krombel/oauth2
1
0
Fork 0
forked from remote/oauth2
Code Pull Requests 1 Activity

filter URL to exclude path, update regex accordingly

Browse Source
This commit is contained in:
Patrick Jones
2021-08-11 14:41:07 -07:00
parent 844e38f109
commit 280ee39d14
2 changed files with 23 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
google/internal/externalaccount/basecredentials.go
View File

@@ -8,6 +8,7 @@ import (
"context"
"fmt"
"net/http"
"net/url"
"regexp"
"strconv"
"time"
@@ -60,22 +61,29 @@ var (
validTokenURLPatterns = []*regexp.Regexp{
// The complicated part in the middle matches any number of characters that
// aren't period, spaces, or slashes.
regexp.MustCompile("^https://[^\\.\\s\\/\\\\]+\\.sts\\.googleapis\\.com"),
regexp.MustCompile("^https://sts\\.googleapis\\.com"),
regexp.MustCompile("^https://sts\\.[^\\.\\s\\/\\\\]+\\.googleapis\\.com"),
regexp.MustCompile("^https://[^\\.\\s\\/\\\\]+-sts\\.googleapis\\.com"),
regexp.MustCompile("^https://[^\\.\\s\\/\\\\]+\\.sts\\.googleapis\\.com$"),
regexp.MustCompile("^https://sts\\.googleapis\\.com$"),
regexp.MustCompile("^https://sts\\.[^\\.\\s\\/\\\\]+\\.googleapis\\.com$"),
regexp.MustCompile("^https://[^\\.\\s\\/\\\\]+-sts\\.googleapis\\.com$"),
}
validImpersonateURLPatterns = []*regexp.Regexp{
regexp.MustCompile("^https://[^\\.\\s\\/\\\\]+\\.iamcredentials\\.googleapis\\.com"),
regexp.MustCompile("^https://iamcredentials\\.googleapis\\.com"),
regexp.MustCompile("^https://iamcredentials\\.[^\\.\\s\\/\\\\]+\\.googleapis\\.com"),
regexp.MustCompile("^https://[^\\.\\s\\/\\\\]+-iamcredentials\\.googleapis\\.com"),
regexp.MustCompile("^https://[^\\.\\s\\/\\\\]+\\.iamcredentials\\.googleapis\\.com$"),
regexp.MustCompile("^https://iamcredentials\\.googleapis\\.com$"),
regexp.MustCompile("^https://iamcredentials\\.[^\\.\\s\\/\\\\]+\\.googleapis\\.com$"),
regexp.MustCompile("^https://[^\\.\\s\\/\\\\]+-iamcredentials\\.googleapis\\.com$"),
}
)
func validateURL(input string, patterns []*regexp.Regexp) bool {
parsed, err := url.Parse(input)
if err != nil {
return false
}
path := parsed.Path
toTest := input[0 : len(input)-len(path)]
for _, pattern := range patterns {
valid := pattern.MatchString(input)
valid := pattern.MatchString(toTest)
if valid {
return true
}