diff --git a/CHANGELOG.md b/CHANGELOG.md index 4d7322e..53722fa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Changed +## [1.5.6] - 2024-01-18 + +### Changed + +- The input contains http or https which function will return an error. [#130](https://github.com/microsoft/kiota-abstractions-go/issues/130) + ## [1.5.5] - 2024-01-17 ### Changed diff --git a/authentication/allowed_hosts_validator.go b/authentication/allowed_hosts_validator.go index c5bc78d..052882d 100644 --- a/authentication/allowed_hosts_validator.go +++ b/authentication/allowed_hosts_validator.go @@ -1,22 +1,35 @@ package authentication import ( + "errors" u "net/url" "strings" ) -// AllowedHostsValidator Maintains a list of valid hosts and allows authentication providers to check whether a host is valid before authenticating a request +// AllowedHostsValidator maintains a list of valid hosts and allows authentication providers to check whether a host is valid before authenticating a request type AllowedHostsValidator struct { validHosts map[string]bool } -// NewAllowedHostsValidator creates a new AllowedHostsValidator object with provided values. +// ErrInvalidHostPrefix indicates that a host should not contain the http or https prefix. +var ErrInvalidHostPrefix = errors.New("host should not contain http or https prefix") + +// Deprecated: NewAllowedHostsValidator creates a new AllowedHostsValidator object with provided values. func NewAllowedHostsValidator(validHosts []string) AllowedHostsValidator { result := AllowedHostsValidator{} result.SetAllowedHosts(validHosts) return result } +// NewAllowedHostsValidatorErrorCheck creates a new AllowedHostsValidator object with provided values and performs error checking. +func NewAllowedHostsValidatorErrorCheck(validHosts []string) (*AllowedHostsValidator, error) { + result := &AllowedHostsValidator{} + if err := result.SetAllowedHostsErrorCheck(validHosts); err != nil { + return nil, err + } + return result, nil +} + // GetAllowedHosts returns the list of valid hosts. func (v *AllowedHostsValidator) GetAllowedHosts() map[string]bool { hosts := make(map[string]bool, len(v.validHosts)) @@ -26,7 +39,7 @@ func (v *AllowedHostsValidator) GetAllowedHosts() map[string]bool { return hosts } -// SetAllowedHosts sets the list of valid hosts. +// Deprecated: SetAllowedHosts sets the list of valid hosts. func (v *AllowedHostsValidator) SetAllowedHosts(hosts []string) { v.validHosts = make(map[string]bool, len(hosts)) if len(hosts) > 0 { @@ -36,6 +49,21 @@ func (v *AllowedHostsValidator) SetAllowedHosts(hosts []string) { } } +// SetAllowedHostsErrorCheck sets the list of valid hosts with error checking. +func (v *AllowedHostsValidator) SetAllowedHostsErrorCheck(hosts []string) error { + v.validHosts = make(map[string]bool, len(hosts)) + if len(hosts) > 0 { + for _, host := range hosts { + lowerHost := strings.ToLower(host) + if strings.HasPrefix(lowerHost, "http://") || strings.HasPrefix(lowerHost, "https://") { + return ErrInvalidHostPrefix + } + v.validHosts[lowerHost] = true + } + } + return nil +} + // IsValidHost returns true if the host is valid. func (v *AllowedHostsValidator) IsUrlHostValid(uri *u.URL) bool { if uri == nil { diff --git a/authentication/allowed_hosts_validator_test.go b/authentication/allowed_hosts_validator_test.go index f6e1ef2..312f387 100644 --- a/authentication/allowed_hosts_validator_test.go +++ b/authentication/allowed_hosts_validator_test.go @@ -1,14 +1,21 @@ package authentication import ( - assert "github.com/stretchr/testify/assert" u "net/url" "testing" + + assert "github.com/stretchr/testify/assert" ) -func TestItValidatesHosts(t *testing.T) { +func TestItValidatesHostsUseNewAllowedHostsValidator(t *testing.T) { validator := NewAllowedHostsValidator([]string{"graph.microsoft.com"}) url, err := u.Parse("https://graph.microsoft.com/v1.0/me") assert.Nil(t, err) assert.True(t, validator.IsUrlHostValid(url)) } + +func TestItValidatesHostsUseNewAllowedHostsValidatorErrorCheck(t *testing.T) { + validator, err := NewAllowedHostsValidatorErrorCheck([]string{"http://graph.microsoft.com"}) + assert.EqualValues(t, ErrInvalidHostPrefix, err) + assert.Nil(t, validator) +} diff --git a/authentication/api_key_authentication_provider.go b/authentication/api_key_authentication_provider.go index fb2be2c..82b18fd 100644 --- a/authentication/api_key_authentication_provider.go +++ b/authentication/api_key_authentication_provider.go @@ -41,12 +41,16 @@ func NewApiKeyAuthenticationProviderWithValidHosts(apiKey string, parameterName if len(parameterName) == 0 { return nil, errors.New("parameterName cannot be empty") } - validator := NewAllowedHostsValidator(validHosts) + + validator, err := NewAllowedHostsValidatorErrorCheck(validHosts) + if err != nil { + return nil, err + } return &ApiKeyAuthenticationProvider{ apiKey: apiKey, parameterName: parameterName, keyLocation: keyLocation, - validator: &validator, + validator: validator, }, nil }