From 95ed0474ab8ea4d91a79a6851ccf12c32791a99a Mon Sep 17 00:00:00 2001
From: Elliot Smith <elliot.smith@justice.digital.gov.uk>
Date: Tue, 14 Nov 2023 12:46:56 +0000
Subject: [PATCH] Tabs, not spaces

---
 api-test/main.go          |  16 +++---
 lambda/shared/jwt.go      |  50 +++++++++----------
 lambda/shared/jwt_test.go | 100 +++++++++++++++++++-------------------
 3 files changed, 83 insertions(+), 83 deletions(-)

diff --git a/api-test/main.go b/api-test/main.go
index 91a41aad..5f248ceb 100644
--- a/api-test/main.go
+++ b/api-test/main.go
@@ -52,14 +52,14 @@ func main() {
 		secretKey := []byte(*jwtSecret)
 
 		claims := jwt.MapClaims{
-	        "exp": time.Now().Add(time.Hour * 24).Unix(),
-	        "iat": time.Now().Add(time.Hour * -24).Unix(),
-	        "iss": "opg.poas.sirius",
-	        "sub": "someone@someplace.somewhere.com",
-	    }
-
-	    token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
-    	tokenString, _ := token.SignedString(secretKey)
+			"exp": time.Now().Add(time.Hour * 24).Unix(),
+			"iat": time.Now().Add(time.Hour * -24).Unix(),
+			"iss": "opg.poas.sirius",
+			"sub": "someone@someplace.somewhere.com",
+		}
+
+		token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+		tokenString, _ := token.SignedString(secretKey)
 
 		req.Header.Add("X-Jwt-Authorization", fmt.Sprintf("Bearer: %s", tokenString))
 	}
diff --git a/lambda/shared/jwt.go b/lambda/shared/jwt.go
index 39450014..89dbfc10 100644
--- a/lambda/shared/jwt.go
+++ b/lambda/shared/jwt.go
@@ -63,19 +63,19 @@ func (l lpaStoreClaims) Validate() error {
 
 	if iss == sirius {
 		emailRegex := regexp.MustCompile("^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$")
-    	if !emailRegex.MatchString(sub) {
-    		return errors.New("Subject is not a valid email")
-    	}
-    }
-
-    if iss == mrlpa {
-    	uidRegex := regexp.MustCompile("^.+$")
-    	if !uidRegex.MatchString(sub) {
-    		return errors.New("Subject is not a valid UID")
-    	}
-    }
-
-    return nil
+		if !emailRegex.MatchString(sub) {
+			return errors.New("Subject is not a valid email")
+		}
+	}
+
+	if iss == mrlpa {
+		uidRegex := regexp.MustCompile("^.+$")
+		if !uidRegex.MatchString(sub) {
+			return errors.New("Subject is not a valid UID")
+		}
+	}
+
+	return nil
 }
 
 type JWTVerifier struct {
@@ -92,19 +92,19 @@ func NewJWTVerifier() JWTVerifier {
 func (v JWTVerifier) VerifyToken(tokenStr string) error {
 	lsc := lpaStoreClaims{}
 
- 	parsedToken, err := jwt.ParseWithClaims(tokenStr, &lsc, func(token *jwt.Token) (interface{}, error) {
+	parsedToken, err := jwt.ParseWithClaims(tokenStr, &lsc, func(token *jwt.Token) (interface{}, error) {
 		return v.secretKey, nil
-   	})
+	})
 
-    if err != nil {
-    	return err
-   	}
+	if err != nil {
+		return err
+	}
 
-   	if !parsedToken.Valid {
-        return fmt.Errorf("Invalid JWT")
-   	}
+	if !parsedToken.Valid {
+		return fmt.Errorf("Invalid JWT")
+	}
 
-   	return nil
+	return nil
 }
 
 var bearerRegexp = regexp.MustCompile("^Bearer:[ ]+")
@@ -113,10 +113,10 @@ var bearerRegexp = regexp.MustCompile("^Bearer:[ ]+")
 func (v JWTVerifier) VerifyHeader(event events.APIGatewayProxyRequest) error {
 	jwtHeaders := GetEventHeader("X-Jwt-Authorization", event)
 
-    if len(jwtHeaders) > 0 {
-    	tokenStr := bearerRegexp.ReplaceAllString(jwtHeaders[0], "")
+	if len(jwtHeaders) > 0 {
+		tokenStr := bearerRegexp.ReplaceAllString(jwtHeaders[0], "")
 		return v.VerifyToken(tokenStr)
-    }
+	}
 
 	return errors.New("No JWT authorization header present")
 }
diff --git a/lambda/shared/jwt_test.go b/lambda/shared/jwt_test.go
index 56c8ca87..a6fc4984 100644
--- a/lambda/shared/jwt_test.go
+++ b/lambda/shared/jwt_test.go
@@ -6,8 +6,8 @@ import (
 	"testing"
 	"time"
 
-    "github.com/aws/aws-lambda-go/events"
-    "github.com/golang-jwt/jwt/v5"
+	"github.com/aws/aws-lambda-go/events"
+	"github.com/golang-jwt/jwt/v5"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -18,11 +18,11 @@ var verifier = JWTVerifier{
 }
 
 func createToken(claims jwt.MapClaims) string {
-    token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
 
-    tokenString, _ := token.SignedString(secretKey)
+	tokenString, _ := token.SignedString(secretKey)
 
- 	return tokenString
+	return tokenString
 }
 
 func TestVerifyEmptyJwt(t *testing.T) {
@@ -32,11 +32,11 @@ func TestVerifyEmptyJwt(t *testing.T) {
 
 func TestVerifyExpInPast(t *testing.T) {
 	token := createToken(jwt.MapClaims{
-        "exp": time.Now().Add(time.Hour * -24).Unix(),
-        "iat": time.Now().Add(time.Hour * -24).Unix(),
-        "iss": "opg.poas.makeregister",
-        "sub": "M-3467-89QW-ERTY",
-    })
+		"exp": time.Now().Add(time.Hour * -24).Unix(),
+		"iat": time.Now().Add(time.Hour * -24).Unix(),
+		"iss": "opg.poas.makeregister",
+		"sub": "M-3467-89QW-ERTY",
+	})
 
 	err := verifier.VerifyToken(token)
 
@@ -48,11 +48,11 @@ func TestVerifyExpInPast(t *testing.T) {
 
 func TestVerifyIatInFuture(t *testing.T) {
 	token := createToken(jwt.MapClaims{
-        "exp": time.Now().Add(time.Hour * 24).Unix(),
-        "iat": time.Now().Add(time.Hour * 24).Unix(),
-        "iss": "opg.poas.sirius",
-        "sub": "someone@someplace.somewhere.com",
-    })
+		"exp": time.Now().Add(time.Hour * 24).Unix(),
+		"iat": time.Now().Add(time.Hour * 24).Unix(),
+		"iss": "opg.poas.sirius",
+		"sub": "someone@someplace.somewhere.com",
+	})
 
 	err := verifier.VerifyToken(token)
 
@@ -64,11 +64,11 @@ func TestVerifyIatInFuture(t *testing.T) {
 
 func TestVerifyIssuer(t *testing.T) {
 	token := createToken(jwt.MapClaims{
-        "exp": time.Now().Add(time.Hour * 24).Unix(),
-        "iat": time.Now().Add(time.Hour * -24).Unix(),
-        "iss": "daadsdaadsadsads",
-        "sub": "someone@someplace.somewhere.com",
-    })
+		"exp": time.Now().Add(time.Hour * 24).Unix(),
+		"iat": time.Now().Add(time.Hour * -24).Unix(),
+		"iss": "daadsdaadsadsads",
+		"sub": "someone@someplace.somewhere.com",
+	})
 
 	err := verifier.VerifyToken(token)
 
@@ -80,11 +80,11 @@ func TestVerifyIssuer(t *testing.T) {
 
 func TestVerifyBadEmailForSiriusIssuer(t *testing.T) {
 	token := createToken(jwt.MapClaims{
-        "exp": time.Now().Add(time.Hour * 24).Unix(),
-        "iat": time.Now().Add(time.Hour * -24).Unix(),
-        "iss": "opg.poas.sirius",
-        "sub": "",
-    })
+		"exp": time.Now().Add(time.Hour * 24).Unix(),
+		"iat": time.Now().Add(time.Hour * -24).Unix(),
+		"iss": "opg.poas.sirius",
+		"sub": "",
+	})
 
 	err := verifier.VerifyToken(token)
 
@@ -96,11 +96,11 @@ func TestVerifyBadEmailForSiriusIssuer(t *testing.T) {
 
 func TestVerifyBadUIDForMRLPAIssuer(t *testing.T) {
 	token := createToken(jwt.MapClaims{
-        "exp": time.Now().Add(time.Hour * 24).Unix(),
-        "iat": time.Now().Add(time.Hour * -24).Unix(),
-        "iss": "opg.poas.makeregister",
-        "sub": "",
-    })
+		"exp": time.Now().Add(time.Hour * 24).Unix(),
+		"iat": time.Now().Add(time.Hour * -24).Unix(),
+		"iss": "opg.poas.makeregister",
+		"sub": "",
+	})
 
 	err := verifier.VerifyToken(token)
 
@@ -112,29 +112,29 @@ func TestVerifyBadUIDForMRLPAIssuer(t *testing.T) {
 
 func TestVerifyGoodJwt(t *testing.T) {
 	token := createToken(jwt.MapClaims{
-        "exp": time.Now().Add(time.Hour * 24).Unix(),
-        "iat": time.Now().Add(time.Hour * -24).Unix(),
-        "iss": "opg.poas.sirius",
-        "sub": "someone@someplace.somewhere.com",
-    })
+		"exp": time.Now().Add(time.Hour * 24).Unix(),
+		"iat": time.Now().Add(time.Hour * -24).Unix(),
+		"iss": "opg.poas.sirius",
+		"sub": "someone@someplace.somewhere.com",
+	})
 
-    err := verifier.VerifyToken(token)
+	err := verifier.VerifyToken(token)
 	assert.Nil(t, err)
 }
 
 func TestNewJWTVerifier(t *testing.T) {
 	token := createToken(jwt.MapClaims{
-        "exp": time.Now().Add(time.Hour * 24).Unix(),
-        "iat": time.Now().Add(time.Hour * -24).Unix(),
-        "iss": "opg.poas.sirius",
-        "sub": "someone@someplace.somewhere.com",
-    })
+		"exp": time.Now().Add(time.Hour * 24).Unix(),
+		"iat": time.Now().Add(time.Hour * -24).Unix(),
+		"iss": "opg.poas.sirius",
+		"sub": "someone@someplace.somewhere.com",
+	})
 
-    os.Setenv("JWT_SECRET_KEY", string(secretKey))
-    newVerifier := NewJWTVerifier()
-    os.Unsetenv("JWT_SECRET_KEY")
+	os.Setenv("JWT_SECRET_KEY", string(secretKey))
+	newVerifier := NewJWTVerifier()
+	os.Unsetenv("JWT_SECRET_KEY")
 
-    err := newVerifier.VerifyToken(token)
+	err := newVerifier.VerifyToken(token)
 	assert.Nil(t, err)
 }
 
@@ -152,11 +152,11 @@ func TestVerifyHeaderNoJWTHeader(t *testing.T) {
 
 func TestVerifyHeader(t *testing.T) {
 	token := createToken(jwt.MapClaims{
-        "exp": time.Now().Add(time.Hour * 24).Unix(),
-        "iat": time.Now().Add(time.Hour * -24).Unix(),
-        "iss": "opg.poas.sirius",
-        "sub": "someone@someplace.somewhere.com",
-    })
+		"exp": time.Now().Add(time.Hour * 24).Unix(),
+		"iat": time.Now().Add(time.Hour * -24).Unix(),
+		"iss": "opg.poas.sirius",
+		"sub": "someone@someplace.somewhere.com",
+	})
 
 	event := events.APIGatewayProxyRequest{
 		MultiValueHeaders: map[string][]string{