[Fix] scope detection

2026-06-04 05:01:51 +09:00 · 2025-06-26 12:40:14 +09:00 · 2025-06-26 12:40:14 +09:00 · 53db0fb14e
commit 53db0fb14e
parent 3a1422a2f2
1 changed files with 23 additions and 26 deletions
--- a/addon/scope_detection.py
+++ b/addon/scope_detection.py
@ -1,12 +1,12 @@
-import lib.cur_target_url as cur_target_url
 from lib.report_vuln import report_vuln
+from lib.utils.is_oauth_uri import is_oauth_uri
+from urllib.parse import urlparse, parse_qs

 class ScopeDetection:
    def get_scope_from_query(self, query: str) -> str | None:
        if not query:
            return None
-        import urllib.parse
-        parsed = urllib.parse.parse_qs(query)
+        parsed = parse_qs(query)
        scope_values = parsed.get("scope", [])
        if scope_values:
            return scope_values[0]
@ -16,36 +16,33 @@ class ScopeDetection:
        req = flow.request
        res = flow.response

-        # req.query가 MultiDictView일 수 있으므로 문자열로 변환
-        if hasattr(req.query, "urlencode"):
-            query = req.query.urlencode()
-        else:
-            query = str(req.query) if req.query else ""
+        parsed = urlparse(req.pretty_url)
+        query = parsed.query

-        location = res.headers.get("location", "")
+        location = res.headers.get("Location", "")
+        location_query = urlparse(location).query

        query_scope = self.get_scope_from_query(query)
-        location_scope = self.get_scope_from_query(location)
+        location_scope = self.get_scope_from_query(location_query)

-        result = []
        if query_scope in ["all", "*"]:
-            result.append(f"Scope value issue detected in request: {query_scope}")
-        if location_scope in ["all", "*"]:
-            result.append(f"Scope value issue detected in response location: {location_scope}")
-
-        return result if result else 0
-
-    async def test(self, flow):
-        req = flow.request
-        method = req.method
-        url = req.pretty_url
-
-        result = await self.check_scope(flow)
-
-        if result != 0:
            report_vuln(
                title="OAuth Scope Value Issue",
-                desc=f"Detected scope value issue in {method} {url}: {', '.join(result)}",
+                desc=f"Scope value issue detected in request: {query_scope}",
                status="WARNING",
-                uri=url
+                uri=req.pretty_url
            )
+        if location_scope in ["all", "*"]:
+            report_vuln(
+                title="OAuth Scope Value Issue",
+                desc=f"Scope value issue detected in response location: {location_scope}",
+                status="WARNING",
+                uri=location
+            )
+
+    async def test(self, flow):
+        
+        if not is_oauth_uri(flow.request.pretty_url):
+            return
+
+        await self.check_scope(flow)