cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

local allowed

Browse source
This commit is contained in:
Livio Amstutz 2020-01-27 16:16:11 +01:00
parent 47fc3da583
commit f73575728f
1 changed files with 14 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

15
pkg/op/config.go
View file

@ -3,6 +3,7 @@ package op
import ( import (
"errors" "errors"
"net/url" "net/url"
"os"
"strings" "strings"
) )
@ -30,7 +31,7 @@ func ValidateIssuer(issuer string) error {
return errors.New("host for issuer missing") return errors.New("host for issuer missing")
} }
if u.Scheme != "https" { if u.Scheme != "https" {
if !(u.Scheme == "http" && (u.Host == "localhost" || u.Host == "127.0.0.1" || u.Host == "::1" || strings.HasPrefix(u.Host, "localhost:"))) { //TODO: ? if devLocalAllowed(u) {
return errors.New("scheme for issuer must be `https`") return errors.New("scheme for issuer must be `https`")
} }
} }
@ -39,3 +40,15 @@ func ValidateIssuer(issuer string) error {
} }
return nil return nil
} }
func devLocalAllowed(url *url.URL) bool {
_, b := os.LookupEnv("CAOS_OIDC_DEV")
if !b {
return b
}
return url.Scheme == "http" &&
url.Host == "localhost" ||
url.Host == "127.0.0.1" ||
url.Host == "::1" ||
strings.HasPrefix(url.Host, "localhost:")
}