Adapt authentication methods configuration to be backward compatible

Prior version of configuration file can be used, the authentication methods
will be set to default values (two_factor as default method).
This commit is contained in:
Clement Michaud 2017-10-09 23:13:57 +02:00
parent bc8fe623df
commit 9624aa6311
5 changed files with 103 additions and 19 deletions

View File

@ -4,10 +4,11 @@ import {
AppConfiguration, UserConfiguration, NotifierConfiguration,
ACLConfiguration, LdapConfiguration, SessionRedisOptions,
MongoStorageConfiguration, LocalStorageConfiguration,
UserLdapConfiguration, AuthenticationMethodsConfiguration
UserLdapConfiguration
} from "./Configuration";
import Util = require("util");
import { ACLAdapter } from "./adapters/ACLAdapter";
import { AuthenticationMethodsAdapter } from "./adapters/AuthenticationMethodsAdapter";
const LDAP_URL_ENV_VARIABLE = "LDAP_URL";
@ -55,25 +56,16 @@ function adaptLdapConfiguration(userConfig: UserLdapConfiguration): LdapConfigur
};
}
function adaptAuthenticationMethods(authentication_methods: AuthenticationMethodsConfiguration)
: AuthenticationMethodsConfiguration {
if (!authentication_methods) {
return {
default_method: "two_factor",
per_subdomain_methods: {}
};
}
return authentication_methods;
}
function adaptFromUserConfiguration(userConfiguration: UserConfiguration): AppConfiguration {
function adaptFromUserConfiguration(userConfiguration: UserConfiguration)
: AppConfiguration {
ensure_key_existence(userConfiguration, "ldap");
ensure_key_existence(userConfiguration, "session.secret");
ensure_key_existence(userConfiguration, "regulation");
const port = userConfiguration.port || 8080;
const ldapConfiguration = adaptLdapConfiguration(userConfiguration.ldap);
const authenticationMethods = adaptAuthenticationMethods(userConfiguration.authentication_methods);
const authenticationMethods = AuthenticationMethodsAdapter
.adapt(userConfiguration.authentication_methods);
return {
port: port,

View File

@ -1,8 +1,5 @@
import { ACLConfiguration } from "../Configuration";
function clone(obj: any): any {
return JSON.parse(JSON.stringify(obj));
}
import { ObjectCloner } from "../../utils/ObjectCloner";
const DEFAULT_POLICY = "deny";
@ -32,7 +29,7 @@ export class ACLAdapter {
static adapt(configuration: ACLConfiguration): ACLConfiguration {
if (!configuration) return;
const newConfiguration: ACLConfiguration = clone(configuration);
const newConfiguration: ACLConfiguration = ObjectCloner.clone(configuration);
adaptDefaultPolicy(newConfiguration);
adaptAny(newConfiguration);
adaptGroups(newConfiguration);

View File

@ -0,0 +1,30 @@
import { AuthenticationMethodsConfiguration } from "../Configuration";
import { ObjectCloner } from "../../utils/ObjectCloner";
function clone(obj: any): any {
return JSON.parse(JSON.stringify(obj));
}
export class AuthenticationMethodsAdapter {
static adapt(authentication_methods: AuthenticationMethodsConfiguration)
: AuthenticationMethodsConfiguration {
if (!authentication_methods) {
return {
default_method: "two_factor",
per_subdomain_methods: {}
};
}
const newAuthMethods: AuthenticationMethodsConfiguration
= ObjectCloner.clone(authentication_methods);
if (!newAuthMethods.default_method)
newAuthMethods.default_method = "two_factor";
if (!newAuthMethods.per_subdomain_methods ||
newAuthMethods.per_subdomain_methods.constructor !== Object)
newAuthMethods.per_subdomain_methods = {};
return newAuthMethods;
}
}

View File

@ -0,0 +1,6 @@
export class ObjectCloner {
static clone(obj: any): any {
return JSON.parse(JSON.stringify(obj));
}
}

View File

@ -0,0 +1,59 @@
import { AuthenticationMethodsAdapter } from "../../../src/lib/configuration/adapters/AuthenticationMethodsAdapter";
import Assert = require("assert");
describe("test authentication methods configuration adapter", function () {
describe("no authentication methods defined", function () {
it("should adapt a configuration when no authentication methods config is defined", function () {
const userConfiguration: any = undefined;
const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
Assert.deepStrictEqual(appConfiguration, {
default_method: "two_factor",
per_subdomain_methods: {}
});
});
});
describe("partial authentication methods config", function() {
it("should adapt a configuration when default_method is not defined", function () {
const userConfiguration: any = {
per_subdomain_methods: {
"example.com": "basic_auth"
}
};
const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
Assert.deepStrictEqual(appConfiguration, {
default_method: "two_factor",
per_subdomain_methods: {
"example.com": "basic_auth"
}
});
});
it("should adapt a configuration when per_subdomain_methods is not defined", function () {
const userConfiguration: any = {
default_method: "basic_auth"
};
const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
Assert.deepStrictEqual(appConfiguration, {
default_method: "basic_auth",
per_subdomain_methods: {}
});
});
it("should adapt a configuration when per_subdomain_methods has wrong type", function () {
const userConfiguration: any = {
default_method: "basic_auth",
per_subdomain_methods: []
};
const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
Assert.deepStrictEqual(appConfiguration, {
default_method: "basic_auth",
per_subdomain_methods: {}
});
});
});
});