[CI] Add goconst linter (#961)

* [CI] Add goconst linter

* Implement goconst recommendations

* Rename defaultPolicy to denyPolicy

* Change order for test constants

Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
This commit is contained in:
Amir Zarrinkafsh 2020-05-03 02:20:40 +10:00 committed by GitHub
parent 310c5dc09b
commit be0cc72473
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
37 changed files with 160 additions and 113 deletions

View File

@ -2,6 +2,9 @@ run:
timeout: 3m timeout: 3m
linters-settings: linters-settings:
goconst:
min-len: 2
min-occurrences: 2
gocyclo: gocyclo:
min-complexity: 15 min-complexity: 15
godot: godot:
@ -11,6 +14,7 @@ linters-settings:
linters: linters:
enable: enable:
- goconst
- gocyclo - gocyclo
- godot - godot
- gofmt - gofmt

View File

@ -25,7 +25,7 @@ func buildAutheliaBinary() {
func buildFrontend() { func buildFrontend() {
// Install npm dependencies. // Install npm dependencies.
cmd := utils.CommandWithStdout("yarn", "install") cmd := utils.CommandWithStdout("yarn", "install")
cmd.Dir = "web" cmd.Dir = webDirectory
if err := cmd.Run(); err != nil { if err := cmd.Run(); err != nil {
log.Fatal(err) log.Fatal(err)
@ -33,7 +33,7 @@ func buildFrontend() {
// Then build the frontend. // Then build the frontend.
cmd = utils.CommandWithStdout("yarn", "build") cmd = utils.CommandWithStdout("yarn", "build")
cmd.Dir = "web" cmd.Dir = webDirectory
cmd.Env = append(os.Environ(), "INLINE_RUNTIME_CHUNK=false") cmd.Env = append(os.Environ(), "INLINE_RUNTIME_CHUNK=false")
if err := cmd.Run(); err != nil { if err := cmd.Run(); err != nil {

View File

@ -53,7 +53,7 @@ func dockerBuildOfficialImage(arch string) error {
} }
if arch == "arm32v7" { if arch == "arm32v7" {
if buildkiteQEMU != "true" { if buildkiteQEMU != stringTrue {
err := utils.CommandWithStdout("docker", "run", "--rm", "--privileged", "multiarch/qemu-user-static", "--reset", "-p", "yes").Run() err := utils.CommandWithStdout("docker", "run", "--rm", "--privileged", "multiarch/qemu-user-static", "--reset", "-p", "yes").Run()
if err != nil { if err != nil {
panic(err) panic(err)
@ -66,7 +66,7 @@ func dockerBuildOfficialImage(arch string) error {
panic(err) panic(err)
} }
} else if arch == "arm64v8" { } else if arch == "arm64v8" {
if buildkiteQEMU != "true" { if buildkiteQEMU != stringTrue {
err := utils.CommandWithStdout("docker", "run", "--rm", "--privileged", "multiarch/qemu-user-static", "--reset", "-p", "yes").Run() err := utils.CommandWithStdout("docker", "run", "--rm", "--privileged", "multiarch/qemu-user-static", "--reset", "-p", "yes").Run()
if err != nil { if err != nil {
panic(err) panic(err)
@ -83,7 +83,7 @@ func dockerBuildOfficialImage(arch string) error {
gitTag := ciTag gitTag := ciTag
if gitTag == "" { if gitTag == "" {
// If commit is not tagged, mark the build has having master tag. // If commit is not tagged, mark the build has having master tag.
gitTag = "master" gitTag = masterTag
} }
cmd := utils.Shell("git rev-parse HEAD") cmd := utils.Shell("git rev-parse HEAD")
@ -213,13 +213,13 @@ func publishDockerImage(arch string) {
} else { } else {
log.Fatal("Docker image will not be published, the specified tag does not conform to the standard") log.Fatal("Docker image will not be published, the specified tag does not conform to the standard")
} }
} else if ciBranch != "master" && !publicRepo.MatchString(ciBranch) { } else if ciBranch != masterTag && !publicRepo.MatchString(ciBranch) {
login(docker) login(docker)
deploy(docker, ciBranch+"-"+arch) deploy(docker, ciBranch+"-"+arch)
} else if ciBranch != "master" && publicRepo.MatchString(ciBranch) { } else if ciBranch != masterTag && publicRepo.MatchString(ciBranch) {
login(docker) login(docker)
deploy(docker, "PR"+ciPullRequest+"-"+arch) deploy(docker, "PR"+ciPullRequest+"-"+arch)
} else if ciBranch == "master" && ciPullRequest == "false" { } else if ciBranch == masterTag && ciPullRequest == stringFalse {
login(docker) login(docker)
deploy(docker, "master-"+arch) deploy(docker, "master-"+arch)
} else { } else {
@ -248,13 +248,13 @@ func publishDockerManifest() {
} else { } else {
log.Fatal("Docker manifest will not be published, the specified tag does not conform to the standard") log.Fatal("Docker manifest will not be published, the specified tag does not conform to the standard")
} }
} else if ciBranch != "master" && !publicRepo.MatchString(ciBranch) { } else if ciBranch != masterTag && !publicRepo.MatchString(ciBranch) {
login(docker) login(docker)
deployManifest(docker, ciBranch, ciBranch+"-amd64", ciBranch+"-arm32v7", ciBranch+"-arm64v8") deployManifest(docker, ciBranch, ciBranch+"-amd64", ciBranch+"-arm32v7", ciBranch+"-arm64v8")
} else if ciBranch != "master" && publicRepo.MatchString(ciBranch) { } else if ciBranch != masterTag && publicRepo.MatchString(ciBranch) {
login(docker) login(docker)
deployManifest(docker, "PR"+ciPullRequest, "PR"+ciPullRequest+"-amd64", "PR"+ciPullRequest+"-arm32v7", "PR"+ciPullRequest+"-arm64v8") deployManifest(docker, "PR"+ciPullRequest, "PR"+ciPullRequest+"-amd64", "PR"+ciPullRequest+"-arm32v7", "PR"+ciPullRequest+"-arm64v8")
} else if ciBranch == "master" && ciPullRequest == "false" { } else if ciBranch == masterTag && ciPullRequest == stringFalse {
login(docker) login(docker)
deployManifest(docker, "master", "master-amd64", "master-arm32v7", "master-arm64v8") deployManifest(docker, "master", "master-amd64", "master-arm32v7", "master-arm64v8")
publishDockerReadme(docker) publishDockerReadme(docker)

View File

@ -17,7 +17,7 @@ func RunUnitTest(cobraCmd *cobra.Command, args []string) {
} }
cmd := utils.Shell("yarn test") cmd := utils.Shell("yarn test")
cmd.Dir = "web" cmd.Dir = webDirectory
cmd.Env = append(os.Environ(), "CI=true") cmd.Env = append(os.Environ(), "CI=true")
if err := cmd.Run(); err != nil { if err := cmd.Run(); err != nil {
log.Fatal(err) log.Fatal(err)

View File

@ -8,3 +8,8 @@ var DockerImageName = "authelia/authelia"
// IntermediateDockerImageName local name of the docker image. // IntermediateDockerImageName local name of the docker image.
var IntermediateDockerImageName = "authelia:dist" var IntermediateDockerImageName = "authelia:dist"
const masterTag = "master"
const stringFalse = "false"
const stringTrue = "true"
const webDirectory = "web"

View File

@ -43,3 +43,7 @@ const (
// HashingPossibleSaltCharacters represents valid hashing runes. // HashingPossibleSaltCharacters represents valid hashing runes.
var HashingPossibleSaltCharacters = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/") var HashingPossibleSaltCharacters = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/")
const sha512 = "sha512"
const testPassword = "my;secure*password"

View File

@ -54,7 +54,7 @@ func NewFileUserProvider(configuration *schema.FileAuthenticationBackendConfigur
// TODO: Remove this. This is only here to temporarily fix the username enumeration security flaw in #949. // TODO: Remove this. This is only here to temporarily fix the username enumeration security flaw in #949.
// This generates a hash that should be usable to do a fake CheckUserPassword // This generates a hash that should be usable to do a fake CheckUserPassword
algorithm := configuration.Password.Algorithm algorithm := configuration.Password.Algorithm
if configuration.Password.Algorithm == "sha512" { if configuration.Password.Algorithm == sha512 {
algorithm = HashingAlgorithmSHA512 algorithm = HashingAlgorithmSHA512
} }
settings := getCryptSettings(utils.RandomString(configuration.Password.SaltLength, HashingPossibleSaltCharacters), settings := getCryptSettings(utils.RandomString(configuration.Password.SaltLength, HashingPossibleSaltCharacters),
@ -143,7 +143,7 @@ func (p *FileUserProvider) UpdatePassword(username string, newPassword string) e
var algorithm string var algorithm string
if p.configuration.Password.Algorithm == "argon2id" { if p.configuration.Password.Algorithm == "argon2id" {
algorithm = HashingAlgorithmArgon2id algorithm = HashingAlgorithmArgon2id
} else if p.configuration.Password.Algorithm == "sha512" { } else if p.configuration.Password.Algorithm == sha512 {
algorithm = HashingAlgorithmSHA512 algorithm = HashingAlgorithmSHA512
} else { } else {
return errors.New("Invalid algorithm in configuration. It should be `argon2id` or `sha512`") return errors.New("Invalid algorithm in configuration. It should be `argon2id` or `sha512`")

View File

@ -299,7 +299,7 @@ func TestNumberOfRoundsNotInt(t *testing.T) {
} }
func TestShouldCheckPasswordArgon2idHashedWithAuthelia(t *testing.T) { func TestShouldCheckPasswordArgon2idHashedWithAuthelia(t *testing.T) {
password := "my;secure*password" password := testPassword
hash, err := HashPassword(password, "", HashingAlgorithmArgon2id, schema.DefaultCIPasswordConfiguration.Iterations, hash, err := HashPassword(password, "", HashingAlgorithmArgon2id, schema.DefaultCIPasswordConfiguration.Iterations,
schema.DefaultCIPasswordConfiguration.Memory*1024, schema.DefaultCIPasswordConfiguration.Parallelism, schema.DefaultCIPasswordConfiguration.Memory*1024, schema.DefaultCIPasswordConfiguration.Parallelism,
schema.DefaultCIPasswordConfiguration.KeyLength, schema.DefaultCIPasswordConfiguration.SaltLength) schema.DefaultCIPasswordConfiguration.KeyLength, schema.DefaultCIPasswordConfiguration.SaltLength)
@ -313,7 +313,7 @@ func TestShouldCheckPasswordArgon2idHashedWithAuthelia(t *testing.T) {
} }
func TestShouldCheckPasswordSHA512HashedWithAuthelia(t *testing.T) { func TestShouldCheckPasswordSHA512HashedWithAuthelia(t *testing.T) {
password := "my;secure*password" password := testPassword
hash, err := HashPassword(password, "", HashingAlgorithmSHA512, schema.DefaultPasswordSHA512Configuration.Iterations, hash, err := HashPassword(password, "", HashingAlgorithmSHA512, schema.DefaultPasswordSHA512Configuration.Iterations,
0, 0, 0, schema.DefaultPasswordSHA512Configuration.SaltLength) 0, 0, 0, schema.DefaultPasswordSHA512Configuration.SaltLength)

View File

@ -17,7 +17,7 @@ type ACLRule struct {
// IsPolicyValid check if policy is valid. // IsPolicyValid check if policy is valid.
func IsPolicyValid(policy string) bool { func IsPolicyValid(policy string) bool {
return policy == "deny" || policy == "one_factor" || policy == "two_factor" || policy == "bypass" return policy == denyPolicy || policy == "one_factor" || policy == "two_factor" || policy == "bypass"
} }
// IsSubjectValid check if a subject is valid. // IsSubjectValid check if a subject is valid.
@ -63,7 +63,7 @@ type AccessControlConfiguration struct {
// Validate validate the access control configuration. // Validate validate the access control configuration.
func (acc *AccessControlConfiguration) Validate(validator *StructValidator) { func (acc *AccessControlConfiguration) Validate(validator *StructValidator) {
if acc.DefaultPolicy == "" { if acc.DefaultPolicy == "" {
acc.DefaultPolicy = "deny" acc.DefaultPolicy = denyPolicy
} }
if !IsPolicyValid(acc.DefaultPolicy) { if !IsPolicyValid(acc.DefaultPolicy) {

View File

@ -0,0 +1,3 @@
package schema
const denyPolicy = "deny"

View File

@ -22,14 +22,14 @@ func validateFileAuthenticationBackend(configuration *schema.FileAuthenticationB
configuration.Password.Algorithm = schema.DefaultPasswordConfiguration.Algorithm configuration.Password.Algorithm = schema.DefaultPasswordConfiguration.Algorithm
} else { } else {
configuration.Password.Algorithm = strings.ToLower(configuration.Password.Algorithm) configuration.Password.Algorithm = strings.ToLower(configuration.Password.Algorithm)
if configuration.Password.Algorithm != "argon2id" && configuration.Password.Algorithm != "sha512" { if configuration.Password.Algorithm != argon2id && configuration.Password.Algorithm != sha512 {
validator.Push(fmt.Errorf("Unknown hashing algorithm supplied, valid values are argon2id and sha512, you configured '%s'", configuration.Password.Algorithm)) validator.Push(fmt.Errorf("Unknown hashing algorithm supplied, valid values are argon2id and sha512, you configured '%s'", configuration.Password.Algorithm))
} }
} }
// Iterations (time) // Iterations (time)
if configuration.Password.Iterations == 0 { if configuration.Password.Iterations == 0 {
if configuration.Password.Algorithm == "argon2id" { if configuration.Password.Algorithm == argon2id {
configuration.Password.Iterations = schema.DefaultPasswordConfiguration.Iterations configuration.Password.Iterations = schema.DefaultPasswordConfiguration.Iterations
} else { } else {
configuration.Password.Iterations = schema.DefaultPasswordSHA512Configuration.Iterations configuration.Password.Iterations = schema.DefaultPasswordSHA512Configuration.Iterations
@ -47,7 +47,7 @@ func validateFileAuthenticationBackend(configuration *schema.FileAuthenticationB
validator.Push(fmt.Errorf("The salt length must be 16 or less, you configured %d", configuration.Password.SaltLength)) validator.Push(fmt.Errorf("The salt length must be 16 or less, you configured %d", configuration.Password.SaltLength))
} }
if configuration.Password.Algorithm == "argon2id" { if configuration.Password.Algorithm == argon2id {
// Parallelism // Parallelism
if configuration.Password.Parallelism == 0 { if configuration.Password.Parallelism == 0 {
configuration.Password.Parallelism = schema.DefaultPasswordConfiguration.Parallelism configuration.Password.Parallelism = schema.DefaultPasswordConfiguration.Parallelism
@ -80,14 +80,14 @@ func validateLdapURL(ldapURL string, validator *schema.StructValidator) string {
return "" return ""
} }
if !(u.Scheme == "ldap" || u.Scheme == "ldaps") { if !(u.Scheme == schemeLDAP || u.Scheme == schemeLDAPS) {
validator.Push(errors.New("Unknown scheme for ldap url, should be ldap:// or ldaps://")) validator.Push(errors.New("Unknown scheme for ldap url, should be ldap:// or ldaps://"))
return "" return ""
} }
if u.Scheme == "ldap" && u.Port() == "" { if u.Scheme == schemeLDAP && u.Port() == "" {
u.Host += ":389" u.Host += ":389"
} else if u.Scheme == "ldaps" && u.Port() == "" { } else if u.Scheme == schemeLDAPS && u.Port() == "" {
u.Host += ":636" u.Host += ":636"
} }

View File

@ -14,7 +14,7 @@ func newDefaultConfig() schema.Configuration {
config.Host = "127.0.0.1" config.Host = "127.0.0.1"
config.Port = 9090 config.Port = 9090
config.LogLevel = "info" config.LogLevel = "info"
config.JWTSecret = "a_secret" config.JWTSecret = testJWTSecret
config.AuthenticationBackend.File = new(schema.FileAuthenticationBackendConfiguration) config.AuthenticationBackend.File = new(schema.FileAuthenticationBackendConfiguration)
config.AuthenticationBackend.File.Path = "/a/path" config.AuthenticationBackend.File.Path = "/a/path"
config.Session = schema.SessionConfiguration{ config.Session = schema.SessionConfiguration{
@ -104,7 +104,7 @@ func TestShouldAddDefaultAccessControl(t *testing.T) {
func TestShouldRaiseErrorWhenTLSCertWithoutKeyIsProvided(t *testing.T) { func TestShouldRaiseErrorWhenTLSCertWithoutKeyIsProvided(t *testing.T) {
validator := schema.NewStructValidator() validator := schema.NewStructValidator()
config := newDefaultConfig() config := newDefaultConfig()
config.TLSCert = "/tmp/cert.pem" config.TLSCert = testTLSCert
ValidateConfiguration(&config, validator) ValidateConfiguration(&config, validator)
require.Len(t, validator.Errors(), 1) require.Len(t, validator.Errors(), 1)
@ -114,7 +114,7 @@ func TestShouldRaiseErrorWhenTLSCertWithoutKeyIsProvided(t *testing.T) {
func TestShouldRaiseErrorWhenTLSKeyWithoutCertIsProvided(t *testing.T) { func TestShouldRaiseErrorWhenTLSKeyWithoutCertIsProvided(t *testing.T) {
validator := schema.NewStructValidator() validator := schema.NewStructValidator()
config := newDefaultConfig() config := newDefaultConfig()
config.TLSKey = "/tmp/key.pem" config.TLSKey = testTLSKey
ValidateConfiguration(&config, validator) ValidateConfiguration(&config, validator)
require.Len(t, validator.Errors(), 1) require.Len(t, validator.Errors(), 1)
@ -124,8 +124,8 @@ func TestShouldRaiseErrorWhenTLSKeyWithoutCertIsProvided(t *testing.T) {
func TestShouldNotRaiseErrorWhenBothTLSCertificateAndKeyAreProvided(t *testing.T) { func TestShouldNotRaiseErrorWhenBothTLSCertificateAndKeyAreProvided(t *testing.T) {
validator := schema.NewStructValidator() validator := schema.NewStructValidator()
config := newDefaultConfig() config := newDefaultConfig()
config.TLSCert = "/tmp/cert.pem" config.TLSCert = testTLSCert
config.TLSKey = "/tmp/key.pem" config.TLSKey = testTLSKey
ValidateConfiguration(&config, validator) ValidateConfiguration(&config, validator)
require.Len(t, validator.Errors(), 0) require.Len(t, validator.Errors(), 0)

View File

@ -150,3 +150,15 @@ var specificErrorKeys = map[string]string{
"authentication_backend.file.hashing.memory": "config key incorrect: authentication_backend.file.hashing should be authentication_backend.file.password", "authentication_backend.file.hashing.memory": "config key incorrect: authentication_backend.file.hashing should be authentication_backend.file.password",
"authentication_backend.file.hashing.parallelism": "config key incorrect: authentication_backend.file.hashing should be authentication_backend.file.password", "authentication_backend.file.hashing.parallelism": "config key incorrect: authentication_backend.file.hashing should be authentication_backend.file.password",
} }
const argon2id = "argon2id"
const sha512 = "sha512"
const schemeLDAP = "ldap"
const schemeLDAPS = "ldaps"
const testBadTimer = "-1"
const testModeDisabled = "disable"
const testJWTSecret = "a_secret"
const testTLSCert = "/tmp/cert.pem"
const testTLSKey = "/tmp/key.pem"

View File

@ -10,7 +10,7 @@ import (
func newDefaultSessionConfig() schema.SessionConfiguration { func newDefaultSessionConfig() schema.SessionConfiguration {
config := schema.SessionConfiguration{} config := schema.SessionConfiguration{}
config.Secret = "a_secret" config.Secret = testJWTSecret
config.Domain = "example.com" config.Domain = "example.com"
return config return config
} }
@ -78,8 +78,8 @@ func TestShouldRaiseErrorWhenDomainNotSet(t *testing.T) {
func TestShouldRaiseErrorWhenBadInactivityAndExpirationSet(t *testing.T) { func TestShouldRaiseErrorWhenBadInactivityAndExpirationSet(t *testing.T) {
validator := schema.NewStructValidator() validator := schema.NewStructValidator()
config := newDefaultSessionConfig() config := newDefaultSessionConfig()
config.Inactivity = "-1" config.Inactivity = testBadTimer
config.Expiration = "-1" config.Expiration = testBadTimer
ValidateSession(&config, validator) ValidateSession(&config, validator)

View File

@ -35,10 +35,10 @@ func validatePostgreSQLConfiguration(configuration *schema.PostgreSQLStorageConf
validateSQLConfiguration(&configuration.SQLStorageConfiguration, validator) validateSQLConfiguration(&configuration.SQLStorageConfiguration, validator)
if configuration.SSLMode == "" { if configuration.SSLMode == "" {
configuration.SSLMode = "disable" configuration.SSLMode = testModeDisabled
} }
if !(configuration.SSLMode == "disable" || configuration.SSLMode == "require" || if !(configuration.SSLMode == testModeDisabled || configuration.SSLMode == "require" ||
configuration.SSLMode == "verify-ca" || configuration.SSLMode == "verify-full") { configuration.SSLMode == "verify-ca" || configuration.SSLMode == "verify-full") {
validator.Push(errors.New("SSL mode must be 'disable', 'require', 'verify-ca', or 'verify-full'")) validator.Push(errors.New("SSL mode must be 'disable', 'require', 'verify-ca', or 'verify-full'"))
} }

View File

@ -34,3 +34,9 @@ const unableToRegisterOneTimePasswordMessage = "Unable to set up one-time passwo
const unableToRegisterSecurityKeyMessage = "Unable to register your security key." const unableToRegisterSecurityKeyMessage = "Unable to register your security key."
const unableToResetPasswordMessage = "Unable to reset your password." const unableToResetPasswordMessage = "Unable to reset your password."
const mfaValidationFailedMessage = "Authentication failed, please retry later." const mfaValidationFailedMessage = "Authentication failed, please retry later."
const testGATrackingID = "ABC"
const testInactivity = "10"
const testRedirectionURL = "http://redirection.local"
const testResultAllow = "allow"
const testUsername = "john"

View File

@ -25,7 +25,7 @@ func (s *ConfigurationSuite) TearDownTest() {
} }
func (s *ConfigurationSuite) TestShouldReturnConfiguredGATrackingID() { func (s *ConfigurationSuite) TestShouldReturnConfiguredGATrackingID() {
GATrackingID := "ABC" GATrackingID := testGATrackingID
s.mock.Ctx.Configuration.GoogleAnalyticsTrackingID = GATrackingID s.mock.Ctx.Configuration.GoogleAnalyticsTrackingID = GATrackingID
s.mock.Ctx.Configuration.Session.RememberMeDuration = schema.DefaultSessionConfiguration.RememberMeDuration s.mock.Ctx.Configuration.Session.RememberMeDuration = schema.DefaultSessionConfiguration.RememberMeDuration
@ -40,7 +40,7 @@ func (s *ConfigurationSuite) TestShouldReturnConfiguredGATrackingID() {
} }
func (s *ConfigurationSuite) TestShouldDisableRememberMe() { func (s *ConfigurationSuite) TestShouldDisableRememberMe() {
GATrackingID := "ABC" GATrackingID := testGATrackingID
s.mock.Ctx.Configuration.GoogleAnalyticsTrackingID = GATrackingID s.mock.Ctx.Configuration.GoogleAnalyticsTrackingID = GATrackingID
s.mock.Ctx.Configuration.Session.RememberMeDuration = "0" s.mock.Ctx.Configuration.Session.RememberMeDuration = "0"
s.mock.Ctx.Providers.SessionProvider = session.NewProvider( s.mock.Ctx.Providers.SessionProvider = session.NewProvider(
@ -56,7 +56,7 @@ func (s *ConfigurationSuite) TestShouldDisableRememberMe() {
} }
func (s *ConfigurationSuite) TestShouldDisableResetPassword() { func (s *ConfigurationSuite) TestShouldDisableResetPassword() {
GATrackingID := "ABC" GATrackingID := testGATrackingID
s.mock.Ctx.Configuration.GoogleAnalyticsTrackingID = GATrackingID s.mock.Ctx.Configuration.GoogleAnalyticsTrackingID = GATrackingID
s.mock.Ctx.Configuration.AuthenticationBackend.DisableResetPassword = true s.mock.Ctx.Configuration.AuthenticationBackend.DisableResetPassword = true
expectedBody := ConfigurationBody{ expectedBody := ConfigurationBody{

View File

@ -19,7 +19,7 @@ type LogoutSuite struct {
func (s *LogoutSuite) SetupTest() { func (s *LogoutSuite) SetupTest() {
s.mock = mocks.NewMockAutheliaCtx(s.T()) s.mock = mocks.NewMockAutheliaCtx(s.T())
userSession := s.mock.Ctx.GetSession() userSession := s.mock.Ctx.GetSession()
userSession.Username = "john" userSession.Username = testUsername
s.mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting. s.mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
} }

View File

@ -24,7 +24,7 @@ func (s *HandlerRegisterU2FStep1Suite) SetupTest() {
s.mock = mocks.NewMockAutheliaCtx(s.T()) s.mock = mocks.NewMockAutheliaCtx(s.T())
userSession := s.mock.Ctx.GetSession() userSession := s.mock.Ctx.GetSession()
userSession.Username = "john" userSession.Username = testUsername
s.mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting. s.mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
} }

View File

@ -52,7 +52,7 @@ func SecondFactorDuoPost(duoAPI duo.API) middlewares.RequestHandler {
} }
} }
if duoResponse.Response.Result != "allow" { if duoResponse.Response.Result != testResultAllow {
ctx.ReplyUnauthorized() ctx.ReplyUnauthorized()
return return
} }

View File

@ -24,7 +24,7 @@ type SecondFactorDuoPostSuite struct {
func (s *SecondFactorDuoPostSuite) SetupTest() { func (s *SecondFactorDuoPostSuite) SetupTest() {
s.mock = mocks.NewMockAutheliaCtx(s.T()) s.mock = mocks.NewMockAutheliaCtx(s.T())
userSession := s.mock.Ctx.GetSession() userSession := s.mock.Ctx.GetSession()
userSession.Username = "john" userSession.Username = testUsername
s.mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting. s.mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
} }
@ -43,7 +43,7 @@ func (s *SecondFactorDuoPostSuite) TestShouldCallDuoAPIAndAllowAccess() {
values.Set("pushinfo", "target%20url=https://target.example.com") values.Set("pushinfo", "target%20url=https://target.example.com")
response := duo.Response{} response := duo.Response{}
response.Response.Result = "allow" response.Response.Result = testResultAllow
duoMock.EXPECT().Call(gomock.Eq(values), s.mock.Ctx).Return(&response, nil) duoMock.EXPECT().Call(gomock.Eq(values), s.mock.Ctx).Return(&response, nil)
@ -99,11 +99,11 @@ func (s *SecondFactorDuoPostSuite) TestShouldRedirectUserToDefaultURL() {
duoMock := mocks.NewMockAPI(s.mock.Ctrl) duoMock := mocks.NewMockAPI(s.mock.Ctrl)
response := duo.Response{} response := duo.Response{}
response.Response.Result = "allow" response.Response.Result = testResultAllow
duoMock.EXPECT().Call(gomock.Any(), s.mock.Ctx).Return(&response, nil) duoMock.EXPECT().Call(gomock.Any(), s.mock.Ctx).Return(&response, nil)
s.mock.Ctx.Configuration.DefaultRedirectionURL = "http://redirection.local" s.mock.Ctx.Configuration.DefaultRedirectionURL = testRedirectionURL
bodyBytes, err := json.Marshal(signDuoRequestBody{}) bodyBytes, err := json.Marshal(signDuoRequestBody{})
s.Require().NoError(err) s.Require().NoError(err)
@ -111,7 +111,7 @@ func (s *SecondFactorDuoPostSuite) TestShouldRedirectUserToDefaultURL() {
SecondFactorDuoPost(duoMock)(s.mock.Ctx) SecondFactorDuoPost(duoMock)(s.mock.Ctx)
s.mock.Assert200OK(s.T(), redirectResponse{ s.mock.Assert200OK(s.T(), redirectResponse{
Redirect: "http://redirection.local", Redirect: testRedirectionURL,
}) })
} }
@ -119,7 +119,7 @@ func (s *SecondFactorDuoPostSuite) TestShouldNotReturnRedirectURL() {
duoMock := mocks.NewMockAPI(s.mock.Ctrl) duoMock := mocks.NewMockAPI(s.mock.Ctrl)
response := duo.Response{} response := duo.Response{}
response.Response.Result = "allow" response.Response.Result = testResultAllow
duoMock.EXPECT().Call(gomock.Any(), s.mock.Ctx).Return(&response, nil) duoMock.EXPECT().Call(gomock.Any(), s.mock.Ctx).Return(&response, nil)
@ -135,7 +135,7 @@ func (s *SecondFactorDuoPostSuite) TestShouldRedirectUserToSafeTargetURL() {
duoMock := mocks.NewMockAPI(s.mock.Ctrl) duoMock := mocks.NewMockAPI(s.mock.Ctrl)
response := duo.Response{} response := duo.Response{}
response.Response.Result = "allow" response.Response.Result = testResultAllow
duoMock.EXPECT().Call(gomock.Any(), s.mock.Ctx).Return(&response, nil) duoMock.EXPECT().Call(gomock.Any(), s.mock.Ctx).Return(&response, nil)
@ -155,7 +155,7 @@ func (s *SecondFactorDuoPostSuite) TestShouldNotRedirectToUnsafeURL() {
duoMock := mocks.NewMockAPI(s.mock.Ctrl) duoMock := mocks.NewMockAPI(s.mock.Ctrl)
response := duo.Response{} response := duo.Response{}
response.Response.Result = "allow" response.Response.Result = testResultAllow
duoMock.EXPECT().Call(gomock.Any(), s.mock.Ctx).Return(&response, nil) duoMock.EXPECT().Call(gomock.Any(), s.mock.Ctx).Return(&response, nil)
@ -173,7 +173,7 @@ func (s *SecondFactorDuoPostSuite) TestShouldRegenerateSessionForPreventingSessi
duoMock := mocks.NewMockAPI(s.mock.Ctrl) duoMock := mocks.NewMockAPI(s.mock.Ctrl)
response := duo.Response{} response := duo.Response{}
response.Response.Result = "allow" response.Response.Result = testResultAllow
duoMock.EXPECT().Call(gomock.Any(), s.mock.Ctx).Return(&response, nil) duoMock.EXPECT().Call(gomock.Any(), s.mock.Ctx).Return(&response, nil)

View File

@ -22,7 +22,7 @@ type HandlerSignTOTPSuite struct {
func (s *HandlerSignTOTPSuite) SetupTest() { func (s *HandlerSignTOTPSuite) SetupTest() {
s.mock = mocks.NewMockAutheliaCtx(s.T()) s.mock = mocks.NewMockAutheliaCtx(s.T())
userSession := s.mock.Ctx.GetSession() userSession := s.mock.Ctx.GetSession()
userSession.Username = "john" userSession.Username = testUsername
userSession.U2FChallenge = &u2f.Challenge{} userSession.U2FChallenge = &u2f.Challenge{}
userSession.U2FRegistration = &session.U2FRegistration{} userSession.U2FRegistration = &session.U2FRegistration{}
s.mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting. s.mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
@ -43,7 +43,7 @@ func (s *HandlerSignTOTPSuite) TestShouldRedirectUserToDefaultURL() {
Verify(gomock.Eq("abc"), gomock.Eq("secret")). Verify(gomock.Eq("abc"), gomock.Eq("secret")).
Return(true, nil) Return(true, nil)
s.mock.Ctx.Configuration.DefaultRedirectionURL = "http://redirection.local" s.mock.Ctx.Configuration.DefaultRedirectionURL = testRedirectionURL
bodyBytes, err := json.Marshal(signTOTPRequestBody{ bodyBytes, err := json.Marshal(signTOTPRequestBody{
Token: "abc", Token: "abc",
@ -53,7 +53,7 @@ func (s *HandlerSignTOTPSuite) TestShouldRedirectUserToDefaultURL() {
SecondFactorTOTPPost(verifier)(s.mock.Ctx) SecondFactorTOTPPost(verifier)(s.mock.Ctx)
s.mock.Assert200OK(s.T(), redirectResponse{ s.mock.Assert200OK(s.T(), redirectResponse{
Redirect: "http://redirection.local", Redirect: testRedirectionURL,
}) })
} }

View File

@ -22,7 +22,7 @@ type HandlerSignU2FStep2Suite struct {
func (s *HandlerSignU2FStep2Suite) SetupTest() { func (s *HandlerSignU2FStep2Suite) SetupTest() {
s.mock = mocks.NewMockAutheliaCtx(s.T()) s.mock = mocks.NewMockAutheliaCtx(s.T())
userSession := s.mock.Ctx.GetSession() userSession := s.mock.Ctx.GetSession()
userSession.Username = "john" userSession.Username = testUsername
userSession.U2FChallenge = &u2f.Challenge{} userSession.U2FChallenge = &u2f.Challenge{}
userSession.U2FRegistration = &session.U2FRegistration{} userSession.U2FRegistration = &session.U2FRegistration{}
s.mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting. s.mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
@ -39,7 +39,7 @@ func (s *HandlerSignU2FStep2Suite) TestShouldRedirectUserToDefaultURL() {
Verify(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()). Verify(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).
Return(nil) Return(nil)
s.mock.Ctx.Configuration.DefaultRedirectionURL = "http://redirection.local" s.mock.Ctx.Configuration.DefaultRedirectionURL = testRedirectionURL
bodyBytes, err := json.Marshal(signU2FRequestBody{ bodyBytes, err := json.Marshal(signU2FRequestBody{
SignResponse: u2f.SignResponse{}, SignResponse: u2f.SignResponse{},
@ -49,7 +49,7 @@ func (s *HandlerSignU2FStep2Suite) TestShouldRedirectUserToDefaultURL() {
SecondFactorU2FSignPost(u2fVerifier)(s.mock.Ctx) SecondFactorU2FSignPost(u2fVerifier)(s.mock.Ctx)
s.mock.Assert200OK(s.T(), redirectResponse{ s.mock.Assert200OK(s.T(), redirectResponse{
Redirect: "http://redirection.local", Redirect: testRedirectionURL,
}) })
} }

View File

@ -22,7 +22,7 @@ func (s *FetchSuite) SetupTest() {
s.mock = mocks.NewMockAutheliaCtx(s.T()) s.mock = mocks.NewMockAutheliaCtx(s.T())
// Set the initial user session. // Set the initial user session.
userSession := s.mock.Ctx.GetSession() userSession := s.mock.Ctx.GetSession()
userSession.Username = "john" userSession.Username = testUsername
userSession.AuthenticationLevel = 1 userSession.AuthenticationLevel = 1
s.mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting. s.mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
} }
@ -90,7 +90,7 @@ func TestMethodSetToU2F(t *testing.T) {
mock := mocks.NewMockAutheliaCtx(t) mock := mocks.NewMockAutheliaCtx(t)
// Set the initial user session. // Set the initial user session.
userSession := mock.Ctx.GetSession() userSession := mock.Ctx.GetSession()
userSession.Username = "john" userSession.Username = testUsername
userSession.AuthenticationLevel = 1 userSession.AuthenticationLevel = 1
mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting. mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
@ -168,7 +168,7 @@ func (s *SaveSuite) SetupTest() {
s.mock = mocks.NewMockAutheliaCtx(s.T()) s.mock = mocks.NewMockAutheliaCtx(s.T())
// Set the initial user session. // Set the initial user session.
userSession := s.mock.Ctx.GetSession() userSession := s.mock.Ctx.GetSession()
userSession.Username = "john" userSession.Username = testUsername
userSession.AuthenticationLevel = 1 userSession.AuthenticationLevel = 1
s.mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting. s.mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
} }

View File

@ -176,7 +176,7 @@ func TestShouldCheckAuthorizationMatching(t *testing.T) {
username := "" username := ""
if rule.AuthLevel > authentication.NotAuthenticated { if rule.AuthLevel > authentication.NotAuthenticated {
username = "john" username = testUsername
} }
matching := isTargetURLAuthorized(authorizer, *url, username, []string{}, net.ParseIP("127.0.0.1"), rule.AuthLevel) matching := isTargetURLAuthorized(authorizer, *url, username, []string{}, net.ParseIP("127.0.0.1"), rule.AuthLevel)
@ -472,13 +472,13 @@ func TestShouldDestroySessionWhenInactiveForTooLong(t *testing.T) {
clock.Set(time.Now()) clock.Set(time.Now())
past := clock.Now().Add(-1 * time.Hour) past := clock.Now().Add(-1 * time.Hour)
mock.Ctx.Configuration.Session.Inactivity = "10" mock.Ctx.Configuration.Session.Inactivity = testInactivity
// Reload the session provider since the configuration is indirect. // Reload the session provider since the configuration is indirect.
mock.Ctx.Providers.SessionProvider = session.NewProvider(mock.Ctx.Configuration.Session) mock.Ctx.Providers.SessionProvider = session.NewProvider(mock.Ctx.Configuration.Session)
assert.Equal(t, time.Second*10, mock.Ctx.Providers.SessionProvider.Inactivity) assert.Equal(t, time.Second*10, mock.Ctx.Providers.SessionProvider.Inactivity)
userSession := mock.Ctx.GetSession() userSession := mock.Ctx.GetSession()
userSession.Username = "john" userSession.Username = testUsername
userSession.AuthenticationLevel = authentication.TwoFactor userSession.AuthenticationLevel = authentication.TwoFactor
userSession.LastActivity = past.Unix() userSession.LastActivity = past.Unix()
mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting. mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
@ -509,7 +509,7 @@ func TestShouldDestroySessionWhenInactiveForTooLongUsingDurationNotation(t *test
assert.Equal(t, time.Second*10, mock.Ctx.Providers.SessionProvider.Inactivity) assert.Equal(t, time.Second*10, mock.Ctx.Providers.SessionProvider.Inactivity)
userSession := mock.Ctx.GetSession() userSession := mock.Ctx.GetSession()
userSession.Username = "john" userSession.Username = testUsername
userSession.AuthenticationLevel = authentication.TwoFactor userSession.AuthenticationLevel = authentication.TwoFactor
userSession.LastActivity = clock.Now().Add(-1 * time.Hour).Unix() userSession.LastActivity = clock.Now().Add(-1 * time.Hour).Unix()
mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting. mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
@ -531,10 +531,10 @@ func TestShouldKeepSessionWhenUserCheckedRememberMeAndIsInactiveForTooLong(t *te
clock := mocks.TestingClock{} clock := mocks.TestingClock{}
clock.Set(time.Now()) clock.Set(time.Now())
mock.Ctx.Configuration.Session.Inactivity = "10" mock.Ctx.Configuration.Session.Inactivity = testInactivity
userSession := mock.Ctx.GetSession() userSession := mock.Ctx.GetSession()
userSession.Username = "john" userSession.Username = testUsername
userSession.AuthenticationLevel = authentication.TwoFactor userSession.AuthenticationLevel = authentication.TwoFactor
userSession.LastActivity = 0 userSession.LastActivity = 0
userSession.KeepMeLoggedIn = true userSession.KeepMeLoggedIn = true
@ -560,12 +560,12 @@ func TestShouldKeepSessionWhenInactivityTimeoutHasNotBeenExceeded(t *testing.T)
clock := mocks.TestingClock{} clock := mocks.TestingClock{}
clock.Set(time.Now()) clock.Set(time.Now())
mock.Ctx.Configuration.Session.Inactivity = "10" mock.Ctx.Configuration.Session.Inactivity = testInactivity
past := clock.Now().Add(-1 * time.Hour) past := clock.Now().Add(-1 * time.Hour)
userSession := mock.Ctx.GetSession() userSession := mock.Ctx.GetSession()
userSession.Username = "john" userSession.Username = testUsername
userSession.AuthenticationLevel = authentication.TwoFactor userSession.AuthenticationLevel = authentication.TwoFactor
userSession.LastActivity = past.Unix() userSession.LastActivity = past.Unix()
mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting. mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
@ -592,7 +592,7 @@ func TestShouldRedirectWhenSessionInactiveForTooLongAndRDParamProvided(t *testin
clock := mocks.TestingClock{} clock := mocks.TestingClock{}
clock.Set(time.Now()) clock.Set(time.Now())
mock.Ctx.Configuration.Session.Inactivity = "10" mock.Ctx.Configuration.Session.Inactivity = testInactivity
// Reload the session provider since the configuration is indirect. // Reload the session provider since the configuration is indirect.
mock.Ctx.Providers.SessionProvider = session.NewProvider(mock.Ctx.Configuration.Session) mock.Ctx.Providers.SessionProvider = session.NewProvider(mock.Ctx.Configuration.Session)
assert.Equal(t, time.Second*10, mock.Ctx.Providers.SessionProvider.Inactivity) assert.Equal(t, time.Second*10, mock.Ctx.Providers.SessionProvider.Inactivity)
@ -600,7 +600,7 @@ func TestShouldRedirectWhenSessionInactiveForTooLongAndRDParamProvided(t *testin
past := clock.Now().Add(-1 * time.Hour) past := clock.Now().Add(-1 * time.Hour)
userSession := mock.Ctx.GetSession() userSession := mock.Ctx.GetSession()
userSession.Username = "john" userSession.Username = testUsername
userSession.AuthenticationLevel = authentication.TwoFactor userSession.AuthenticationLevel = authentication.TwoFactor
userSession.LastActivity = past.Unix() userSession.LastActivity = past.Unix()
mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting. mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
@ -626,12 +626,12 @@ func TestShouldUpdateInactivityTimestampEvenWhenHittingForbiddenResources(t *tes
clock := mocks.TestingClock{} clock := mocks.TestingClock{}
clock.Set(time.Now()) clock.Set(time.Now())
mock.Ctx.Configuration.Session.Inactivity = "10" mock.Ctx.Configuration.Session.Inactivity = testInactivity
past := clock.Now().Add(-1 * time.Hour) past := clock.Now().Add(-1 * time.Hour)
userSession := mock.Ctx.GetSession() userSession := mock.Ctx.GetSession()
userSession.Username = "john" userSession.Username = testUsername
userSession.AuthenticationLevel = authentication.TwoFactor userSession.AuthenticationLevel = authentication.TwoFactor
userSession.LastActivity = past.Unix() userSession.LastActivity = past.Unix()
mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting. mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
@ -653,7 +653,7 @@ func TestShouldURLEncodeRedirectionURLParameter(t *testing.T) {
defer mock.Close() defer mock.Close()
userSession := mock.Ctx.GetSession() userSession := mock.Ctx.GetSession()
userSession.Username = "john" userSession.Username = testUsername
userSession.AuthenticationLevel = authentication.NotAuthenticated userSession.AuthenticationLevel = authentication.NotAuthenticated
mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting. mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.

View File

@ -1,6 +1,5 @@
package middlewares package middlewares
// JWTIssuer is.
const jwtIssuer = "Authelia" const jwtIssuer = "Authelia"
const xForwardedProtoHeader = "X-Forwarded-Proto" const xForwardedProtoHeader = "X-Forwarded-Proto"

View File

@ -15,6 +15,8 @@ import (
"github.com/authelia/authelia/internal/session" "github.com/authelia/authelia/internal/session"
) )
const testJWTSecret = "abc"
func newArgs(retriever func(ctx *middlewares.AutheliaCtx) (*session.Identity, error)) middlewares.IdentityVerificationStartArgs { func newArgs(retriever func(ctx *middlewares.AutheliaCtx) (*session.Identity, error)) middlewares.IdentityVerificationStartArgs {
return middlewares.IdentityVerificationStartArgs{ return middlewares.IdentityVerificationStartArgs{
ActionClaim: "Claim", ActionClaim: "Claim",
@ -50,7 +52,7 @@ func TestShouldFailIfJWTCannotBeSaved(t *testing.T) {
mock := mocks.NewMockAutheliaCtx(t) mock := mocks.NewMockAutheliaCtx(t)
defer mock.Close() defer mock.Close()
mock.Ctx.Configuration.JWTSecret = "abc" mock.Ctx.Configuration.JWTSecret = testJWTSecret
mock.StorageProviderMock.EXPECT(). mock.StorageProviderMock.EXPECT().
SaveIdentityVerificationToken(gomock.Any()). SaveIdentityVerificationToken(gomock.Any()).
@ -67,7 +69,7 @@ func TestShouldFailSendingAnEmail(t *testing.T) {
mock := mocks.NewMockAutheliaCtx(t) mock := mocks.NewMockAutheliaCtx(t)
defer mock.Close() defer mock.Close()
mock.Ctx.Configuration.JWTSecret = "abc" mock.Ctx.Configuration.JWTSecret = testJWTSecret
mock.Ctx.Request.Header.Add("X-Forwarded-Proto", "http") mock.Ctx.Request.Header.Add("X-Forwarded-Proto", "http")
mock.Ctx.Request.Header.Add("X-Forwarded-Host", "host") mock.Ctx.Request.Header.Add("X-Forwarded-Host", "host")
@ -90,7 +92,7 @@ func TestShouldFailWhenXForwardedProtoHeaderIsMissing(t *testing.T) {
mock := mocks.NewMockAutheliaCtx(t) mock := mocks.NewMockAutheliaCtx(t)
defer mock.Close() defer mock.Close()
mock.Ctx.Configuration.JWTSecret = "abc" mock.Ctx.Configuration.JWTSecret = testJWTSecret
mock.Ctx.Request.Header.Add("X-Forwarded-Host", "host") mock.Ctx.Request.Header.Add("X-Forwarded-Host", "host")
mock.StorageProviderMock.EXPECT(). mock.StorageProviderMock.EXPECT().
@ -108,7 +110,7 @@ func TestShouldFailWhenXForwardedHostHeaderIsMissing(t *testing.T) {
mock := mocks.NewMockAutheliaCtx(t) mock := mocks.NewMockAutheliaCtx(t)
defer mock.Close() defer mock.Close()
mock.Ctx.Configuration.JWTSecret = "abc" mock.Ctx.Configuration.JWTSecret = testJWTSecret
mock.Ctx.Request.Header.Add("X-Forwarded-Proto", "http") mock.Ctx.Request.Header.Add("X-Forwarded-Proto", "http")
mock.StorageProviderMock.EXPECT(). mock.StorageProviderMock.EXPECT().
@ -126,7 +128,7 @@ func TestShouldSucceedIdentityVerificationStartProcess(t *testing.T) {
mock := mocks.NewMockAutheliaCtx(t) mock := mocks.NewMockAutheliaCtx(t)
defer mock.Close() defer mock.Close()
mock.Ctx.Configuration.JWTSecret = "abc" mock.Ctx.Configuration.JWTSecret = testJWTSecret
mock.Ctx.Request.Header.Add("X-Forwarded-Proto", "http") mock.Ctx.Request.Header.Add("X-Forwarded-Proto", "http")
mock.Ctx.Request.Header.Add("X-Forwarded-Host", "host") mock.Ctx.Request.Header.Add("X-Forwarded-Host", "host")
@ -154,7 +156,7 @@ type IdentityVerificationFinishProcess struct {
func (s *IdentityVerificationFinishProcess) SetupTest() { func (s *IdentityVerificationFinishProcess) SetupTest() {
s.mock = mocks.NewMockAutheliaCtx(s.T()) s.mock = mocks.NewMockAutheliaCtx(s.T())
s.mock.Ctx.Configuration.JWTSecret = "abc" s.mock.Ctx.Configuration.JWTSecret = testJWTSecret
} }
func (s *IdentityVerificationFinishProcess) TearDownTest() { func (s *IdentityVerificationFinishProcess) TearDownTest() {

View File

@ -1,3 +1,8 @@
package session package session
const userSessionStorerKey = "UserSession" const userSessionStorerKey = "UserSession"
const testDomain = "example.com"
const testExpiration = "40"
const testName = "my_session"
const testUsername = "john"

View File

@ -18,13 +18,13 @@ import (
func TestShouldCreateInMemorySessionProvider(t *testing.T) { func TestShouldCreateInMemorySessionProvider(t *testing.T) {
// The redis configuration is not provided so we create a in-memory provider. // The redis configuration is not provided so we create a in-memory provider.
configuration := schema.SessionConfiguration{} configuration := schema.SessionConfiguration{}
configuration.Domain = "example.com" configuration.Domain = testDomain
configuration.Name = "my_session" configuration.Name = testName
configuration.Expiration = "40" configuration.Expiration = testExpiration
providerConfig := NewProviderConfig(configuration) providerConfig := NewProviderConfig(configuration)
assert.Equal(t, "my_session", providerConfig.config.CookieName) assert.Equal(t, "my_session", providerConfig.config.CookieName)
assert.Equal(t, "example.com", providerConfig.config.Domain) assert.Equal(t, testDomain, providerConfig.config.Domain)
assert.Equal(t, true, providerConfig.config.Secure) assert.Equal(t, true, providerConfig.config.Secure)
assert.Equal(t, time.Duration(40)*time.Second, providerConfig.config.Expires) assert.Equal(t, time.Duration(40)*time.Second, providerConfig.config.Expires)
assert.True(t, providerConfig.config.IsSecureFunc(nil)) assert.True(t, providerConfig.config.IsSecureFunc(nil))
@ -36,9 +36,9 @@ func TestShouldCreateInMemorySessionProvider(t *testing.T) {
func TestShouldCreateRedisSessionProvider(t *testing.T) { func TestShouldCreateRedisSessionProvider(t *testing.T) {
// The redis configuration is not provided so we create a in-memory provider. // The redis configuration is not provided so we create a in-memory provider.
configuration := schema.SessionConfiguration{} configuration := schema.SessionConfiguration{}
configuration.Domain = "example.com" configuration.Domain = testDomain
configuration.Name = "my_session" configuration.Name = testName
configuration.Expiration = "40" configuration.Expiration = testExpiration
configuration.Redis = &schema.RedisSessionConfiguration{ configuration.Redis = &schema.RedisSessionConfiguration{
Host: "redis.example.com", Host: "redis.example.com",
Port: 6379, Port: 6379,
@ -47,7 +47,7 @@ func TestShouldCreateRedisSessionProvider(t *testing.T) {
providerConfig := NewProviderConfig(configuration) providerConfig := NewProviderConfig(configuration)
assert.Equal(t, "my_session", providerConfig.config.CookieName) assert.Equal(t, "my_session", providerConfig.config.CookieName)
assert.Equal(t, "example.com", providerConfig.config.Domain) assert.Equal(t, testDomain, providerConfig.config.Domain)
assert.Equal(t, true, providerConfig.config.Secure) assert.Equal(t, true, providerConfig.config.Secure)
assert.Equal(t, time.Duration(40)*time.Second, providerConfig.config.Expires) assert.Equal(t, time.Duration(40)*time.Second, providerConfig.config.Expires)
assert.True(t, providerConfig.config.IsSecureFunc(nil)) assert.True(t, providerConfig.config.IsSecureFunc(nil))
@ -65,9 +65,9 @@ func TestShouldCreateRedisSessionProvider(t *testing.T) {
func TestShouldSetDbNumber(t *testing.T) { func TestShouldSetDbNumber(t *testing.T) {
configuration := schema.SessionConfiguration{} configuration := schema.SessionConfiguration{}
configuration.Domain = "example.com" configuration.Domain = testDomain
configuration.Name = "my_session" configuration.Name = testName
configuration.Expiration = "40" configuration.Expiration = testExpiration
configuration.Redis = &schema.RedisSessionConfiguration{ configuration.Redis = &schema.RedisSessionConfiguration{
Host: "redis.example.com", Host: "redis.example.com",
Port: 6379, Port: 6379,

View File

@ -14,9 +14,9 @@ import (
func TestShouldInitializerSession(t *testing.T) { func TestShouldInitializerSession(t *testing.T) {
ctx := &fasthttp.RequestCtx{} ctx := &fasthttp.RequestCtx{}
configuration := schema.SessionConfiguration{} configuration := schema.SessionConfiguration{}
configuration.Domain = "example.com" configuration.Domain = testDomain
configuration.Name = "my_session" configuration.Name = testName
configuration.Expiration = "40" configuration.Expiration = testExpiration
provider := NewProvider(configuration) provider := NewProvider(configuration)
session, err := provider.GetSession(ctx) session, err := provider.GetSession(ctx)
@ -28,14 +28,14 @@ func TestShouldInitializerSession(t *testing.T) {
func TestShouldUpdateSession(t *testing.T) { func TestShouldUpdateSession(t *testing.T) {
ctx := &fasthttp.RequestCtx{} ctx := &fasthttp.RequestCtx{}
configuration := schema.SessionConfiguration{} configuration := schema.SessionConfiguration{}
configuration.Domain = "example.com" configuration.Domain = testDomain
configuration.Name = "my_session" configuration.Name = testName
configuration.Expiration = "40" configuration.Expiration = testExpiration
provider := NewProvider(configuration) provider := NewProvider(configuration)
session, _ := provider.GetSession(ctx) session, _ := provider.GetSession(ctx)
session.Username = "john" session.Username = testUsername
session.AuthenticationLevel = authentication.TwoFactor session.AuthenticationLevel = authentication.TwoFactor
err := provider.SaveSession(ctx, session) err := provider.SaveSession(ctx, session)
@ -45,7 +45,7 @@ func TestShouldUpdateSession(t *testing.T) {
require.NoError(t, err) require.NoError(t, err)
assert.Equal(t, UserSession{ assert.Equal(t, UserSession{
Username: "john", Username: testUsername,
AuthenticationLevel: authentication.TwoFactor, AuthenticationLevel: authentication.TwoFactor,
}, session) }, session)
} }
@ -53,15 +53,15 @@ func TestShouldUpdateSession(t *testing.T) {
func TestShouldDestroySessionAndWipeSessionData(t *testing.T) { func TestShouldDestroySessionAndWipeSessionData(t *testing.T) {
ctx := &fasthttp.RequestCtx{} ctx := &fasthttp.RequestCtx{}
configuration := schema.SessionConfiguration{} configuration := schema.SessionConfiguration{}
configuration.Domain = "example.com" configuration.Domain = testDomain
configuration.Name = "my_session" configuration.Name = testName
configuration.Expiration = "40" configuration.Expiration = testExpiration
provider := NewProvider(configuration) provider := NewProvider(configuration)
session, err := provider.GetSession(ctx) session, err := provider.GetSession(ctx)
require.NoError(t, err) require.NoError(t, err)
session.Username = "john" session.Username = testUsername
session.AuthenticationLevel = authentication.TwoFactor session.AuthenticationLevel = authentication.TwoFactor
err = provider.SaveSession(ctx, session) err = provider.SaveSession(ctx, session)
@ -69,7 +69,7 @@ func TestShouldDestroySessionAndWipeSessionData(t *testing.T) {
newUserSession, err := provider.GetSession(ctx) newUserSession, err := provider.GetSession(ctx)
require.NoError(t, err) require.NoError(t, err)
assert.Equal(t, "john", newUserSession.Username) assert.Equal(t, testUsername, newUserSession.Username)
assert.Equal(t, authentication.TwoFactor, newUserSession.AuthenticationLevel) assert.Equal(t, authentication.TwoFactor, newUserSession.AuthenticationLevel)
err = provider.DestroySession(ctx) err = provider.DestroySession(ctx)

View File

@ -40,3 +40,8 @@ var DuoBaseURL = "https://duo.example.com"
// AutheliaBaseURL the base URL of Authelia service. // AutheliaBaseURL the base URL of Authelia service.
var AutheliaBaseURL = "https://authelia.example.com:9091" var AutheliaBaseURL = "https://authelia.example.com:9091"
const stringTrue = "true"
const testUsername = "john"
const testPassword = "password"

View File

@ -18,7 +18,7 @@ type DockerEnvironment struct {
// NewDockerEnvironment create a new docker environment. // NewDockerEnvironment create a new docker environment.
func NewDockerEnvironment(files []string) *DockerEnvironment { func NewDockerEnvironment(files []string) *DockerEnvironment {
if os.Getenv("CI") == "true" { if os.Getenv("CI") == stringTrue {
for i := range files { for i := range files {
files[i] = strings.ReplaceAll(files[i], "{}", "dist") files[i] = strings.ReplaceAll(files[i], "{}", "dist")
} }

View File

@ -63,7 +63,7 @@ func waitUntilAutheliaIsReady(dockerEnvironment *DockerEnvironment) error {
return err return err
} }
if os.Getenv("CI") != "true" { if os.Getenv("CI") != stringTrue {
if err := waitUntilAutheliaFrontendIsReady(dockerEnvironment); err != nil { if err := waitUntilAutheliaFrontendIsReady(dockerEnvironment); err != nil {
return err return err
} }

View File

@ -51,8 +51,8 @@ func (s *TwoFactorSuite) TestShouldAuthorizeSecretAfterTwoFactor() {
ctx, cancel := context.WithTimeout(context.Background(), 15*time.Second) ctx, cancel := context.WithTimeout(context.Background(), 15*time.Second)
defer cancel() defer cancel()
username := "john" username := testUsername
password := "password" password := testPassword
// Login one factor // Login one factor
s.doLoginOneFactor(ctx, s.T(), username, password, false, "") s.doLoginOneFactor(ctx, s.T(), username, password, false, "")
@ -68,7 +68,7 @@ func (s *TwoFactorSuite) TestShouldAuthorizeSecretAfterTwoFactor() {
// Login again with 1FA & 2FA // Login again with 1FA & 2FA
targetURL := fmt.Sprintf("%s/secret.html", AdminBaseURL) targetURL := fmt.Sprintf("%s/secret.html", AdminBaseURL)
s.doLoginTwoFactor(ctx, s.T(), "john", "password", false, secret, targetURL) s.doLoginTwoFactor(ctx, s.T(), testUsername, testPassword, false, secret, targetURL)
// And check if the user is redirected to the secret. // And check if the user is redirected to the secret.
s.verifySecretAuthorized(ctx, s.T()) s.verifySecretAuthorized(ctx, s.T())
@ -87,10 +87,10 @@ func (s *TwoFactorSuite) TestShouldFailTwoFactor() {
defer cancel() defer cancel()
// Register TOTP secret and logout. // Register TOTP secret and logout.
s.doRegisterThenLogout(ctx, s.T(), "john", "password") s.doRegisterThenLogout(ctx, s.T(), testUsername, testPassword)
wrongPasscode := "123456" wrongPasscode := "123456"
s.doLoginOneFactor(ctx, s.T(), "john", "password", false, "") s.doLoginOneFactor(ctx, s.T(), testUsername, testPassword, false, "")
s.verifyIsSecondFactorPage(ctx, s.T()) s.verifyIsSecondFactorPage(ctx, s.T())
s.doEnterOTP(ctx, s.T(), wrongPasscode) s.doEnterOTP(ctx, s.T(), wrongPasscode)

View File

@ -44,7 +44,7 @@ func init() {
} }
log.Debug("Building authelia:dist image or use cache if already built...") log.Debug("Building authelia:dist image or use cache if already built...")
if os.Getenv("CI") != "true" { if os.Getenv("CI") != stringTrue {
if err := utils.Shell("authelia-scripts docker build").Run(); err != nil { if err := utils.Shell("authelia-scripts docker build").Run(); err != nil {
return err return err
} }

View File

@ -24,3 +24,5 @@ const Year = Day * 365
// Month is an int based representation of the time unit. // Month is an int based representation of the time unit.
const Month = Year / 12 const Month = Year / 12
const testStringInput = "abcdefghijkl"

View File

@ -7,7 +7,7 @@ import (
) )
func TestShouldSplitIntoEvenStringsOfFour(t *testing.T) { func TestShouldSplitIntoEvenStringsOfFour(t *testing.T) {
input := "abcdefghijkl" input := testStringInput
arrayOfStrings := SliceString(input, 4) arrayOfStrings := SliceString(input, 4)
assert.Equal(t, len(arrayOfStrings), 3) assert.Equal(t, len(arrayOfStrings), 3)
assert.Equal(t, "abcd", arrayOfStrings[0]) assert.Equal(t, "abcd", arrayOfStrings[0])
@ -16,7 +16,7 @@ func TestShouldSplitIntoEvenStringsOfFour(t *testing.T) {
} }
func TestShouldSplitIntoEvenStringsOfOne(t *testing.T) { func TestShouldSplitIntoEvenStringsOfOne(t *testing.T) {
input := "abcdefghijkl" input := testStringInput
arrayOfStrings := SliceString(input, 1) arrayOfStrings := SliceString(input, 1)
assert.Equal(t, 12, len(arrayOfStrings)) assert.Equal(t, 12, len(arrayOfStrings))
assert.Equal(t, "a", arrayOfStrings[0]) assert.Equal(t, "a", arrayOfStrings[0])
@ -27,7 +27,7 @@ func TestShouldSplitIntoEvenStringsOfOne(t *testing.T) {
} }
func TestShouldSplitIntoUnevenStringsOfFour(t *testing.T) { func TestShouldSplitIntoUnevenStringsOfFour(t *testing.T) {
input := "abcdefghijklm" input := testStringInput + "m"
arrayOfStrings := SliceString(input, 4) arrayOfStrings := SliceString(input, 4)
assert.Equal(t, len(arrayOfStrings), 4) assert.Equal(t, len(arrayOfStrings), 4)
assert.Equal(t, "abcd", arrayOfStrings[0]) assert.Equal(t, "abcd", arrayOfStrings[0])