mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
Adapt authentication methods configuration to be backward compatible
Prior version of configuration file can be used, the authentication methods will be set to default values (two_factor as default method).
This commit is contained in:
parent
bc8fe623df
commit
9624aa6311
|
@ -4,10 +4,11 @@ import {
|
||||||
AppConfiguration, UserConfiguration, NotifierConfiguration,
|
AppConfiguration, UserConfiguration, NotifierConfiguration,
|
||||||
ACLConfiguration, LdapConfiguration, SessionRedisOptions,
|
ACLConfiguration, LdapConfiguration, SessionRedisOptions,
|
||||||
MongoStorageConfiguration, LocalStorageConfiguration,
|
MongoStorageConfiguration, LocalStorageConfiguration,
|
||||||
UserLdapConfiguration, AuthenticationMethodsConfiguration
|
UserLdapConfiguration
|
||||||
} from "./Configuration";
|
} from "./Configuration";
|
||||||
import Util = require("util");
|
import Util = require("util");
|
||||||
import { ACLAdapter } from "./adapters/ACLAdapter";
|
import { ACLAdapter } from "./adapters/ACLAdapter";
|
||||||
|
import { AuthenticationMethodsAdapter } from "./adapters/AuthenticationMethodsAdapter";
|
||||||
|
|
||||||
const LDAP_URL_ENV_VARIABLE = "LDAP_URL";
|
const LDAP_URL_ENV_VARIABLE = "LDAP_URL";
|
||||||
|
|
||||||
|
@ -55,25 +56,16 @@ function adaptLdapConfiguration(userConfig: UserLdapConfiguration): LdapConfigur
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
function adaptAuthenticationMethods(authentication_methods: AuthenticationMethodsConfiguration)
|
function adaptFromUserConfiguration(userConfiguration: UserConfiguration)
|
||||||
: AuthenticationMethodsConfiguration {
|
: AppConfiguration {
|
||||||
if (!authentication_methods) {
|
|
||||||
return {
|
|
||||||
default_method: "two_factor",
|
|
||||||
per_subdomain_methods: {}
|
|
||||||
};
|
|
||||||
}
|
|
||||||
return authentication_methods;
|
|
||||||
}
|
|
||||||
|
|
||||||
function adaptFromUserConfiguration(userConfiguration: UserConfiguration): AppConfiguration {
|
|
||||||
ensure_key_existence(userConfiguration, "ldap");
|
ensure_key_existence(userConfiguration, "ldap");
|
||||||
ensure_key_existence(userConfiguration, "session.secret");
|
ensure_key_existence(userConfiguration, "session.secret");
|
||||||
ensure_key_existence(userConfiguration, "regulation");
|
ensure_key_existence(userConfiguration, "regulation");
|
||||||
|
|
||||||
const port = userConfiguration.port || 8080;
|
const port = userConfiguration.port || 8080;
|
||||||
const ldapConfiguration = adaptLdapConfiguration(userConfiguration.ldap);
|
const ldapConfiguration = adaptLdapConfiguration(userConfiguration.ldap);
|
||||||
const authenticationMethods = adaptAuthenticationMethods(userConfiguration.authentication_methods);
|
const authenticationMethods = AuthenticationMethodsAdapter
|
||||||
|
.adapt(userConfiguration.authentication_methods);
|
||||||
|
|
||||||
return {
|
return {
|
||||||
port: port,
|
port: port,
|
||||||
|
|
|
@ -1,8 +1,5 @@
|
||||||
import { ACLConfiguration } from "../Configuration";
|
import { ACLConfiguration } from "../Configuration";
|
||||||
|
import { ObjectCloner } from "../../utils/ObjectCloner";
|
||||||
function clone(obj: any): any {
|
|
||||||
return JSON.parse(JSON.stringify(obj));
|
|
||||||
}
|
|
||||||
|
|
||||||
const DEFAULT_POLICY = "deny";
|
const DEFAULT_POLICY = "deny";
|
||||||
|
|
||||||
|
@ -32,7 +29,7 @@ export class ACLAdapter {
|
||||||
static adapt(configuration: ACLConfiguration): ACLConfiguration {
|
static adapt(configuration: ACLConfiguration): ACLConfiguration {
|
||||||
if (!configuration) return;
|
if (!configuration) return;
|
||||||
|
|
||||||
const newConfiguration: ACLConfiguration = clone(configuration);
|
const newConfiguration: ACLConfiguration = ObjectCloner.clone(configuration);
|
||||||
adaptDefaultPolicy(newConfiguration);
|
adaptDefaultPolicy(newConfiguration);
|
||||||
adaptAny(newConfiguration);
|
adaptAny(newConfiguration);
|
||||||
adaptGroups(newConfiguration);
|
adaptGroups(newConfiguration);
|
||||||
|
|
|
@ -0,0 +1,30 @@
|
||||||
|
import { AuthenticationMethodsConfiguration } from "../Configuration";
|
||||||
|
import { ObjectCloner } from "../../utils/ObjectCloner";
|
||||||
|
|
||||||
|
function clone(obj: any): any {
|
||||||
|
return JSON.parse(JSON.stringify(obj));
|
||||||
|
}
|
||||||
|
|
||||||
|
export class AuthenticationMethodsAdapter {
|
||||||
|
static adapt(authentication_methods: AuthenticationMethodsConfiguration)
|
||||||
|
: AuthenticationMethodsConfiguration {
|
||||||
|
if (!authentication_methods) {
|
||||||
|
return {
|
||||||
|
default_method: "two_factor",
|
||||||
|
per_subdomain_methods: {}
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
const newAuthMethods: AuthenticationMethodsConfiguration
|
||||||
|
= ObjectCloner.clone(authentication_methods);
|
||||||
|
|
||||||
|
if (!newAuthMethods.default_method)
|
||||||
|
newAuthMethods.default_method = "two_factor";
|
||||||
|
|
||||||
|
if (!newAuthMethods.per_subdomain_methods ||
|
||||||
|
newAuthMethods.per_subdomain_methods.constructor !== Object)
|
||||||
|
newAuthMethods.per_subdomain_methods = {};
|
||||||
|
|
||||||
|
return newAuthMethods;
|
||||||
|
}
|
||||||
|
}
|
6
server/src/lib/utils/ObjectCloner.ts
Normal file
6
server/src/lib/utils/ObjectCloner.ts
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
|
||||||
|
export class ObjectCloner {
|
||||||
|
static clone(obj: any): any {
|
||||||
|
return JSON.parse(JSON.stringify(obj));
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,59 @@
|
||||||
|
import { AuthenticationMethodsAdapter } from "../../../src/lib/configuration/adapters/AuthenticationMethodsAdapter";
|
||||||
|
import Assert = require("assert");
|
||||||
|
|
||||||
|
describe("test authentication methods configuration adapter", function () {
|
||||||
|
describe("no authentication methods defined", function () {
|
||||||
|
it("should adapt a configuration when no authentication methods config is defined", function () {
|
||||||
|
const userConfiguration: any = undefined;
|
||||||
|
|
||||||
|
const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
|
||||||
|
Assert.deepStrictEqual(appConfiguration, {
|
||||||
|
default_method: "two_factor",
|
||||||
|
per_subdomain_methods: {}
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
describe("partial authentication methods config", function() {
|
||||||
|
it("should adapt a configuration when default_method is not defined", function () {
|
||||||
|
const userConfiguration: any = {
|
||||||
|
per_subdomain_methods: {
|
||||||
|
"example.com": "basic_auth"
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
|
||||||
|
Assert.deepStrictEqual(appConfiguration, {
|
||||||
|
default_method: "two_factor",
|
||||||
|
per_subdomain_methods: {
|
||||||
|
"example.com": "basic_auth"
|
||||||
|
}
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
it("should adapt a configuration when per_subdomain_methods is not defined", function () {
|
||||||
|
const userConfiguration: any = {
|
||||||
|
default_method: "basic_auth"
|
||||||
|
};
|
||||||
|
|
||||||
|
const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
|
||||||
|
Assert.deepStrictEqual(appConfiguration, {
|
||||||
|
default_method: "basic_auth",
|
||||||
|
per_subdomain_methods: {}
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
it("should adapt a configuration when per_subdomain_methods has wrong type", function () {
|
||||||
|
const userConfiguration: any = {
|
||||||
|
default_method: "basic_auth",
|
||||||
|
per_subdomain_methods: []
|
||||||
|
};
|
||||||
|
|
||||||
|
const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
|
||||||
|
Assert.deepStrictEqual(appConfiguration, {
|
||||||
|
default_method: "basic_auth",
|
||||||
|
per_subdomain_methods: {}
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
Loading…
Reference in New Issue
Block a user