diff --git a/src/main/java/org/cryptomator/ui/keyloading/hub/CheckHostAuthenticityController.java b/src/main/java/org/cryptomator/ui/keyloading/hub/CheckHostAuthenticityController.java index 324abce10..3adcdda85 100644 --- a/src/main/java/org/cryptomator/ui/keyloading/hub/CheckHostAuthenticityController.java +++ b/src/main/java/org/cryptomator/ui/keyloading/hub/CheckHostAuthenticityController.java @@ -7,6 +7,7 @@ import org.cryptomator.ui.common.FxmlFile; import org.cryptomator.ui.common.FxmlScene; import org.cryptomator.ui.keyloading.KeyLoading; import org.cryptomator.ui.keyloading.KeyLoadingScoped; +import org.jetbrains.annotations.VisibleForTesting; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -117,7 +118,8 @@ public class CheckHostAuthenticityController implements FxController { return containsAllowedHosts(allowedHubHosts); } - private boolean containsAllowedHosts(Set allowedHubHosts) { + @VisibleForTesting + boolean containsAllowedHosts(Set allowedHubHosts) { var canonicalHubHost = getAuthority(hubConfig.getApiBaseUrl()); var canonicalAuthHost = getAuthority(hubConfig.authEndpoint); return allowedHubHosts.contains(canonicalHubHost) && allowedHubHosts.contains(canonicalAuthHost); @@ -128,11 +130,12 @@ public class CheckHostAuthenticityController implements FxController { } public static String getAuthority(URI uri) { - if (uri.getPort() != -1) { - return "%s://%s:%s".formatted(uri.getScheme(), uri.getHost(), uri.getPort()); - } else { - return "%s://%s".formatted(uri.getScheme(), uri.getHost()); - } + return switch (uri.getPort()) { + case -1 -> "%s://%s".formatted(uri.getScheme(), uri.getHost()); + case 80 -> "http://%s".formatted(uri.getHost()); + case 443 -> "https://%s".formatted(uri.getHost()); + default -> "%s://%s:%s".formatted(uri.getScheme(), uri.getHost(), uri.getPort()); + }; } } diff --git a/src/test/java/org/cryptomator/ui/keyloading/hub/CheckHostAuthenticityControllerTest.java b/src/test/java/org/cryptomator/ui/keyloading/hub/CheckHostAuthenticityControllerTest.java new file mode 100644 index 000000000..5bbd4eb05 --- /dev/null +++ b/src/test/java/org/cryptomator/ui/keyloading/hub/CheckHostAuthenticityControllerTest.java @@ -0,0 +1,47 @@ +package org.cryptomator.ui.keyloading.hub; + +import org.junit.jupiter.api.Assertions; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.CsvSource; +import org.mockito.Mockito; + +import java.util.Set; + +class CheckHostAuthenticityControllerTest { + + @ParameterizedTest + @CsvSource({ + "https://auth.example.com, https://hub.example.com, true", + "https://hub.example.com, https://hub.example.com, true", + "https://auth.example.com, https://auth.example.com, true", + "https://auth.example.com, https://wrong.example.com, false", + "https://wrong.example.com, https://wrong.example.com, false" + }) + void testContainsAllowedHosts(String apiBase, String authEndpoint, boolean expectedResult) { + var hubConfig = new HubConfig(); + hubConfig.apiBaseUrl = apiBase; + hubConfig.authEndpoint = authEndpoint; + var controller = new CheckHostAuthenticityController(Mockito.mock(), hubConfig, Mockito.mock(), Mockito.mock(), Mockito.mock(), Mockito.mock(), Mockito.mock()); + + var actualResult = controller.containsAllowedHosts(Set.of("https://auth.example.com", "https://hub.example.com")); + + Assertions.assertEquals(expectedResult, actualResult); + } + + @ParameterizedTest + @CsvSource({ + "https://example.com, https://example.com", + "https://example.com/foo/bar, https://example.com", + "https://example.com:8080, https://example.com:8080", + "https://user@example.com:8080/foo/bar, https://example.com:8080", + "https://user@example.com:443/foo/bar, https://example.com", + "http://user@example.com:80/foo/bar?foo=bar, http://example.com", + "http://user@example.com:8080/foo/bar?foo=bar, http://example.com:8080" + }) + void testGetAuthority(String input, String expected) { + var actual = CheckHostAuthenticityController.getAuthority(input); + + Assertions.assertEquals(expected, actual); + } + +} \ No newline at end of file