improved goreportcard score even more

examples/bearerTokens/main.go

@@ -76,7 +76,7 @@ var loginHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request)
 			return
 
 		}
-		
+
 		http.Error(w, "Unauthorized", 401)
 		return
 

examples/detailed/db/db.go

@@ -68,7 +68,7 @@ func FetchUserById(uuid string) (models.User, error) {
 		// found the user
 		return u, nil
 	}
-	
+
 	return u, errors.New("User not found that matches given uuid")
 }
 

examples/detailed/db/models/models.go

@@ -3,4 +3,4 @@ package models
 // User : a struct to hold our users
 type User struct {
 	Username, PasswordHash, Role string
-}
+}

examples/detailed/randomstrings/randomstrings.go

@@ -8,7 +8,7 @@ import (
 	"encoding/base64"
 )
 
-// GenerateRandomBytes returns securely generated random bytes. 
+// GenerateRandomBytes returns securely generated random bytes.
 // It will return an error if the system's secure random
 // number generator fails to function correctly, in which
 // case the caller should not continue.
@@ -38,4 +38,4 @@ func GenerateRandomString(s int) (string, error) {
 // if err != nil {
 //     // Serve an appropriately vague error to the
 //     // user, but log the details internally.
-// }
+// }

examples/detailed/server/templates/templates.go

@@ -1,26 +1,26 @@
 package templates
 
 import (
+	"html/template"
 	"log"
 	"net/http"
-	"html/template"
 )
 
 // LoginPage : the login page
 type LoginPage struct {
 	BAlertUser bool
-	AlertMsg string
+	AlertMsg   string
 }
 
 // RegisterPage : the register page
 type RegisterPage struct {
 	BAlertUser bool
-	AlertMsg string
+	AlertMsg   string
 }
 
 // RestrictedPage : the restricted page
 type RestrictedPage struct {
-	CsrfSecret string
+	CsrfSecret    string
 	SecretMessage string
 }
 
@@ -33,4 +33,4 @@ func RenderTemplate(w http.ResponseWriter, tmpl string, p interface{}) {
 		log.Printf("Temlate error here: %v", err)
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 	}
-}
+}

examples/login_logout_ECDSA/templates/templates.go

@@ -1,20 +1,19 @@
 package templates
 
 import (
+	"html/template"
 	"log"
 	"net/http"
-	"html/template"
 )
 
 // LoginPage : the login page
 type LoginPage struct {
-
 }
 
 // RestrictedPage : the restricted page
 type RestrictedPage struct {
 	CsrfSecret string
-	Role string
+	Role       string
 }
 
 var templates = template.Must(template.ParseFiles("./templates/templateFiles/login.tmpl", "./templates/templateFiles/restricted.tmpl"))
@@ -26,4 +25,4 @@ func RenderTemplate(w http.ResponseWriter, tmpl string, p interface{}) {
 		log.Printf("Temlate error here: %v", err)
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 	}
-}
+}

examples/login_logout_HMAC-SHA/templates/templates.go

@@ -1,20 +1,19 @@
 package templates
 
 import (
+	"html/template"
 	"log"
 	"net/http"
-	"html/template"
 )
 
 // LoginPage : the login page
 type LoginPage struct {
-
 }
 
 // RestrictedPage the restricted page
 type RestrictedPage struct {
 	CsrfSecret string
-	Role string
+	Role       string
 }
 
 var templates = template.Must(template.ParseFiles("./templates/templateFiles/login.tmpl", "./templates/templateFiles/restricted.tmpl"))
@@ -26,4 +25,4 @@ func RenderTemplate(w http.ResponseWriter, tmpl string, p interface{}) {
 		log.Printf("Temlate error here: %v", err)
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 	}
-}
+}

examples/login_logout_RSA/templates/templates.go

@@ -1,20 +1,19 @@
 package templates
 
 import (
+	"html/template"
 	"log"
 	"net/http"
-	"html/template"
 )
 
 // LoginPage : the login page
 type LoginPage struct {
-
 }
 
 // RestrictedPage : the restricted page
 type RestrictedPage struct {
 	CsrfSecret string
-	Role string
+	Role       string
 }
 
 var templates = template.Must(template.ParseFiles("./templates/templateFiles/login.tmpl", "./templates/templateFiles/restricted.tmpl"))
@@ -26,4 +25,4 @@ func RenderTemplate(w http.ResponseWriter, tmpl string, p interface{}) {
 		log.Printf("Temlate error here: %v", err)
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 	}
-}
+}

examples/separateAuthServer/main.go

@@ -126,12 +126,12 @@ var myUnauthorizedHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http
 
 		defer resp2.Body.Close()
 		body, err := ioutil.ReadAll(resp2.Body)
-		
+
 		if err != nil {
 			http.Error(w, "Internal server error", 500)
 			return
 		}
-		
+
 		w.Write(body)
 		return
 	} else if resp.StatusCode/100 == 4 {
@@ -152,7 +152,7 @@ var restrictedHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Req
 		http.Error(w, "Internal Server Error", 500)
 		return
 	}
-	
+
 	templates.RenderTemplate(w, "restricted", &templates.RestrictedPage{csrfSecret, claims.CustomClaims["Role"].(string)})
 })
 

examples/separateAuthServer/templates/templates.go

@@ -1,20 +1,19 @@
 package templates
 
 import (
+	"html/template"
 	"log"
 	"net/http"
-	"html/template"
 )
 
 // LoginPage : The login page
 type LoginPage struct {
-
 }
 
 // RestrictedPage : the restricted page
 type RestrictedPage struct {
 	CsrfSecret string
-	Role string
+	Role       string
 }
 
 var templates = template.Must(template.ParseFiles("./templates/templateFiles/login.tmpl", "./templates/templateFiles/restricted.tmpl"))
@@ -26,4 +25,4 @@ func RenderTemplate(w http.ResponseWriter, tmpl string, p interface{}) {
 		log.Printf("Temlate error here: %v", err)
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 	}
-}
+}

jwt/auth-utils.go

@@ -43,27 +43,27 @@ func (a *Auth) extractTokenStringsFromReq(r *http.Request) (string, string, *jwt
 		// Note: we don't check for errors here, because we will check if the token is valid, later
 		r.ParseForm()
 		return strings.Join(r.Form["Auth_Token"], ""), strings.Join(r.Form["Refresh_Token"], ""), nil
-	} else {
-		AuthCookie, authErr := r.Cookie("AuthToken")
-		if authErr == http.ErrNoCookie {
-			a.myLog("Unauthorized attempt! No auth cookie")
-			return "", "", newJwtError(errors.New("No auth cookie"), 401)
-		} else if authErr != nil {
-			// a.myLog(authErr)
-			return "", "", newJwtError(errors.New("Internal Server Error"), 500)
-		}
+	}
 
-		RefreshCookie, refreshErr := r.Cookie("RefreshToken")
-		if refreshErr == http.ErrNoCookie {
-			a.myLog("Unauthorized attempt! No refresh cookie")
-			return "", "", newJwtError(errors.New("No refresh cookie"), 401)
-		} else if refreshErr != nil {
-			a.myLog(refreshErr)
-			return "", "", newJwtError(errors.New("Internal Server Error"), 500)
-		}
+	AuthCookie, authErr := r.Cookie("AuthToken")
+	if authErr == http.ErrNoCookie {
+		a.myLog("Unauthorized attempt! No auth cookie")
+		return "", "", newJwtError(errors.New("No auth cookie"), 401)
+	} else if authErr != nil {
+		// a.myLog(authErr)
+		return "", "", newJwtError(errors.New("Internal Server Error"), 500)
+	}
 
-		return AuthCookie.Value, RefreshCookie.Value, nil
+	RefreshCookie, refreshErr := r.Cookie("RefreshToken")
+	if refreshErr == http.ErrNoCookie {
+		a.myLog("Unauthorized attempt! No refresh cookie")
+		return "", "", newJwtError(errors.New("No refresh cookie"), 401)
+	} else if refreshErr != nil {
+		a.myLog(refreshErr)
+		return "", "", newJwtError(errors.New("Internal Server Error"), 500)
 	}
+
+	return AuthCookie.Value, RefreshCookie.Value, nil
 }
 
 func extractCsrfStringFromReq(r *http.Request) (string, *jwtError) {

jwt/auth.go

@@ -197,14 +197,17 @@ func New(auth *Auth, options ...Options) error {
 func (a *Auth) SetErrorHandler(handler http.Handler) {
 	a.errorHandler = handler
 }
+
 // SetUnauthorizedHandler : set the 401 handler
 func (a *Auth) SetUnauthorizedHandler(handler http.Handler) {
 	a.unauthorizedHandler = handler
 }
+
 // SetRevokeTokenFunction : set the function which revokes a token
 func (a *Auth) SetRevokeTokenFunction(revoker TokenRevoker) {
 	a.revokeRefreshToken = revoker
 }
+
 // SetCheckTokenIdFunction : set the function which checks token id's
 func (a *Auth) SetCheckTokenIdFunction(checker TokenIdChecker) {
 	a.checkTokenId = checker
@@ -289,7 +292,7 @@ func (a *Auth) Process(w http.ResponseWriter, r *http.Request) *jwtError {
 	return nil
 }
 
-// IssueNewTokens: and also modify create refresh and auth token functions!
+// IssueNewTokens : and also modify create refresh and auth token functions!
 func (a *Auth) IssueNewTokens(w http.ResponseWriter, claims *ClaimsType) error {
 	if a.options.VerifyOnlyServer {
 		a.myLog("Server is not authorized to issue new tokens")

jwt/credentials.go

@@ -150,10 +150,11 @@ func (c *credentials) updateAuthTokenFromRefreshToken() *jwtError {
 
 		c.myLog("Refresh token is invalid")
 		return newJwtError(errors.New("Refresh token is invalid. Cannot refresh auth token."), 401)
-	} else {
-		c.myLog("Refresh token has been revoked")
-		return newJwtError(errors.New("Refresh token has been revoked. Cannot update auth token"), 401)
 	}
+
+	c.myLog("Refresh token has been revoked")
+	return newJwtError(errors.New("Refresh token has been revoked. Cannot update auth token"), 401)
+
 }
 
 func (c *credentials) validateAndUpdateCredentials() *jwtError {