summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--cmd/cli/main.go15
-rw-r--r--go.mod1
-rw-r--r--go.sum3
3 files changed, 6 insertions, 13 deletions
diff --git a/cmd/cli/main.go b/cmd/cli/main.go
index c1294ed..0259ef2 100644
--- a/cmd/cli/main.go
+++ b/cmd/cli/main.go
@@ -11,8 +11,6 @@ import (
"github.com/eduvpn/eduvpn-common/internal/oauth"
"github.com/eduvpn/eduvpn-common/internal/server"
"github.com/go-errors/errors"
-
- "github.com/pkg/browser"
)
type ServerTypes int8
@@ -40,13 +38,12 @@ func openBrowser(data interface{}) {
fmt.Fprintln(os.Stderr, "got invalid scheme for URL:", u.String())
return
}
- fmt.Printf("OAuth: Initialized with AuthURL %s\n", str)
- fmt.Println("Opening browser...")
- err = browser.OpenURL(str)
- if err != nil {
- fmt.Fprintln(os.Stderr, "failed to open browser with error:", err)
- fmt.Println("Please open your browser manually")
- }
+ fmt.Println("Please open your browser with URL:", u.String())
+ // In practice, a client should open the browser here
+ // But be careful with which commands you execute with this input
+ // As a client you should do enough input validation such that opening the browser does not have unwanted side effects
+ // We do our best to validate the URL in this example by parsing if it's a URL and additionally failing if the scheme is not HTTPS
+ // Note that the library already tries it best to validate data from the server, but a client should always be careful which data it uses
}
// Ask for a profile in the command line.
diff --git a/go.mod b/go.mod
index c7c1859..ffb4801 100644
--- a/go.mod
+++ b/go.mod
@@ -4,7 +4,6 @@ go 1.18
require (
github.com/jedisct1/go-minisign v0.0.0-20211028175153-1c139d1cc84b
- github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8
golang.zx2c4.com/wireguard/wgctrl v0.0.0-20220916014741-473347a5e6e3
)
diff --git a/go.sum b/go.sum
index a518217..7200b55 100644
--- a/go.sum
+++ b/go.sum
@@ -3,13 +3,10 @@ github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3Bop
github.com/google/go-cmp v0.5.7 h1:81/ik6ipDQS2aGcBfIN5dHDB36BwrStyeAQquSYCV4o=
github.com/jedisct1/go-minisign v0.0.0-20211028175153-1c139d1cc84b h1:ZGiXF8sz7PDk6RgkP+A/SFfUD0ZR/AgG6SpRNEDKZy8=
github.com/jedisct1/go-minisign v0.0.0-20211028175153-1c139d1cc84b/go.mod h1:hQmNrgofl+IY/8L+n20H6E6PWBBTokdsv+q49j0QhsU=
-github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 h1:KoWmjvw+nsYOo29YJK9vDA65RGE3NrOnUtO7a+RF9HU=
-github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8/go.mod h1:HKlIX3XHQyzLZPlr7++PzdhaXEj94dEiJgZDTsxEqUI=
golang.org/x/crypto v0.0.0-20220919173607-35f4265a4bc0 h1:a5Yg6ylndHHYJqIPrdq0AhvR6KTvDTAvgBtaidhEevY=
golang.org/x/crypto v0.0.0-20220919173607-35f4265a4bc0/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/net v0.0.0-20220418201149-a630d4f3e7a2 h1:6mzvA99KwZxbOrxww4EvWVQUnN1+xEu9tafK5ZxkYeA=
golang.org/x/net v0.0.0-20220418201149-a630d4f3e7a2/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
-golang.org/x/sys v0.0.0-20210616045830-e2b7044e8c71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220919091848-fb04ddd9f9c8 h1:h+EGohizhe9XlX18rfpa8k8RAc5XyaeamM+0VHRd4lc=
golang.org/x/sys v0.0.0-20220919091848-fb04ddd9f9c8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.zx2c4.com/wireguard/wgctrl v0.0.0-20220916014741-473347a5e6e3 h1:ARxNdT6I+00ZyY5yRT/ZECkQti4iGrMZX9dvG/ao/LY=