improving / fixing comments and var names

hashicorp · Dec 6, 2024 · c9cf0d9 · c9cf0d9
1 parent f6c7d7b
commit c9cf0d9
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 13 deletions.
diff --git a/saml/response.go b/saml/response.go
@@ -79,7 +79,7 @@ func InsecureSkipSignatureValidation() Option {
 	}
 }
 
-// ValidateResponseAndAssertionSignatures enables validation of both the SAML response and its assertions.
+// ValidateResponseAndAssertionSignatures enables signature validation for both the SAML response and its assertions.
 func ValidateResponseAndAssertionSignatures() Option {
 	return func(o interface{}) {
 		if o, ok := o.(*parseResponseOptions); ok {
@@ -88,7 +88,7 @@ func ValidateResponseAndAssertionSignatures() Option {
 	}
 }
 
-// ValidateAssertionSignature enables validation of just the SAML response.
+// ValidateResponseSignature enables signature validation for just the SAML response.
 func ValidateResponseSignature() Option {
 	return func(o interface{}) {
 		if o, ok := o.(*parseResponseOptions); ok {
@@ -97,7 +97,7 @@ func ValidateResponseSignature() Option {
 	}
 }
 
-// ValidateAssertionSignature enables validation of just the SAML assertion.
+// ValidateAssertionSignature enables signature validation for just the SAML assertion.
 func ValidateAssertionSignature() Option {
 	return func(o interface{}) {
 		if o, ok := o.(*parseResponseOptions); ok {
@@ -191,8 +191,8 @@ func (sp *ServiceProvider) ParseResponse(
 	samlResponse := core.Response{Response: *response}
 	if callValidateSignature {
 		// func ip.ValidateEncodedResponse(...) above only requires either `response or all its `assertions` are signed,
-		// but does not require both. The validateSignature function will validate either response or assertion is signeed
-		// or both depending on the the parse response options given.
+		// but does not require both. The validateSignature function will validate either response or assertion is signed
+		// or both depending on the parse response options given.
 		if err := validateSignature(&samlResponse, op, opts); err != nil {
 			return nil, err
 		}
@@ -299,7 +299,7 @@ func validateSignature(response *core.Response, op string, opts parseResponseOpt
 		if !assert.SignatureValidated {
 			// note: at one time func ip.ValidateEncodedResponse(...) above allows all signed or all unsigned
 			// assertions, and will give error if there is a mix of both. We are still looping on all assertions
-			// instead of retrieving value for one assertion, so we do not depend on dependency implementation.
+			// instead of retrieving signature for one assertion, so we do not depend on dependency implementation.
 			if opts.validateAssertionSignature || opts.validateResponseAndAssertionSignatures {
 				return fmt.Errorf("%s: %w", op, ErrInvalidSignature)
 			}

diff --git a/saml/response_test.go b/saml/response_test.go
@@ -80,21 +80,21 @@ func TestServiceProvider_ParseResponse(t *testing.T) {
 			requestID: testRequestId,
 		},
 		{
-			name:      "success for option validate both signatures - with both response and assertion signed",
+			name:      "success - with option validate both signatures and with both response and assertion signed",
 			sp:        testSp,
 			samlResp:  base64.StdEncoding.EncodeToString([]byte(tp.SamlResponse(t, testprovider.WithResponseAndAssertionSigned()))),
 			opts:      []saml.Option{saml.ValidateResponseAndAssertionSignatures()},
 			requestID: testRequestId,
 		},
 		{
-			name:      "success for option validate response signature - with only response signed",
+			name:      "success - with option validate response signature and with only response signed",
 			sp:        testSp,
 			samlResp:  base64.StdEncoding.EncodeToString([]byte(tp.SamlResponse(t, testprovider.WithJustResponseElemSigned()))),
 			opts:      []saml.Option{saml.ValidateResponseSignature()},
 			requestID: testRequestId,
 		},
 		{
-			name:      "success for option validate assertion signature - with only assertion signed",
+			name:      "success - with option validate assertion signature and with only assertion signed",
 			sp:        testSp,
 			samlResp:  base64.StdEncoding.EncodeToString([]byte(tp.SamlResponse(t, testprovider.WithJustAssertionElemSigned()))),
 			opts:      []saml.Option{saml.ValidateAssertionSignature()},
@@ -109,31 +109,31 @@ func TestServiceProvider_ParseResponse(t *testing.T) {
 			wantErrContains: "response and/or assertions must be signed",
 		},
 		{
-			name:            "error-invalid-signature for option validate both signatures - with just response signed",
+			name:            "error-invalid-signature - with option validate both signatures and with just response signed",
 			sp:              testSp,
 			samlResp:        base64.StdEncoding.EncodeToString([]byte(tp.SamlResponse(t, testprovider.WithJustResponseElemSigned()))),
 			opts:            []saml.Option{saml.ValidateResponseAndAssertionSignatures()},
 			requestID:       testRequestId,
 			wantErrContains: "invalid signature",
 		},
 		{
-			name:            "error-invalid-signature for option validate both signatures - with just assertion signed",
+			name:            "error-invalid-signature - with option validate both signatures and with just assertion signed",
 			sp:              testSp,
 			samlResp:        base64.StdEncoding.EncodeToString([]byte(tp.SamlResponse(t, testprovider.WithJustAssertionElemSigned()))),
 			opts:            []saml.Option{saml.ValidateResponseAndAssertionSignatures()},
 			requestID:       testRequestId,
 			wantErrContains: "invalid signature",
 		},
 		{
-			name:            "error-invalid-signature for option validate response signature - with just assertion signed",
+			name:            "error-invalid-signature - with option validate response signature and with just assertion signed",
 			sp:              testSp,
 			samlResp:        base64.StdEncoding.EncodeToString([]byte(tp.SamlResponse(t, testprovider.WithJustAssertionElemSigned()))),
 			opts:            []saml.Option{saml.ValidateResponseSignature()},
 			requestID:       testRequestId,
 			wantErrContains: "invalid signature",
 		},
 		{
-			name:            "error-invalid-signature for option validate assertion signature - with just response signed",
+			name:            "error-invalid-signature -with option validate assertion signature and with just response signed",
 			sp:              testSp,
 			samlResp:        base64.StdEncoding.EncodeToString([]byte(tp.SamlResponse(t, testprovider.WithJustResponseElemSigned()))),
 			opts:            []saml.Option{saml.ValidateAssertionSignature()},