mirror of
https://github.com/home-assistant/core.git
synced 2025-07-23 21:27:38 +00:00
Whitelist Android/iOS auth callbacks (#30082)
* Whitelist Android/iOS * Add iOS alternate flavor URLs * Update indieauth.py Co-authored-by: Robbie Trencheny <me@robbiet.us>
This commit is contained in:
parent
e1e8d6a562
commit
5a9e543087
@ -30,6 +30,14 @@ async def verify_redirect_uri(hass, client_id, redirect_uri):
|
|||||||
if is_valid:
|
if is_valid:
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
# Whitelist the iOS and Android callbacks so that people can link apps
|
||||||
|
# without being connected to the internet.
|
||||||
|
if redirect_uri == "homeassistant://auth-callback" and client_id in (
|
||||||
|
"https://home-assistant.io/android",
|
||||||
|
"https://home-assistant.io/iOS",
|
||||||
|
):
|
||||||
|
return True
|
||||||
|
|
||||||
# IndieAuth 4.2.2 allows for redirect_uri to be on different domain
|
# IndieAuth 4.2.2 allows for redirect_uri to be on different domain
|
||||||
# but needs to be specified in link tag when fetching `client_id`.
|
# but needs to be specified in link tag when fetching `client_id`.
|
||||||
redirect_uris = await fetch_redirect_uris(hass, client_id)
|
redirect_uris = await fetch_redirect_uris(hass, client_id)
|
||||||
|
@ -166,3 +166,24 @@ async def test_find_link_tag_max_size(hass, mock_session):
|
|||||||
redirect_uris = await indieauth.fetch_redirect_uris(hass, "http://127.0.0.1:8000")
|
redirect_uris = await indieauth.fetch_redirect_uris(hass, "http://127.0.0.1:8000")
|
||||||
|
|
||||||
assert redirect_uris == ["http://127.0.0.1:8000/wine"]
|
assert redirect_uris == ["http://127.0.0.1:8000/wine"]
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.parametrize(
|
||||||
|
"client_id", ["https://home-assistant.io/android", "https://home-assistant.io/iOS"]
|
||||||
|
)
|
||||||
|
async def test_verify_redirect_uri_android_ios(client_id):
|
||||||
|
"""Test that we verify redirect uri correctly for Android/iOS."""
|
||||||
|
with patch.object(
|
||||||
|
indieauth, "fetch_redirect_uris", side_effect=lambda *_: mock_coro([])
|
||||||
|
):
|
||||||
|
assert await indieauth.verify_redirect_uri(
|
||||||
|
None, client_id, "homeassistant://auth-callback"
|
||||||
|
)
|
||||||
|
|
||||||
|
assert not await indieauth.verify_redirect_uri(
|
||||||
|
None, client_id, "homeassistant://something-else"
|
||||||
|
)
|
||||||
|
|
||||||
|
assert not await indieauth.verify_redirect_uri(
|
||||||
|
None, "https://incorrect.com", "homeassistant://auth-callback"
|
||||||
|
)
|
||||||
|
Loading…
x
Reference in New Issue
Block a user