whitelist some custom url schemes for bc
parent
d51f39fe84
commit
25ac2e1138
|
@ -30,6 +30,8 @@ object LegacyClientApi {
|
||||||
override def toString = "ClientSecret(***)"
|
override def toString = "ClientSecret(***)"
|
||||||
}
|
}
|
||||||
|
|
||||||
case object MismatchingClientSecret extends Protocol.Error.InvalidGrant("fix mismatching client secret (or update to pkce)")
|
case object MismatchingClientSecret
|
||||||
case object ClientSecretRequired extends Protocol.Error.InvalidRequest("client_secret required (or update to pkce)")
|
extends Protocol.Error.InvalidGrant("fix mismatching client secret (or update to pkce)")
|
||||||
|
case object ClientSecretRequired
|
||||||
|
extends Protocol.Error.InvalidRequest("client_secret required (or update to pkce)")
|
||||||
}
|
}
|
||||||
|
|
|
@ -90,7 +90,24 @@ object Protocol {
|
||||||
.parseOption(redirectUri)
|
.parseOption(redirectUri)
|
||||||
.toValid(Error.RedirectUriInvalid)
|
.toValid(Error.RedirectUriInvalid)
|
||||||
.ensure(Error.RedirectSchemeNotAllowed)(url =>
|
.ensure(Error.RedirectSchemeNotAllowed)(url =>
|
||||||
List("http", "https", "ionic", "capacitor").has(url.scheme)
|
List(
|
||||||
|
// standard
|
||||||
|
"http",
|
||||||
|
"https",
|
||||||
|
"ionic",
|
||||||
|
"capacitor",
|
||||||
|
// bc
|
||||||
|
"squareoffapp",
|
||||||
|
"anichess",
|
||||||
|
"lichessmac",
|
||||||
|
"chessrtx",
|
||||||
|
"chesscomopse",
|
||||||
|
// whitelist (consider automating)
|
||||||
|
"no.rieck.chess.dgt",
|
||||||
|
"net.developerfluid.darkknight",
|
||||||
|
"com.guykn.chessboard3",
|
||||||
|
"com.georgdotorg.catur"
|
||||||
|
).has(url.scheme)
|
||||||
)
|
)
|
||||||
.map(RedirectUri.apply)
|
.map(RedirectUri.apply)
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue