From 9cbe43862bf27a646c3b4a233e403562e92cd421 Mon Sep 17 00:00:00 2001
From: ljf <ljf+yunohost@grimaud.me>
Date: Sun, 24 Jun 2018 16:04:26 +0200
Subject: [PATCH 1/4] [enh] Add PCRE regex support

---
 access.lua | 27 ++++++++++++++++++---------
 1 file changed, 18 insertions(+), 9 deletions(-)

diff --git a/access.lua b/access.lua
index 8148874..cd32e0b 100644
--- a/access.lua
+++ b/access.lua
@@ -22,6 +22,9 @@ local conf = config.get_config()
 -- Import helpers
 local hlp = require "helpers"
 
+-- Import Perl regular expressions library
+local rex = require "rex_pcre"
+
 -- Just a note for the client to know that he passed through the SSO
 ngx.header["X-SSO-WAT"] = "You've just been SSOed"
 
@@ -185,6 +188,12 @@ end
 -- If the URL matches one of the `redirected_urls` in the configuration file,
 -- just redirect to the target URL/URI
 --
+function match(s, regex)
+    if rex.match(s, regex) or string.match(s,regex) then
+        return true
+    end
+    return false
+end
 
 function detect_redirection(redirect_url)
     if hlp.string.starts(redirect_url, "http://")
@@ -209,9 +218,9 @@ end
 
 if conf["redirected_regex"] then
     for regex, redirect_url in pairs(conf["redirected_regex"]) do
-        if string.match(ngx.var.host..ngx.var.uri..hlp.uri_args_string(), regex)
-        or string.match(ngx.var.scheme.."://"..ngx.var.host..ngx.var.uri..hlp.uri_args_string(), regex)
-        or string.match(ngx.var.uri..hlp.uri_args_string(), regex) then
+        if match(ngx.var.host..ngx.var.uri..hlp.uri_args_string(), regex)
+        or match(ngx.var.scheme.."://"..ngx.var.host..ngx.var.uri..hlp.uri_args_string(), regex)
+        or match(ngx.var.uri..hlp.uri_args_string(), regex) then
             detect_redirection(redirect_url)
         end
     end
@@ -242,8 +251,8 @@ function is_protected()
         end
     end
     for _, regex in ipairs(conf["protected_regex"]) do
-        if string.match(ngx.var.host..ngx.var.uri..hlp.uri_args_string(), regex)
-        or string.match(ngx.var.uri..hlp.uri_args_string(), regex) then
+        if match(ngx.var.host..ngx.var.uri..hlp.uri_args_string(), regex)
+        or match(ngx.var.uri..hlp.uri_args_string(), regex) then
             return true
         end
     end
@@ -272,8 +281,8 @@ end
 
 if conf["skipped_regex"] then
     for _, regex in ipairs(conf["skipped_regex"]) do
-        if (string.match(ngx.var.host..ngx.var.uri..hlp.uri_args_string(), regex)
-        or  string.match(ngx.var.uri..hlp.uri_args_string(), regex))
+        if (match(ngx.var.host..ngx.var.uri..hlp.uri_args_string(), regex)
+        or  match(ngx.var.uri..hlp.uri_args_string(), regex))
         and not is_protected() then
             return hlp.pass()
         end
@@ -341,8 +350,8 @@ end
 
 if conf["unprotected_regex"] then
     for _, regex in ipairs(conf["unprotected_regex"]) do
-        if (string.match(ngx.var.host..ngx.var.uri..hlp.uri_args_string(), regex)
-        or  string.match(ngx.var.uri..hlp.uri_args_string(), regex))
+        if (match(ngx.var.host..ngx.var.uri..hlp.uri_args_string(), regex)
+        or  match(ngx.var.uri..hlp.uri_args_string(), regex))
         and not is_protected() then
             if hlp.is_logged_in() then
                 hlp.set_headers()

From b90153a5ca116bd69c03e4a6d4b9c6cc6c3b8d00 Mon Sep 17 00:00:00 2001
From: ljf <ljf+yunohost@grimaud.me>
Date: Sun, 24 Jun 2018 20:44:28 +0200
Subject: [PATCH 2/4] [enh] Add comment about lua pattern deprecated

---
 access.lua | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/access.lua b/access.lua
index cd32e0b..b2e510b 100644
--- a/access.lua
+++ b/access.lua
@@ -188,6 +188,8 @@ end
 -- If the URL matches one of the `redirected_urls` in the configuration file,
 -- just redirect to the target URL/URI
 --
+-- A match function to support PCRE and lua pattern
+-- lua pattern will be deprecated in YunoHost
 function match(s, regex)
     if rex.match(s, regex) or string.match(s,regex) then
         return true

From c3a93803619e5c63caca1d2b81f87e722b71211d Mon Sep 17 00:00:00 2001
From: "ljf (zamentur)" <zamentur@users.noreply.github.com>
Date: Thu, 13 Dec 2018 23:23:10 +0100
Subject: [PATCH 3/4] [fix] PCRE choice if no %. in url regex

---
 access.lua | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/access.lua b/access.lua
index b2e510b..62e2647 100644
--- a/access.lua
+++ b/access.lua
@@ -191,7 +191,11 @@ end
 -- A match function to support PCRE and lua pattern
 -- lua pattern will be deprecated in YunoHost
 function match(s, regex)
-    if rex.match(s, regex) or string.match(s,regex) then
+    if not string.find(regex, '%%%.') then
+        if rex.match(s, regex) then
+            return true
+        end
+    elseif string.match(s,regex)  then
         return true
     end
     return false

From 7dc84973df643c9f15628e623786ac6c9810a316 Mon Sep 17 00:00:00 2001
From: Alexandre Aubin <alex.aubin@mailoo.org>
Date: Fri, 14 Dec 2018 00:31:54 +0100
Subject: [PATCH 4/4] Improve comment

---
 access.lua | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/access.lua b/access.lua
index 62e2647..a5fcc30 100644
--- a/access.lua
+++ b/access.lua
@@ -188,14 +188,14 @@ end
 -- If the URL matches one of the `redirected_urls` in the configuration file,
 -- just redirect to the target URL/URI
 --
--- A match function to support PCRE and lua pattern
--- lua pattern will be deprecated in YunoHost
+-- A match function that uses PCRE regex as default
+-- If '%.' is found in the regex, we assume it's a LUA regex (legacy code)
 function match(s, regex)
     if not string.find(regex, '%%%.') then
         if rex.match(s, regex) then
             return true
         end
-    elseif string.match(s,regex)  then
+    elseif string.match(s,regex) then
         return true
     end
     return false