mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
99 lines
3.5 KiB
Go
99 lines
3.5 KiB
Go
|
package validator
|
||
|
|
||
|
import (
|
||
|
"testing"
|
||
|
"time"
|
||
|
|
||
|
"github.com/duo-labs/webauthn/protocol"
|
||
|
"github.com/stretchr/testify/assert"
|
||
|
"github.com/stretchr/testify/require"
|
||
|
|
||
|
"github.com/authelia/authelia/v4/internal/configuration/schema"
|
||
|
)
|
||
|
|
||
|
func TestWebauthnShouldSetDefaultValues(t *testing.T) {
|
||
|
validator := schema.NewStructValidator()
|
||
|
config := &schema.Configuration{
|
||
|
Webauthn: schema.WebauthnConfiguration{},
|
||
|
}
|
||
|
|
||
|
ValidateWebauthn(config, validator)
|
||
|
|
||
|
require.Len(t, validator.Errors(), 0)
|
||
|
assert.Equal(t, schema.DefaultWebauthnConfiguration.DisplayName, config.Webauthn.DisplayName)
|
||
|
assert.Equal(t, schema.DefaultWebauthnConfiguration.Timeout, config.Webauthn.Timeout)
|
||
|
assert.Equal(t, schema.DefaultWebauthnConfiguration.ConveyancePreference, config.Webauthn.ConveyancePreference)
|
||
|
assert.Equal(t, schema.DefaultWebauthnConfiguration.UserVerification, config.Webauthn.UserVerification)
|
||
|
}
|
||
|
|
||
|
func TestWebauthnShouldSetDefaultTimeoutWhenNegative(t *testing.T) {
|
||
|
validator := schema.NewStructValidator()
|
||
|
config := &schema.Configuration{
|
||
|
Webauthn: schema.WebauthnConfiguration{
|
||
|
Timeout: -1,
|
||
|
},
|
||
|
}
|
||
|
|
||
|
ValidateWebauthn(config, validator)
|
||
|
|
||
|
require.Len(t, validator.Errors(), 0)
|
||
|
assert.Equal(t, schema.DefaultWebauthnConfiguration.Timeout, config.Webauthn.Timeout)
|
||
|
}
|
||
|
|
||
|
func TestWebauthnShouldNotSetDefaultValuesWhenConfigured(t *testing.T) {
|
||
|
validator := schema.NewStructValidator()
|
||
|
config := &schema.Configuration{
|
||
|
Webauthn: schema.WebauthnConfiguration{
|
||
|
DisplayName: "Test",
|
||
|
Timeout: time.Second * 50,
|
||
|
ConveyancePreference: protocol.PreferNoAttestation,
|
||
|
UserVerification: protocol.VerificationDiscouraged,
|
||
|
},
|
||
|
}
|
||
|
|
||
|
ValidateWebauthn(config, validator)
|
||
|
|
||
|
require.Len(t, validator.Errors(), 0)
|
||
|
assert.Equal(t, "Test", config.Webauthn.DisplayName)
|
||
|
assert.Equal(t, time.Second*50, config.Webauthn.Timeout)
|
||
|
assert.Equal(t, protocol.PreferNoAttestation, config.Webauthn.ConveyancePreference)
|
||
|
assert.Equal(t, protocol.VerificationDiscouraged, config.Webauthn.UserVerification)
|
||
|
|
||
|
config.Webauthn.ConveyancePreference = protocol.PreferIndirectAttestation
|
||
|
config.Webauthn.UserVerification = protocol.VerificationPreferred
|
||
|
|
||
|
ValidateWebauthn(config, validator)
|
||
|
|
||
|
require.Len(t, validator.Errors(), 0)
|
||
|
assert.Equal(t, protocol.PreferIndirectAttestation, config.Webauthn.ConveyancePreference)
|
||
|
assert.Equal(t, protocol.VerificationPreferred, config.Webauthn.UserVerification)
|
||
|
|
||
|
config.Webauthn.ConveyancePreference = protocol.PreferDirectAttestation
|
||
|
config.Webauthn.UserVerification = protocol.VerificationRequired
|
||
|
|
||
|
ValidateWebauthn(config, validator)
|
||
|
|
||
|
require.Len(t, validator.Errors(), 0)
|
||
|
assert.Equal(t, protocol.PreferDirectAttestation, config.Webauthn.ConveyancePreference)
|
||
|
assert.Equal(t, protocol.VerificationRequired, config.Webauthn.UserVerification)
|
||
|
}
|
||
|
|
||
|
func TestWebauthnShouldRaiseErrorsOnInvalidOptions(t *testing.T) {
|
||
|
validator := schema.NewStructValidator()
|
||
|
config := &schema.Configuration{
|
||
|
Webauthn: schema.WebauthnConfiguration{
|
||
|
DisplayName: "Test",
|
||
|
Timeout: time.Second * 50,
|
||
|
ConveyancePreference: "no",
|
||
|
UserVerification: "yes",
|
||
|
},
|
||
|
}
|
||
|
|
||
|
ValidateWebauthn(config, validator)
|
||
|
|
||
|
require.Len(t, validator.Errors(), 2)
|
||
|
|
||
|
assert.EqualError(t, validator.Errors()[0], "webauthn: option 'attestation_conveyance_preference' must be one of 'none', 'indirect', 'direct' but it is configured as 'no'")
|
||
|
assert.EqualError(t, validator.Errors()[1], "webauthn: option 'user_verification' must be one of 'discouraged', 'preferred', 'required' but it is configured as 'yes'")
|
||
|
}
|