ory · ktsu2i · Oct 15, 2025
@@ -13,7 +13,7 @@ import (
 // ciphertext is returned base64url-encoded.
 type Cipher interface {
 	// Encrypt encrypts and encodes the given plaintext, optionally using
-	// additiona data.
+	// additional data.
 	Encrypt(ctx context.Context, plaintext, additionalData []byte) (ciphertext string, err error)
 
 	// Decrypt decodes, decrypts, and verifies the plaintext and additional data

@@ -115,7 +115,7 @@ type Client struct {
 	// OAuth 2.0 Client Allowed CORS Origins
 	//
 	// One or more URLs (scheme://host[:port]) which are allowed to make CORS requests
-	// to the /oauth/token endpoint. If this array is empty, the sever's CORS origin configuration (`CORS_ALLOWED_ORIGINS`)
+	// to the /oauth/token endpoint. If this array is empty, the server's CORS origin configuration (`CORS_ALLOWED_ORIGINS`)
 	// will be used instead. If this array is set, the allowed origins are appended to the server's CORS origin configuration.
 	// Be aware that environment variable `CORS_ENABLED` MUST be set to `true` for this to work.
 	AllowedCORSOrigins sqlxx.StringSliceJSONFormat `json:"allowed_cors_origins" db:"allowed_cors_origins"`

@@ -362,22 +362,22 @@ func TestLogoutFlows(t *testing.T) {
 			expectedErrMessage string
 		}{
 			{
-				d: "should fail rp-inititated flow because id token hint is missing issuer",
+				d: "should fail rp-initiated flow because id token hint is missing issuer",
 				claims: jwtgo.MapClaims{
 					"iat": time.Now().Add(-time.Hour * 2).Unix(),
 				},
 				expectedErrMessage: "Logout failed because issuer claim value &#39;&#39; from query parameter id_token_hint does not match with issuer value from configuration",
 			},
 			{
-				d: "should fail rp-inititated flow because id token hint is using wrong issuer",
+				d: "should fail rp-initiated flow because id token hint is using wrong issuer",
 				claims: jwtgo.MapClaims{
 					"iss": "some-issuer",
 					"iat": time.Now().Add(-time.Hour * 2).Unix(),
 				},
 				expectedErrMessage: "Logout failed because issuer claim value &#39;some-issuer&#39; from query parameter id_token_hint does not match with issuer value from configuration",
 			},
 			{
-				d: "should fail rp-inititated flow because iat is in the future",
+				d: "should fail rp-initiated flow because iat is in the future",
 				claims: jwtgo.MapClaims{
 					"iss": reg.Config().IssuerURL(ctx).String(),
 					"iat": time.Now().Add(time.Hour * 2).Unix(),
@@ -465,21 +465,21 @@ func TestLogoutFlows(t *testing.T) {
 		}
 
 		t.Run("case=should pass even if expiry is in the past", func(t *testing.T) {
-			// formerly: should pass rp-inititated even when expiry is in the past
+			// formerly: should pass rp-initiated even when expiry is in the past
 			claims := jwtgo.MapClaims{"exp": time.Now().Add(-time.Hour).Unix()}
 			t.Run("method=GET", run("GET", claims))
 			t.Run("method=POST", run("POST", claims))
 		})
 
 		t.Run("case=should pass even if audience is an array not a string", func(t *testing.T) {
-			// formerly: should pass rp-inititated flow"
+			// formerly: should pass rp-initiated flow"
 			claims := jwtgo.MapClaims{"aud": []string{c.GetID()}}
 			t.Run("method=GET", run("GET", claims))
 			t.Run("method=POST", run("POST", claims))
 		})
 	})
 
-	t.Run("case=should pass rp-inititated flow without any action because SID is unknown", func(t *testing.T) {
+	t.Run("case=should pass rp-initiated flow without any action because SID is unknown", func(t *testing.T) {
 		c := createSampleClient(t)
 		acceptLoginAs(t, subject)
 

@@ -397,7 +397,7 @@ paths:
       - jwk
     post:
       description: |-
-        This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys (RS256, ECDSA). If the specified JSON Web Key Set does not exist, it will be created.
+        This endpoint is capable of generating JSON Web Key Sets for you. There are different strategies available, such as symmetric cryptographic keys (HS256, HS512) and asymmetric cryptographic keys (RS256, ECDSA). If the specified JSON Web Key Set does not exist, it will be created.
 
         A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well.
       operationId: createJsonWebKeySet
@@ -2371,7 +2371,7 @@ components:
           type: array
         client_id:
           description: |-
-            ID is aclient identifier for the OAuth 2.0 client that
+            ID is a client identifier for the OAuth 2.0 client that
             requested this token.
           type: string
         exp:

@@ -6,7 +6,7 @@ Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
 **Active** | **bool** | Active is a boolean indicator of whether or not the presented token is currently active.  The specifics of a token&#39;s \&quot;active\&quot; state will vary depending on the implementation of the authorization server and the information it keeps about its tokens, but a \&quot;true\&quot; value return for the \&quot;active\&quot; property will generally indicate that a given token has been issued by this authorization server, has not been revoked by the resource owner, and is within its given time window of validity (e.g., after its issuance time and before its expiration time). | 
 **Aud** | Pointer to **[]string** | Audience contains a list of the token&#39;s intended audiences. | [optional] 
-**ClientId** | Pointer to **string** | ID is aclient identifier for the OAuth 2.0 client that requested this token. | [optional] 
+**ClientId** | Pointer to **string** | ID is a client identifier for the OAuth 2.0 client that requested this token. | [optional] 
 **Exp** | Pointer to **int64** | Expires at is an integer timestamp, measured in the number of seconds since January 1 1970 UTC, indicating when this token will expire. | [optional] 
 **Ext** | Pointer to **map[string]interface{}** | Extra is arbitrary data set by the session. | [optional] 
 **Iat** | Pointer to **int64** | Issued at is an integer timestamp, measured in the number of seconds since January 1 1970 UTC, indicating when this token was originally issued. | [optional] 

@@ -262,7 +262,7 @@ type createJsonWebKeySetBody struct {
 //
 // # Create JSON Web Key
 //
-// This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys (RS256, ECDSA). If the specified JSON Web Key Set does not exist, it will be created.
+// This endpoint is capable of generating JSON Web Key Sets for you. There are different strategies available, such as symmetric cryptographic keys (HS256, HS512) and asymmetric cryptographic keys (RS256, ECDSA). If the specified JSON Web Key Set does not exist, it will be created.
 //
 // A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well.
 //

@@ -25,7 +25,7 @@ type Introspection struct {
 	// scopes associated with this token.
 	Scope string `json:"scope,omitempty"`
 
-	// ID is aclient identifier for the OAuth 2.0 client that
+	// ID is a client identifier for the OAuth 2.0 client that
 	// requested this token.
 	ClientID string `json:"client_id"`
 

@@ -1307,7 +1307,7 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) {
 				assert.NotEqual(t, consentRequestID, at2.Get("ext.crid").Str, "%s", at2)
 				assert.NotEqual(t, consentRequestID, rt2.Get("ext.crid").Str, "%s", rt2)
 
-				// revoken the first token chain by consent request id
+				// revoke the first token chain by consent request id
 				_, err = adminClient.OAuth2API.
 					RevokeOAuth2ConsentSessions(context.Background()).
 					ConsentRequestId(consentRequestID).

@@ -190,7 +190,7 @@ func ExecCtx(ctx context.Context, cmd *cobra.Command, stdIn io.Reader, args ...s
 
 	prepareCmd(cmd, stdIn, stdOut, stdErr, args)
 
-	// needs to be on a separate line to ensure that the ouput buffers are read AFTER the command ran
+	// needs to be on a separate line to ensure that the output buffers are read AFTER the command ran
 	err := cmd.ExecuteContext(ctx)
 
 	return stdOut.String(), stdErr.String(), err

@@ -109,7 +109,7 @@ func FinalizeDSN(l *logrusx.Logger, dsn string) string {
 		q.Set("multiStatements", "true")
 		q.Set("parseTime", "true")
 
-		// Thius causes an UPDATE to return the number of matching rows instead of
+		// This causes an UPDATE to return the number of matching rows instead of
 		// the number of rows changed. This ensures compatibility with PostgreSQL and SQLite behavior.
 		q.Set("clientFoundRows", "true")
 

@@ -218,9 +218,9 @@ func WatchChangeFeed(ctx context.Context, cx *sqlx.DB, tableName string, out Eve
 	return d, nil
 }
 
-// InternalDeduplicate sents events from `events` to the `deduplicated` channel, but
+// InternalDeduplicate sends events from `events` to the `deduplicated` channel, but
 // deduplicates events that are sent multiple times. This is necessary, because
-// the CochroachDB changefeed has a atleast-once guarantee for change events,
+// the CockroachDB changefeed has an at-least-once guarantee for change events,
 // meaning that events could be sent multiple times.
 //
 // For deduplication, the last x `pastEvents` are considered.

@@ -476,7 +476,7 @@
             "type": "array"
           },
           "client_id": {
-            "description": "ID is aclient identifier for the OAuth 2.0 client that\nrequested this token.",
+            "description": "ID is a client identifier for the OAuth 2.0 client that\nrequested this token.",
             "type": "string"
           },
           "exp": {
@@ -2283,7 +2283,7 @@
         ]
       },
       "post": {
-        "description": "This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys (RS256, ECDSA). If the specified JSON Web Key Set does not exist, it will be created.\n\nA JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well.",
+        "description": "This endpoint is capable of generating JSON Web Key Sets for you. There are different strategies available, such as symmetric cryptographic keys (HS256, HS512) and asymmetric cryptographic keys (RS256, ECDSA). If the specified JSON Web Key Set does not exist, it will be created.\n\nA JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well.",
         "operationId": "createJsonWebKeySet",
         "parameters": [
           {
@@ -4119,4 +4119,4 @@
   ],
   "x-forwarded-proto": "string",
   "x-request-id": "string"
-}
+}
@@ -503,7 +503,7 @@
         }
       },
       "post": {
-        "description": "This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys (RS256, ECDSA). If the specified JSON Web Key Set does not exist, it will be created.\n\nA JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well.",
+        "description": "This endpoint is capable of generating JSON Web Key Sets for you. There are different strategies available, such as symmetric cryptographic keys (HS256, HS512) and asymmetric cryptographic keys (RS256, ECDSA). If the specified JSON Web Key Set does not exist, it will be created.\n\nA JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well.",
         "consumes": [
           "application/json"
         ],
@@ -2622,7 +2622,7 @@
           }
         },
         "client_id": {
-          "description": "ID is aclient identifier for the OAuth 2.0 client that\nrequested this token.",
+          "description": "ID is a client identifier for the OAuth 2.0 client that\nrequested this token.",
           "type": "string"
         },
         "exp": {
@@ -3978,4 +3978,4 @@
   },
   "x-forwarded-proto": "string",
   "x-request-id": "string"
-}
+}