Skip to content

Commit

Permalink
[pre-commit.ci] auto fixes from pre-commit.com hooks
Browse files Browse the repository at this point in the history 
for more information, see https://pre-commit.ci
  • Loading branch information
@pre-commit-ci
pre-commit-ci[bot] committed Sep 28, 2024
1 parent c2b9ea5 commit fd43e7f
Show file tree
Hide file tree
Showing 2 changed files with 34 additions and 10 deletions.
8 changes: 6 additions & 2 deletions oauth2_provider/models.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -808,7 +808,10 @@ def redirect_to_uri_allowed(uri, allowed_uris):
# time of the request for loopback IP redirect URIs, to accommodate
# clients that obtain an available ephemeral port from the operating
# system at the time of the request.
allowed_uri_is_loopback = (parsed_allowed_uri.scheme == "http" and parsed_allowed_uri.hostname in ["127.0.0.1", "::1"])
allowed_uri_is_loopback = parsed_allowed_uri.scheme == "http" and parsed_allowed_uri.hostname in [
"127.0.0.1",
"::1",
]
""" check port """
if not allowed_uri_is_loopback and parsed_allowed_uri.port != parsed_uri.port:
continue
Expand All @@ -824,7 +827,8 @@ def redirect_to_uri_allowed(uri, allowed_uris):
""" check querystring """
aqs_set = set(parse_qsl(parsed_allowed_uri.query))
if not aqs_set.issubset(uqs_set):
continue # circuit break
continue # circuit break


def is_origin_allowed(origin, allowed_origins):
"""
Expand Down
36 changes: 28 additions & 8 deletions oauth2_provider/validators.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,19 +82,31 @@ def __call__(self, value):
if self.allow_hostname_wildcard and "*" in netloc:
domain_parts = netloc.split(".")
if netloc.count("*") > 1:
raise ValidationError(
"%(name)s URI validation error. %(cause)s: %(value)s",
params={"name": self.name, "value": value, "cause": "only one wildcard is allowed in the hostname"},
)
raise ValidationError(
"%(name)s URI validation error. %(cause)s: %(value)s",
params={
"name": self.name,
"value": value,
"cause": "only one wildcard is allowed in the hostname",
},
)
if not netloc.startswith("*"):
raise ValidationError(
"%(name)s URI validation error. %(cause)s: %(value)s",
params={"name": self.name, "value": value, "cause": "wildcards must be at the beginning of the hostname"},
params={
"name": self.name,
"value": value,
"cause": "wildcards must be at the beginning of the hostname",
},
)
if len(domain_parts) < 3:
raise ValidationError(
"%(name)s URI validation error. %(cause)s: %(value)s",
params={"name": self.name, "value": value, "cause": "wildcards cannot be in the top level or second level domain"},
params={
"name": self.name,
"value": value,
"cause": "wildcards cannot be in the top level or second level domain",
},
)

# strip the wildcard from the netloc, we'll reassamble the value later to pass to URI Validator
Expand All @@ -107,12 +119,20 @@ def __call__(self, value):
if path.count("*") > 1:
raise ValidationError(
"%(name)s URI validation error. %(cause)s: %(value)s",
params={"name": self.name, "value": value, "cause": "only one wildcard is allowed in the path"},
params={
"name": self.name,
"value": value,
"cause": "only one wildcard is allowed in the path",
},
)
if not path.endswith("*"):
raise ValidationError(
"%(name)s URI validation error. %(cause)s: %(value)s",
params={"name": self.name, "value": value, "cause": "wildcards must be at the end of the path"},
params={
"name": self.name,
"value": value,
"cause": "wildcards must be at the end of the path",
},
)
# strip the wildcard from the path, we'll reassamble the value later to pass to URI Validator
path = path[:-1]
Expand Down

0 comments on commit fd43e7f

Please sign in to comment.