TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-02-28 23:17:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: allow scim content type wildcards (#9245)

Browse Source 
# Which Problems Are Solved
- requests to the scim interface with content type `*/*` are rejected

# How the Problems Are Solved
- `*/*` is accepted as content type

# Additional Context
Part of #8140
This commit is contained in:
Lars 2025-01-27 17:10:30 +01:00 committed by GitHub
parent 741434806a
commit b19333726c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
internal/api/scim/middleware/content_type_middleware.go
View File

@ -13,8 +13,10 @@ import (
)
const (
ContentTypeScim = "application/scim+json"
ContentTypeJson = "application/json"
ContentTypeScim = "application/scim+json"
ContentTypeJson = "application/json"
ContentTypeApplicationWildcard = "application/*"
ContentTypeWildcard = "*/*"
)
func ContentTypeMiddleware(next middleware.HandlerFuncWithError) middleware.HandlerFuncWithError {
@ -44,7 +46,11 @@ func validateContentType(contentType string) bool {
return false
}
if mediaType != "" && !strings.EqualFold(mediaType, ContentTypeJson) && !strings.EqualFold(mediaType, ContentTypeScim) {
if mediaType != "" &&
!strings.EqualFold(mediaType, ContentTypeWildcard) &&
!strings.EqualFold(mediaType, ContentTypeApplicationWildcard) &&
!strings.EqualFold(mediaType, ContentTypeJson) &&
!strings.EqualFold(mediaType, ContentTypeScim) {
return false
}