Skip to content

Commit 96802df

Browse files
panvapanva
committed
feat: session management client helper is now inline with other helpers
The logic of allowed/not allowed is now moved to the client instance method to allow for overloading and relaxing the policies.
1 parent 64933b0 commit 96802df

File tree

2 files changed

+10
-11
lines changed

2 files changed

+10
-11
lines changed

lib/actions/check_session.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -160,7 +160,7 @@ module.exports = function checkSessionAction(provider) {
160160
if (!client) {
161161
throw new InvalidClient();
162162
}
163-
if (!client.redirectUriOrigins.has(origin)) {
163+
if (!client.originAllowed(origin)) {
164164
throw new InvalidRequest('origin not allowed', 403);
165165
}
166166
ctx.status = 204;

lib/models/client.js

Lines changed: 9 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -313,18 +313,17 @@ module.exports = function getClient(provider) {
313313
return this.redirectUris.includes(checkedUri);
314314
}
315315

316-
get redirectUriOrigins() {
317-
if ('redirectUriOrigins' in instance(this)) {
318-
return instance(this).redirectUriOrigins;
316+
originAllowed(origin) {
317+
if (!('redirectUriOrigins' in instance(this))) {
318+
instance(this).redirectUriOrigins = this.redirectUris.reduce((acc, uri) => {
319+
const { origin: redirectUriOrigin } = new URL(uri);
320+
acc.add(redirectUriOrigin);
321+
return acc;
322+
}, new Set());
319323
}
320324

321-
instance(this).redirectUriOrigins = this.redirectUris.reduce((acc, uri) => {
322-
const { origin } = new URL(uri);
323-
acc.add(origin);
324-
return acc;
325-
}, new Set());
326-
327-
return instance(this).redirectUriOrigins;
325+
const origins = instance(this).redirectUriOrigins;
326+
return origins.has(origin);
328327
}
329328

330329
webMessageUriAllowed(webMessageUri) {

0 commit comments

Comments
 (0)