refactor: validate issuer (url) when retrieving configuration

ColinFrick · ColinFrick · commit 47898ca1584e · 2024-12-19T12:01:34.000+01:00
Closes #26
diff --git a/Sources/FusionAuth/oauth/OAuthAuthorizationService.swift b/Sources/FusionAuth/oauth/OAuthAuthorizationService.swift
@@ -90,6 +90,12 @@ extension OAuthAuthorizationService {
                     return
                 }
 
+                let scheme = config.issuer?.scheme
+                if scheme != "http" && scheme != "https" {
+                    continuation.resume(throwing: OAuthError.invalidIssuer)
+                    return
+                }
+
                 continuation.resume(returning: config)
             }
         }
diff --git a/Sources/FusionAuth/oauth/OAuthErrors.swift b/Sources/FusionAuth/oauth/OAuthErrors.swift
@@ -9,4 +9,5 @@ enum OAuthError: Error {
     case refreshTokenNoResponse
     case unableToUpdateInternalState
     case invalidUserAgent
+    case invalidIssuer
 }

Original file line number	Diff line number	Diff line change
`@@ -90,6 +90,12 @@ extension OAuthAuthorizationService {`
`90`	`90`	`return`
`91`	`91`	`}`
`92`	`92`
	`93`	`+ let scheme = config.issuer?.scheme`
	`94`	`+ if scheme != "http" && scheme != "https" {`
	`95`	`+ continuation.resume(throwing: OAuthError.invalidIssuer)`
	`96`	`+ return`
	`97`	`+ }`
	`98`	`+`
`93`	`99`	`continuation.resume(returning: config)`
`94`	`100`	`}`
`95`	`101`	`}`
Original file line number	Diff line number	Diff line change
`@@ -9,4 +9,5 @@ enum OAuthError: Error {`
`9`	`9`	`case refreshTokenNoResponse`
`10`	`10`	`case unableToUpdateInternalState`
`11`	`11`	`case invalidUserAgent`
	`12`	`+ case invalidIssuer`
`12`	`13`	`}`