From 467ac3e9e2bcb9c8448aa4538dbe8cc98134bb35 Mon Sep 17 00:00:00 2001
From: 0x0fbc <10455804+0x0fbc@users.noreply.github.com>
Date: Tue, 11 Jun 2024 13:35:53 -0400
Subject: [PATCH] Add fixes suggested by clippy

---
 src/api/core/two_factor/duo_oidc.rs | 24 ++++++++++++------------
 src/api/identity.rs                 |  4 ++--
 2 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/src/api/core/two_factor/duo_oidc.rs b/src/api/core/two_factor/duo_oidc.rs
index c62939b8..876207ae 100644
--- a/src/api/core/two_factor/duo_oidc.rs
+++ b/src/api/core/two_factor/duo_oidc.rs
@@ -143,14 +143,14 @@ impl DuoClient {
     }
 
     // Generate a client assertion for health checks and authorization code exchange.
-    fn new_client_assertion(&self, url: &String) -> ClientAssertion {
+    fn new_client_assertion(&self, url: &str) -> ClientAssertion {
         let now = Utc::now().timestamp();
         let jwt_id = crypto::get_random_string_alphanum(STATE_LENGTH);
 
         ClientAssertion {
             iss: self.client_id.clone(),
             sub: self.client_id.clone(),
-            aud: url.clone(),
+            aud: url.to_string(),
             exp: now + JWT_VALIDITY_SECS,
             jti: jwt_id,
             iat: now,
@@ -162,7 +162,7 @@ impl DuoClient {
         match jsonwebtoken::encode(
             &Header::new(JWT_SIGNATURE_ALG),
             &jwt_payload,
-            &EncodingKey::from_secret(&self.client_secret.as_bytes()),
+            &EncodingKey::from_secret(self.client_secret.as_bytes()),
         ) {
             Ok(token) => Ok(token),
             Err(e) => err!(format!("Error encoding Duo JWT: {e:?}")),
@@ -328,8 +328,8 @@ impl DuoClient {
             Err(e) => err!(format!("Failed to decode Duo token {e:?}")),
         };
 
-        let matching_nonces = crypto::ct_eq(&nonce, &token_data.claims.nonce);
-        let matching_usernames = crypto::ct_eq(&duo_username, &token_data.claims.preferred_username);
+        let matching_nonces = crypto::ct_eq(nonce, &token_data.claims.nonce);
+        let matching_usernames = crypto::ct_eq(duo_username, &token_data.claims.preferred_username);
 
         if !(matching_nonces && matching_usernames) {
             err!("Error validating Duo authorization, nonce or username mismatch.")
@@ -409,13 +409,13 @@ fn make_callback_url(client_name: &str) -> Result<String, Error> {
 // Returns the "AuthUrl" that should be returned to clients for MFA.
 pub async fn get_duo_auth_url(
     email: &str,
-    client_id: &String,
+    client_id: &str,
     device_identifier: &String,
     conn: &mut DbConn,
 ) -> Result<String, Error> {
     let (ik, sk, _, host) = get_duo_keys_email(email, conn).await?;
 
-    let callback_url = match make_callback_url(client_id.as_str()) {
+    let callback_url = match make_callback_url(client_id) {
         Ok(url) => url,
         Err(e) => return Err(e),
     };
@@ -447,8 +447,8 @@ pub async fn get_duo_auth_url(
 pub async fn validate_duo_login(
     email: &str,
     two_factor_token: &str,
-    client_id: &String,
-    device_identifier: &String,
+    client_id: &str,
+    device_identifier: &str,
     conn: &mut DbConn,
 ) -> EmptyResult {
     let email = &email.to_lowercase();
@@ -484,10 +484,10 @@ pub async fn validate_duo_login(
     };
 
     // Context validation steps
-    let matching_usernames = crypto::ct_eq(&email, &ctx.user_email);
+    let matching_usernames = crypto::ct_eq(email, &ctx.user_email);
 
     // Probably redundant, but we're double-checking them anyway.
-    let matching_states = crypto::ct_eq(&state, &ctx.state);
+    let matching_states = crypto::ct_eq(state, &ctx.state);
     let unexpired_context = ctx.exp > Utc::now().timestamp();
 
     if !(matching_usernames && matching_states && unexpired_context) {
@@ -499,7 +499,7 @@ pub async fn validate_duo_login(
         )
     }
 
-    let callback_url = match make_callback_url(client_id.as_str()) {
+    let callback_url = match make_callback_url(client_id) {
         Ok(url) => url,
         Err(e) => return Err(e),
     };
diff --git a/src/api/identity.rs b/src/api/identity.rs
index 1a10f5b2..85881b9d 100644
--- a/src/api/identity.rs
+++ b/src/api/identity.rs
@@ -503,7 +503,7 @@ async fn twofactor_auth(
     let twofactor_code = match data.two_factor_token {
         Some(ref code) => code,
         None => {
-            err_json!(_json_err_twofactor(&twofactor_ids, &user.uuid, &data, conn).await?, "2FA token not provided")
+            err_json!(_json_err_twofactor(&twofactor_ids, &user.uuid, data, conn).await?, "2FA token not provided")
         }
     };
 
@@ -550,7 +550,7 @@ async fn twofactor_auth(
                 }
                 _ => {
                     err_json!(
-                        _json_err_twofactor(&twofactor_ids, &user.uuid, &data, conn).await?,
+                        _json_err_twofactor(&twofactor_ids, &user.uuid, data, conn).await?,
                         "2FA Remember token not provided"
                     )
                 }