collision. c, err := cli.getClient(id) if err != nil { return err diff --git a/storage/kubernetes/types.go b/storage/kubernetes/types.go index 41b14f37..07e25084 100644 --- a/storage/kubernetes/types.go +++ b/storage/kubernetes/types.go @@ -362,7 +362,7 @@ func (cli *client) fromStorageAuthRequest(a storage.AuthRequest) AuthRequest { return req } -// Password is a mirrored struct from the stroage with JSON struct tags and +// Password is a mirrored struct from the storage with JSON struct tags and // Kubernetes type metadata. type Password struct { k8sapi.TypeMeta `json:",inline"` diff --git a/storage/sql/config_test.go b/storage/sql/config_test.go index 5fc45848..1178728c 100644 --- a/storage/sql/config_test.go +++ b/storage/sql/config_test.go @@ -59,7 +59,7 @@ type opener interface { } func testDB(t *testing.T, o opener, withTransactions bool) { - // t.Fatal has a bad habbit of not actually printing the error + // t.Fatal has a bad habit of not actually printing the error fatal := func(i interface{}) { fmt.Fprintln(os.Stdout, i) t.Fatal(i) diff --git a/storage/sql/sql.go b/storage/sql/sql.go index 4f1ed6c9..0a292169 100644 --- a/storage/sql/sql.go +++ b/storage/sql/sql.go @@ -90,7 +90,7 @@ var ( // Translate types. {matchLiteral("bytea"), "blob"}, {matchLiteral("timestamptz"), "datetime(3)"}, - // MySQL doesn't support indicies on text fields w/o + // MySQL doesn't support indices on text fields w/o // specifying key length. Use varchar instead (767 byte // is the max key length for InnoDB with 4k pages). // For compound indexes (with two keys) even less.