Test IsValidRedirect method
This commit is contained in:
parent
2e75a863be
commit
b31369d71d
@ -92,6 +92,44 @@ func TestRobotsTxt(t *testing.T) {
|
|||||||
assert.Equal(t, "User-agent: *\nDisallow: /", rw.Body.String())
|
assert.Equal(t, "User-agent: *\nDisallow: /", rw.Body.String())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestIsValidRedirect(t *testing.T) {
|
||||||
|
opts := NewOptions()
|
||||||
|
opts.ClientID = "bazquux"
|
||||||
|
opts.ClientSecret = "foobar"
|
||||||
|
opts.CookieSecret = "xyzzyplugh"
|
||||||
|
opts.WhitelistDomains = []string{"foo.bar"}
|
||||||
|
opts.Validate()
|
||||||
|
|
||||||
|
proxy := NewOAuthProxy(opts, func(string) bool { return true })
|
||||||
|
|
||||||
|
noRD := proxy.IsValidRedirect("")
|
||||||
|
assert.Equal(t, false, noRD)
|
||||||
|
|
||||||
|
singleSlash := proxy.IsValidRedirect("/redirect")
|
||||||
|
assert.Equal(t, true, singleSlash)
|
||||||
|
|
||||||
|
doubleSlash := proxy.IsValidRedirect("//redirect")
|
||||||
|
assert.Equal(t, false, doubleSlash)
|
||||||
|
|
||||||
|
validHttp := proxy.IsValidRedirect("http://baz.foo.bar/redirect")
|
||||||
|
assert.Equal(t, true, validHttp)
|
||||||
|
|
||||||
|
validHttps := proxy.IsValidRedirect("https://baz.foo.bar/redirect")
|
||||||
|
assert.Equal(t, true, validHttps)
|
||||||
|
|
||||||
|
invalidHttp1 := proxy.IsValidRedirect("http://foo.bar.evil.corp/redirect")
|
||||||
|
assert.Equal(t, false, invalidHttp1)
|
||||||
|
|
||||||
|
invalidHttps1 := proxy.IsValidRedirect("https://foo.bar.evil.corp/redirect")
|
||||||
|
assert.Equal(t, false, invalidHttps1)
|
||||||
|
|
||||||
|
invalidHttp2 := proxy.IsValidRedirect("http://evil.corp/redirect?rd=foo.bar")
|
||||||
|
assert.Equal(t, false, invalidHttp2)
|
||||||
|
|
||||||
|
invalidHttps2 := proxy.IsValidRedirect("https://evil.corp/redirect?rd=foo.bar")
|
||||||
|
assert.Equal(t, false, invalidHttps2)
|
||||||
|
}
|
||||||
|
|
||||||
type TestProvider struct {
|
type TestProvider struct {
|
||||||
*providers.ProviderData
|
*providers.ProviderData
|
||||||
EmailAddress string
|
EmailAddress string
|
||||||
|
Loading…
Reference in New Issue
Block a user