From 920fc1aeb68b5288f667368440af592b4ceb540c Mon Sep 17 00:00:00 2001
From: William Petit <wpetit@cadoles.com>
Date: Wed, 22 May 2024 15:13:39 +0200
Subject: [PATCH] fix(authn-network): handles r.RemoteAddr without port

---
 .../director/layer/authn/network/authenticator.go     | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/internal/proxy/director/layer/authn/network/authenticator.go b/internal/proxy/director/layer/authn/network/authenticator.go
index f32cd7c..1dd8351 100644
--- a/internal/proxy/director/layer/authn/network/authenticator.go
+++ b/internal/proxy/director/layer/authn/network/authenticator.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"net"
 	"net/http"
+	"strings"
 
 	"forge.cadoles.com/cadoles/bouncer/internal/proxy/director/layer/authn"
 	"forge.cadoles.com/cadoles/bouncer/internal/store"
@@ -49,9 +50,13 @@ func (a *Authenticator) Authenticate(w http.ResponseWriter, r *http.Request, lay
 }
 
 func (a *Authenticator) matchAnyAuthorizedCIDRs(ctx context.Context, remoteHostPort string, CIDRs []string) (bool, error) {
-	remoteHost, _, err := net.SplitHostPort(remoteHostPort)
-	if err != nil {
-		return false, errors.WithStack(err)
+	var remoteHost string
+	if strings.Contains(remoteHostPort, ":") {
+		var err error
+		remoteHost, _, err = net.SplitHostPort(remoteHostPort)
+		if err != nil {
+			return false, errors.WithStack(err)
+		}
 	}
 
 	remoteAddr := net.ParseIP(remoteHost)