go-pkgz / auth

85%

LAST BUILD ON BRANCH master

branch: master

CHANGE BRANCH

x

Reset

• master
• allowed-provider-check
• apple-reponse-mode-fix
• aud-secrets
• ava-factory
• chore/go-fix
• configurable-microsoft-tenant
• cookie-domain
• custom-dev-host
• custom-dev-port
• dependabot/go_modules/_example/github.com/go-chi/chi/v5-5.2.2
• dependabot/go_modules/_example/golang.org/x/crypto-0.17.0
• dependabot/go_modules/_example/golang.org/x/image-0.38.0
• dependabot/go_modules/_example/golang.org/x/image-0.5.0
• dependabot/go_modules/_example/golang.org/x/net-0.17.0
• dependabot/go_modules/_example/golang.org/x/net-0.7.0
• dependabot/go_modules/golang.org/x/crypto-0.31.0
• dependabot/go_modules/golang.org/x/image-0.38.0
• dependabot/go_modules/v2/github.com/golang-jwt/jwt/v5-5.2.2
• dependabot/go_modules/v2/golang.org/x/crypto-0.31.0
• dependabot/go_modules/v2/golang.org/x/crypto-0.45.0
• dependabot/go_modules/v2/golang.org/x/net-0.33.0
• dependabot/go_modules/v2/golang.org/x/net-0.36.0
• direct-custom-id
• dverhoturov/telegram_fix
• email-sender
• feat/csrf-middleware
• feature/custom-error-handler
• fix-anon
• fix-content-type-header
• fix-oauth-from-open-redirect
• fix-oauth-sendjwtheader
• fix-providers-names
• fix/admin-passwd-log-leak
• fix/apple-id-token-iss-aud
• fix/apple-log-redact-token-response
• fix/dev-custom-bind-localhost
• fix/email-sender-redact-body
• fix/panic-save-ava-nil
• fix/telegram-redact-bot-token-in-avatar-url
• fix/v1-from-redirect-validator
• fix/verify-replay
• fix/verify-replay-typed-nil-followup
• followups/security-review
• go1_20
• jwt-header
• microsoft
• migrate-example-to-routegroup
• no-ava
• official-mongo-drvier
• paskal/HttpOnly
• paskal/add_common_processor
• paskal/avatar_return_proper_content_type
• paskal/bump_ci_go_version
• paskal/bump_dep
• paskal/bump_go_modules
• paskal/bump_modules
• paskal/double_close
• paskal/email_module
• paskal/facelift
• paskal/fix_actions_test
• paskal/fix_apple_key_panic
• paskal/fix_custom_server
• paskal/fix_error
• paskal/fix_golangcilint
• paskal/fix_lint_report
• paskal/fix_send_jwt_header
• paskal/google_auth_doc
• paskal/improve_telegram
• paskal/modules_bump
• paskal/mongodb
• paskal/moq
• paskal/new_errors
• paskal/plain_text
• paskal/switch_to_v2
• paskal/sync_v2
• paskal/telegram_site_id
• paskal/tg_username
• paskal/token_generation_instructions
• paskal/update-dependencies
• paskal/update-modules
• paskal/update_modules
• paskal/update_pkcs8
• paskal/v2
• paskal/v2_golangcilint
• paskal/v2_jwt5
• rbac
• refs/tags/v0.10.0
• refs/tags/v0.10.1
• refs/tags/v0.10.2
• refs/tags/v0.11.0
• refs/tags/v0.12.0
• refs/tags/v0.12.1
• refs/tags/v1.13.0
• refs/tags/v1.13.1
• refs/tags/v1.14.0
• refs/tags/v1.15.0
• refs/tags/v1.16.0
• refs/tags/v1.17.0
• refs/tags/v1.18.0
• refs/tags/v1.19.0
• refs/tags/v1.19.1
• refs/tags/v1.20.0
• refs/tags/v1.21.0
• refs/tags/v1.22.0
• refs/tags/v1.22.1
• refs/tags/v1.23.0
• refs/tags/v1.24.0
• refs/tags/v1.24.1
• refs/tags/v1.24.2
• refs/tags/v1.25.1
• refs/tags/v1.25.2
• refs/tags/v1.25.3
• refs/tags/v1.5.1
• refs/tags/v2.0.0
• refs/tags/v2.1.0
• refs/tags/v2.1.1
• refs/tags/v2.1.2
• refs/tags/v2.1.3
• remove-bluemonday
• samesite
• sanitize-verifyed
• update-dependencies-2026-04
• update-dependencies-dec2024
• update-deps-and-golangci-v2
• upgrade-repeater-v2
• v0.8.0
• v0.8.1
• v0.8.2
• v0.8.3
• v0.9.0
• verify-avatar

Build # 25620289937

Build Type

push

github

Committed by umputun

Commit Message

fix(verify): close service-level typed-nil store + adapter-author guidance

Followups to #281 (verify replay protection) raised on the post-merge
review. None blocking, all small.

1. Service-level typed-nil VerifConfirmationStoreFunc guard. The
   handler-level guard added in round 2 normalizes a typed-nil func to
   nil, but the AddVerifProvider check at auth.go was still a plain
   `s.opts.VerifConfirmationStore != nil` test. A typed-nil
   VerifConfirmationStoreFunc is a non-nil interface wrapping a nil
   func, so it survived that check, the in-memory default was skipped,
   and at redemption the handler's typed-nil guard normalized it to
   nil — net result: a user who wrote
   `Opts{VerifConfirmationStore: VerifConfirmationStoreFunc(nil)}`
   got neither their func nor the default, and replay protection was
   silently disabled for that exact configuration.

   Same shape as the *avatar.Proxy typed-nil case fixed in #286 with a
   different consequence (silent loss of protection vs panic). Apply
   the same shape of guard one layer up. New regression test
   TestService_AddVerifProvider_TypedNilStoreFuncFallsBackToDefault in
   both v1 and v2.

2. gofmt -w on auth.go / v2/auth.go. The verifConfirmStoreO ->
   verifConfirmStoreOnce rename in #281 made the field longer than the
   surrounding column alignment. Cosmetic; CI doesn't enforce gofmt
   but a noisy IDE-on-save diff for the next contributor.

3. scrubTokenFromRequest unit test (TestScrubTokenFromRequest) in both
   v1 and v2 — covers the defensive early-return that coveralls flagged
   as uncovered after #281 (token-missing returns r unchanged, nil r
   returns nil, token-present returns redacted clone with other query
   params preserved).

4. Adapter-author guidance on VerifConfirmationStore.MarkUsed godoc:
   tells external Redis/DB adapter authors not to embed the supplied
   key in returned errors, since the handler logs err on the
   fail-closed branch and the key is the SHA-256 o... (continued)

Coverage Stats

10 of 10 new or added lines in 1 file covered. (100.0%)

2988 of 3502 relevant lines covered (85.32%)

8.18 hits per line