Skip to content

Commit bf35ebb

Browse files
committed
fix(apple): silence gosec G101 false positive on public issuer URL
1 parent 563ab54 commit bf35ebb

2 files changed

Lines changed: 2 additions & 2 deletions

File tree

provider/apple.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -553,7 +553,7 @@ func (ah AppleHandler) makeRedirURL(path string) string {
553553

554554
// appleIDTokenIssuer is the issuer Apple sets on every id_token issued by Sign in with Apple.
555555
// see https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_rest_api/verifying_a_user
556-
const appleIDTokenIssuer = "https://appleid.apple.com"
556+
const appleIDTokenIssuer = "https://appleid.apple.com" // #nosec G101 -- public Apple issuer URL, not a credential
557557

558558
// validateAppleIDClaims checks that the id_token claims have the expected Apple
559559
// issuer and that the audience matches the relying party's client ID. The signature

v2/provider/apple.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -558,7 +558,7 @@ func (ah AppleHandler) makeRedirURL(path string) string {
558558

559559
// appleIDTokenIssuer is the issuer Apple sets on every id_token issued by Sign in with Apple.
560560
// see https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_rest_api/verifying_a_user
561-
const appleIDTokenIssuer = "https://appleid.apple.com"
561+
const appleIDTokenIssuer = "https://appleid.apple.com" // #nosec G101 -- public Apple issuer URL, not a credential
562562

563563
// validateAppleIDClaims checks that the id_token claims have the expected Apple
564564
// issuer and that the audience matches the relying party's client ID. The signature

0 commit comments

Comments
 (0)