fix: import cycle issues

server/validators/common.go

@@ -0,0 +1,15 @@
+package validators
+
+// IsStringArrayEqual validates if string array are equal.
+// This does check if the order is same
+func IsStringArrayEqual(a, b []string) bool {
+	if len(a) != len(b) {
+		return false
+	}
+	for i, v := range a {
+		if v != b[i] {
+			return false
+		}
+	}
+	return true
+}

server/validators/email.go

@@ -0,0 +1,9 @@
+package validators
+
+import "net/mail"
+
+// IsValidEmail validates email
+func IsValidEmail(email string) bool {
+	_, err := mail.ParseAddress(email)
+	return err == nil
+}

server/validators/password.go

@@ -0,0 +1,33 @@
+package validators
+
+// ValidatePassword to validate the password against the following policy
+// min char length: 6
+// max char length: 36
+// at least one upper case letter
+// at least one lower case letter
+// at least one digit
+// at least one special character
+func IsValidPassword(password string) bool {
+	if len(password) < 6 || len(password) > 36 {
+		return false
+	}
+
+	hasUpperCase := false
+	hasLowerCase := false
+	hasDigit := false
+	hasSpecialChar := false
+
+	for _, char := range password {
+		if char >= 'A' && char <= 'Z' {
+			hasUpperCase = true
+		} else if char >= 'a' && char <= 'z' {
+			hasLowerCase = true
+		} else if char >= '0' && char <= '9' {
+			hasDigit = true
+		} else {
+			hasSpecialChar = true
+		}
+	}
+
+	return hasUpperCase && hasLowerCase && hasDigit && hasSpecialChar
+}

server/validators/roles.go

@@ -0,0 +1,16 @@
+package validators
+
+import "github.com/authorizerdev/authorizer/server/utils"
+
+// IsValidRoles validates roles
+func IsValidRoles(userRoles []string, roles []string) bool {
+	valid := true
+	for _, userRole := range userRoles {
+		if !utils.StringSliceContains(roles, userRole) {
+			valid = false
+			break
+		}
+	}
+
+	return valid
+}

server/validators/url.go

@@ -0,0 +1,49 @@
+package validators
+
+import (
+	"regexp"
+	"strings"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/parsers"
+)
+
+// IsValidOrigin validates origin based on ALLOWED_ORIGINS
+func IsValidOrigin(url string) bool {
+	allowedOrigins, err := memorystore.Provider.GetSliceStoreEnvVariable(constants.EnvKeyAllowedOrigins)
+	if err != nil {
+		allowedOrigins = []string{"*"}
+	}
+	if len(allowedOrigins) == 1 && allowedOrigins[0] == "*" {
+		return true
+	}
+
+	hasValidURL := false
+	hostName, port := parsers.GetHostParts(url)
+	currentOrigin := hostName + ":" + port
+
+	for _, origin := range allowedOrigins {
+		replacedString := origin
+		// if has regex whitelisted domains
+		if strings.Contains(origin, "*") {
+			replacedString = strings.Replace(origin, ".", "\\.", -1)
+			replacedString = strings.Replace(replacedString, "*", ".*", -1)
+
+			if strings.HasPrefix(replacedString, ".*") {
+				replacedString += "\\b"
+			}
+
+			if strings.HasSuffix(replacedString, ".*") {
+				replacedString = "\\b" + replacedString
+			}
+		}
+
+		if matched, _ := regexp.MatchString(replacedString, currentOrigin); matched {
+			hasValidURL = true
+			break
+		}
+	}
+
+	return hasValidURL
+}

server/validators/verification_requests.go

@@ -0,0 +1,12 @@
+package validators
+
+import "github.com/authorizerdev/authorizer/server/constants"
+
+// IsValidVerificationIdentifier validates verification identifier that is used to identify
+// the type of verification request
+func IsValidVerificationIdentifier(identifier string) bool {
+	if identifier != constants.VerificationTypeBasicAuthSignup && identifier != constants.VerificationTypeForgotPassword && identifier != constants.VerificationTypeUpdateEmail {
+		return false
+	}
+	return true
+}