From 9e16f3cf103d36ccef26bc3f8f0c92089e6d642f Mon Sep 17 00:00:00 2001
From: Fran Zekan <zekan.fran369@gmail.com>
Date: Tue, 14 Nov 2023 13:36:08 +0100
Subject: [PATCH] Fix URIChecker.loopback_uri? failing for non url URIs

---
 lib/doorkeeper/oauth/helpers/uri_checker.rb |  2 +-
 spec/lib/oauth/helpers/uri_checker_spec.rb  | 14 ++++++++++++++
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/lib/doorkeeper/oauth/helpers/uri_checker.rb b/lib/doorkeeper/oauth/helpers/uri_checker.rb
index c53d7de7e..f79d9d9d8 100644
--- a/lib/doorkeeper/oauth/helpers/uri_checker.rb
+++ b/lib/doorkeeper/oauth/helpers/uri_checker.rb
@@ -40,7 +40,7 @@ def self.matches?(url, client_url)
 
         def self.loopback_uri?(uri)
           IPAddr.new(uri.host).loopback?
-        rescue IPAddr::Error
+        rescue IPAddr::Error, IPAddr::InvalidAddressError
           false
         end
 
diff --git a/spec/lib/oauth/helpers/uri_checker_spec.rb b/spec/lib/oauth/helpers/uri_checker_spec.rb
index eee96d6ef..75e9d5732 100644
--- a/spec/lib/oauth/helpers/uri_checker_spec.rb
+++ b/spec/lib/oauth/helpers/uri_checker_spec.rb
@@ -257,4 +257,18 @@
       expect(described_class).not_to be_query_matches("foo=bar&bing=bang", "foo=bar&bing=banana")
     end
   end
+
+  describe ".loopback_uri?" do
+    it "is true if loopback IP" do
+      expect(described_class).to be_loopback_uri(URI.parse("http://127.0.0.1"))
+    end
+
+    it 'is false if not loopback IP' do
+      expect(described_class).not_to be_loopback_uri(URI.parse("http://example.com"))
+    end
+
+    it 'is false for non URL' do
+      expect(described_class).not_to be_loopback_uri(URI.parse("vscode://file/home/user/.vimrc"))
+    end
+  end
 end