remove redundant []byte conversions

Author: crewjam

.golangci.yml

@@ -13,6 +13,7 @@ linters:
     - misspell # Finds commonly misspelled English words in comments [fast: true, auto-fix: true]
     - deadcode # Finds unused code [fast: true, auto-fix: false]
     - golint # Golint differs from gofmt. Gofmt reformats Go source code, whereas golint prints out style mistakes [fast: true, auto-fix: false]
+    - unconvert # Remove unnecessary type conversions [fast: true, auto-fix: false]
 
   disable:
     # TODO(ross): fix errors reported by these checkers and enable them
@@ -38,7 +39,6 @@ linters:
     - structcheck # Finds unused struct fields [fast: true, auto-fix: false]
     - stylecheck # Stylecheck is a replacement for golint [fast: false, auto-fix: false]
     - typecheck # Like the front-end of a Go compiler, parses and type-checks Go code [fast: true, auto-fix: false]
-    - unconvert # Remove unnecessary type conversions [fast: true, auto-fix: false]
     - unparam # Reports unused function parameters [fast: false, auto-fix: false]
     - unused # Checks Go code for unused constants, variables, functions and types [fast: false, auto-fix: false]
     - varcheck # Finds unused global variables and constants [fast: true, auto-fix: false]

identity_provider_test.go

@@ -52,7 +52,7 @@ func mustParseURL(s string) url.URL {
 }
 
 func mustParsePrivateKey(pemStr []byte) crypto.PrivateKey {
-	b, _ := pem.Decode([]byte(pemStr))
+	b, _ := pem.Decode(pemStr)
 	if b == nil {
 		panic("cannot parse PEM")
 	}
@@ -64,7 +64,7 @@ func mustParsePrivateKey(pemStr []byte) crypto.PrivateKey {
 }
 
 func mustParseCertificate(pemStr []byte) *x509.Certificate {
-	b, _ := pem.Decode([]byte(pemStr))
+	b, _ := pem.Decode(pemStr)
 	if b == nil {
 		panic("cannot parse PEM")
 	}
@@ -83,7 +83,7 @@ func NewIdentifyProviderTest(t *testing.T) *IdentityProviderTest {
 	}
 	jwt.TimeFunc = TimeNow
 	RandReader = &testRandomReader{}                // TODO(ross): remove this and use the below generator
-	xmlenc.RandReader = rand.New(rand.NewSource(0)) // deterministic random numbers for tests
+	xmlenc.RandReader = rand.New(rand.NewSource(0)) //nolint:gosec  // deterministic random numbers for tests
 
 	test.SPKey = mustParsePrivateKey(golden.Get(t, "sp_key.pem")).(*rsa.PrivateKey)
 	test.SPCertificate = mustParseCertificate(golden.Get(t, "sp_cert.pem"))
@@ -261,7 +261,7 @@ func TestIDPCanHandleRequestWithNewSession(t *testing.T) {
 
 	decodedRequest, err := testsaml.ParseRedirectRequest(requestURL)
 	assert.Check(t, err)
-	assert.Check(t, is.Equal(string(golden.Get(t, "idp_authn_request.xml")), string(decodedRequest)))
+	golden.Assert(t, string(decodedRequest), "idp_authn_request.xml")
 	assert.Check(t, is.Equal("ThisIsTheRelayState", requestURL.Query().Get("RelayState")))
 
 	r, _ := http.NewRequest("GET", requestURL.String(), nil)

samlidp/samlidp_test.go

@@ -42,8 +42,8 @@ func mustParseURL(s string) url.URL {
 	return *rv
 }
 
-func mustParsePrivateKey(pemStr string) crypto.PrivateKey {
-	b, _ := pem.Decode([]byte(pemStr))
+func mustParsePrivateKey(pemStr []byte) crypto.PrivateKey {
+	b, _ := pem.Decode(pemStr)
 	if b == nil {
 		panic("cannot parse PEM")
 	}
@@ -54,8 +54,8 @@ func mustParsePrivateKey(pemStr string) crypto.PrivateKey {
 	return k
 }
 
-func mustParseCertificate(pemStr string) *x509.Certificate {
-	b, _ := pem.Decode([]byte(pemStr))
+func mustParseCertificate(pemStr []byte) *x509.Certificate {
+	b, _ := pem.Decode(pemStr)
 	if b == nil {
 		panic("cannot parse PEM")
 	}
@@ -86,17 +86,17 @@ func NewServerTest(t *testing.T) *ServerTest {
 	jwt.TimeFunc = saml.TimeNow
 	saml.RandReader = &testRandomReader{}
 
-	test.SPKey = mustParsePrivateKey(string(golden.Get(t, "sp_key.pem"))).(*rsa.PrivateKey)
-	test.SPCertificate = mustParseCertificate(string(golden.Get(t, "sp_cert.pem")))
+	test.SPKey = mustParsePrivateKey(golden.Get(t, "sp_key.pem")).(*rsa.PrivateKey)
+	test.SPCertificate = mustParseCertificate(golden.Get(t, "sp_cert.pem"))
 	test.SP = saml.ServiceProvider{
 		Key:         test.SPKey,
 		Certificate: test.SPCertificate,
 		MetadataURL: mustParseURL("https://sp.example.com/saml2/metadata"),
 		AcsURL:      mustParseURL("https://sp.example.com/saml2/acs"),
 		IDPMetadata: &saml.EntityDescriptor{},
 	}
-	test.Key = mustParsePrivateKey(string(golden.Get(t, "idp_key.pem"))).(*rsa.PrivateKey)
-	test.Certificate = mustParseCertificate(string(golden.Get(t, "idp_cert.pem")))
+	test.Key = mustParsePrivateKey(golden.Get(t, "idp_key.pem")).(*rsa.PrivateKey)
+	test.Certificate = mustParseCertificate(golden.Get(t, "idp_cert.pem"))
 
 	test.Store = MemoryStore{}
 

samlidp/service_test.go

@@ -30,7 +30,7 @@ func TestServicesCrud(t *testing.T) {
 	r, _ = http.NewRequest("GET", "https://idp.example.com/services/sp", nil)
 	test.Server.ServeHTTP(w, r)
 	assert.Check(t, is.Equal(http.StatusOK, w.Code))
-	assert.Check(t, is.Equal(w.Body.String(), string(golden.Get(t, "sp_metadata.xml"))))
+	golden.Assert(t, w.Body.String(), "sp_metadata.xml")
 
 	w = httptest.NewRecorder()
 	r, _ = http.NewRequest("GET", "https://idp.example.com/services/", nil)

samlsp/fetch_metadata_test.go

@@ -1,12 +1,12 @@
 package samlsp
 
 import (
+	"bytes"
 	"context"
 	"fmt"
 	"net/http"
 	"net/http/httptest"
 	"net/url"
-	"strings"
 	"testing"
 
 	"gotest.tools/assert"
@@ -18,7 +18,7 @@ func TestFetchMetadata(t *testing.T) {
 
 	testServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		assert.Check(t, is.Equal("/metadata", r.URL.String()))
-		fmt.Fprint(w, test.IDPMetadata)
+		w.Write(test.IDPMetadata)
 	}))
 
 	fmt.Println(testServer.URL + "/metadata")
@@ -30,11 +30,12 @@ func TestFetchMetadata(t *testing.T) {
 
 func TestFetchMetadataRejectsInvalid(t *testing.T) {
 	test := NewMiddlewareTest(t)
-	test.IDPMetadata = strings.Replace(test.IDPMetadata, "<EntityDescriptor ", "<EntityDescriptor ::foo=\"bar\"", -1)
+	test.IDPMetadata = bytes.Replace(test.IDPMetadata,
+		[]byte("<EntityDescriptor "), []byte("<EntityDescriptor ::foo=\"bar\""), -1)
 
 	testServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		assert.Check(t, is.Equal("/metadata", r.URL.String()))
-		fmt.Fprint(w, test.IDPMetadata)
+		w.Write(test.IDPMetadata)
 	}))
 
 	fmt.Println(testServer.URL + "/metadata")

samlsp/middleware_test.go

@@ -28,11 +28,11 @@ import (
 )
 
 type MiddlewareTest struct {
-	AuthnRequest          string
-	SamlResponse          string
+	AuthnRequest          []byte
+	SamlResponse          []byte
 	Key                   *rsa.PrivateKey
 	Certificate           *x509.Certificate
-	IDPMetadata           string
+	IDPMetadata           []byte
 	Middleware            *Middleware
 	expectedSessionCookie string
 }
@@ -59,14 +59,14 @@ func NewMiddlewareTest(t *testing.T) *MiddlewareTest {
 	saml.Clock = dsig.NewFakeClockAt(saml.TimeNow())
 	saml.RandReader = &testRandomReader{}
 
-	test.AuthnRequest = string(golden.Get(t, "authn_request.url"))
-	test.SamlResponse = string(golden.Get(t, "saml_response.xml"))
-	test.Key = mustParsePrivateKey(string(golden.Get(t, "key.pem"))).(*rsa.PrivateKey)
-	test.Certificate = mustParseCertificate(string(golden.Get(t, "cert.pem")))
-	test.IDPMetadata = string(golden.Get(t, "idp_metadata.xml"))
+	test.AuthnRequest = golden.Get(t, "authn_request.url")
+	test.SamlResponse = golden.Get(t, "saml_response.xml")
+	test.Key = mustParsePrivateKey(golden.Get(t, "key.pem")).(*rsa.PrivateKey)
+	test.Certificate = mustParseCertificate(golden.Get(t, "cert.pem"))
+	test.IDPMetadata = golden.Get(t, "idp_metadata.xml")
 
 	var metadata saml.EntityDescriptor
-	if err := xml.Unmarshal([]byte(test.IDPMetadata), &metadata); err != nil {
+	if err := xml.Unmarshal(test.IDPMetadata, &metadata); err != nil {
 		panic(err)
 	}
 
@@ -131,8 +131,7 @@ func TestMiddlewareCanProduceMetadata(t *testing.T) {
 	assert.Check(t, is.Equal(http.StatusOK, resp.Code))
 	assert.Check(t, is.Equal("application/samlmetadata+xml",
 		resp.Header().Get("Content-type")))
-	assert.Check(t, is.Equal(string(golden.Get(t, "expected_middleware_metadata.xml")),
-		resp.Body.String()))
+	golden.Assert(t, resp.Body.String(), "expected_middleware_metadata.xml")
 }
 
 func TestMiddlewareFourOhFour(t *testing.T) {
@@ -168,8 +167,7 @@ func TestMiddlewareRequireAccountNoCreds(t *testing.T) {
 	assert.Check(t, err)
 	decodedRequest, err := testsaml.ParseRedirectRequest(redirectURL)
 	assert.Check(t, err)
-	assert.Check(t, is.Equal(string(golden.Get(t, "expected_authn_request.xml")),
-		string(decodedRequest)))
+	golden.Assert(t, string(decodedRequest), "expected_authn_request.xml")
 }
 
 func TestMiddlewareRequireAccountNoCredsSecure(t *testing.T) {
@@ -192,8 +190,7 @@ func TestMiddlewareRequireAccountNoCredsSecure(t *testing.T) {
 	assert.Check(t, err)
 	decodedRequest, err := testsaml.ParseRedirectRequest(redirectURL)
 	assert.Check(t, err)
-	assert.Check(t, is.Equal(string(golden.Get(t, "expected_authn_request_secure.xml")),
-		string(decodedRequest)))
+	golden.Assert(t, string(decodedRequest), "expected_authn_request_secure.xml")
 }
 
 func TestMiddlewareRequireAccountNoCredsPostBinding(t *testing.T) {
@@ -214,8 +211,8 @@ func TestMiddlewareRequireAccountNoCredsPostBinding(t *testing.T) {
 	assert.Check(t, is.Equal(http.StatusOK, resp.Code))
 	assert.Check(t, is.Equal("saml_KCosLjAyNDY4Ojw-QEJERkhKTE5QUlRWWFpcXmBiZGZoamxucHJ0dnh6="+test.makeTrackedRequest("id-00020406080a0c0e10121416181a1c1e20222426")+"; Path=/saml2/acs; Max-Age=90; HttpOnly; Secure",
 		resp.Header().Get("Set-Cookie")))
-	assert.Check(t, is.Equal(string(golden.Get(t, "expected_post_binding_response.html")),
-		string(resp.Body.Bytes())))
+
+	golden.Assert(t, resp.Body.String(), "expected_post_binding_response.html")
 
 	// check that the CSP script hash is set correctly
 	scriptContent := "document.getElementById('SAMLSubmitButton').style.visibility=\"hidden\";document.getElementById('SAMLRequestForm').submit();"
@@ -279,8 +276,7 @@ func TestMiddlewareRequireAccountBadCreds(t *testing.T) {
 	assert.Check(t, err)
 	decodedRequest, err := testsaml.ParseRedirectRequest(redirectURL)
 	assert.Check(t, err)
-	assert.Check(t, is.Equal(string(golden.Get(t, "expected_authn_request_secure.xml")),
-		string(decodedRequest)))
+	golden.Assert(t, string(decodedRequest), "expected_authn_request_secure.xml")
 }
 
 func TestMiddlewareRequireAccountExpiredCreds(t *testing.T) {
@@ -310,8 +306,7 @@ func TestMiddlewareRequireAccountExpiredCreds(t *testing.T) {
 	assert.Check(t, err)
 	decodedRequest, err := testsaml.ParseRedirectRequest(redirectURL)
 	assert.Check(t, err)
-	assert.Check(t, is.Equal(string(golden.Get(t, "expected_authn_request_secure.xml")),
-		string(decodedRequest)))
+	golden.Assert(t, string(decodedRequest), "expected_authn_request_secure.xml")
 }
 
 func TestMiddlewareRequireAccountPanicOnRequestToACS(t *testing.T) {
@@ -401,7 +396,7 @@ func TestMiddlewareRequireAttributeMissingAccount(t *testing.T) {
 func TestMiddlewareCanParseResponse(t *testing.T) {
 	test := NewMiddlewareTest(t)
 	v := &url.Values{}
-	v.Set("SAMLResponse", base64.StdEncoding.EncodeToString([]byte(test.SamlResponse)))
+	v.Set("SAMLResponse", base64.StdEncoding.EncodeToString(test.SamlResponse))
 	v.Set("RelayState", "KCosLjAyNDY4Ojw-QEJERkhKTE5QUlRWWFpcXmBiZGZoamxucHJ0dnh6")
 	req, _ := http.NewRequest("POST", "/saml2/acs", bytes.NewReader([]byte(v.Encode())))
 	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
@@ -466,7 +461,7 @@ func TestMiddlewareRejectsInvalidRelayState(t *testing.T) {
 	}
 
 	v := &url.Values{}
-	v.Set("SAMLResponse", base64.StdEncoding.EncodeToString([]byte(test.SamlResponse)))
+	v.Set("SAMLResponse", base64.StdEncoding.EncodeToString(test.SamlResponse))
 	v.Set("RelayState", "ICIkJigqLC4wMjQ2ODo8PkBCREZISkxOUFJUVlhaXF5gYmRmaGpsbnBy")
 	req, _ := http.NewRequest("POST", "/saml2/acs", bytes.NewReader([]byte(v.Encode())))
 	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
@@ -489,7 +484,7 @@ func TestMiddlewareRejectsInvalidCookie(t *testing.T) {
 	}
 
 	v := &url.Values{}
-	v.Set("SAMLResponse", base64.StdEncoding.EncodeToString([]byte(test.SamlResponse)))
+	v.Set("SAMLResponse", base64.StdEncoding.EncodeToString(test.SamlResponse))
 	v.Set("RelayState", "KCosLjAyNDY4Ojw-QEJERkhKTE5QUlRWWFpcXmBiZGZoamxucHJ0dnh6")
 	req, _ := http.NewRequest("POST", "/saml2/acs", bytes.NewReader([]byte(v.Encode())))
 	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")

samlsp/samlsp_test.go

@@ -29,8 +29,8 @@ func mustParseURL(s string) url.URL {
 	return *rv
 }
 
-func mustParsePrivateKey(pemStr string) crypto.PrivateKey {
-	b, _ := pem.Decode([]byte(pemStr))
+func mustParsePrivateKey(pemStr []byte) crypto.PrivateKey {
+	b, _ := pem.Decode(pemStr)
 	if b == nil {
 		panic("cannot parse PEM")
 	}
@@ -41,8 +41,8 @@ func mustParsePrivateKey(pemStr string) crypto.PrivateKey {
 	return k
 }
 
-func mustParseCertificate(pemStr string) *x509.Certificate {
-	b, _ := pem.Decode([]byte(pemStr))
+func mustParseCertificate(pemStr []byte) *x509.Certificate {
+	b, _ := pem.Decode(pemStr)
 	if b == nil {
 		panic("cannot parse PEM")
 	}

samlsp/session_cookie_test.go

@@ -5,9 +5,10 @@ import (
 	"net/http/httptest"
 	"testing"
 
-	"github.com/crewjam/saml"
 	"gotest.tools/assert"
 	is "gotest.tools/assert/cmp"
+
+	"github.com/crewjam/saml"
 )
 
 func TestCookieSameSite(t *testing.T) {