meutel/oauth2_proxy
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove duplicated logic

Browse Source
This commit is contained in:
Joel Speed 2017-12-11 09:24:52 +00:00
parent fd875fc663
commit bc4d5941fc
No known key found for this signature in database
GPG Key ID: 6E80578D6751DEFB
1 changed files with 5 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
oauthproxy.go
View File

@ -580,20 +580,13 @@ func (p *OAuthProxy) IsValidRedirect(redirect string) bool {
switch { switch {
case strings.HasPrefix(redirect, "/") && !strings.HasPrefix(redirect, "//"): case strings.HasPrefix(redirect, "/") && !strings.HasPrefix(redirect, "//"):
return true return true
case strings.HasPrefix(redirect, "http://"): case strings.HasPrefix(redirect, "http://") || strings.HasPrefix(redirect, "https://"):
redirect = strings.TrimPrefix(redirect, "http://") redirectURL, err := url.Parse(redirect)
redirect = strings.Split(redirect, "/")[0] if err != nil {
for _, domain := range p.whitelistDomains { return false
if strings.HasSuffix(redirect, domain) {
return true
}
} }
return false
case strings.HasPrefix(redirect, "https://"):
redirect = strings.TrimPrefix(redirect, "https://")
redirect = strings.Split(redirect, "/")[0]
for _, domain := range p.whitelistDomains { for _, domain := range p.whitelistDomains {
if strings.HasSuffix(redirect, domain) { if (redirectURL.Host == domain) || (strings.HasPrefix(domain, ".") && strings.HasSuffix(redirectURL.Host, domain)) {
return true return true
} }
} }