From a2aac79ce250cb21fcafaead0830614266b9f310 Mon Sep 17 00:00:00 2001
From: Jared Snider <jsnider@bitwarden.com>
Date: Fri, 9 Dec 2022 16:49:57 -0500
Subject: [PATCH] SG-680 - Domain Name Custom Reactive forms validator refactor
 - swapped to regex to support proper domain format (which now enforces the
 requirement of a .com or similar)

---
 .../domain-name.validator.ts                  | 28 +++++++++++++------
 1 file changed, 19 insertions(+), 9 deletions(-)

diff --git a/bitwarden_license/bit-web/src/app/organizations/manage/domain-verification/domain-add-edit-dialog/domain-name.validator.ts b/bitwarden_license/bit-web/src/app/organizations/manage/domain-verification/domain-add-edit-dialog/domain-name.validator.ts
index 92fd8513860..1f054bcaf69 100644
--- a/bitwarden_license/bit-web/src/app/organizations/manage/domain-verification/domain-add-edit-dialog/domain-name.validator.ts
+++ b/bitwarden_license/bit-web/src/app/organizations/manage/domain-verification/domain-add-edit-dialog/domain-name.validator.ts
@@ -8,16 +8,26 @@ export function domainNameValidator(errorMessage: string): ValidatorFn {
       return null;
     }
 
-    const forbiddenPatterns = [/^https:\/\//, /^http:\/\//, /^www\./];
-    for (const pattern of forbiddenPatterns) {
-      if (pattern.test(control.value)) {
-        return {
-          invalidDomainName: {
-            message: errorMessage,
-          },
-        };
-      }
+    // Domain labels (sections) are only allowed to be 63 chars in length max
+    // 1st and last chars cannot be hyphens per RFC 3696 (https://www.rfc-editor.org/rfc/rfc3696#section-2)
+
+    // /^[a-zA-Z0-9]         # The domain name must start with a letter or a number
+    // [a-zA-Z0-9-]{1,61}    # The domain name can have one to 61 characters that are letters, numbers, or hyphens
+    // [a-zA-Z0-9]           # The domain name must end with a letter or a number
+    // \.[a-zA-Z]{2,}$/      # The domain name must have a period followed by at least two letters (the domain extension)
+
+    const domainNameRegex = /^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9]\.[a-zA-Z]{2,}$/;
+
+    const invalid = !domainNameRegex.test(control.value);
+
+    if (invalid) {
+      return {
+        invalidDomainName: {
+          message: errorMessage,
+        },
+      };
     }
+
     return null;
   };
 }