improving variable name

hashicorp · Dec 6, 2024 · d857fba · d857fba
1 parent c4af8fc
commit d857fba
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 12 deletions.
diff --git a/saml/response.go b/saml/response.go
@@ -79,7 +79,8 @@ func InsecureSkipSignatureValidation() Option {
 	}
 }
 
-// ValidateResponseAndAssertionSignatures enables signature validation for both the SAML response and its assertions.
+// ValidateResponseAndAssertionSignatures enables signature validation to ensure both response and its assertions
+// are signed
 func ValidateResponseAndAssertionSignatures() Option {
 	return func(o interface{}) {
 		if o, ok := o.(*parseResponseOptions); ok {
@@ -88,7 +89,7 @@ func ValidateResponseAndAssertionSignatures() Option {
 	}
 }
 
-// ValidateResponseSignature enables signature validation for just the SAML response.
+// ValidateResponseSignature enables signature validation to ensure the response is at least signed
 func ValidateResponseSignature() Option {
 	return func(o interface{}) {
 		if o, ok := o.(*parseResponseOptions); ok {
@@ -97,7 +98,7 @@ func ValidateResponseSignature() Option {
 	}
 }
 
-// ValidateAssertionSignature enables signature validation for just the SAML assertion.
+// ValidateAssertionSignature enables signature validation to ensure the assertion is at least signed
 func ValidateAssertionSignature() Option {
 	return func(o interface{}) {
 		if o, ok := o.(*parseResponseOptions); ok {
@@ -191,8 +192,8 @@ func (sp *ServiceProvider) ParseResponse(
 	samlResponse := core.Response{Response: *response}
 	if callValidateSignature {
 		// func ip.ValidateEncodedResponse(...) above only requires either `response or all its `assertions` are signed,
-		// but does not require both. The validateSignature function will validate either response or assertion is signed
-		// or both depending on the parse response options given.
+		// but does not require both. The validateSignature function will validate either response or assertion
+		// or both is surely signed depending on the parse response options given.
 		if err := validateSignature(&samlResponse, op, opts); err != nil {
 			return nil, err
 		}

diff --git a/saml/response_test.go b/saml/response_test.go
@@ -80,21 +80,21 @@ func TestServiceProvider_ParseResponse(t *testing.T) {
 			requestID: testRequestId,
 		},
 		{
-			name:      "success - with option validate both signatures and with both response and assertion signed",
+			name:      "success - with option of validate both signatures & with both response and assertion signed",
 			sp:        testSp,
 			samlResp:  base64.StdEncoding.EncodeToString([]byte(tp.SamlResponse(t, testprovider.WithResponseAndAssertionSigned()))),
 			opts:      []saml.Option{saml.ValidateResponseAndAssertionSignatures()},
 			requestID: testRequestId,
 		},
 		{
-			name:      "success - with option validate response signature and with only response signed",
+			name:      "success - with option of validate response signature & with only response signed",
 			sp:        testSp,
 			samlResp:  base64.StdEncoding.EncodeToString([]byte(tp.SamlResponse(t, testprovider.WithJustResponseSigned()))),
 			opts:      []saml.Option{saml.ValidateResponseSignature()},
 			requestID: testRequestId,
 		},
 		{
-			name:      "success - with option validate assertion signature and with only assertion signed",
+			name:      "success - with option of validate assertion signature & with only assertion signed",
 			sp:        testSp,
 			samlResp:  base64.StdEncoding.EncodeToString([]byte(tp.SamlResponse(t, testprovider.WithJustAssertionSigned()))),
 			opts:      []saml.Option{saml.ValidateAssertionSignature()},
@@ -109,31 +109,31 @@ func TestServiceProvider_ParseResponse(t *testing.T) {
 			wantErrContains: "response and/or assertions must be signed",
 		},
 		{
-			name:            "error-invalid-signature - with option validate both signatures and with just response signed",
+			name:            "error-invalid-signature - with option of validate both signatures & with only response signed",
 			sp:              testSp,
 			samlResp:        base64.StdEncoding.EncodeToString([]byte(tp.SamlResponse(t, testprovider.WithJustResponseSigned()))),
 			opts:            []saml.Option{saml.ValidateResponseAndAssertionSignatures()},
 			requestID:       testRequestId,
 			wantErrContains: "invalid signature",
 		},
 		{
-			name:            "error-invalid-signature - with option validate both signatures and with just assertion signed",
+			name:            "error-invalid-signature - with option of validate both signatures & with only assertion signed",
 			sp:              testSp,
 			samlResp:        base64.StdEncoding.EncodeToString([]byte(tp.SamlResponse(t, testprovider.WithJustAssertionSigned()))),
 			opts:            []saml.Option{saml.ValidateResponseAndAssertionSignatures()},
 			requestID:       testRequestId,
 			wantErrContains: "invalid signature",
 		},
 		{
-			name:            "error-invalid-signature - with option validate response signature and with just assertion signed",
+			name:            "error-invalid-signature - with option of validate response signature & with only assertion signed",
 			sp:              testSp,
 			samlResp:        base64.StdEncoding.EncodeToString([]byte(tp.SamlResponse(t, testprovider.WithJustAssertionSigned()))),
 			opts:            []saml.Option{saml.ValidateResponseSignature()},
 			requestID:       testRequestId,
 			wantErrContains: "invalid signature",
 		},
 		{
-			name:            "error-invalid-signature -with option validate assertion signature and with just response signed",
+			name:            "error-invalid-signature -with option of validate assertion signature & with just response signed",
 			sp:              testSp,
 			samlResp:        base64.StdEncoding.EncodeToString([]byte(tp.SamlResponse(t, testprovider.WithJustResponseSigned()))),
 			opts:            []saml.Option{saml.ValidateAssertionSignature()},