mirror of
https://github.com/bitwarden/server.git
synced 2024-12-26 17:37:36 +01:00
add proper URI validation to duo host (#1984)
This commit is contained in:
parent
43be1d3647
commit
a5bfc0554b
@ -105,7 +105,7 @@ namespace Bit.Api.Models.Request
|
||||
|
||||
public IEnumerable<ValidationResult> Validate(ValidationContext validationContext)
|
||||
{
|
||||
if (!Host.StartsWith("api-") || (!Host.EndsWith(".duosecurity.com") && !Host.EndsWith(".duofederal.com")))
|
||||
if (!Core.Utilities.Duo.DuoApi.ValidHost(Host))
|
||||
{
|
||||
yield return new ValidationResult("Host is invalid.", new string[] { nameof(Host) });
|
||||
}
|
||||
|
@ -35,6 +35,21 @@ namespace Bit.Core.Utilities.Duo
|
||||
_ikey = ikey;
|
||||
_skey = skey;
|
||||
_host = host;
|
||||
|
||||
if (!ValidHost(host))
|
||||
{
|
||||
throw new DuoException("Invalid Duo host configured.", new ArgumentException(nameof(host)));
|
||||
}
|
||||
}
|
||||
|
||||
public static bool ValidHost(string host)
|
||||
{
|
||||
if (Uri.TryCreate($"https://{host}", UriKind.Absolute, out var uri))
|
||||
{
|
||||
return uri.Host.StartsWith("api-") &&
|
||||
(uri.Host.EndsWith(".duosecurity.com") || uri.Host.EndsWith(".duofederal.com"));
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
public static string CanonicalizeParams(Dictionary<string, string> parameters)
|
||||
@ -246,6 +261,10 @@ namespace Bit.Core.Utilities.Duo
|
||||
{
|
||||
public int HttpStatus { get; private set; }
|
||||
|
||||
public DuoException(string message, Exception inner)
|
||||
: base(message, inner)
|
||||
{ }
|
||||
|
||||
public DuoException(int httpStatus, string message, Exception inner)
|
||||
: base(message, inner)
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user