diff --git a/cmd/dexctl/main.go b/cmd/dexctl/main.go index a1c24d8f..9eb3abcc 100644 --- a/cmd/dexctl/main.go +++ b/cmd/dexctl/main.go @@ -103,14 +103,14 @@ func getDriver() (drv driver) { case len(global.endpoint) > 0: if len(global.creds.ID) == 0 || len(global.creds.Secret) == 0 { err = errors.New("--client-id/--client-secret flags unset") - } else { - pcfg, err := oidc.FetchProviderConfig(http.DefaultClient, global.endpoint) - if err != nil { - stderr("Unable to fetch provider config: %v", err) - os.Exit(1) - } - drv, err = newAPIDriver(pcfg, global.creds) + break } + pcfg, err := oidc.FetchProviderConfig(http.DefaultClient, global.endpoint) + if err != nil { + stderr("Unable to fetch provider config: %v", err) + os.Exit(1) + } + drv, err = newAPIDriver(pcfg, global.creds) default: err = errors.New("--endpoint/--db-url flags unset") } diff --git a/db/gc.go b/db/gc.go index 4bbdd6b6..58970a8c 100644 --- a/db/gc.go +++ b/db/gc.go @@ -66,11 +66,11 @@ func (gc *GarbageCollector) Run() chan struct{} { next = ptime.ExpBackoff(next, time.Minute) } log.Errorf("Failed garbage collection, retrying in %v", next) - } else { - failing = false - next = gc.interval - log.Infof("Garbage collection complete, running again in %v", next) + break } + failing = false + next = gc.interval + log.Infof("Garbage collection complete, running again in %v", next) case <-stop: return } diff --git a/db/password.go b/db/password.go index eb96f59c..3e6a088d 100644 --- a/db/password.go +++ b/db/password.go @@ -49,13 +49,12 @@ func (r *passwordInfoRepo) Create(tx repo.Transaction, pw user.PasswordInfo) (er } _, err = r.get(tx, pw.UserID) - if err != nil { - if err != user.ErrorNotFound { - return err - } - } else { + if err == nil { return user.ErrorDuplicateID } + if err != user.ErrorNotFound { + return err + } err = r.insert(tx, pw) if err != nil { diff --git a/db/user.go b/db/user.go index d119e773..1857b5c3 100644 --- a/db/user.go +++ b/db/user.go @@ -76,13 +76,12 @@ func (r *userRepo) Create(tx repo.Transaction, usr user.User) (err error) { } _, err = r.get(tx, usr.ID) - if err != nil { - if err != user.ErrorNotFound { - return err - } - } else { + if err == nil { return user.ErrorDuplicateID } + if err != user.ErrorNotFound { + return err + } if !user.ValidEmail(usr.Email) { return user.ErrorInvalidEmail @@ -90,13 +89,12 @@ func (r *userRepo) Create(tx repo.Transaction, usr user.User) (err error) { // make sure there's no other user with the same Email _, err = r.getByEmail(tx, usr.Email) - if err != nil { - if err != user.ErrorNotFound { - return err - } - } else { + if err == nil { return user.ErrorDuplicateEmail } + if err != user.ErrorNotFound { + return err + } err = r.insert(tx, usr) if err != nil { diff --git a/pkg/crypto/rand.go b/pkg/crypto/rand.go index 2c5260db..ba215847 100644 --- a/pkg/crypto/rand.go +++ b/pkg/crypto/rand.go @@ -10,7 +10,8 @@ func RandBytes(n int) ([]byte, error) { got, err := rand.Read(b) if err != nil { return nil, err - } else if n != got { + } + if n != got { return nil, errors.New("unable to generate enough random data") } return b, nil diff --git a/pkg/http/client.go b/pkg/http/client.go index 942e2bb1..55013b95 100644 --- a/pkg/http/client.go +++ b/pkg/http/client.go @@ -39,7 +39,8 @@ func (rr *RequestRecorder) Do(req *http.Request) (*http.Response, error) { if rr.Response == nil && rr.Error == nil { panic("RequestRecorder Response and Error cannot both be nil") - } else if rr.Response != nil && rr.Error != nil { + } + if rr.Response != nil && rr.Error != nil { panic("RequestRecorder Response and Error cannot both be non-nil") } diff --git a/refresh/repo.go b/refresh/repo.go index d2fd5a05..ef72e225 100644 --- a/refresh/repo.go +++ b/refresh/repo.go @@ -33,7 +33,8 @@ func DefaultRefreshTokenGenerator() ([]byte, error) { n, err := rand.Read(b) if err != nil { return nil, err - } else if n != DefaultRefreshTokenPayloadLength { + } + if n != DefaultRefreshTokenPayloadLength { return nil, errors.New("unable to read enough random bytes") } return b, nil diff --git a/server/auth_middleware.go b/server/auth_middleware.go index 340a9a6c..225b8b72 100644 --- a/server/auth_middleware.go +++ b/server/auth_middleware.go @@ -56,7 +56,8 @@ func (c *clientTokenMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request writeAPIError(w, http.StatusUnauthorized, newAPIError(errorAccessDenied, "")) respondError() return - } else if len(keys) == 0 { + } + if len(keys) == 0 { log.Error("No keys available for verification in client token middleware") writeAPIError(w, http.StatusUnauthorized, newAPIError(errorAccessDenied, "")) respondError() @@ -68,7 +69,8 @@ func (c *clientTokenMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request log.Errorf("Failed to verify signature: %v", err) respondError() return - } else if !ok { + } + if !ok { log.Info("Invalid token") respondError() return @@ -112,7 +114,8 @@ func getClientIDFromAuthorizedRequest(r *http.Request) (string, error) { sub, ok, err := claims.StringClaim("sub") if err != nil { return "", fmt.Errorf("failed to parse 'sub' claim: %v", err) - } else if !ok || sub == "" { + } + if !ok || sub == "" { return "", errors.New("missing required 'sub' claim") } diff --git a/server/http.go b/server/http.go index 29cac285..170817d6 100644 --- a/server/http.go +++ b/server/http.go @@ -185,7 +185,8 @@ func renderLoginPage(w http.ResponseWriter, r *http.Request, srv OIDCServer, idp td.Message = "Server Error" execTemplate(w, tpl, td) return - } else if cm == nil { + } + if cm == nil { td.Error = true td.Message = "Authentication Error" td.Detail = "Invalid client ID" diff --git a/server/register.go b/server/register.go index 42b415a8..044daf3c 100644 --- a/server/register.go +++ b/server/register.go @@ -183,14 +183,13 @@ func handleRegisterFunc(s *Server) http.HandlerFunc { data.FormErrors = formErrors execTemplate(w, tpl, data) return - } else { - if err == user.ErrorDuplicateRemoteIdentity { - errPage(w, "You already registered an account with this identity", "", http.StatusConflict) - return - } - internalError(w, err) + } + if err == user.ErrorDuplicateRemoteIdentity { + errPage(w, "You already registered an account with this identity", "", http.StatusConflict) return } + internalError(w, err) + return } ses, err = s.SessionManager.AttachUser(sessionID, userID) if err != nil { diff --git a/server/server.go b/server/server.go index 67bbb517..fc56ca12 100644 --- a/server/server.go +++ b/server/server.go @@ -351,7 +351,8 @@ func (s *Server) ClientCredsToken(creds oidc.ClientCredentials) (*jose.JWT, erro if err != nil { log.Errorf("Failed fetching client %s from repo: %v", creds.ID, err) return nil, oauth2.NewError(oauth2.ErrorServerError) - } else if !ok { + } + if !ok { return nil, oauth2.NewError(oauth2.ErrorInvalidClient) } @@ -382,7 +383,8 @@ func (s *Server) CodeToken(creds oidc.ClientCredentials, sessionKey string) (*jo if err != nil { log.Errorf("Failed fetching client %s from repo: %v", creds.ID, err) return nil, "", oauth2.NewError(oauth2.ErrorServerError) - } else if !ok { + } + if !ok { log.Errorf("Failed to Authenticate client %s", creds.ID) return nil, "", oauth2.NewError(oauth2.ErrorInvalidClient) } @@ -450,7 +452,8 @@ func (s *Server) RefreshToken(creds oidc.ClientCredentials, token string) (*jose if err != nil { log.Errorf("Failed fetching client %s from repo: %v", creds.ID, err) return nil, oauth2.NewError(oauth2.ErrorServerError) - } else if !ok { + } + if !ok { log.Errorf("Failed to Authenticate client %s", creds.ID) return nil, oauth2.NewError(oauth2.ErrorInvalidClient) } diff --git a/session/manager.go b/session/manager.go index e3676f6b..27935ea8 100644 --- a/session/manager.go +++ b/session/manager.go @@ -20,7 +20,8 @@ func DefaultGenerateCode() (string, error) { n, err := rand.Read(b) if err != nil { return "", err - } else if n != 8 { + } + if n != 8 { return "", errors.New("unable to read enough random bytes") } return base64.URLEncoding.EncodeToString(b), nil diff --git a/user/api/api.go b/user/api/api.go index 11cef802..cfc94ae3 100644 --- a/user/api/api.go +++ b/user/api/api.go @@ -233,7 +233,8 @@ func generateTempHash() (string, error) { n, err := rand.Read(b) if err != nil { return "", err - } else if n != 32 { + } + if n != 32 { return "", errors.New("unable to read enough random bytes") } return base64.URLEncoding.EncodeToString(b), nil diff --git a/user/password.go b/user/password.go index d2f966e9..b2afa5f9 100644 --- a/user/password.go +++ b/user/password.go @@ -169,12 +169,13 @@ func (u *PasswordInfo) UnmarshalJSON(data []byte) error { return ErrorInvalidPassword } u.Password = Password(dec.PasswordHash) - } else if dec.PasswordPlaintext != "" { + return nil + } + if dec.PasswordPlaintext != "" { u.Password, err = NewPasswordFromPlaintext(dec.PasswordPlaintext) if err != nil { return err } - } return nil }