@@ -72,6 +72,7 @@ func TestChecks(t *testing.T) {
7272 os .Setenv ("GITHUB_CLIENT_SECRET" , "" )
7373 os .Setenv ("GITHUB_CLIENT_ID" , "" )
7474 os .Setenv ("GITHUB_REDIRECT_URL" , "" )
75+ os .Setenv ("ALLOWLIST_REDIRECT_URLS" , "" )
7576 testFail (t )
7677
7778 os .Setenv ("PORT" , "8888" )
@@ -80,6 +81,30 @@ func TestChecks(t *testing.T) {
8081 testFail (t )
8182 os .Setenv ("GITHUB_CLIENT_ID" , "aoeu" )
8283 testFail (t )
84+ os .Setenv ("ALLOWLIST_REDIRECT_URLS" , "http://localhost,https://localhost,https://searchspring.github.io/snapp-explorer" )
85+ testFail (t )
86+ os .Setenv ("ALLOWLIST_REDIRECT_URLS" , "http://localhost,https://localhost , https://searchspring.github.io/snapp-explorer, " )
87+ testFail (t )
88+ }
89+
90+ func TestAllowlistPass (t * testing.T ) {
91+ githubDAO = & mockDAO {Override : simple }
92+ res := httptest .NewRecorder ()
93+ handler (res , httptest .NewRequest ("GET" , "http://localhost:1231/?code=blah&redirect=https://searchspring.github.io/snapp-explorer" , nil ))
94+ body , err := ioutil .ReadAll (res .Body )
95+ require .Nil (t , err )
96+ require .True (t , strings .Contains (string (body ), "https://searchspring.github.io/snapp-explorer" ))
97+ require .False (t , strings .Contains (string (body ), "http://localhost:3827" ))
98+ }
99+
100+ func TestAllowlistFail (t * testing.T ) {
101+ githubDAO = & mockDAO {Override : simple }
102+ res := httptest .NewRecorder ()
103+ handler (res , httptest .NewRequest ("GET" , "http://localhost:1231/?code=blah&redirect=https://dne.searchspring.io" , nil ))
104+ body , err := ioutil .ReadAll (res .Body )
105+ require .Nil (t , err )
106+ require .True (t , strings .Contains (string (body ), "http://localhost:3827" ))
107+ require .False (t , strings .Contains (string (body ), "https://dne.searchspring.io" ))
83108}
84109
85110func testFail (t * testing.T ) {
0 commit comments