func VisasToOldClaims()

in lib/ga4gh/identity.go [177:242]

• 59 lines of code
• 12 McCabe index (conditional complexity)

func VisasToOldClaims(ctx context.Context, visas []VisaJWT, f JWTVerifier) (map[string][]OldClaim, []*RejectedVisa, error) {
	out := make(map[string][]OldClaim)
	var rejected []*RejectedVisa
	for i, j := range visas {
		// Skip this visa on validation errors such that a bad visa doesn't spoil the bunch.
		// But do return errors if the visas are not compatible with the old claim format.
		v, err := NewVisaFromJWT(VisaJWT(j))
		if err != nil {
			rejected = append(rejected, NewRejectedVisa(nil, UnspecifiedVisaFormat, "invalid_visa", "", fmt.Sprintf("cannot unpack visa %d", i)))
			continue
		}

		d := v.Data()
		if len(d.Issuer) == 0 {
			rejected = append(rejected, NewRejectedVisa(d, v.Format(), "iss_missing", "iss", "empty 'iss' field"))
			continue
		}

		if reject := checkViaJKU(v); reject != nil {
			rejected = append(rejected, reject)
			continue
		}

		if f != nil {
			if err := f(ctx, string(j), v.Data().Issuer, v.JKU()); err != nil {
				reason := errutil.ErrorReason(err)
				if len(reason) == 0 {
					reason = "verify_failed"
				}
				rejected = append(rejected, NewRejectedVisa(d, v.Format(), reason, "", err.Error()))
				continue
			}
		}

		var cond map[string]OldClaimCondition
		if len(d.Assertion.Conditions) > 0 {
			// Conditions on visas are not supported in non-experimental mode.
			if !globalflags.Experimental {
				rejected = append(rejected, NewRejectedVisa(d, v.Format(), "condition_not_supported", "visa.condition", "visa conditions not supported"))
				continue
			}
			cond, err = toOldClaimConditions(d.Assertion.Conditions)
			if err != nil {
				rejected = append(rejected, NewRejectedVisa(d, v.Format(), "condition_not_supported", "visa.condition", err.Error()))
				continue
			}
		}
		typ := string(d.Assertion.Type)
		values := splitVisaValues(d.Assertion.Value, d.Assertion.Type)
		for _, value := range values {
			c := OldClaim{
				Value:       value,
				Source:      string(d.Assertion.Source),
				Asserted:    float64(d.Assertion.Asserted),
				Expires:     float64(d.ExpiresAt),
				By:          string(d.Assertion.By),
				Issuer:      d.Issuer,
				VisaData:    d,
				TokenFormat: v.Format(),
				Condition:   cond,
			}
			out[typ] = append(out[typ], c)
		}
	}
	return out, rejected, nil
}