imhven
/
abp
mirror of https://github.com/abpframework/abp
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8940 from abpframework/auto-merge/rel-4-3/367

Browse Source 
Merge branch dev with rel-4.3
pull/8967/head
liangshiwei 4 years ago committed by GitHub
parent 8a3b0b6dec 6e0f68bda8
commit 5d4e8e5a8b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File

5
modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AbpStrictRedirectUriValidator.cs
Unescape View File

@ -1,5 +1,6 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using IdentityServer4.Models;
using IdentityServer4.Validation;
@ -33,7 +34,9 @@ namespace Volo.Abp.IdentityServer
var extractResult = FormattedStringValueExtracter.Extract(requestedUri, url, ignoreCase: true);
if (extractResult.IsMatch)
{
return Task.FromResult(true);
return Task.FromResult(extractResult.Matches
.Aggregate(url, (current, nameValue) => current.Replace($"{{{nameValue.Name}}}", nameValue.Value))
.Contains(requestedUri, StringComparison.OrdinalIgnoreCase));
}
if (url.Replace("{0}.", "").Contains(requestedUri, StringComparison.OrdinalIgnoreCase))

4
modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AbpWildcardSubdomainCorsPolicyService.cs
Unescape View File

@ -1,4 +1,5 @@
using System;
using System.Linq;
using System.Threading.Tasks;
using IdentityServer4.Configuration;
using Microsoft.Extensions.Options;
@ -32,7 +33,8 @@ namespace Volo.Abp.IdentityServer
var extractResult = FormattedStringValueExtracter.Extract(origin, url, ignoreCase: true);
if (extractResult.IsMatch)
{
return true;
return extractResult.Matches.Aggregate(url, (current, nameValue) => current.Replace($"{{{nameValue.Name}}}", nameValue.Value))
.Contains(origin, StringComparison.OrdinalIgnoreCase);
}
if (url.Replace("{0}.", "").Contains(origin, StringComparison.OrdinalIgnoreCase))

2
modules/identityserver/test/Volo.Abp.IdentityServer.Domain.Tests/Volo/Abp/IdentityServer/AbpStrictRedirectUriValidator_Tests.cs
Unescape View File

@ -54,6 +54,7 @@ namespace Volo.Abp.IdentityServer
(await _abpStrictRedirectUriValidator.IsRedirectUriValidAsync("http://ng.abp.io", _testClient)).ShouldBeTrue();
(await _abpStrictRedirectUriValidator.IsRedirectUriValidAsync("https://api.t1.abp:8080/", _testClient)).ShouldBeFalse();
(await _abpStrictRedirectUriValidator.IsRedirectUriValidAsync("http://ng.t1.abp.io", _testClient)).ShouldBeFalse();
(await _abpStrictRedirectUriValidator.IsRedirectUriValidAsync("http://t1.ng.abp.io/index.html.mydomain.com", _testClient)).ShouldBeFalse();
}
[Fact]
@ -68,6 +69,7 @@ namespace Volo.Abp.IdentityServer
(await _abpStrictRedirectUriValidator.IsPostLogoutRedirectUriValidAsync("http://ng.abp.io", _testClient)).ShouldBeTrue();
(await _abpStrictRedirectUriValidator.IsPostLogoutRedirectUriValidAsync("https://api.t1.abp:8080/", _testClient)).ShouldBeFalse();
(await _abpStrictRedirectUriValidator.IsPostLogoutRedirectUriValidAsync("http://ng.t1.abp.io", _testClient)).ShouldBeFalse();
(await _abpStrictRedirectUriValidator.IsPostLogoutRedirectUriValidAsync("http://t1.ng.abp.io/index.html.mydomain.com", _testClient)).ShouldBeFalse();
}
}
}

2
modules/identityserver/test/Volo.Abp.IdentityServer.Domain.Tests/Volo/Abp/IdentityServer/AbpWildcardSubdomainCorsPolicyService_Tests.cs
Unescape View File

@ -35,6 +35,8 @@ namespace Volo.Abp.IdentityServer
(await _corsPolicyService.IsOriginAllowedAsync("https://abp.io")).ShouldBeTrue();
(await _corsPolicyService.IsOriginAllowedAsync("https://t1.abp.io")).ShouldBeTrue();
(await _corsPolicyService.IsOriginAllowedAsync("https://t1.ng.abp.io")).ShouldBeTrue();
(await _corsPolicyService.IsOriginAllowedAsync("https://t1.abp.io.mydomain.com")).ShouldBeFalse();
}
}
}

Write Preview
Loading…
Cancel
Save