Update allowlisted OAuth redirect URIs for Wear OS (#77411)

This commit is contained in:
Joris Pelgröm 2022-08-30 03:52:10 +02:00 committed by GitHub
parent 79b5147b46
commit fa0dfd812c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 22 additions and 3 deletions

View File

@ -38,9 +38,15 @@ async def verify_redirect_uri(
# Whitelist the iOS and Android callbacks so that people can link apps
# without being connected to the internet.
if redirect_uri == "homeassistant://auth-callback" and client_id in (
"https://home-assistant.io/android",
"https://home-assistant.io/iOS",
if (
client_id == "https://home-assistant.io/iOS"
and redirect_uri == "homeassistant://auth-callback"
):
return True
if client_id == "https://home-assistant.io/android" and redirect_uri in (
"homeassistant://auth-callback",
"https://wear.googleapis.com/3p_auth/io.homeassistant.companion.android",
):
return True

View File

@ -183,3 +183,16 @@ async def test_verify_redirect_uri_android_ios(client_id):
assert not await indieauth.verify_redirect_uri(
None, "https://incorrect.com", "homeassistant://auth-callback"
)
if client_id == "https://home-assistant.io/android":
assert await indieauth.verify_redirect_uri(
None,
client_id,
"https://wear.googleapis.com/3p_auth/io.homeassistant.companion.android",
)
else:
assert not await indieauth.verify_redirect_uri(
None,
client_id,
"https://wear.googleapis.com/3p_auth/io.homeassistant.companion.android",
)