updated validator to be method off of config; updated structs

Author: maurafortino

webhookValidationConfig.go

@@ -4,47 +4,31 @@
 package ancla
 
 import (
-	"errors"
-	"fmt"
 	"time"
-)
 
-var (
-	SpecialUseIPs = []string{
-		"0.0.0.0/8",          //local ipv4
-		"fe80::/10",          //local ipv6
-		"255.255.255.255/32", //broadcast to neighbors
-		"2001::/32",          //ipv6 TEREDO prefix
-		"2001:5::/32",        //EID space for lisp
-		"2002::/16",          //ipv6 6to4
-		"fc00::/7",           //ipv6 unique local
-		"192.0.0.0/24",       //ipv4 IANA
-		"2001:0000::/23",     //ipv6 IANA
-		"224.0.0.1/32",       //ipv4 multicast
-	}
-	SpecialUseHosts = []string{
-		".example.",
-		".invalid.",
-		".test.",
-		"localhost",
-	}
-	errFailedToBuildValidators    = errors.New("failed to build validators")
-	errFailedToBuildValidURLFuncs = errors.New("failed to build ValidURLFuncs")
+	"github.com/xmidt-org/urlegit"
 )
 
 type ValidatorConfig struct {
-	URL URLVConfig
-	TTL TTLVConfig
+	URL    URLVConfig
+	TTL    TTLVConfig
+	IP     IPConfig
+	Domain DomainConfig
+}
+
+type IPConfig struct {
+	Allow            bool
+	ForbiddenSubnets []string
+}
+
+type DomainConfig struct {
+	AllowSpecialUseDomains bool
+	ForbiddenDomains       []string
 }
 
 type URLVConfig struct {
-	HTTPSOnly            bool
-	AllowLoopback        bool
-	AllowIP              bool
-	AllowSpecialUseHosts bool
-	AllowSpecialUseIPs   bool
-	InvalidHosts         []string
-	InvalidSubnets       []string
+	Schemes       []string
+	AllowLoopback bool
 }
 
 type TTLVConfig struct {
@@ -53,63 +37,25 @@ type TTLVConfig struct {
 	Now    func() time.Time
 }
 
-// BuildValidURLFuncs translates the configuration into a list of ValidURLFuncs
-// to be run on the webhook.
-func buildValidURLFuncs(config ValidatorConfig) ([]ValidURLFunc, error) {
-	var v []ValidURLFunc
-	v = append(v, GoodURLScheme(config.URL.HTTPSOnly))
-	if !config.URL.AllowLoopback {
-		v = append(v, RejectLoopback())
-	}
-	if !config.URL.AllowIP {
-		v = append(v, RejectAllIPs())
-	}
-	if !config.URL.AllowSpecialUseHosts {
-		config.URL.InvalidHosts = append(config.URL.InvalidHosts, SpecialUseHosts...)
+// BuildURLChecker translates the configuration into url Checker to be run on the webhook.
+func (config *ValidatorConfig) BuildURLChecker() (*urlegit.Checker, error) {
+	var o []urlegit.Option
+	if len(config.URL.Schemes) > 0 {
+		o = append(o, urlegit.OnlyAllowSchemes(config.URL.Schemes...))
 	}
-	if len(config.URL.InvalidHosts) > 0 {
-		v = append(v, RejectHosts(config.URL.InvalidHosts))
-	}
-	if !config.URL.AllowSpecialUseIPs {
-		config.URL.InvalidSubnets = append(config.URL.InvalidSubnets, SpecialUseIPs...)
-	}
-	if len(config.URL.InvalidSubnets) > 0 {
-		fInvalidSubnets, err := InvalidSubnets(config.URL.InvalidSubnets)
-		if err != nil {
-			return nil, fmt.Errorf("%w: %v", errFailedToBuildValidURLFuncs, err)
-		}
-		v = append(v, fInvalidSubnets)
-	}
-	return v, nil
-}
-
-// BuildValidators translates the configuration into a list of validators to be run on the
-// webhook.
-func BuildValidators(config ValidatorConfig) (Validators, error) {
-	v, err := buildValidURLFuncs(config)
-	if err != nil {
-		return nil, fmt.Errorf("%w: %v", errFailedToBuildValidators, err)
+	if !config.URL.AllowLoopback {
+		o = append(o, urlegit.ForbidLoopback())
 	}
-
-	vs := Validators{
-		GoodConfigURL(v),
-		GoodFailureURL(v),
-		GoodAlternativeURLs(v),
-		CheckEvents(),
-		CheckDeviceID(),
-		CheckUntilOrDurationExist(),
+	if !config.IP.Allow {
+		o = append(o, urlegit.ForbidAnyIPs())
 	}
-	fCheckDuration, err := CheckDuration(config.TTL.Max)
-	if err != nil {
-		return nil, fmt.Errorf("%w: %v", errFailedToBuildValidators, err)
+	if !config.Domain.AllowSpecialUseDomains {
+		o = append(o, urlegit.ForbidSpecialUseDomains())
 	}
-	vs = append(vs, fCheckDuration)
-
-	fCheckUntil, err := CheckUntil(config.TTL.Jitter, config.TTL.Max, config.TTL.Now)
+	checker, err := urlegit.New(o...)
 	if err != nil {
-		return nil, fmt.Errorf("%w: %v", errFailedToBuildValidators, err)
+		return nil, err
 	}
-	vs = append(vs, fCheckUntil)
+	return checker, nil
 
-	return vs, nil
 }