From a5ad5eaf08effc3ea0d9cd970dce5ef95f6f5630 Mon Sep 17 00:00:00 2001
From: "m.nabokikh" <maksim.nabokikh@flant.com>
Date: Mon, 26 Oct 2020 23:20:33 +0400
Subject: [PATCH] fix: Minor style fixes after merging PKCE implementation

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
---
 connector/ldap/ldap.go | 1 +
 server/handlers.go     | 7 ++++---
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/connector/ldap/ldap.go b/connector/ldap/ldap.go
index 7d6ae8dd..9b061dc9 100644
--- a/connector/ldap/ldap.go
+++ b/connector/ldap/ldap.go
@@ -62,6 +62,7 @@ type UserMatcher struct {
 	GroupAttr string `json:"groupAttr"`
 }
 
+// Config holds configuration options for LDAP logins.
 type Config struct {
 	// The host and optional port of the LDAP server. If port isn't supplied, it will be
 	// guessed based on the TLS configuration. 389 or 636.
diff --git a/server/handlers.go b/server/handlers.go
index 342849ee..5a7244fa 100644
--- a/server/handlers.go
+++ b/server/handlers.go
@@ -820,7 +820,8 @@ func (s *Server) handleAuthCode(w http.ResponseWriter, r *http.Request, client s
 	codeChallengeFromStorage := authCode.PKCE.CodeChallenge
 	providedCodeVerifier := r.PostFormValue("code_verifier")
 
-	if providedCodeVerifier != "" && codeChallengeFromStorage != "" {
+	switch {
+	case providedCodeVerifier != "" && codeChallengeFromStorage != "":
 		calculatedCodeChallenge, err := s.calculateCodeChallenge(providedCodeVerifier, authCode.PKCE.CodeChallengeMethod)
 		if err != nil {
 			s.logger.Error(err)
@@ -831,11 +832,11 @@ func (s *Server) handleAuthCode(w http.ResponseWriter, r *http.Request, client s
 			s.tokenErrHelper(w, errInvalidGrant, "Invalid code_verifier.", http.StatusBadRequest)
 			return
 		}
-	} else if providedCodeVerifier != "" {
+	case providedCodeVerifier != "":
 		// Received no code_challenge on /auth, but a code_verifier on /token
 		s.tokenErrHelper(w, errInvalidRequest, "No PKCE flow started. Cannot check code_verifier.", http.StatusBadRequest)
 		return
-	} else if codeChallengeFromStorage != "" {
+	case codeChallengeFromStorage != "":
 		// Received PKCE request on /auth, but no code_verifier on /token
 		s.tokenErrHelper(w, errInvalidGrant, "Expecting parameter code_verifier in PKCE flow.", http.StatusBadRequest)
 		return