authorizer/server/utils/validator.go

package utils

import (
	"net/mail"
	"regexp"
	"strings"

	"github.com/authorizerdev/authorizer/server/constants"
	"github.com/authorizerdev/authorizer/server/envstore"
)

// IsValidEmail validates email
func IsValidEmail(email string) bool {
	_, err := mail.ParseAddress(email)
	return err == nil
}

// IsValidOrigin validates origin based on ALLOWED_ORIGINS
func IsValidOrigin(url string) bool {
	allowedOrigins := envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyAllowedOrigins)
	if len(allowedOrigins) == 1 && allowedOrigins[0] == "*" {
		return true
	}

	hasValidURL := false
	hostName, port := GetHostParts(url)
	currentOrigin := hostName + ":" + port

	for _, origin := range allowedOrigins {
		replacedString := origin
		// if has regex whitelisted domains
		if strings.Contains(origin, "*") {
			replacedString = strings.Replace(origin, ".", "\\.", -1)
			replacedString = strings.Replace(replacedString, "*", ".*", -1)

			if strings.HasPrefix(replacedString, ".*") {
				replacedString += "\\b"
			}

			if strings.HasSuffix(replacedString, ".*") {
				replacedString = "\\b" + replacedString
			}
		}

		if matched, _ := regexp.MatchString(replacedString, currentOrigin); matched {
			hasValidURL = true
			break
		}
	}

	return hasValidURL
}

// IsValidRoles validates roles
func IsValidRoles(userRoles []string, roles []string) bool {
	valid := true
	for _, role := range roles {
		if !StringSliceContains(userRoles, role) {
			valid = false
			break
		}
	}

	return valid
}

// IsValidVerificationIdentifier validates verification identifier that is used to identify
// the type of verification request
func IsValidVerificationIdentifier(identifier string) bool {
	if identifier != constants.VerificationTypeBasicAuthSignup && identifier != constants.VerificationTypeForgotPassword && identifier != constants.VerificationTypeUpdateEmail {
		return false
	}
	return true
}

// IsStringArrayEqual validates if string array are equal.
// This does check if the order is same
func IsStringArrayEqual(a, b []string) bool {
	if len(a) != len(b) {
		return false
	}
	for i, v := range a {
		if v != b[i] {
			return false
		}
	}
	return true
}
add signup resolver 2021-07-12 18:22:16 +00:00			`package utils`

feat: login wall (#42) * feat: add login-wall app * fix: rename vars * fix: rename vars * update docker file * add validations for app state * add host check for app * fix: docker file 2021-08-04 06:48:57 +00:00			`import (`
			`"net/mail"`
fix: add valid origin check for cors (#83) Resolves #72 2021-12-21 13:16:54 +00:00			`"regexp"`
feat: login wall (#42) * feat: add login-wall app * fix: rename vars * fix: rename vars * update docker file * add validations for app state * add host check for app * fix: docker file 2021-08-04 06:48:57 +00:00			`"strings"`

			`"github.com/authorizerdev/authorizer/server/constants"`
Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`"github.com/authorizerdev/authorizer/server/envstore"`
feat: login wall (#42) * feat: add login-wall app * fix: rename vars * fix: rename vars * update docker file * add validations for app state * add host check for app * fix: docker file 2021-08-04 06:48:57 +00:00			`)`
add signup resolver 2021-07-12 18:22:16 +00:00
Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`// IsValidEmail validates email`
add signup resolver 2021-07-12 18:22:16 +00:00			`func IsValidEmail(email string) bool {`
			`_, err := mail.ParseAddress(email)`
			`return err == nil`
			`}`
feat: login wall (#42) * feat: add login-wall app * fix: rename vars * fix: rename vars * update docker file * add validations for app state * add host check for app * fix: docker file 2021-08-04 06:48:57 +00:00
Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`// IsValidOrigin validates origin based on ALLOWED_ORIGINS`
fix: add valid origin check for cors (#83) Resolves #72 2021-12-21 13:16:54 +00:00			`func IsValidOrigin(url string) bool {`
fix: tests 2022-02-28 02:25:01 +00:00			`allowedOrigins := envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyAllowedOrigins)`
fix: rename config -> env and handle env interface better 2022-01-20 11:22:37 +00:00			`if len(allowedOrigins) == 1 && allowedOrigins[0] == "*" {`
feat: login wall (#42) * feat: add login-wall app * fix: rename vars * fix: rename vars * update docker file * add validations for app state * add host check for app * fix: docker file 2021-08-04 06:48:57 +00:00			`return true`
			`}`

			`hasValidURL := false`
fix: add valid origin check for cors (#83) Resolves #72 2021-12-21 13:16:54 +00:00			`hostName, port := GetHostParts(url)`
			`currentOrigin := hostName + ":" + port`
feat: login wall (#42) * feat: add login-wall app * fix: rename vars * fix: rename vars * update docker file * add validations for app state * add host check for app * fix: docker file 2021-08-04 06:48:57 +00:00
Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`for _, origin := range allowedOrigins {`
fix: rename config -> env and handle env interface better 2022-01-20 11:22:37 +00:00			`replacedString := origin`
fix: add valid origin check for cors (#83) Resolves #72 2021-12-21 13:16:54 +00:00			`// if has regex whitelisted domains`
fix: rename config -> env and handle env interface better 2022-01-20 11:22:37 +00:00			`if strings.Contains(origin, "*") {`
			`replacedString = strings.Replace(origin, ".", "\\.", -1)`
fix: add valid origin check for cors (#83) Resolves #72 2021-12-21 13:16:54 +00:00			`replacedString = strings.Replace(replacedString, "", ".", -1)`

			`if strings.HasPrefix(replacedString, ".*") {`
			`replacedString += "\\b"`
			`}`

			`if strings.HasSuffix(replacedString, ".*") {`
			`replacedString = "\\b" + replacedString`
			`}`
			`}`

			`if matched, _ := regexp.MatchString(replacedString, currentOrigin); matched {`
feat: login wall (#42) * feat: add login-wall app * fix: rename vars * fix: rename vars * update docker file * add validations for app state * add host check for app * fix: docker file 2021-08-04 06:48:57 +00:00			`hasValidURL = true`
			`break`
			`}`
			`}`

			`return hasValidURL`
			`}`
feat/role based access (#50) * feat: add roles based access * feat: update roles env + todo * feat: add roles to update profile * feat: add role based oauth * feat: validate role for a given token 2021-09-20 05:06:26 +00:00
Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`// IsValidRoles validates roles`
feat: use multi roles login (#60) * feat: use multi roles login - add support for protected roles - refactor oauth code * fix: adminUpdate role validation * fix: update app 2021-10-13 16:41:41 +00:00			`func IsValidRoles(userRoles []string, roles []string) bool {`
feat/role based access (#50) * feat: add roles based access * feat: update roles env + todo * feat: add roles to update profile * feat: add role based oauth * feat: validate role for a given token 2021-09-20 05:06:26 +00:00			`valid := true`
feat: use multi roles login (#60) * feat: use multi roles login - add support for protected roles - refactor oauth code * fix: adminUpdate role validation * fix: update app 2021-10-13 16:41:41 +00:00			`for _, role := range roles {`
fix: multi role with oauth (#61) 2021-10-19 07:27:59 +00:00			`if !StringSliceContains(userRoles, role) {`
feat/role based access (#50) * feat: add roles based access * feat: update roles env + todo * feat: add roles to update profile * feat: add role based oauth * feat: validate role for a given token 2021-09-20 05:06:26 +00:00			`valid = false`
			`break`
			`}`
			`}`

			`return valid`
			`}`

Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`// IsValidVerificationIdentifier validates verification identifier that is used to identify`
			`// the type of verification request`
feat: add integration tests for signup, login, reset_password, forgot_password, verify_email 2021-12-23 05:01:52 +00:00			`func IsValidVerificationIdentifier(identifier string) bool {`
Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`if identifier != constants.VerificationTypeBasicAuthSignup && identifier != constants.VerificationTypeForgotPassword && identifier != constants.VerificationTypeUpdateEmail {`
feat: add integration tests for signup, login, reset_password, forgot_password, verify_email 2021-12-23 05:01:52 +00:00			`return false`
			`}`
			`return true`
			`}`

Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`// IsStringArrayEqual validates if string array are equal.`
			`// This does check if the order is same`
feat/role based access (#50) * feat: add roles based access * feat: update roles env + todo * feat: add roles to update profile * feat: add role based oauth * feat: validate role for a given token 2021-09-20 05:06:26 +00:00			`func IsStringArrayEqual(a, b []string) bool {`
			`if len(a) != len(b) {`
			`return false`
			`}`
			`for i, v := range a {`
			`if v != b[i] {`
			`return false`
			`}`
			`}`
			`return true`
			`}`