mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
Adapt authentication methods configuration to be backward compatible
Prior version of configuration file can be used, the authentication methods will be set to default values (two_factor as default method).
This commit is contained in:
parent
bc8fe623df
commit
9624aa6311
|
@ -4,10 +4,11 @@ import {
|
|||
AppConfiguration, UserConfiguration, NotifierConfiguration,
|
||||
ACLConfiguration, LdapConfiguration, SessionRedisOptions,
|
||||
MongoStorageConfiguration, LocalStorageConfiguration,
|
||||
UserLdapConfiguration, AuthenticationMethodsConfiguration
|
||||
UserLdapConfiguration
|
||||
} from "./Configuration";
|
||||
import Util = require("util");
|
||||
import { ACLAdapter } from "./adapters/ACLAdapter";
|
||||
import { AuthenticationMethodsAdapter } from "./adapters/AuthenticationMethodsAdapter";
|
||||
|
||||
const LDAP_URL_ENV_VARIABLE = "LDAP_URL";
|
||||
|
||||
|
@ -55,25 +56,16 @@ function adaptLdapConfiguration(userConfig: UserLdapConfiguration): LdapConfigur
|
|||
};
|
||||
}
|
||||
|
||||
function adaptAuthenticationMethods(authentication_methods: AuthenticationMethodsConfiguration)
|
||||
: AuthenticationMethodsConfiguration {
|
||||
if (!authentication_methods) {
|
||||
return {
|
||||
default_method: "two_factor",
|
||||
per_subdomain_methods: {}
|
||||
};
|
||||
}
|
||||
return authentication_methods;
|
||||
}
|
||||
|
||||
function adaptFromUserConfiguration(userConfiguration: UserConfiguration): AppConfiguration {
|
||||
function adaptFromUserConfiguration(userConfiguration: UserConfiguration)
|
||||
: AppConfiguration {
|
||||
ensure_key_existence(userConfiguration, "ldap");
|
||||
ensure_key_existence(userConfiguration, "session.secret");
|
||||
ensure_key_existence(userConfiguration, "regulation");
|
||||
|
||||
const port = userConfiguration.port || 8080;
|
||||
const ldapConfiguration = adaptLdapConfiguration(userConfiguration.ldap);
|
||||
const authenticationMethods = adaptAuthenticationMethods(userConfiguration.authentication_methods);
|
||||
const authenticationMethods = AuthenticationMethodsAdapter
|
||||
.adapt(userConfiguration.authentication_methods);
|
||||
|
||||
return {
|
||||
port: port,
|
||||
|
|
|
@ -1,8 +1,5 @@
|
|||
import { ACLConfiguration } from "../Configuration";
|
||||
|
||||
function clone(obj: any): any {
|
||||
return JSON.parse(JSON.stringify(obj));
|
||||
}
|
||||
import { ObjectCloner } from "../../utils/ObjectCloner";
|
||||
|
||||
const DEFAULT_POLICY = "deny";
|
||||
|
||||
|
@ -32,7 +29,7 @@ export class ACLAdapter {
|
|||
static adapt(configuration: ACLConfiguration): ACLConfiguration {
|
||||
if (!configuration) return;
|
||||
|
||||
const newConfiguration: ACLConfiguration = clone(configuration);
|
||||
const newConfiguration: ACLConfiguration = ObjectCloner.clone(configuration);
|
||||
adaptDefaultPolicy(newConfiguration);
|
||||
adaptAny(newConfiguration);
|
||||
adaptGroups(newConfiguration);
|
||||
|
|
|
@ -0,0 +1,30 @@
|
|||
import { AuthenticationMethodsConfiguration } from "../Configuration";
|
||||
import { ObjectCloner } from "../../utils/ObjectCloner";
|
||||
|
||||
function clone(obj: any): any {
|
||||
return JSON.parse(JSON.stringify(obj));
|
||||
}
|
||||
|
||||
export class AuthenticationMethodsAdapter {
|
||||
static adapt(authentication_methods: AuthenticationMethodsConfiguration)
|
||||
: AuthenticationMethodsConfiguration {
|
||||
if (!authentication_methods) {
|
||||
return {
|
||||
default_method: "two_factor",
|
||||
per_subdomain_methods: {}
|
||||
};
|
||||
}
|
||||
|
||||
const newAuthMethods: AuthenticationMethodsConfiguration
|
||||
= ObjectCloner.clone(authentication_methods);
|
||||
|
||||
if (!newAuthMethods.default_method)
|
||||
newAuthMethods.default_method = "two_factor";
|
||||
|
||||
if (!newAuthMethods.per_subdomain_methods ||
|
||||
newAuthMethods.per_subdomain_methods.constructor !== Object)
|
||||
newAuthMethods.per_subdomain_methods = {};
|
||||
|
||||
return newAuthMethods;
|
||||
}
|
||||
}
|
6
server/src/lib/utils/ObjectCloner.ts
Normal file
6
server/src/lib/utils/ObjectCloner.ts
Normal file
|
@ -0,0 +1,6 @@
|
|||
|
||||
export class ObjectCloner {
|
||||
static clone(obj: any): any {
|
||||
return JSON.parse(JSON.stringify(obj));
|
||||
}
|
||||
}
|
|
@ -0,0 +1,59 @@
|
|||
import { AuthenticationMethodsAdapter } from "../../../src/lib/configuration/adapters/AuthenticationMethodsAdapter";
|
||||
import Assert = require("assert");
|
||||
|
||||
describe("test authentication methods configuration adapter", function () {
|
||||
describe("no authentication methods defined", function () {
|
||||
it("should adapt a configuration when no authentication methods config is defined", function () {
|
||||
const userConfiguration: any = undefined;
|
||||
|
||||
const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
|
||||
Assert.deepStrictEqual(appConfiguration, {
|
||||
default_method: "two_factor",
|
||||
per_subdomain_methods: {}
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
describe("partial authentication methods config", function() {
|
||||
it("should adapt a configuration when default_method is not defined", function () {
|
||||
const userConfiguration: any = {
|
||||
per_subdomain_methods: {
|
||||
"example.com": "basic_auth"
|
||||
}
|
||||
};
|
||||
|
||||
const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
|
||||
Assert.deepStrictEqual(appConfiguration, {
|
||||
default_method: "two_factor",
|
||||
per_subdomain_methods: {
|
||||
"example.com": "basic_auth"
|
||||
}
|
||||
});
|
||||
});
|
||||
|
||||
it("should adapt a configuration when per_subdomain_methods is not defined", function () {
|
||||
const userConfiguration: any = {
|
||||
default_method: "basic_auth"
|
||||
};
|
||||
|
||||
const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
|
||||
Assert.deepStrictEqual(appConfiguration, {
|
||||
default_method: "basic_auth",
|
||||
per_subdomain_methods: {}
|
||||
});
|
||||
});
|
||||
|
||||
it("should adapt a configuration when per_subdomain_methods has wrong type", function () {
|
||||
const userConfiguration: any = {
|
||||
default_method: "basic_auth",
|
||||
per_subdomain_methods: []
|
||||
};
|
||||
|
||||
const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
|
||||
Assert.deepStrictEqual(appConfiguration, {
|
||||
default_method: "basic_auth",
|
||||
per_subdomain_methods: {}
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
Loading…
Reference in New Issue
Block a user