diff --git a/.golangci.yml b/.golangci.yml index 1eb377f..50dd9ea 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -8,7 +8,7 @@ linters-settings: const: ORGANIZATION: CAcert Inc. template: |- - Copyright {{ YEAR-RANGE }} {{ ORGANIZATION }} + Copyright {{ ORGANIZATION }} SPDX-License-Identifier: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); @@ -47,7 +47,7 @@ linters: - gofmt - goheader - goimports - - gomnd + - mnd - gosec - lll - makezero diff --git a/cmd/idp/main.go b/cmd/idp/main.go index a22aa0b..9d2edb6 100644 --- a/cmd/idp/main.go +++ b/cmd/idp/main.go @@ -1,5 +1,5 @@ /* -Copyright 2020-2023 CAcert Inc. +Copyright CAcert Inc. SPDX-License-Identifier: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/internal/handlers/common.go b/internal/handlers/common.go index cb67a73..ac9ef58 100644 --- a/internal/handlers/common.go +++ b/internal/handlers/common.go @@ -1,5 +1,5 @@ /* -Copyright 2023 CAcert Inc. +Copyright CAcert Inc. SPDX-License-Identifier: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/internal/handlers/consent.go b/internal/handlers/consent.go index cad299c..295db79 100644 --- a/internal/handlers/consent.go +++ b/internal/handlers/consent.go @@ -1,5 +1,5 @@ /* -Copyright 2020-2023 CAcert Inc. +Copyright CAcert Inc. SPDX-License-Identifier: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); @@ -338,6 +338,7 @@ func (h *ConsentHandler) getRequestedConsentInformation(challenge string, r *htt claimsParameter := requestURL.Query().Get("claims") if claimsParameter != "" { decoder := json.NewDecoder(strings.NewReader(claimsParameter)) + err := decoder.Decode(&requestedClaims) if err != nil { h.logger.WithError(err).WithField( diff --git a/internal/handlers/doc.go b/internal/handlers/doc.go index b0bf8db..aa84311 100644 --- a/internal/handlers/doc.go +++ b/internal/handlers/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2020-2023 CAcert Inc. +Copyright CAcert Inc. SPDX-License-Identifier: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/internal/handlers/error.go b/internal/handlers/error.go index 1183891..eb4e79e 100644 --- a/internal/handlers/error.go +++ b/internal/handlers/error.go @@ -1,5 +1,5 @@ /* -Copyright 2020-2023 CAcert Inc. +Copyright CAcert Inc. SPDX-License-Identifier: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/internal/handlers/login.go b/internal/handlers/login.go index d296875..1d8e73a 100644 --- a/internal/handlers/login.go +++ b/internal/handlers/login.go @@ -1,5 +1,5 @@ /* -Copyright 2020-2023 CAcert Inc. +Copyright CAcert Inc. SPDX-License-Identifier: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/internal/handlers/logout.go b/internal/handlers/logout.go index 1c6ec9b..730e211 100644 --- a/internal/handlers/logout.go +++ b/internal/handlers/logout.go @@ -1,5 +1,5 @@ /* -Copyright 2020-2023 CAcert Inc. +Copyright CAcert Inc. SPDX-License-Identifier: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/internal/handlers/manage.go b/internal/handlers/manage.go index 50e799b..414f1cc 100644 --- a/internal/handlers/manage.go +++ b/internal/handlers/manage.go @@ -1,5 +1,5 @@ /* -Copyright 2023 CAcert Inc. +Copyright CAcert Inc. SPDX-License-Identifier: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/internal/handlers/observability.go b/internal/handlers/observability.go index 27c1707..0923945 100644 --- a/internal/handlers/observability.go +++ b/internal/handlers/observability.go @@ -1,5 +1,5 @@ /* -Copyright 2020-2023 CAcert Inc. +Copyright CAcert Inc. SPDX-License-Identifier: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); @@ -63,6 +63,7 @@ func Logging(logger *log.Logger) func(http.Handler) http.Handler { if !ok { requestID = "unknown" } + logger.Infof( "[%s] %s \"%s %s\" %d %d \"%s\"", requestID, @@ -86,7 +87,9 @@ func Tracing(nextRequestID func() string) func(http.Handler) http.Handler { if requestID == "" { requestID = nextRequestID() } + ctx := context.WithValue(r.Context(), requestIDKey, requestID) + w.Header().Set("X-Request-Id", requestID) next.ServeHTTP(w, r.WithContext(ctx)) }) @@ -96,7 +99,7 @@ func Tracing(nextRequestID func() string) func(http.Handler) http.Handler { var Healthy int32 func NewHealthHandler() http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + return http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { if atomic.LoadInt32(&Healthy) == 1 { w.WriteHeader(http.StatusNoContent) diff --git a/internal/handlers/security.go b/internal/handlers/security.go index 1ad07ae..17dbe59 100644 --- a/internal/handlers/security.go +++ b/internal/handlers/security.go @@ -1,5 +1,5 @@ /* -Copyright 2020-2023 CAcert Inc. +Copyright CAcert Inc. SPDX-License-Identifier: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); @@ -30,6 +30,7 @@ func EnableHSTS() func(http.Handler) http.Handler { return func(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { const Days180 = 180 + w.Header().Set("Strict-Transport-Security", fmt.Sprintf("max-age=%d", int((time.Hour*24*Days180).Seconds()))) next.ServeHTTP(w, r) }) diff --git a/internal/models/oidc.go b/internal/models/oidc.go index 1a7e17a..de6c904 100644 --- a/internal/models/oidc.go +++ b/internal/models/oidc.go @@ -1,5 +1,5 @@ /* -Copyright 2020-2023 CAcert Inc. +Copyright CAcert Inc. SPDX-License-Identifier: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/internal/services/configuration.go b/internal/services/configuration.go index ac54723..a415579 100644 --- a/internal/services/configuration.go +++ b/internal/services/configuration.go @@ -1,5 +1,5 @@ /* -Copyright 2020-2023 CAcert Inc. +Copyright CAcert Inc. SPDX-License-Identifier: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/internal/services/i18n.go b/internal/services/i18n.go index 0993c01..d320d72 100644 --- a/internal/services/i18n.go +++ b/internal/services/i18n.go @@ -1,5 +1,5 @@ /* -Copyright 2020-2023 CAcert Inc. +Copyright CAcert Inc. SPDX-License-Identifier: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/internal/services/security.go b/internal/services/security.go index f0ab0ae..ad0fd6d 100644 --- a/internal/services/security.go +++ b/internal/services/security.go @@ -1,5 +1,5 @@ /* -Copyright 2023 CAcert Inc. +Copyright CAcert Inc. SPDX-License-Identifier: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/internal/services/session.go b/internal/services/session.go index a6522d6..e15342b 100644 --- a/internal/services/session.go +++ b/internal/services/session.go @@ -1,5 +1,5 @@ /* -Copyright 2023 CAcert Inc. +Copyright CAcert Inc. SPDX-License-Identifier: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/translations/translations.go b/translations/translations.go index 99f0e22..6f254d9 100644 --- a/translations/translations.go +++ b/translations/translations.go @@ -1,5 +1,5 @@ /* -Copyright 2020-2023 CAcert Inc. +Copyright CAcert Inc. SPDX-License-Identifier: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/ui/ui.go b/ui/ui.go index 4748763..6e03076 100644 --- a/ui/ui.go +++ b/ui/ui.go @@ -1,3 +1,20 @@ +/* +Copyright CAcert Inc. +SPDX-License-Identifier: Apache-2.0 + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + https://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + package ui import "embed"