Skip to content

Commit

Permalink
ensure errors are checked (#12989) (#13471)
Browse files Browse the repository at this point in the history
Co-authored-by: John-Michael Faircloth <[email protected]>
  • Loading branch information
tvoran and fairclothjm authored Dec 18, 2021
1 parent b3091af commit f4c6d87
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 4 deletions.
1 change: 1 addition & 0 deletions command/agent/cache/lease_cache_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -972,6 +972,7 @@ func TestLeaseCache_PersistAndRestore_WithManyDependencies(t *testing.T) {
var processed int

leases, err := boltStorage.GetByType(context.Background(), cacheboltdb.LeaseType)
require.NoError(t, err)
for _, lease := range leases {
index, err := cachememdb.Deserialize(lease)
require.NoError(t, err)
Expand Down
9 changes: 5 additions & 4 deletions sdk/helper/ldaputil/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,6 @@ func (c *Client) DialLDAP(cfg *ConfigEntry) (Connection, error) {
* user's attributes (if found)
*/
func (c *Client) makeLdapSearchRequest(cfg *ConfigEntry, conn Connection, username string) (*ldap.SearchResult, error) {

// Note: The logic below drives the logic in ConfigEntry.Validate().
// If updated, please update there as well.
var err error
Expand All @@ -113,6 +112,9 @@ func (c *Client) makeLdapSearchRequest(cfg *ConfigEntry, conn Connection, userna
}

renderedFilter, err := c.RenderUserSearchFilter(cfg, username)
if err != nil {
return nil, err
}

if c.Logger.IsDebug() {
c.Logger.Debug("discovering user", "userdn", cfg.UserDN, "filter", renderedFilter)
Expand All @@ -121,14 +123,13 @@ func (c *Client) makeLdapSearchRequest(cfg *ConfigEntry, conn Connection, userna
BaseDN: cfg.UserDN,
Scope: ldap.ScopeWholeSubtree,
Filter: renderedFilter,
SizeLimit: 2, //Should be only 1 result. Any number larger (2 or more) means access denied.
SizeLimit: 2, // Should be only 1 result. Any number larger (2 or more) means access denied.
Attributes: []string{
cfg.UserAttr, //Return only needed attributes
cfg.UserAttr, // Return only needed attributes
},
}

result, err := conn.Search(ldapRequest)

if err != nil {
return nil, err
}
Expand Down
1 change: 1 addition & 0 deletions vault/external_tests/identity/oidc_provider_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -290,6 +290,7 @@ func TestOIDC_Auth_Code_Flow_CAP_Client(t *testing.T) {
_, err = client.Logical().Write("identity/oidc/provider/test-provider", map[string]interface{}{
"allowed_client_ids": []string{clientID},
})
require.NoError(t, err)

// Create the client-side OIDC request state
oidcRequest, err := oidc.NewRequest(10*time.Minute, testRedirectURI, tt.args.options...)
Expand Down

0 comments on commit f4c6d87

Please sign in to comment.