From bc4d5941fc9c0ee3e7d27a56cee1e3c3a9fc42ec Mon Sep 17 00:00:00 2001
From: Joel Speed <Joel.speed@hotmail.co.uk>
Date: Mon, 11 Dec 2017 09:24:52 +0000
Subject: [PATCH] Remove duplicated logic

---
 oauthproxy.go | 17 +++++------------
 1 file changed, 5 insertions(+), 12 deletions(-)

diff --git a/oauthproxy.go b/oauthproxy.go
index 8029eab..18984d4 100644
--- a/oauthproxy.go
+++ b/oauthproxy.go
@@ -580,20 +580,13 @@ func (p *OAuthProxy) IsValidRedirect(redirect string) bool {
 	switch {
 	case strings.HasPrefix(redirect, "/") && !strings.HasPrefix(redirect, "//"):
 		return true
-	case strings.HasPrefix(redirect, "http://"):
-		redirect = strings.TrimPrefix(redirect, "http://")
-		redirect = strings.Split(redirect, "/")[0]
-		for _, domain := range p.whitelistDomains {
-			if strings.HasSuffix(redirect, domain) {
-				return true
-			}
+	case strings.HasPrefix(redirect, "http://") || strings.HasPrefix(redirect, "https://"):
+		redirectURL, err := url.Parse(redirect)
+		if err != nil {
+			return false
 		}
-		return false
-	case strings.HasPrefix(redirect, "https://"):
-		redirect = strings.TrimPrefix(redirect, "https://")
-		redirect = strings.Split(redirect, "/")[0]
 		for _, domain := range p.whitelistDomains {
-			if strings.HasSuffix(redirect, domain) {
+			if (redirectURL.Host == domain) || (strings.HasPrefix(domain, ".") && strings.HasSuffix(redirectURL.Host, domain)) {
 				return true
 			}
 		}