fix(authn-network): handles r.RemoteAddr without port

go.mod

@@ -131,7 +131,7 @@ require (
 	github.com/urfave/cli/v2 v2.25.3
 	github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect
 	gitlab.com/wpetit/goweb v0.0.0-20240226160244-6b2826c79f88
-	golang.org/x/crypto v0.19.0 // indirect
+	golang.org/x/crypto v0.19.0
 	golang.org/x/mod v0.14.0 // indirect
 	golang.org/x/sys v0.17.0 // indirect
 	golang.org/x/term v0.17.0 // indirect

internal/proxy/director/layer/authn/layer-options.json

@@ -43,5 +43,6 @@
                 }
             }
         }
-    }
+    },
+    "additionalProperties": false
 }

internal/proxy/director/layer/authn/network/authenticator.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"net"
 	"net/http"
+	"strings"
 
 	"forge.cadoles.com/cadoles/bouncer/internal/proxy/director/layer/authn"
 	"forge.cadoles.com/cadoles/bouncer/internal/store"
@@ -49,10 +50,14 @@ func (a *Authenticator) Authenticate(w http.ResponseWriter, r *http.Request, lay
 }
 
 func (a *Authenticator) matchAnyAuthorizedCIDRs(ctx context.Context, remoteHostPort string, CIDRs []string) (bool, error) {
-	remoteHost, _, err := net.SplitHostPort(remoteHostPort)
+	var remoteHost string
+	if strings.Contains(remoteHostPort, ":") {
+		var err error
+		remoteHost, _, err = net.SplitHostPort(remoteHostPort)
 		if err != nil {
 			return false, errors.WithStack(err)
 		}
+	}
 
 	remoteAddr := net.ParseIP(remoteHost)
 	if remoteAddr == nil {