fix(authx): JSON unmarshalling for Dynamic auth type

[dwisiswant0]

Proposed changes

Correcting the UnmarshalJSON method to properly
unmarshal JSON, particularlyaddressing the
population of the embedded Secret field. This
was achieved by using a type alias to avoid
recursive calls and rely on default unmarshalling
behavior.

Fixes #6267

Checklist

• Pull request is created against the dev branch
• All checks passed (lint, unit/integration/regression tests etc.) with my changes
• I have added tests that prove my fix is effective or that my feature works
• I have added necessary documentation (if appropriate)

Summary by CodeRabbit

• Bug Fixes

  • Enhanced JSON handling for dynamic authentication providers to prevent errors when processing data.

• Tests

  • Added thorough tests to ensure accurate processing of diverse JSON inputs, including valid, complex, invalid, and empty cases.

[coderabbitai]

"""

Walkthrough

The UnmarshalJSON method of the Dynamic struct was refactored to avoid recursive calls by introducing a type alias for safe unmarshaling. Additionally, comprehensive tests for various JSON scenarios were added to ensure correct unmarshaling behavior and error handling.

Changes

File(s)	Change Summary
pkg/authprovider/authx/dynamic.go	Refactored Dynamic.UnmarshalJSON to use a type alias, preventing recursion during unmarshaling.
pkg/authprovider/authx/dynamic_test.go	Added unit tests for Dynamic.UnmarshalJSON covering valid, complex, invalid, and empty JSON.

Sequence Diagram(s)

sequenceDiagram
    participant Test as Test Suite
    participant Dynamic as Dynamic.UnmarshalJSON
    participant JSON as json.Unmarshal

    Test->>Dynamic: Call UnmarshalJSON(data)
    Dynamic->>Dynamic: Create type alias (Alias)
    Dynamic->>JSON: Unmarshal data into alias pointer
    JSON-->>Dynamic: Populate struct fields
    Dynamic-->>Test: Return error or nil

Loading

Assessment against linked issues

Objective	Addressed	Explanation
Fix recursive call in Dynamic.UnmarshalJSON using type alias (#6267)	✅
Remove redundant double unmarshalling in Dynamic.UnmarshalJSON (#6267)	✅
Ensure unmarshaling logic is correct and tested for various JSON scenarios (#6267)	✅

Poem

In the warren of code, recursion did dwell,
But with a new alias, all is now well.
Tests hop through JSON, both simple and wild,
Ensuring our structs are unmarshaled and styled.
A bug now is history—let’s thump with delight,
For rabbits and coders, the future is bright! 🐇✨
"""

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 91e1d5b and 44ca476.

📒 Files selected for processing (1)

• pkg/authprovider/authx/dynamic.go (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• pkg/authprovider/authx/dynamic.go

⏰ Context from checks skipped due to timeout of 90000ms (3)

• GitHub Check: Tests (ubuntu-latest)
• GitHub Check: Tests (macOS-latest)
• GitHub Check: Tests (windows-latest)

✨ Finishing Touches

• 📝 Generate Docstrings

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[dwisiswant0]

$ go test -v -timeout 30s -run ^TestDynamicUnmarshalJSON$ ./pkg/authprovider/authx
=== RUN   TestDynamicUnmarshalJSON
=== RUN   TestDynamicUnmarshalJSON/basic-unmarshal
=== RUN   TestDynamicUnmarshalJSON/complex-unmarshal
=== RUN   TestDynamicUnmarshalJSON/invalid-json
=== RUN   TestDynamicUnmarshalJSON/empty-json
--- PASS: TestDynamicUnmarshalJSON (0.00s)
    --- PASS: TestDynamicUnmarshalJSON/basic-unmarshal (0.00s)
    --- PASS: TestDynamicUnmarshalJSON/complex-unmarshal (0.00s)
    --- PASS: TestDynamicUnmarshalJSON/invalid-json (0.00s)
    --- PASS: TestDynamicUnmarshalJSON/empty-json (0.00s)
PASS
ok  	github.com/projectdiscovery/nuclei/v3/pkg/authprovider/authx	0.041s

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (3)

pkg/authprovider/authx/dynamic_test.go (3)

1-8: Run the test (and each sub-test) in parallel

Enabling t.Parallel() improves CI throughput and guards against hidden concurrency issues.

 func TestDynamicUnmarshalJSON(t *testing.T) {
+	t.Parallel()
 	t.Run("basic-unmarshal", func(t *testing.T) {
+		t.Parallel()

Repeat t.Parallel() inside each sub-test.

---

9-54: Exercise the std-lib unmarshal path as well

The current test invokes d.UnmarshalJSON directly, bypassing the common
json.Unmarshal path (json.Unmarshal detects and calls the method).
Add a second assertion that the alias logic still works when the struct is the
target of json.Unmarshal.

 		var d Dynamic
-		err := d.UnmarshalJSON(data)
+		var d2 Dynamic
+		err := d.UnmarshalJSON(data)          // direct
+		err2 := json.Unmarshal(data, &d2)     // via encoding/json
 		require.NoError(t, err)
+		require.NoError(t, err2)
+		require.Equal(t, d, d2)

---

112-124: Minor readability tweak – raw string literal

Using a raw string (\``…`) avoids the {}` escaping noise:

-		data := []byte(`{invalid json}`)
+		data := []byte(`{invalid json}`)

Consider switching to:

data := []byte(`{invalid json}`)

(applies to the other JSON blobs too). Purely cosmetic.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a4859df and 91e1d5b.

📒 Files selected for processing (2)

• pkg/authprovider/authx/dynamic.go (1 hunks)
• pkg/authprovider/authx/dynamic_test.go (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: Lint

[dogancanbakir]

test fails

[dwisiswant0]

test fails

All green now.