From 33fc3126b7672e59cd2e0e838306abcbfa3fa58c Mon Sep 17 00:00:00 2001
From: Hafsa Imran <hafsa.imran@hashicorp.com>
Date: Thu, 28 Nov 2024 12:41:21 -0500
Subject: [PATCH] linting done

---
 saml/error.go         |  2 +-
 saml/response.go      | 10 ++++------
 saml/response_test.go | 30 +++++++++++++++---------------
 saml/test/provider.go | 10 +++++-----
 4 files changed, 25 insertions(+), 27 deletions(-)

diff --git a/saml/error.go b/saml/error.go
index 82e8bb8..ae4d06b 100644
--- a/saml/error.go
+++ b/saml/error.go
@@ -15,5 +15,5 @@ var (
 	ErrInvalidAudience      = errors.New("invalid audience")
 	ErrMissingSubject       = errors.New("subject missing")
 	ErrMissingAttributeStmt = errors.New("attribute statement missing")
-	ErrInvalidSignature = errors.New("invalid signature")
+	ErrInvalidSignature     = errors.New("invalid signature")
 )
diff --git a/saml/response.go b/saml/response.go
index 49c03cc..f1fc384 100644
--- a/saml/response.go
+++ b/saml/response.go
@@ -111,7 +111,6 @@ func (sp *ServiceProvider) ParseResponse(
 	// This will validate the response and all assertions.
 	response, err := ip.ValidateEncodedResponse(samlResp)
 
-
 	switch {
 	case err != nil:
 		return nil, fmt.Errorf("%s: unable to validate encoded response: %w", op, err)
@@ -257,11 +256,10 @@ func parsePEMCertificate(cert []byte) (*x509.Certificate, error) {
 	return x509.ParseCertificate(block.Bytes)
 }
 
-func validateSignature(response *types.Response, op string) (error) {
-
+func validateSignature(response *types.Response, op string) error {
 	// validate child attr assertions
 	for _, assert := range response.Assertions {
-		if !assert.SignatureValidated{
+		if !assert.SignatureValidated {
 			// note: at one time func ip.ValidateEncodedResponse(...) above allows all signed or all unsigned
 			// assertions, and will give error if there are both. We are still looping on all assertions instead of
 			// retrieving value for one assertion, so we do not depend on dependency implementation.
@@ -270,8 +268,8 @@ func validateSignature(response *types.Response, op string) (error) {
 	}
 
 	// validate root response attr
-	if !response.SignatureValidated{
+	if !response.SignatureValidated {
 		return fmt.Errorf("%s: %w", op, ErrInvalidSignature)
 	}
 	return nil
-}
\ No newline at end of file
+}
diff --git a/saml/response_test.go b/saml/response_test.go
index 97433ba..e2cf3d9 100644
--- a/saml/response_test.go
+++ b/saml/response_test.go
@@ -66,27 +66,27 @@ func TestServiceProvider_ParseResponse(t *testing.T) {
 			requestID: testRequestId,
 		},
 		{
-			name:      "missing signature",
-			sp:        testSp,
-			samlResp:  base64.StdEncoding.EncodeToString([]byte(tp.SamlResponse(t))),
-			opts:      []saml.Option{},
-			requestID: testRequestId,
+			name:            "missing signature",
+			sp:              testSp,
+			samlResp:        base64.StdEncoding.EncodeToString([]byte(tp.SamlResponse(t))),
+			opts:            []saml.Option{},
+			requestID:       testRequestId,
 			wantErrContains: "response and/or assertions must be signed",
 		},
 		{
-			name:      "error-invalid-signature",
-			sp:        testSp,
-			samlResp:  base64.StdEncoding.EncodeToString([]byte(tp.SamlResponse(t, testprovider.WithJustResponseElemSigned()))),
-			opts:      []saml.Option{},
-			requestID: testRequestId,
+			name:            "error-invalid-signature",
+			sp:              testSp,
+			samlResp:        base64.StdEncoding.EncodeToString([]byte(tp.SamlResponse(t, testprovider.WithJustResponseElemSigned()))),
+			opts:            []saml.Option{},
+			requestID:       testRequestId,
 			wantErrContains: "invalid signature",
 		},
 		{
-			name:      "error-invalid-signature",
-			sp:        testSp,
-			samlResp:  base64.StdEncoding.EncodeToString([]byte(tp.SamlResponse(t, testprovider.WithJustResponseElemSigned()))),
-			opts:      []saml.Option{},
-			requestID: testRequestId,
+			name:            "error-invalid-signature",
+			sp:              testSp,
+			samlResp:        base64.StdEncoding.EncodeToString([]byte(tp.SamlResponse(t, testprovider.WithJustResponseElemSigned()))),
+			opts:            []saml.Option{},
+			requestID:       testRequestId,
 			wantErrContains: "invalid signature",
 		},
 		{
diff --git a/saml/test/provider.go b/saml/test/provider.go
index 9cbe45f..919785f 100644
--- a/saml/test/provider.go
+++ b/saml/test/provider.go
@@ -431,9 +431,9 @@ func (p *TestProvider) parseRequestPost(request string) *core.AuthnRequest {
 }
 
 type responseOptions struct {
-	signResponseElem bool
+	signResponseElem  bool
 	signAssertionElem bool
-	expired bool
+	expired           bool
 }
 
 type ResponseOption func(*responseOptions)
@@ -558,11 +558,11 @@ func (p *TestProvider) SamlResponse(t *testing.T, opts ...ResponseOption) string
 	err = doc.ReadFromBytes(resp)
 	r.NoError(err)
 
-	if opt.signResponseElem || opt.signAssertionElem  {
+	if opt.signResponseElem || opt.signAssertionElem {
 		signCtx := dsig.NewDefaultSigningContext(p.keystore)
 
 		// sign child attr assertions
-		if opt.signAssertionElem{
+		if opt.signAssertionElem {
 			responseEl := doc.SelectElement("Response")
 			for _, assert := range responseEl.FindElements("Assertion") {
 				signedAssert, err := signCtx.SignEnveloped(assert)
@@ -575,7 +575,7 @@ func (p *TestProvider) SamlResponse(t *testing.T, opts ...ResponseOption) string
 		}
 
 		// sign root attr response
-		if opt.signResponseElem{
+		if opt.signResponseElem {
 			signed, err := signCtx.SignEnveloped(doc.Root())
 			r.NoError(err)
 			doc.SetRoot(signed)