Check if hostname is valid

auth_request_client.go

@@ -4,13 +4,15 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"regexp"
 
 	"github.com/gorilla/websocket"
 )
 
 const (
-	MSG_TYPE_AUTH   string = "auth"
+	MSG_TYPE_AUTH         string = "auth"
-	MSG_TYPE_SET_ID string = "set-id"
+	MSG_TYPE_SET_ID       string = "set-id"
+	MSG_TYPE_INVALID_HOST string = "invalid-host"
 )
 
 type AuthRequestClient struct {
@@ -19,8 +21,8 @@ type AuthRequestClient struct {
 }
 
 type AuthRequestProtocolMessage struct {
-	MessageType string `json:"type"`
+	MessageType string            `json:"type"`
-	Parameters  map[string]string
+	Parameters  map[string]string `json:"parameters"`
 }
 
 func (c *AuthRequestClient) ReceiveRequest() (*AuthRequest, error) {
@@ -40,15 +42,23 @@ func (c *AuthRequestClient) ReceiveRequest() (*AuthRequest, error) {
 		)
 	}
 
-	instance, ok := message.Parameters["instance"]
+	host, ok := message.Parameters["host"]
 
-	if !ok {
+	if !ok || !validHost(host) {
-		return nil, errors.New("No \"instance\" parameter included in auth request parameters")
+		response := &AuthRequestProtocolMessage{
+			MessageType: MSG_TYPE_INVALID_HOST,
+			Parameters:  make(map[string]string),
+		}
+
+		c.conn.WriteJSON(response)
+
+		// Invalid or no host provided, let's try again
+		return c.ReceiveRequest()
 	}
 
 	r := &AuthRequest{
 		Client:   c,
-		Instance: instance,
+		Instance: host,
 	}
 
 	(*c.app.Logger).Info("Returning AuthRequest")
@@ -92,3 +102,12 @@ func (c *AuthRequestClient) PropagateID(ID string) error {
 func (c *AuthRequestClient) Close() {
 	c.conn.Close()
 }
+
+func validHost(host string) bool {
+	re, _ := regexp.Compile(`^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$`)
+
+	if re.MatchString(host) {
+		return true
+	}
+	return false
+}