2021-12-25 18:55:35 +00:00
|
|
|
package domain
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"fmt"
|
|
|
|
|
"net/url"
|
2021-12-29 20:08:30 +00:00
|
|
|
"strconv"
|
2021-12-25 18:55:35 +00:00
|
|
|
"strings"
|
|
|
|
|
"testing"
|
|
|
|
|
|
|
|
|
|
http "github.com/valyala/fasthttp"
|
|
|
|
|
"inet.af/netaddr"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// ClientID is a URL client identifier.
|
|
|
|
|
type ClientID struct {
|
2021-12-29 20:08:30 +00:00
|
|
|
clientID *http.URI
|
2021-12-25 18:55:35 +00:00
|
|
|
}
|
|
|
|
|
|
2022-02-01 17:27:48 +00:00
|
|
|
//nolint: gochecknoglobals // slices cannot be constants
|
2021-12-25 18:55:35 +00:00
|
|
|
var (
|
|
|
|
|
localhostIPv4 = netaddr.MustParseIP("127.0.0.1")
|
|
|
|
|
localhostIPv6 = netaddr.MustParseIP("::1")
|
|
|
|
|
)
|
|
|
|
|
|
2022-01-29 17:50:45 +00:00
|
|
|
// ParseClientID parse string as client ID URL identifier.
|
2022-02-01 17:27:48 +00:00
|
|
|
//nolint: funlen, cyclop
|
2022-01-29 17:50:45 +00:00
|
|
|
func ParseClientID(src string) (*ClientID, error) {
|
|
|
|
|
cid := http.AcquireURI()
|
|
|
|
|
if err := cid.Parse(nil, []byte(src)); err != nil {
|
2022-02-01 17:27:48 +00:00
|
|
|
return nil, NewError(
|
|
|
|
|
ErrorCodeInvalidRequest,
|
|
|
|
|
err.Error(),
|
|
|
|
|
"https://indieauth.net/source/#client-identifier",
|
|
|
|
|
)
|
2021-12-25 18:55:35 +00:00
|
|
|
}
|
|
|
|
|
|
2022-01-29 17:50:45 +00:00
|
|
|
scheme := string(cid.Scheme())
|
2021-12-25 18:55:35 +00:00
|
|
|
if scheme != "http" && scheme != "https" {
|
2022-02-01 17:27:48 +00:00
|
|
|
return nil, NewError(
|
|
|
|
|
ErrorCodeInvalidRequest,
|
|
|
|
|
"client identifier URL MUST have either an https or http scheme",
|
|
|
|
|
"https://indieauth.net/source/#client-identifier",
|
|
|
|
|
)
|
2021-12-25 18:55:35 +00:00
|
|
|
}
|
|
|
|
|
|
2022-01-29 17:50:45 +00:00
|
|
|
path := string(cid.PathOriginal())
|
2021-12-25 18:55:35 +00:00
|
|
|
if path == "" || strings.Contains(path, "/.") || strings.Contains(path, "/..") {
|
2022-02-01 17:27:48 +00:00
|
|
|
return nil, NewError(
|
|
|
|
|
ErrorCodeInvalidRequest,
|
|
|
|
|
"client identifier URL MUST contain a path component and MUST NOT contain "+
|
2021-12-25 18:55:35 +00:00
|
|
|
"single-dot or double-dot path segments",
|
2022-02-01 17:27:48 +00:00
|
|
|
"https://indieauth.net/source/#client-identifier",
|
|
|
|
|
)
|
2021-12-25 18:55:35 +00:00
|
|
|
}
|
|
|
|
|
|
2022-01-29 17:50:45 +00:00
|
|
|
if cid.Hash() != nil {
|
2022-02-01 17:27:48 +00:00
|
|
|
return nil, NewError(
|
|
|
|
|
ErrorCodeInvalidRequest,
|
|
|
|
|
"client identifier URL MUST NOT contain a fragment component",
|
|
|
|
|
"https://indieauth.net/source/#client-identifier",
|
|
|
|
|
)
|
2021-12-25 18:55:35 +00:00
|
|
|
}
|
|
|
|
|
|
2022-01-29 17:50:45 +00:00
|
|
|
if cid.Username() != nil || cid.Password() != nil {
|
2022-02-01 17:27:48 +00:00
|
|
|
return nil, NewError(
|
|
|
|
|
ErrorCodeInvalidRequest,
|
|
|
|
|
"client identifier URL MUST NOT contain a username or password component",
|
|
|
|
|
"https://indieauth.net/source/#client-identifier",
|
|
|
|
|
)
|
2021-12-25 18:55:35 +00:00
|
|
|
}
|
|
|
|
|
|
2022-01-29 17:50:45 +00:00
|
|
|
domain := string(cid.Host())
|
2021-12-25 18:55:35 +00:00
|
|
|
if domain == "" {
|
2022-02-01 17:27:48 +00:00
|
|
|
return nil, NewError(
|
|
|
|
|
ErrorCodeInvalidRequest,
|
|
|
|
|
"client host name MUST be domain name or a loopback interface",
|
|
|
|
|
"https://indieauth.net/source/#client-identifier",
|
|
|
|
|
)
|
2021-12-25 18:55:35 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ip, err := netaddr.ParseIP(domain)
|
|
|
|
|
if err != nil {
|
|
|
|
|
ipPort, err := netaddr.ParseIPPort(domain)
|
|
|
|
|
if err != nil {
|
2022-02-01 17:27:48 +00:00
|
|
|
//nolint: nilerr // ClientID does not contain an IP address, so it is valid
|
|
|
|
|
return &ClientID{clientID: cid}, nil
|
2021-12-25 18:55:35 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ip = ipPort.IP()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if !ip.IsLoopback() && ip.Compare(localhostIPv4) != 0 && ip.Compare(localhostIPv6) != 0 {
|
2022-02-01 17:27:48 +00:00
|
|
|
return nil, NewError(
|
|
|
|
|
ErrorCodeInvalidRequest,
|
|
|
|
|
"client identifier URL MUST NOT be IPv4 or IPv6 addresses except for IPv4 "+
|
2021-12-25 18:55:35 +00:00
|
|
|
"127.0.0.1 or IPv6 [::1]",
|
2022-02-01 17:27:48 +00:00
|
|
|
"https://indieauth.net/source/#client-identifier",
|
|
|
|
|
)
|
2021-12-25 18:55:35 +00:00
|
|
|
}
|
|
|
|
|
|
2022-01-29 17:50:45 +00:00
|
|
|
return &ClientID{
|
|
|
|
|
clientID: cid,
|
|
|
|
|
}, nil
|
2021-12-25 18:55:35 +00:00
|
|
|
}
|
|
|
|
|
|
2022-01-29 17:50:45 +00:00
|
|
|
// TestClientID returns valid random generated ClientID for tests.
|
2021-12-25 18:55:35 +00:00
|
|
|
func TestClientID(tb testing.TB) *ClientID {
|
|
|
|
|
tb.Helper()
|
|
|
|
|
|
2022-02-15 20:07:39 +00:00
|
|
|
clientID, err := ParseClientID("https://indieauth.example.com/")
|
2022-01-30 17:49:25 +00:00
|
|
|
if err != nil {
|
2022-02-01 17:27:48 +00:00
|
|
|
tb.Fatal(err)
|
2022-01-30 17:49:25 +00:00
|
|
|
}
|
2021-12-25 18:55:35 +00:00
|
|
|
|
2021-12-29 20:08:30 +00:00
|
|
|
return clientID
|
2021-12-25 18:55:35 +00:00
|
|
|
}
|
|
|
|
|
|
2022-01-29 17:50:45 +00:00
|
|
|
// UnmarshalForm implements custom unmarshler for form values.
|
2021-12-25 18:55:35 +00:00
|
|
|
func (cid *ClientID) UnmarshalForm(v []byte) error {
|
2022-01-29 14:45:49 +00:00
|
|
|
clientID, err := ParseClientID(string(v))
|
2021-12-25 18:55:35 +00:00
|
|
|
if err != nil {
|
2022-02-15 20:07:39 +00:00
|
|
|
return fmt.Errorf("ClientID: UnmarshalForm: %w", err)
|
2021-12-25 18:55:35 +00:00
|
|
|
}
|
|
|
|
|
|
2021-12-29 20:08:30 +00:00
|
|
|
*cid = *clientID
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-29 17:50:45 +00:00
|
|
|
// UnmarshalJSON implements custom unmarshler for JSON.
|
2021-12-29 20:08:30 +00:00
|
|
|
func (cid *ClientID) UnmarshalJSON(v []byte) error {
|
|
|
|
|
src, err := strconv.Unquote(string(v))
|
|
|
|
|
if err != nil {
|
2022-02-15 20:07:39 +00:00
|
|
|
return fmt.Errorf("ClientID: UnmarshalJSON: %w", err)
|
2021-12-29 20:08:30 +00:00
|
|
|
}
|
|
|
|
|
|
2022-01-29 14:45:49 +00:00
|
|
|
clientID, err := ParseClientID(src)
|
2021-12-29 20:08:30 +00:00
|
|
|
if err != nil {
|
2022-02-15 20:07:39 +00:00
|
|
|
return fmt.Errorf("ClientID: UnmarshalJSON: %w", err)
|
2021-12-29 20:08:30 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
*cid = *clientID
|
2021-12-25 18:55:35 +00:00
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-29 17:50:45 +00:00
|
|
|
// MarshalForm implements custom marshler for JSON.
|
2022-01-12 18:04:40 +00:00
|
|
|
func (cid ClientID) MarshalJSON() ([]byte, error) {
|
|
|
|
|
return []byte(strconv.Quote(cid.String())), nil
|
|
|
|
|
}
|
|
|
|
|
|
2021-12-25 18:55:35 +00:00
|
|
|
// URI returns copy of parsed *fasthttp.URI.
|
2022-02-01 17:27:48 +00:00
|
|
|
//
|
|
|
|
|
// WARN(toby3d): This copy MUST be released via fasthttp.ReleaseURI.
|
2022-01-12 18:04:40 +00:00
|
|
|
func (cid ClientID) URI() *http.URI {
|
2022-02-01 17:27:48 +00:00
|
|
|
uri := http.AcquireURI()
|
|
|
|
|
cid.clientID.CopyTo(uri)
|
2021-12-25 18:55:35 +00:00
|
|
|
|
2022-02-01 17:27:48 +00:00
|
|
|
return uri
|
2021-12-25 18:55:35 +00:00
|
|
|
}
|
|
|
|
|
|
2022-01-29 17:50:45 +00:00
|
|
|
// URL returns url.URL representation of client ID.
|
2022-01-12 18:04:40 +00:00
|
|
|
func (cid ClientID) URL() *url.URL {
|
2021-12-25 18:55:35 +00:00
|
|
|
return &url.URL{
|
2022-02-01 17:27:48 +00:00
|
|
|
ForceQuery: false,
|
|
|
|
|
Fragment: string(cid.clientID.Hash()),
|
|
|
|
|
Host: string(cid.clientID.Host()),
|
|
|
|
|
Opaque: "",
|
|
|
|
|
Path: string(cid.clientID.Path()),
|
|
|
|
|
RawFragment: "",
|
|
|
|
|
RawPath: string(cid.clientID.PathOriginal()),
|
|
|
|
|
RawQuery: string(cid.clientID.QueryString()),
|
|
|
|
|
Scheme: string(cid.clientID.Scheme()),
|
|
|
|
|
User: nil,
|
2021-12-25 18:55:35 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// String returns string representation of client ID.
|
2022-01-12 18:04:40 +00:00
|
|
|
func (cid ClientID) String() string {
|
2021-12-29 20:08:30 +00:00
|
|
|
return cid.clientID.String()
|
2021-12-25 18:55:35 +00:00
|
|
|
}
|
