fix: make query check account for spaces

chore: update readme
fix: filter oauth whitelist to remove empty strings
2025-11-03 23:55:44 +00:00 · 2025-02-16 21:14:21 +02:00 · 2025-02-15 19:53:21 +02:00 · 2025-02-15 17:23:24 +02:00
8 changed files with 42 additions and 7 deletions
--- a/README.md
+++ b/README.md
@@ -24,7 +24,7 @@ Tinyauth is a simple authentication middleware that adds simple username/passwor

 ## Discord

-I just made a Discord server for Tinyauth! It is not only for Tinyauth but general self-hosting because I just like chatting with people! The link is [here](https://discord.gg/gWpzrksk), see you there!
+I just made a Discord server for Tinyauth! It is not only for Tinyauth but general self-hosting because I just like chatting with people! The link is [here](https://discord.gg/eHzVaCzRRd), see you there!

 ## Getting Started

--- a/cmd/root.go
+++ b/cmd/root.go
@@ -62,7 +62,9 @@ var rootCmd = &cobra.Command{
 		}

 		// Create oauth whitelist
-		oauthWhitelist := strings.Split(config.OAuthWhitelist, ",")
+		oauthWhitelist := utils.Filter(strings.Split(config.OAuthWhitelist, ","), func(val string) bool {
+			return val != ""
+		})
 		log.Debug().Msg("Parsed OAuth whitelist")

 		// Create OAuth config
--- a/internal/utils/utils.go
+++ b/internal/utils/utils.go
@@ -207,3 +207,13 @@ func GetTinyauthLabels(labels map[string]string) types.TinyauthLabels {
 func OAuthConfigured(config types.Config) bool {
 	return (config.GithubClientId != "" && config.GithubClientSecret != "") || (config.GoogleClientId != "" && config.GoogleClientSecret != "") || (config.GenericClientId != "" && config.GenericClientSecret != "") || (config.TailscaleClientId != "" && config.TailscaleClientSecret != "")
 }
+
+// Filter helper function
+func Filter[T any](slice []T, test func(T) bool) (res []T) {
+	for _, value := range slice {
+		if test(value) {
+			res = append(res, value)
+		}
+	}
+	return res
+}
--- a/internal/utils/utils_test.go
+++ b/internal/utils/utils_test.go
@@ -313,3 +313,22 @@ func TestGetTinyauthLabels(t *testing.T) {
 		t.Fatalf("Expected %v, got %v", expected, result)
 	}
 }
+
+// Test the filter function
+func TestFilter(t *testing.T) {
+	t.Log("Testing filter helper")
+
+	// Create variables
+	data := []string{"", "val1", "", "val2", "", "val3", ""}
+	expected := []string{"val1", "val2", "val3"}
+
+	// Test the filter function
+	result := utils.Filter(data, func(val string) bool {
+		return val != ""
+	})
+
+	// Check if the result is equal to the expected
+	if !reflect.DeepEqual(expected, result) {
+		t.Fatalf("Expected %v, got %v", expected, result)
+	}
+}
--- a/site/src/pages/continue-page.tsx
+++ b/site/src/pages/continue-page.tsx
@@ -4,6 +4,7 @@ import { Navigate } from "react-router";
 import { useUserContext } from "../context/user-context";
 import { Layout } from "../components/layouts/layout";
 import { ReactNode } from "react";
+import { isQueryValid } from "../utils/utils";

 export const ContinuePage = () => {
  const queryString = window.location.search;
@@ -16,7 +17,7 @@ export const ContinuePage = () => {
    return <Navigate to={`/login?redirect_uri=${redirectUri}`} />;
  }

-  if (redirectUri === "null" || redirectUri === "") {
+  if (!isQueryValid(redirectUri)) {
    return <Navigate to="/" />;
  }

--- a/site/src/pages/login-page.tsx
+++ b/site/src/pages/login-page.tsx
@@ -20,6 +20,7 @@ import { GoogleIcon } from "../icons/google";
 import { GithubIcon } from "../icons/github";
 import { OAuthIcon } from "../icons/oauth";
 import { TailscaleIcon } from "../icons/tailscale";
+import { isQueryValid } from "../utils/utils";

 export const LoginPage = () => {
  const queryString = window.location.search;
@@ -70,7 +71,7 @@ export const LoginPage = () => {
        color: "green",
      });
      setTimeout(() => {
-        if (redirectUri === "null" || redirectUri === "") {
+        if (isQueryValid(redirectUri)) {
          window.location.replace("/");
        } else {
          window.location.replace(`/continue?redirect_uri=${redirectUri}`);
--- a/site/src/pages/unauthorized-page.tsx
+++ b/site/src/pages/unauthorized-page.tsx
@@ -1,6 +1,7 @@
 import { Button, Code, Paper, Text } from "@mantine/core";
 import { Layout } from "../components/layouts/layout";
 import { Navigate } from "react-router";
+import { isQueryValid } from "../utils/utils";

 export const UnauthorizedPage = () => {
  const queryString = window.location.search;
@@ -8,7 +9,7 @@ export const UnauthorizedPage = () => {
  const username = params.get("username") ?? "";
  const resource = params.get("resource") ?? "";

-  if (username === "null" || username === "") {
+  if (!isQueryValid(username)) {
    return <Navigate to="/" />;
  }

@@ -20,7 +21,7 @@ export const UnauthorizedPage = () => {
        </Text>
        <Text>
          The user with username <Code>{username}</Code> is not authorized to{" "}
-          {resource !== "null" && resource !== "" ? (
+          {isQueryValid(resource) ? (
            <span>
              access the <Code>{resource}</Code> resource.
            </span>
--- a/site/src/utils/utils.ts
+++ b/site/src/utils/utils.ts
@@ -1 +1,2 @@
 export const capitalize = (s: string) => s.charAt(0).toUpperCase() + s.slice(1);
+export const isQueryValid = (value: string) => value.trim() !== "" && value !== "null";
Author	SHA1	Message	Date
Stavros	0f8d2e7fde	fix: make query check account for spaces	2025-02-16 21:14:21 +02:00
Stavros	0da82ae3fe	chore: update readme	2025-02-15 19:53:21 +02:00
Stavros	f9ab9a6406	fix: filter oauth whitelist to remove empty strings	2025-02-15 17:23:24 +02:00