forked from baron/baron-sso
리다이렉트 후속 로직 업데이트
This commit is contained in:
36
userfront/test/oidc_redirect_guard_test.dart
Normal file
36
userfront/test/oidc_redirect_guard_test.dart
Normal file
@@ -0,0 +1,36 @@
|
||||
import 'package:flutter_test/flutter_test.dart';
|
||||
import 'package:userfront/core/services/oidc_redirect_guard.dart';
|
||||
|
||||
void main() {
|
||||
group('oidc_redirect_guard', () {
|
||||
test('http/https 절대 URL만 허용', () {
|
||||
final ok = validateOidcRedirectTarget(
|
||||
'https://sso-test.hmac.kr/oidc/oauth2/auth?client_id=devfront&login_verifier=abc',
|
||||
);
|
||||
expect(ok.isValid, isTrue);
|
||||
expect(ok.reason, 'ok');
|
||||
expect(ok.host, 'sso-test.hmac.kr');
|
||||
expect(ok.path, '/oidc/oauth2/auth');
|
||||
expect(ok.hasLoginVerifier, isTrue);
|
||||
|
||||
final relative = validateOidcRedirectTarget('/oidc/oauth2/auth');
|
||||
expect(relative.isValid, isFalse);
|
||||
expect(relative.reason, 'not_absolute');
|
||||
|
||||
final js = validateOidcRedirectTarget('javascript:alert(1)');
|
||||
expect(js.isValid, isFalse);
|
||||
expect(js.reason, 'not_absolute');
|
||||
});
|
||||
|
||||
test('빈 문자열과 파싱 실패를 차단', () {
|
||||
final empty = validateOidcRedirectTarget(' ');
|
||||
expect(empty.isValid, isFalse);
|
||||
expect(empty.reason, 'empty');
|
||||
expect(empty.length, 0);
|
||||
|
||||
final malformed = validateOidcRedirectTarget('https://[broken');
|
||||
expect(malformed.isValid, isFalse);
|
||||
expect(malformed.reason, 'parse_error');
|
||||
});
|
||||
});
|
||||
}
|
||||
Reference in New Issue
Block a user