style: Upgrade linter

Makefile

@@ -139,7 +139,7 @@ ifndef HAS_GOLANGCI_LINT
 ifndef HAS_CURL
 	$(error You must install curl)
 endif
-	curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(shell go env GOPATH)/bin v1.27.0
+	curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(shell go env GOPATH)/bin v1.31.0
 endif
 ifndef HAS_GIT
 	$(error You must install Git)

pkg/s3-proxy/authx/authentication/basic-auth.go

@@ -12,7 +12,6 @@ import (
 	"golang.org/x/net/context"
 )
 
-// nolint:whitespace
 func (s *service) basicAuthMiddleware(res *config.Resource) func(http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
@@ -36,6 +35,7 @@ func (s *service) basicAuthMiddleware(res *config.Resource) func(http.Handler) h
 				} else {
 					brctx.HandleUnauthorized(path)
 				}
+
 				return
 			}
 
@@ -53,6 +53,7 @@ func (s *service) basicAuthMiddleware(res *config.Resource) func(http.Handler) h
 				} else {
 					brctx.HandleUnauthorized(path)
 				}
+
 				return
 			}
 
@@ -66,6 +67,7 @@ func (s *service) basicAuthMiddleware(res *config.Resource) func(http.Handler) h
 				} else {
 					brctx.HandleUnauthorized(path)
 				}
+
 				return
 			}
 

pkg/s3-proxy/authx/authentication/main.go

@@ -25,7 +25,7 @@ type service struct {
 	metricsCl    metrics.Client
 }
 
-// Middleware will redirect authentication to basic auth or OIDC depending on request path and resources declared
+// Middleware will redirect authentication to basic auth or OIDC depending on request path and resources declared.
 func (s *service) Middleware(resources []*config.Resource) func(http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
@@ -36,6 +36,7 @@ func (s *service) Middleware(resources []*config.Resource) func(http.Handler) ht
 				// In this case, continue without authentication
 				logEntry.Info("no resource declared => skip authentication")
 				next.ServeHTTP(w, r)
+
 				return
 			}
 
@@ -55,6 +56,7 @@ func (s *service) Middleware(resources []*config.Resource) func(http.Handler) ht
 				} else {
 					brctx.HandleInternalServerError(err, requestURI)
 				}
+
 				return
 			}
 
@@ -69,6 +71,7 @@ func (s *service) Middleware(resources []*config.Resource) func(http.Handler) ht
 				} else {
 					brctx.HandleForbidden(requestURI)
 				}
+
 				return
 			}
 
@@ -83,20 +86,23 @@ func (s *service) Middleware(resources []*config.Resource) func(http.Handler) ht
 			if res.OIDC != nil {
 				logEntry.Debug("authentication with oidc detected")
 				s.oidcAuthorizationMiddleware(res)(next).ServeHTTP(w, r)
+
 				return
 			}
 
 			// Check if Basic auth is enabled
 			if res.Basic != nil {
 				logEntry.Debug("authentication with basic auth detected")
 				s.basicAuthMiddleware(res)(next).ServeHTTP(w, r)
+
 				return
 			}
 
 			// Last case must be whitelist
 			if *res.WhiteList {
 				logEntry.Debug("authentication skipped because resource is whitelisted")
 				next.ServeHTTP(w, r)
+
 				return
 			}
 
@@ -113,15 +119,17 @@ func (s *service) Middleware(resources []*config.Resource) func(http.Handler) ht
 	}
 }
 
-// GetAuthenticatedUser will get authenticated user in context
+// GetAuthenticatedUser will get authenticated user in context.
 func GetAuthenticatedUser(req *http.Request) models.GenericUser {
 	res, _ := req.Context().Value(userContextKey).(models.GenericUser)
+
 	return res
 }
 
-// GetRequestResource will get request resource in context
+// GetRequestResource will get request resource in context.
 func GetRequestResource(req *http.Request) *config.Resource {
 	res, _ := req.Context().Value(resourceContextKey).(*config.Resource)
+
 	return res
 }
 

pkg/s3-proxy/authx/authentication/oidc.go

@@ -23,7 +23,7 @@ import (
 const redirectQueryKey = "rd"
 const stateRedirectSeparator = ":"
 
-// OIDCEndpoints will set OpenID Connect endpoints for authentication and callback
+// OIDCEndpoints will set OpenID Connect endpoints for authentication and callback.
 func (s *service) OIDCEndpoints(providerKey string, oidcCfg *config.OIDCAuthConfig, mux chi.Router) error {
 	ctx := context.Background()
 
@@ -89,6 +89,7 @@ func (s *service) OIDCEndpoints(providerKey string, oidcCfg *config.OIDCAuthConf
 			err := errors.New("state not found in request")
 			logEntry.Error(err)
 			utils.HandleBadRequest(logEntry, w, s.cfg.Templates, oidcCfg.CallbackPath, err)
+
 			return
 		}
 
@@ -98,7 +99,7 @@ func (s *service) OIDCEndpoints(providerKey string, oidcCfg *config.OIDCAuthConf
 		reqState := split[0]
 		rdVal := ""
 		// Check if length is ok to include a redirect url
-		if len(split) == 2 {
+		if len(split) == 2 { // nolint: gomnd // No constant for that
 			rdVal = split[1]
 		}
 
@@ -107,6 +108,7 @@ func (s *service) OIDCEndpoints(providerKey string, oidcCfg *config.OIDCAuthConf
 			err := errors.New("state did not match")
 			logEntry.Error(err)
 			utils.HandleBadRequest(logEntry, w, s.cfg.Templates, oidcCfg.CallbackPath, err)
+
 			return
 		}
 
@@ -115,6 +117,7 @@ func (s *service) OIDCEndpoints(providerKey string, oidcCfg *config.OIDCAuthConf
 			err := errors.New("redirect url is invalid")
 			logEntry.Error(err)
 			utils.HandleBadRequest(logEntry, w, s.cfg.Templates, oidcCfg.CallbackPath, err)
+
 			return
 		}
 
@@ -123,6 +126,7 @@ func (s *service) OIDCEndpoints(providerKey string, oidcCfg *config.OIDCAuthConf
 			err = errors.New("failed to exchange token: " + err.Error())
 			logEntry.Error(err)
 			utils.HandleInternalServerError(logEntry, w, s.cfg.Templates, oidcCfg.CallbackPath, err)
+
 			return
 		}
 
@@ -131,6 +135,7 @@ func (s *service) OIDCEndpoints(providerKey string, oidcCfg *config.OIDCAuthConf
 			err = errors.New("no id_token field in token")
 			logEntry.Error(err)
 			utils.HandleInternalServerError(logEntry, w, s.cfg.Templates, oidcCfg.CallbackPath, err)
+
 			return
 		}
 
@@ -139,6 +144,7 @@ func (s *service) OIDCEndpoints(providerKey string, oidcCfg *config.OIDCAuthConf
 			err = errors.New("failed to verify ID Token: " + err.Error())
 			logEntry.Error(err)
 			utils.HandleInternalServerError(logEntry, w, s.cfg.Templates, oidcCfg.CallbackPath, err)
+
 			return
 		}
 
@@ -149,6 +155,7 @@ func (s *service) OIDCEndpoints(providerKey string, oidcCfg *config.OIDCAuthConf
 		if err != nil {
 			logEntry.Error(err)
 			utils.HandleInternalServerError(logEntry, w, s.cfg.Templates, oidcCfg.CallbackPath, err)
+
 			return
 		}
 		// Now, we know that we can open jwt token to get claims
@@ -176,7 +183,6 @@ func (s *service) OIDCEndpoints(providerKey string, oidcCfg *config.OIDCAuthConf
 	return nil
 }
 
-// nolint:whitespace
 func (s *service) oidcAuthorizationMiddleware(res *config.Resource) func(http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
@@ -199,6 +205,7 @@ func (s *service) oidcAuthorizationMiddleware(res *config.Resource) func(http.Ha
 				} else {
 					brctx.HandleInternalServerError(err, path)
 				}
+
 				return
 			}
 			// Check if JWT content is empty or not
@@ -219,6 +226,7 @@ func (s *service) oidcAuthorizationMiddleware(res *config.Resource) func(http.Ha
 				}
 				// Redirect
 				http.Redirect(w, r, rdURI, http.StatusTemporaryRedirect)
+
 				return
 			}
 
@@ -232,6 +240,7 @@ func (s *service) oidcAuthorizationMiddleware(res *config.Resource) func(http.Ha
 				} else {
 					brctx.HandleInternalServerError(err, path)
 				}
+
 				return
 			}
 
@@ -259,6 +268,7 @@ func (s *service) oidcAuthorizationMiddleware(res *config.Resource) func(http.Ha
 						} else {
 							brctx.HandleForbidden(path)
 						}
+
 						return
 					}
 					// Update email verified in user
@@ -370,7 +380,7 @@ func getJWTToken(logEntry log.Logger, r *http.Request, cookieName string) (strin
 	return "", nil
 }
 
-// IsValidRedirect checks whether the redirect URL is whitelisted
+// IsValidRedirect checks whether the redirect URL is whitelisted.
 func isValidRedirect(redirect string) bool {
 	return strings.HasPrefix(redirect, "http://") || strings.HasPrefix(redirect, "https://")
 }

pkg/s3-proxy/authx/authorization/main.go

@@ -27,6 +27,7 @@ func Middleware(cfg *config.Config, metricsCl metrics.Client) func(http.Handler)
 				// In this case, authentication is skipped, need to skip authorization too
 				logger.Debug("no resource found in authorization, means that authentication was skipped => skip authorization too")
 				next.ServeHTTP(w, r)
+
 				return
 			}
 
@@ -35,6 +36,7 @@ func Middleware(cfg *config.Config, metricsCl metrics.Client) func(http.Handler)
 				// Resource is whitelisted
 				logger.Debug("authorization skipped because resource is whitelisted")
 				next.ServeHTTP(w, r)
+
 				return
 			}
 
@@ -50,6 +52,7 @@ func Middleware(cfg *config.Config, metricsCl metrics.Client) func(http.Handler)
 				logger.Infof("Basic auth user %s authorized", buser.GetIdentifier())
 				metricsCl.IncAuthorized("basic-auth")
 				next.ServeHTTP(w, r)
+
 				return
 			}
 
@@ -82,6 +85,7 @@ func Middleware(cfg *config.Config, metricsCl metrics.Client) func(http.Handler)
 						} else {
 							brctx.HandleInternalServerError(err, requestURI)
 						}
+
 						return
 					}
 				} else {
@@ -98,6 +102,7 @@ func Middleware(cfg *config.Config, metricsCl metrics.Client) func(http.Handler)
 					} else {
 						brctx.HandleForbidden(requestURI)
 					}
+
 					return
 				}
 
@@ -106,6 +111,7 @@ func Middleware(cfg *config.Config, metricsCl metrics.Client) func(http.Handler)
 				logger.Infof("OIDC user %s authorized", ouser.GetIdentifier())
 				metricsCl.IncAuthorized(authorizationProvider)
 				next.ServeHTTP(w, r)
+
 				return
 			}
 

pkg/s3-proxy/authx/models/generic-user.go

@@ -1,6 +1,6 @@
 package models
 
-// Generic user interface used to know specific type of user
+// Generic user interface used to know specific type of user.
 type GenericUser interface {
 	// Get type of user
 	GetType() string

pkg/s3-proxy/bucket/client.go

@@ -11,7 +11,7 @@ import (
 	"github.com/oxyno-zeta/s3-proxy/pkg/s3-proxy/tracing"
 )
 
-// Client represents a client in order to GET, PUT or DELETE file on a bucket with a html output
+// Client represents a client in order to GET, PUT or DELETE file on a bucket with a html output.
 type Client interface {
 	// Get allow to GET what's inside a request path
 	Get(requestPath string)
@@ -31,7 +31,7 @@ type Client interface {
 	HandleUnauthorized(requestPath string)
 }
 
-// PutInput represents Put input
+// PutInput represents Put input.
 type PutInput struct {
 	RequestPath string
 	Filename    string
@@ -40,17 +40,16 @@ type PutInput struct {
 	ContentSize int64
 }
 
-// ErrorHandlers error handlers
+// ErrorHandlers error handlers.
 type ErrorHandlers struct {
-	HandleNotFoundWithTemplate            func(logger log.Logger, rw http.ResponseWriter, tplCfg *config.TemplateConfig, tplString string, requestPath string)            //nolint: lll
-	HandleForbiddenWithTemplate           func(logger log.Logger, rw http.ResponseWriter, tplCfg *config.TemplateConfig, tplString string, requestPath string)            //nolint: lll
-	HandleUnauthorizedWithTemplate        func(logger log.Logger, rw http.ResponseWriter, tplCfg *config.TemplateConfig, tplString string, requestPath string)            //nolint: lll
-	HandleBadRequestWithTemplate          func(logger log.Logger, rw http.ResponseWriter, tplCfg *config.TemplateConfig, tplString string, requestPath string, err error) //nolint: lll
-	HandleInternalServerErrorWithTemplate func(logger log.Logger, rw http.ResponseWriter, tplCfg *config.TemplateConfig, tplString string, requestPath string, err error) //nolint: lll
+	HandleNotFoundWithTemplate            func(logger log.Logger, rw http.ResponseWriter, tplCfg *config.TemplateConfig, tplString string, requestPath string)            //nolint: lll // It is long
+	HandleForbiddenWithTemplate           func(logger log.Logger, rw http.ResponseWriter, tplCfg *config.TemplateConfig, tplString string, requestPath string)            //nolint: lll // It is long
+	HandleUnauthorizedWithTemplate        func(logger log.Logger, rw http.ResponseWriter, tplCfg *config.TemplateConfig, tplString string, requestPath string)            //nolint: lll // It is long
+	HandleBadRequestWithTemplate          func(logger log.Logger, rw http.ResponseWriter, tplCfg *config.TemplateConfig, tplString string, requestPath string, err error) //nolint: lll // It is long
+	HandleInternalServerErrorWithTemplate func(logger log.Logger, rw http.ResponseWriter, tplCfg *config.TemplateConfig, tplString string, requestPath string, err error) //nolint: lll // It is long
 }
 
-// NewClient will generate a new client to do GET,PUT or DELETE actions
-// nolint:whitespace
+// NewClient will generate a new client to do GET,PUT or DELETE actions.
 func NewClient(
 	tgt *config.TargetConfig, tplConfig *config.TemplateConfig, logger log.Logger,
 	mountPath string, httpRW http.ResponseWriter, httpReq *http.Request,