buzzfeed · testwill · Jul 13, 2023
diff --git a/internal/auth/authenticator.go b/internal/auth/authenticator.go
@@ -236,7 +236,7 @@ func (p *Authenticator) authenticate(rw http.ResponseWriter, req *http.Request)
 	}
 
 	logger.WithRemoteAddress(remoteAddr).WithUser(session.Email).Info(
-		fmt.Sprintf("authentication: user passed validation"))
+		"authentication: user passed validation")
 
 	return session, nil
 }
@@ -600,7 +600,7 @@ func (p *Authenticator) getOAuthCallback(rw http.ResponseWriter, req *http.Reque
 		return "", HTTPError{Code: http.StatusForbidden, Message: errorMsg}
 	}
 	logger.WithRemoteAddress(remoteAddr).WithUser(session.Email).Info(
-		fmt.Sprintf("oauth callback: user passed validation"))
+		"oauth callback: user passed validation")
 
 	logger.WithRemoteAddress(remoteAddr).WithUser(session.Email).Info("authentication complete")
 	err = p.sessionStore.SaveSession(rw, req, session)
@@ -669,7 +669,7 @@ func (p *Authenticator) Redeem(rw http.ResponseWriter, req *http.Request) {
 		logger.WithUser(session.Email).WithRefreshDeadline(session.RefreshDeadline).WithLifetimeDeadline(session.LifetimeDeadline).Error("expired session")
 		p.sessionStore.ClearSession(rw, req)
 
-		http.Error(rw, fmt.Sprintf("expired session"), http.StatusUnauthorized)
+		http.Error(rw, "expired session", http.StatusUnauthorized)
 		return
 	}
 

diff --git a/internal/pkg/validators/email_address_validator.go b/internal/pkg/validators/email_address_validator.go
@@ -2,7 +2,6 @@ package validators
 
 import (
 	"errors"
-	"fmt"
 	"strings"
 
 	"github.com/buzzfeed/sso/internal/pkg/sessions"
@@ -32,7 +31,7 @@ func NewEmailAddressValidator(allowedEmails []string) EmailAddressValidator {
 	var emailAddresses []string
 
 	for _, email := range allowedEmails {
-		emailAddress := fmt.Sprintf("%s", strings.ToLower(email))
+		emailAddress := strings.ToLower(email)
 		emailAddresses = append(emailAddresses, emailAddress)
 	}
 

diff --git a/internal/proxy/oauthproxy.go b/internal/proxy/oauthproxy.go
@@ -496,7 +496,7 @@ func (p *OAuthProxy) OAuthCallback(rw http.ResponseWriter, req *http.Request) {
 	}
 
 	logger.WithRemoteAddress(remoteAddr).WithUser(session.Email).WithInGroups(session.Groups).Info(
-		fmt.Sprintf("oauth callback: user validated "))
+		"oauth callback: user validated ")
 
 	// We add the request host into the session to allow us to validate that each request has
 	// been authorized for the upstream it's requesting.
@@ -733,7 +733,7 @@ func (p *OAuthProxy) Authenticate(rw http.ResponseWriter, req *http.Request) (er
 	}
 
 	logger.WithRemoteAddress(remoteAddr).WithUser(session.Email).Info(
-		fmt.Sprintf("authentication: user validated"))
+		"authentication: user validated")
 
 	for key, val := range p.upstreamConfig.InjectRequestHeaders {
 		req.Header.Set(key, val)

diff --git a/internal/proxy/reverse_proxy_test.go b/internal/proxy/reverse_proxy_test.go
@@ -530,7 +530,7 @@ func TestTimeoutHandler(t *testing.T) {
 			},
 			globalTimeout:      time.Duration(100) * time.Millisecond,
 			ExpectedStatusCode: 503,
-			ExpectedBody:       fmt.Sprintf("service-test failed to respond within the 10ms timeout period"),
+			ExpectedBody:       "service-test failed to respond within the 10ms timeout period",
 		},
 		{
 			name: "times out using global write timeout",