mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
41 lines
1.2 KiB
Go
41 lines
1.2 KiB
Go
|
package models
|
||
|
|
||
|
import (
|
||
|
"encoding/json"
|
||
|
"testing"
|
||
|
|
||
|
"github.com/stretchr/testify/assert"
|
||
|
"github.com/stretchr/testify/require"
|
||
|
)
|
||
|
|
||
|
/*
|
||
|
TestShouldOnlyMarshalPeriodAndDigitsAndAbsolutelyNeverSecret.
|
||
|
This test is vital to ensuring the TOTP configuration is marshalled correctly. If encoding/json suddenly changes
|
||
|
upstream and the json tag value of '-' doesn't exclude the field from marshalling then this test will pickup this
|
||
|
issue prior to code being shipped.
|
||
|
|
||
|
For this reason it's essential that the marshalled object contains all values populated, especially the secret.
|
||
|
*/
|
||
|
func TestShouldOnlyMarshalPeriodAndDigitsAndAbsolutelyNeverSecret(t *testing.T) {
|
||
|
object := TOTPConfiguration{
|
||
|
ID: 1,
|
||
|
Username: "john",
|
||
|
Issuer: "Authelia",
|
||
|
Algorithm: "SHA1",
|
||
|
Digits: 6,
|
||
|
Period: 30,
|
||
|
|
||
|
// DO NOT CHANGE THIS VALUE UNLESS YOU FULLY UNDERSTAND THE COMMENT AT THE TOP OF THIS TEST.
|
||
|
Secret: []byte("ABC123"),
|
||
|
}
|
||
|
|
||
|
data, err := json.Marshal(object)
|
||
|
assert.NoError(t, err)
|
||
|
|
||
|
assert.Equal(t, "{\"digits\":6,\"period\":30}", string(data))
|
||
|
|
||
|
// DO NOT REMOVE OR CHANGE THESE TESTS UNLESS YOU FULLY UNDERSTAND THE COMMENT AT THE TOP OF THIS TEST.
|
||
|
require.NotContains(t, string(data), "secret")
|
||
|
require.NotContains(t, string(data), "ABC123")
|
||
|
}
|