Server: Validate endpoints

This commit validates the server endpoints by checking the Host and scheme of each URL to check if they match eachother. This is to prevent further mixup attacks
author: jwijenbergh <jeroenwijenbergh@protonmail.com> 2023-02-16 15:48:52 +0100
committer: jwijenbergh <jeroenwijenbergh@protonmail.com> 2023-02-16 15:52:05 +0100
commit: 807140ce43584e9612f7b5890b13d751247f8e6e (patch)
tree: 08e05fd79078f5093bc7aea68557b212bb5c1bfa /internal/server/server.go
parent: f718788442682f87e2fd1b6067f6062bade52d52 (diff)
1 files changed, 6 insertions, 4 deletions
diff --git a/internal/server/server.go b/internal/server/server.go
index 00324a2..c68916e 100644
--- a/internal/server/server.go
+++ b/internal/server/server.go
@@ -33,12 +33,14 @@ type EndpointList struct {
 	Token         string `json:"token_endpoint"`
 }
 
+type EndpointsVersions struct {
+	V2 EndpointList `json:"http://eduvpn.org/api#2"`
+	V3 EndpointList `json:"http://eduvpn.org/api#3"`
+}
+
 // Endpoints defines the json format for /.well-known/vpn-user-portal".
 type Endpoints struct {
-	API struct {
-		V2 EndpointList `json:"http://eduvpn.org/api#2"`
-		V3 EndpointList `json:"http://eduvpn.org/api#3"`
-	} `json:"api"`
+	API EndpointsVersions `json:"api"`
 	V string `json:"v"`
 }
author	jwijenbergh <jeroenwijenbergh@protonmail.com>	2023-02-16 15:48:52 +0100
committer	jwijenbergh <jeroenwijenbergh@protonmail.com>	2023-02-16 15:52:05 +0100
commit	807140ce43584e9612f7b5890b13d751247f8e6e (patch)
tree	08e05fd79078f5093bc7aea68557b212bb5c1bfa /internal/server/server.go
parent	f718788442682f87e2fd1b6067f6062bade52d52 (diff)