Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix panic threat when using type-cast for customClaims in validator #165

Merged
merged 6 commits into from
Oct 28, 2022
Merged

Fix panic threat when using type-cast for customClaims in validator #165

merged 6 commits into from
Oct 28, 2022
+55 −6

Conversation

osamingo
Copy link
Contributor

@osamingo osamingo commented Aug 4, 2022
edited
Loading

Description

The threat of panicking should be curbed by receiving a second return value when executing the type-cast.

References

Testing

  • This change adds test coverage for new/changed/fixed functionality

Checklist

  • I have read and agreed to the terms within the Auth0 Code of Conduct.
  • I have read the Auth0 General Contribution Guidelines.
  • I have reviewed my own code beforehand.
  • I have added documentation for new/changed functionality in this PR.
  • All active GitHub checks for tests, formatting, and security are passing.
  • The correct base branch is being used, if not master.

@osamingo osamingo requested a review from a team as a code owner August 4, 2022 06:38
@osamingo
Copy link
Contributor Author

osamingo commented Aug 4, 2022

I would appreciate it if you would approve running GitHub Actions for this PR when you have time.

@osamingo
Copy link
Contributor Author

@Widcket ping

sergiught
sergiught reviewed Aug 16, 2022
View reviewed changes
Copy link
Contributor

@sergiught sergiught left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @osamingo for the contribution! I left a few comments.

README.md Outdated Show resolved Hide resolved
examples/http-example/main.go Outdated Show resolved Hide resolved
examples/http-jwks-example/main.go Outdated Show resolved Hide resolved
validator/validator.go Outdated Show resolved Hide resolved
@osamingo
Copy link
Contributor Author

osamingo commented Sep 1, 2022

@sergiught I fixed it, PTAL.

@codecov-commenter
Copy link

codecov-commenter commented Sep 1, 2022
edited
Loading

Codecov Report

Base: 89.05% // Head: 89.09% // Increases project coverage by +0.03% 🎉

Coverage data is based on head (2bc0d47) compared to base (e9dbfc6).
Patch coverage: 100.00% of modified lines in pull request are covered.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master     #165      +/-   ##
==========================================
+ Coverage   89.05%   89.09%   +0.03%     
==========================================
  Files           7        7              
  Lines         274      275       +1     
==========================================
+ Hits          244      245       +1     
  Misses         23       23              
  Partials        7        7
Impacted Files Coverage Δ
validator/validator.go 88.75% <100.00%> (+0.14%) ⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.

@sergiught
Copy link
Contributor

Hey @osamingo 👋🏻 thanks a lot for the changes and apologies it took so while to get back to you! Would you mind adding a test case for this as well in the validatior_test.go file? 🙏🏻

@sergiught sergiught changed the title Fix panic threat when using type-cast Fix panic threat when using type-cast for customClaims in validator Oct 28, 2022
@sergiught
Copy link
Contributor

Hey @osamingo 👋🏻 I had some time and went ahead and added the test cases missing. Thanks for the contribution again!

@sergiught sergiught merged commit 7914559 into auth0:master Oct 28, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sergiught sergiught sergiught approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@osamingo @codecov-commenter @sergiught