Skip to content

Commit

Permalink
[fix] added https check
Browse files Browse the repository at this point in the history
  • Loading branch information
dtsiflit committed Jul 19, 2024
1 parent c7fa372 commit 74890c0
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 2 deletions.
1 change: 1 addition & 0 deletions Sources/Entities/CredentialIssuer/CredentialIssuerId.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ public struct CredentialIssuerId: Codable, Equatable {

guard
let validURL = URL(string: string),
validURL.scheme == "https",
validURL.fragment == nil
else {
throw CredentialError.genericError
Expand Down
4 changes: 4 additions & 0 deletions Sources/Entities/IssuanceFlows/GetAuthorizationCodeURL.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,10 @@ public struct GetAuthorizationCodeURL {
throw ValidationError.invalidUrl(urlString)
}

guard url.scheme == "https" else {
throw ValidationError.nonHttpsUrl(urlString)
}

let parameters = url.queryParameters
guard
parameters["\(Self.PARAM_CLIENT_ID)"] != nil
Expand Down
2 changes: 0 additions & 2 deletions Tests/Issue/GetAuthorizationCodeURLTest.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,14 +29,12 @@ class GetAuthorizationCodeURLTests: XCTestCase {
}

func testInvalidURL() {
XCTExpectFailure()
XCTAssertThrowsError(try GetAuthorizationCodeURL(urlString: "invalid_url")) { error in
XCTAssertTrue(error is ValidationError)
}
}

func testNonHTTPSURL() {
XCTExpectFailure()
XCTAssertThrowsError(try GetAuthorizationCodeURL(urlString: "http://example.com?client_id=123")) { error in
XCTAssertTrue(error is ValidationError)
}
Expand Down

0 comments on commit 74890c0

Please sign in to comment.