improve Loopback check

2021-04-29 12:43:21 +02:00 · 2021-04-29 12:43:21 +02:00 · 540a7bd7be
commit 540a7bd7be
parent 72fc86164c
2 changed files with 33 additions and 15 deletions
--- a/pkg/op/authrequest_test.go
+++ b/pkg/op/authrequest_test.go
@ -316,16 +316,16 @@ func TestValidateAuthReqRedirectURI(t *testing.T) {
 			false,
 		},
 		{
-			"code flow registered http not confidential (user agent) fails",
+			"code flow registered http not confidential (native) fails",
 			args{"http://registered.com/callback",
-				mock.NewClientWithConfig(t, []string{"http://registered.com/callback"}, op.ApplicationTypeUserAgent, nil, false),
+				mock.NewClientWithConfig(t, []string{"http://registered.com/callback"}, op.ApplicationTypeNative, nil, false),
 				oidc.ResponseTypeCode},
 			true,
 		},
 		{
-			"code flow registered http not confidential (native) fails",
+			"code flow registered http not confidential (user agent) fails",
 			args{"http://registered.com/callback",
-				mock.NewClientWithConfig(t, []string{"http://registered.com/callback"}, op.ApplicationTypeNative, nil, false),
+				mock.NewClientWithConfig(t, []string{"http://registered.com/callback"}, op.ApplicationTypeUserAgent, nil, false),
 				oidc.ResponseTypeCode},
 			true,
 		},
@ -344,7 +344,7 @@ func TestValidateAuthReqRedirectURI(t *testing.T) {
 			false,
 		},
 		{
-			"code flow registered http localhost native ok",
+			"code flow registered http loopback v6 native ok",
 			args{"http://[::1]:4200/callback",
 				mock.NewClientWithConfig(t, []string{"http://[::1]/callback"}, op.ApplicationTypeNative, nil, false),
 				oidc.ResponseTypeCode},
@ -420,6 +420,13 @@ func TestValidateAuthReqRedirectURI(t *testing.T) {
 				oidc.ResponseTypeIDToken},
 			false,
 		},
+		{
+			"implicit flow registered http localhost web fails",
+			args{"http://localhost:9999/callback",
+				mock.NewClientWithConfig(t, []string{"http://localhost:9999/callback"}, op.ApplicationTypeWeb, nil, false),
+				oidc.ResponseTypeIDToken},
+			true,
+		},
 		{
 			"implicit flow registered http localhost user agent fails",
 			args{"http://localhost:9999/callback",
@ -581,10 +588,15 @@ func Test_LoopbackOrLocalhost(t *testing.T) {
 			true,
 		},
 		{
-			"v6 no port ok",
+			"v6 short no port ok",
 			args{url: "http://[::1]/test"},
 			true,
 		},
+		{
+			"v6 long no port ok",
+			args{url: "http://[0:0:0:0:0:0:0:1]/test"},
+			true,
+		},
 		{
 			"locahost no port ok",
 			args{url: "http://localhost/test"},
@ -596,10 +608,15 @@ func Test_LoopbackOrLocalhost(t *testing.T) {
 			true,
 		},
 		{
-			"v6 with port ok",
+			"v6 short with port ok",
 			args{url: "http://[::1]:4200/test"},
 			true,
 		},
+		{
+			"v6 long with port ok",
+			args{url: "http://[0:0:0:0:0:0:0:1]:4200/test"},
+			true,
+		},
 		{
 			"localhost with port ok",
 			args{url: "http://localhost:4200/test"},
@ -608,7 +625,7 @@ func Test_LoopbackOrLocalhost(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			if _, got := op.LoopbackOrLocalhost(tt.args.url); got != tt.want {
+			if _, got := op.HTTPLoopbackOrLocalhost(tt.args.url); got != tt.want {
 				t.Errorf("loopbackOrLocalhost() = %v, want %v", got, tt.want)
 			}
 		})