From ec18a6cacd19cb11b17b615f33d587a4425a03b7 Mon Sep 17 00:00:00 2001
From: F04C <israeldarrel01@gmail.com>
Date: Wed, 7 Jan 2026 13:20:24 +0800
Subject: [PATCH] added whitelisting of redirect

---
 handlers/redirect.go | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 handlers/redirect.go

diff --git a/handlers/redirect.go b/handlers/redirect.go
new file mode 100644
index 0000000..ccedb7b
--- /dev/null
+++ b/handlers/redirect.go
@@ -0,0 +1,21 @@
+package handlers
+
+import (
+	"os"
+	"strings"
+)
+
+func IsAllowedRedirectURI(uri string) bool {
+	allowedRedirectURIsEnv := os.Getenv("ALLOWED_REDIRECT_URIS")
+	if allowedRedirectURIsEnv == "" {
+		return false
+	}
+
+	allowedRedirectURIs := strings.Split(allowedRedirectURIsEnv, ",")
+	for _, allowed := range allowedRedirectURIs {
+		if uri == strings.TrimSpace(allowed) { // Exact match only
+			return true
+		}
+	}
+	return false
+}