auth
2014-07-18
auth/urivalidate.go
Start rewriting the repo. This code originally was a carbon copy of https://github.com/RangelReale/osin, but I am methodically stripping out the extensible nature of it for a simpler interface, while simultaneously bringing the style into line with the Ducky style.
| paddy@0 | 1 package oauth2 |
| paddy@0 | 2 |
| paddy@0 | 3 import ( |
| paddy@0 | 4 "errors" |
| paddy@0 | 5 "fmt" |
| paddy@0 | 6 "net/url" |
| paddy@0 | 7 "strings" |
| paddy@0 | 8 ) |
| paddy@0 | 9 |
| paddy@0 | 10 // ValidateURI validates that redirectURI is contained in baseURI |
| paddy@0 | 11 func ValidateURI(baseURI string, redirectURI string) error { |
| paddy@0 | 12 if baseURI == "" || redirectURI == "" { |
| paddy@0 | 13 return errors.New("urls cannot be blank.") |
| paddy@0 | 14 } |
| paddy@0 | 15 |
| paddy@0 | 16 // parse base url |
| paddy@0 | 17 base, err := url.Parse(baseURI) |
| paddy@0 | 18 if err != nil { |
| paddy@0 | 19 return err |
| paddy@0 | 20 } |
| paddy@0 | 21 |
| paddy@0 | 22 // parse passed url |
| paddy@0 | 23 redirect, err := url.Parse(redirectURI) |
| paddy@0 | 24 if err != nil { |
| paddy@0 | 25 return err |
| paddy@0 | 26 } |
| paddy@0 | 27 |
| paddy@0 | 28 // must not have fragment |
| paddy@0 | 29 if base.Fragment != "" || redirect.Fragment != "" { |
| paddy@0 | 30 return errors.New("url must not include fragment.") |
| paddy@0 | 31 } |
| paddy@0 | 32 |
| paddy@0 | 33 // check if urls match |
| paddy@0 | 34 if base.Scheme == redirect.Scheme && base.Host == redirect.Host && len(redirect.Path) >= len(base.Path) && strings.HasPrefix(redirect.Path, base.Path) { |
| paddy@0 | 35 return nil |
| paddy@0 | 36 } |
| paddy@0 | 37 |
| paddy@0 | 38 return errors.New(fmt.Sprintf("urls don't validate: %s / %s\n", baseURI, redirectURI)) |
| paddy@0 | 39 } |