summaryrefslogtreecommitdiff
path: root/internal
diff options
context:
space:
mode:
Diffstat (limited to 'internal')
-rw-r--r--internal/server/api/api_test.go16
-rw-r--r--internal/server/endpoints/endpoints.go3
2 files changed, 15 insertions, 4 deletions
diff --git a/internal/server/api/api_test.go b/internal/server/api/api_test.go
index 7509a30..2e19d47 100644
--- a/internal/server/api/api_test.go
+++ b/internal/server/api/api_test.go
@@ -54,11 +54,11 @@ func Test_APIGetEndpoints(t *testing.T) {
},
{
epl: endpoints.List{
- API: "http://example.com/1",
- Authorization: "https://example.com/2",
- Token: "https://example.com/3",
+ API: "https://example.com/1",
+ Authorization: "http://example.com/2",
+ Token: "http://example.com/3",
},
- err: errors.New("API scheme: 'http', is not equal to authorization scheme: 'https'"),
+ err: errors.New("API scheme: 'https', is not equal to authorization scheme: 'http'"),
},
{
epl: endpoints.List{
@@ -92,6 +92,14 @@ func Test_APIGetEndpoints(t *testing.T) {
},
err: errors.New("API host: 'example.com', is not equal to authorization host: 'malicious.com'"),
},
+ {
+ epl: endpoints.List{
+ API: "https://example.com/1",
+ Authorization: "https://example.com/2",
+ Token: "ftp://example.com/3",
+ },
+ err: errors.New("API scheme: 'https', is not equal to token scheme: 'ftp'"),
+ },
}
for _, tc := range testCases {
diff --git a/internal/server/endpoints/endpoints.go b/internal/server/endpoints/endpoints.go
index 75bca55..3e675e4 100644
--- a/internal/server/endpoints/endpoints.go
+++ b/internal/server/endpoints/endpoints.go
@@ -37,6 +37,9 @@ func (e Endpoints) Validate() error {
if err != nil {
return errors.WrapPrefix(err, "failed to parse API token endpoint", 0)
}
+ if pAPI.Scheme != "https" {
+ return errors.Errorf("API Scheme: '%v', is not equal to HTTPS", pAPI.Scheme)
+ }
if pAPI.Scheme != pAuth.Scheme {
return errors.Errorf("API scheme: '%v', is not equal to authorization scheme: '%v'", pAPI.Scheme, pAuth.Scheme)
}