anirudh.fi / atproto-oauth
this repo has no description
8
fork

Configure Feed

Select the types of activity you want to include in your feed.

add option to disable some URL checks

This is useful for local development.

authored by

Winter and committed by
Tangled 5d3e087a 28e66037

+18 -13
+3 -3
helpers/generic.go
··· 36 36 return key, nil 37 37 } 38 38 39 - func IsUrlSafeAndParsed(ustr string) (*url.URL, error) { 39 + func IsUrlSafeAndParsed(ustr string, insecure bool) (*url.URL, error) { 40 40 u, err := url.Parse(ustr) 41 41 if err != nil { 42 42 return nil, err 43 43 } 44 44 45 - if u.Scheme != "https" { 45 + if u.Scheme != "https" && !insecure { 46 46 return nil, fmt.Errorf("input url is not https") 47 47 } 48 48 ··· 54 54 return nil, fmt.Errorf("url user was not empty") 55 55 } 56 56 57 - if u.Port() != "" { 57 + if u.Port() != "" && !insecure { 58 58 return nil, fmt.Errorf("url port was not empty") 59 59 } 60 60
+7 -4
oauth.go
··· 24 24 clientKid string 25 25 clientId string 26 26 redirectUri string 27 + insecure bool 27 28 } 28 29 29 30 type ClientArgs struct { ··· 31 32 ClientJwk jwk.Key 32 33 ClientId string 33 34 RedirectUri string 35 + Insecure bool 34 36 } 35 37 36 38 func NewClient(args ClientArgs) (*Client, error) { ··· 61 63 clientPrivateKey: clientPkey, 62 64 clientId: args.ClientId, 63 65 redirectUri: args.RedirectUri, 66 + insecure: args.Insecure, 64 67 }, nil 65 68 } 66 69 67 70 func (c *Client) ResolvePdsAuthServer(ctx context.Context, ustr string) (string, error) { 68 - u, err := helpers.IsUrlSafeAndParsed(ustr) 71 + u, err := helpers.IsUrlSafeAndParsed(ustr, c.insecure) 69 72 if err != nil { 70 73 return "", err 71 74 } ··· 106 109 } 107 110 108 111 func (c *Client) FetchAuthServerMetadata(ctx context.Context, ustr string) (*OauthAuthorizationMetadata, error) { 109 - u, err := helpers.IsUrlSafeAndParsed(ustr) 112 + u, err := helpers.IsUrlSafeAndParsed(ustr, c.insecure) 110 113 if err != nil { 111 114 return nil, err 112 115 } ··· 139 142 return nil, fmt.Errorf("could not unmarshal authserver metadata: %w", err) 140 143 } 141 144 142 - if err := metadata.Validate(u); err != nil { 145 + if err := metadata.Validate(u, c.insecure); err != nil { 143 146 return nil, fmt.Errorf("could not validate authserver metadata: %w", err) 144 147 } 145 148 ··· 261 264 params.Set("login_hint", loginHint) 262 265 } 263 266 264 - _, err = helpers.IsUrlSafeAndParsed(parUrl) 267 + _, err = helpers.IsUrlSafeAndParsed(parUrl, c.insecure) 265 268 if err != nil { 266 269 return nil, err 267 270 }
+8 -6
types.go
··· 97 97 return nil 98 98 } 99 99 100 - func (oam *OauthAuthorizationMetadata) Validate(fetch_url *url.URL) error { 100 + func (oam *OauthAuthorizationMetadata) Validate(fetch_url *url.URL, insecure bool) error { 101 101 if fetch_url == nil { 102 102 return fmt.Errorf("fetch_url was nil") 103 103 } ··· 111 111 return fmt.Errorf("issuer hostname does not match fetch url hostname") 112 112 } 113 113 114 - if iu.Scheme != "https" { 115 - return fmt.Errorf("issuer url is not https") 116 - } 114 + if !insecure { 115 + if iu.Scheme != "https" { 116 + return fmt.Errorf("issuer url is not https") 117 + } 117 118 118 - if iu.Port() != "" { 119 - return fmt.Errorf("issuer port is not empty") 119 + if iu.Port() != "" { 120 + return fmt.Errorf("issuer port is not empty") 121 + } 120 122 } 121 123 122 124 if iu.Path != "" && iu.Path != "/" {