mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
[CI] Add goconst linter (#961)
* [CI] Add goconst linter * Implement goconst recommendations * Rename defaultPolicy to denyPolicy * Change order for test constants Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
This commit is contained in:
parent
310c5dc09b
commit
be0cc72473
|
@ -2,6 +2,9 @@ run:
|
|||
timeout: 3m
|
||||
|
||||
linters-settings:
|
||||
goconst:
|
||||
min-len: 2
|
||||
min-occurrences: 2
|
||||
gocyclo:
|
||||
min-complexity: 15
|
||||
godot:
|
||||
|
@ -11,6 +14,7 @@ linters-settings:
|
|||
|
||||
linters:
|
||||
enable:
|
||||
- goconst
|
||||
- gocyclo
|
||||
- godot
|
||||
- gofmt
|
||||
|
|
|
@ -25,7 +25,7 @@ func buildAutheliaBinary() {
|
|||
func buildFrontend() {
|
||||
// Install npm dependencies.
|
||||
cmd := utils.CommandWithStdout("yarn", "install")
|
||||
cmd.Dir = "web"
|
||||
cmd.Dir = webDirectory
|
||||
|
||||
if err := cmd.Run(); err != nil {
|
||||
log.Fatal(err)
|
||||
|
@ -33,7 +33,7 @@ func buildFrontend() {
|
|||
|
||||
// Then build the frontend.
|
||||
cmd = utils.CommandWithStdout("yarn", "build")
|
||||
cmd.Dir = "web"
|
||||
cmd.Dir = webDirectory
|
||||
cmd.Env = append(os.Environ(), "INLINE_RUNTIME_CHUNK=false")
|
||||
|
||||
if err := cmd.Run(); err != nil {
|
||||
|
|
|
@ -53,7 +53,7 @@ func dockerBuildOfficialImage(arch string) error {
|
|||
}
|
||||
|
||||
if arch == "arm32v7" {
|
||||
if buildkiteQEMU != "true" {
|
||||
if buildkiteQEMU != stringTrue {
|
||||
err := utils.CommandWithStdout("docker", "run", "--rm", "--privileged", "multiarch/qemu-user-static", "--reset", "-p", "yes").Run()
|
||||
if err != nil {
|
||||
panic(err)
|
||||
|
@ -66,7 +66,7 @@ func dockerBuildOfficialImage(arch string) error {
|
|||
panic(err)
|
||||
}
|
||||
} else if arch == "arm64v8" {
|
||||
if buildkiteQEMU != "true" {
|
||||
if buildkiteQEMU != stringTrue {
|
||||
err := utils.CommandWithStdout("docker", "run", "--rm", "--privileged", "multiarch/qemu-user-static", "--reset", "-p", "yes").Run()
|
||||
if err != nil {
|
||||
panic(err)
|
||||
|
@ -83,7 +83,7 @@ func dockerBuildOfficialImage(arch string) error {
|
|||
gitTag := ciTag
|
||||
if gitTag == "" {
|
||||
// If commit is not tagged, mark the build has having master tag.
|
||||
gitTag = "master"
|
||||
gitTag = masterTag
|
||||
}
|
||||
|
||||
cmd := utils.Shell("git rev-parse HEAD")
|
||||
|
@ -213,13 +213,13 @@ func publishDockerImage(arch string) {
|
|||
} else {
|
||||
log.Fatal("Docker image will not be published, the specified tag does not conform to the standard")
|
||||
}
|
||||
} else if ciBranch != "master" && !publicRepo.MatchString(ciBranch) {
|
||||
} else if ciBranch != masterTag && !publicRepo.MatchString(ciBranch) {
|
||||
login(docker)
|
||||
deploy(docker, ciBranch+"-"+arch)
|
||||
} else if ciBranch != "master" && publicRepo.MatchString(ciBranch) {
|
||||
} else if ciBranch != masterTag && publicRepo.MatchString(ciBranch) {
|
||||
login(docker)
|
||||
deploy(docker, "PR"+ciPullRequest+"-"+arch)
|
||||
} else if ciBranch == "master" && ciPullRequest == "false" {
|
||||
} else if ciBranch == masterTag && ciPullRequest == stringFalse {
|
||||
login(docker)
|
||||
deploy(docker, "master-"+arch)
|
||||
} else {
|
||||
|
@ -248,13 +248,13 @@ func publishDockerManifest() {
|
|||
} else {
|
||||
log.Fatal("Docker manifest will not be published, the specified tag does not conform to the standard")
|
||||
}
|
||||
} else if ciBranch != "master" && !publicRepo.MatchString(ciBranch) {
|
||||
} else if ciBranch != masterTag && !publicRepo.MatchString(ciBranch) {
|
||||
login(docker)
|
||||
deployManifest(docker, ciBranch, ciBranch+"-amd64", ciBranch+"-arm32v7", ciBranch+"-arm64v8")
|
||||
} else if ciBranch != "master" && publicRepo.MatchString(ciBranch) {
|
||||
} else if ciBranch != masterTag && publicRepo.MatchString(ciBranch) {
|
||||
login(docker)
|
||||
deployManifest(docker, "PR"+ciPullRequest, "PR"+ciPullRequest+"-amd64", "PR"+ciPullRequest+"-arm32v7", "PR"+ciPullRequest+"-arm64v8")
|
||||
} else if ciBranch == "master" && ciPullRequest == "false" {
|
||||
} else if ciBranch == masterTag && ciPullRequest == stringFalse {
|
||||
login(docker)
|
||||
deployManifest(docker, "master", "master-amd64", "master-arm32v7", "master-arm64v8")
|
||||
publishDockerReadme(docker)
|
||||
|
|
|
@ -17,7 +17,7 @@ func RunUnitTest(cobraCmd *cobra.Command, args []string) {
|
|||
}
|
||||
|
||||
cmd := utils.Shell("yarn test")
|
||||
cmd.Dir = "web"
|
||||
cmd.Dir = webDirectory
|
||||
cmd.Env = append(os.Environ(), "CI=true")
|
||||
if err := cmd.Run(); err != nil {
|
||||
log.Fatal(err)
|
||||
|
|
|
@ -8,3 +8,8 @@ var DockerImageName = "authelia/authelia"
|
|||
|
||||
// IntermediateDockerImageName local name of the docker image.
|
||||
var IntermediateDockerImageName = "authelia:dist"
|
||||
|
||||
const masterTag = "master"
|
||||
const stringFalse = "false"
|
||||
const stringTrue = "true"
|
||||
const webDirectory = "web"
|
|
@ -43,3 +43,7 @@ const (
|
|||
|
||||
// HashingPossibleSaltCharacters represents valid hashing runes.
|
||||
var HashingPossibleSaltCharacters = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/")
|
||||
|
||||
const sha512 = "sha512"
|
||||
|
||||
const testPassword = "my;secure*password"
|
||||
|
|
|
@ -54,7 +54,7 @@ func NewFileUserProvider(configuration *schema.FileAuthenticationBackendConfigur
|
|||
// TODO: Remove this. This is only here to temporarily fix the username enumeration security flaw in #949.
|
||||
// This generates a hash that should be usable to do a fake CheckUserPassword
|
||||
algorithm := configuration.Password.Algorithm
|
||||
if configuration.Password.Algorithm == "sha512" {
|
||||
if configuration.Password.Algorithm == sha512 {
|
||||
algorithm = HashingAlgorithmSHA512
|
||||
}
|
||||
settings := getCryptSettings(utils.RandomString(configuration.Password.SaltLength, HashingPossibleSaltCharacters),
|
||||
|
@ -143,7 +143,7 @@ func (p *FileUserProvider) UpdatePassword(username string, newPassword string) e
|
|||
var algorithm string
|
||||
if p.configuration.Password.Algorithm == "argon2id" {
|
||||
algorithm = HashingAlgorithmArgon2id
|
||||
} else if p.configuration.Password.Algorithm == "sha512" {
|
||||
} else if p.configuration.Password.Algorithm == sha512 {
|
||||
algorithm = HashingAlgorithmSHA512
|
||||
} else {
|
||||
return errors.New("Invalid algorithm in configuration. It should be `argon2id` or `sha512`")
|
||||
|
|
|
@ -299,7 +299,7 @@ func TestNumberOfRoundsNotInt(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestShouldCheckPasswordArgon2idHashedWithAuthelia(t *testing.T) {
|
||||
password := "my;secure*password"
|
||||
password := testPassword
|
||||
hash, err := HashPassword(password, "", HashingAlgorithmArgon2id, schema.DefaultCIPasswordConfiguration.Iterations,
|
||||
schema.DefaultCIPasswordConfiguration.Memory*1024, schema.DefaultCIPasswordConfiguration.Parallelism,
|
||||
schema.DefaultCIPasswordConfiguration.KeyLength, schema.DefaultCIPasswordConfiguration.SaltLength)
|
||||
|
@ -313,7 +313,7 @@ func TestShouldCheckPasswordArgon2idHashedWithAuthelia(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestShouldCheckPasswordSHA512HashedWithAuthelia(t *testing.T) {
|
||||
password := "my;secure*password"
|
||||
password := testPassword
|
||||
hash, err := HashPassword(password, "", HashingAlgorithmSHA512, schema.DefaultPasswordSHA512Configuration.Iterations,
|
||||
0, 0, 0, schema.DefaultPasswordSHA512Configuration.SaltLength)
|
||||
|
||||
|
|
|
@ -17,7 +17,7 @@ type ACLRule struct {
|
|||
|
||||
// IsPolicyValid check if policy is valid.
|
||||
func IsPolicyValid(policy string) bool {
|
||||
return policy == "deny" || policy == "one_factor" || policy == "two_factor" || policy == "bypass"
|
||||
return policy == denyPolicy || policy == "one_factor" || policy == "two_factor" || policy == "bypass"
|
||||
}
|
||||
|
||||
// IsSubjectValid check if a subject is valid.
|
||||
|
@ -63,7 +63,7 @@ type AccessControlConfiguration struct {
|
|||
// Validate validate the access control configuration.
|
||||
func (acc *AccessControlConfiguration) Validate(validator *StructValidator) {
|
||||
if acc.DefaultPolicy == "" {
|
||||
acc.DefaultPolicy = "deny"
|
||||
acc.DefaultPolicy = denyPolicy
|
||||
}
|
||||
|
||||
if !IsPolicyValid(acc.DefaultPolicy) {
|
||||
|
|
3
internal/configuration/schema/const.go
Normal file
3
internal/configuration/schema/const.go
Normal file
|
@ -0,0 +1,3 @@
|
|||
package schema
|
||||
|
||||
const denyPolicy = "deny"
|
|
@ -22,14 +22,14 @@ func validateFileAuthenticationBackend(configuration *schema.FileAuthenticationB
|
|||
configuration.Password.Algorithm = schema.DefaultPasswordConfiguration.Algorithm
|
||||
} else {
|
||||
configuration.Password.Algorithm = strings.ToLower(configuration.Password.Algorithm)
|
||||
if configuration.Password.Algorithm != "argon2id" && configuration.Password.Algorithm != "sha512" {
|
||||
if configuration.Password.Algorithm != argon2id && configuration.Password.Algorithm != sha512 {
|
||||
validator.Push(fmt.Errorf("Unknown hashing algorithm supplied, valid values are argon2id and sha512, you configured '%s'", configuration.Password.Algorithm))
|
||||
}
|
||||
}
|
||||
|
||||
// Iterations (time)
|
||||
if configuration.Password.Iterations == 0 {
|
||||
if configuration.Password.Algorithm == "argon2id" {
|
||||
if configuration.Password.Algorithm == argon2id {
|
||||
configuration.Password.Iterations = schema.DefaultPasswordConfiguration.Iterations
|
||||
} else {
|
||||
configuration.Password.Iterations = schema.DefaultPasswordSHA512Configuration.Iterations
|
||||
|
@ -47,7 +47,7 @@ func validateFileAuthenticationBackend(configuration *schema.FileAuthenticationB
|
|||
validator.Push(fmt.Errorf("The salt length must be 16 or less, you configured %d", configuration.Password.SaltLength))
|
||||
}
|
||||
|
||||
if configuration.Password.Algorithm == "argon2id" {
|
||||
if configuration.Password.Algorithm == argon2id {
|
||||
// Parallelism
|
||||
if configuration.Password.Parallelism == 0 {
|
||||
configuration.Password.Parallelism = schema.DefaultPasswordConfiguration.Parallelism
|
||||
|
@ -80,14 +80,14 @@ func validateLdapURL(ldapURL string, validator *schema.StructValidator) string {
|
|||
return ""
|
||||
}
|
||||
|
||||
if !(u.Scheme == "ldap" || u.Scheme == "ldaps") {
|
||||
if !(u.Scheme == schemeLDAP || u.Scheme == schemeLDAPS) {
|
||||
validator.Push(errors.New("Unknown scheme for ldap url, should be ldap:// or ldaps://"))
|
||||
return ""
|
||||
}
|
||||
|
||||
if u.Scheme == "ldap" && u.Port() == "" {
|
||||
if u.Scheme == schemeLDAP && u.Port() == "" {
|
||||
u.Host += ":389"
|
||||
} else if u.Scheme == "ldaps" && u.Port() == "" {
|
||||
} else if u.Scheme == schemeLDAPS && u.Port() == "" {
|
||||
u.Host += ":636"
|
||||
}
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ func newDefaultConfig() schema.Configuration {
|
|||
config.Host = "127.0.0.1"
|
||||
config.Port = 9090
|
||||
config.LogLevel = "info"
|
||||
config.JWTSecret = "a_secret"
|
||||
config.JWTSecret = testJWTSecret
|
||||
config.AuthenticationBackend.File = new(schema.FileAuthenticationBackendConfiguration)
|
||||
config.AuthenticationBackend.File.Path = "/a/path"
|
||||
config.Session = schema.SessionConfiguration{
|
||||
|
@ -104,7 +104,7 @@ func TestShouldAddDefaultAccessControl(t *testing.T) {
|
|||
func TestShouldRaiseErrorWhenTLSCertWithoutKeyIsProvided(t *testing.T) {
|
||||
validator := schema.NewStructValidator()
|
||||
config := newDefaultConfig()
|
||||
config.TLSCert = "/tmp/cert.pem"
|
||||
config.TLSCert = testTLSCert
|
||||
|
||||
ValidateConfiguration(&config, validator)
|
||||
require.Len(t, validator.Errors(), 1)
|
||||
|
@ -114,7 +114,7 @@ func TestShouldRaiseErrorWhenTLSCertWithoutKeyIsProvided(t *testing.T) {
|
|||
func TestShouldRaiseErrorWhenTLSKeyWithoutCertIsProvided(t *testing.T) {
|
||||
validator := schema.NewStructValidator()
|
||||
config := newDefaultConfig()
|
||||
config.TLSKey = "/tmp/key.pem"
|
||||
config.TLSKey = testTLSKey
|
||||
|
||||
ValidateConfiguration(&config, validator)
|
||||
require.Len(t, validator.Errors(), 1)
|
||||
|
@ -124,8 +124,8 @@ func TestShouldRaiseErrorWhenTLSKeyWithoutCertIsProvided(t *testing.T) {
|
|||
func TestShouldNotRaiseErrorWhenBothTLSCertificateAndKeyAreProvided(t *testing.T) {
|
||||
validator := schema.NewStructValidator()
|
||||
config := newDefaultConfig()
|
||||
config.TLSCert = "/tmp/cert.pem"
|
||||
config.TLSKey = "/tmp/key.pem"
|
||||
config.TLSCert = testTLSCert
|
||||
config.TLSKey = testTLSKey
|
||||
|
||||
ValidateConfiguration(&config, validator)
|
||||
require.Len(t, validator.Errors(), 0)
|
||||
|
|
|
@ -150,3 +150,15 @@ var specificErrorKeys = map[string]string{
|
|||
"authentication_backend.file.hashing.memory": "config key incorrect: authentication_backend.file.hashing should be authentication_backend.file.password",
|
||||
"authentication_backend.file.hashing.parallelism": "config key incorrect: authentication_backend.file.hashing should be authentication_backend.file.password",
|
||||
}
|
||||
|
||||
const argon2id = "argon2id"
|
||||
const sha512 = "sha512"
|
||||
|
||||
const schemeLDAP = "ldap"
|
||||
const schemeLDAPS = "ldaps"
|
||||
|
||||
const testBadTimer = "-1"
|
||||
const testModeDisabled = "disable"
|
||||
const testJWTSecret = "a_secret"
|
||||
const testTLSCert = "/tmp/cert.pem"
|
||||
const testTLSKey = "/tmp/key.pem"
|
||||
|
|
|
@ -10,7 +10,7 @@ import (
|
|||
|
||||
func newDefaultSessionConfig() schema.SessionConfiguration {
|
||||
config := schema.SessionConfiguration{}
|
||||
config.Secret = "a_secret"
|
||||
config.Secret = testJWTSecret
|
||||
config.Domain = "example.com"
|
||||
return config
|
||||
}
|
||||
|
@ -78,8 +78,8 @@ func TestShouldRaiseErrorWhenDomainNotSet(t *testing.T) {
|
|||
func TestShouldRaiseErrorWhenBadInactivityAndExpirationSet(t *testing.T) {
|
||||
validator := schema.NewStructValidator()
|
||||
config := newDefaultSessionConfig()
|
||||
config.Inactivity = "-1"
|
||||
config.Expiration = "-1"
|
||||
config.Inactivity = testBadTimer
|
||||
config.Expiration = testBadTimer
|
||||
|
||||
ValidateSession(&config, validator)
|
||||
|
||||
|
|
|
@ -35,10 +35,10 @@ func validatePostgreSQLConfiguration(configuration *schema.PostgreSQLStorageConf
|
|||
validateSQLConfiguration(&configuration.SQLStorageConfiguration, validator)
|
||||
|
||||
if configuration.SSLMode == "" {
|
||||
configuration.SSLMode = "disable"
|
||||
configuration.SSLMode = testModeDisabled
|
||||
}
|
||||
|
||||
if !(configuration.SSLMode == "disable" || configuration.SSLMode == "require" ||
|
||||
if !(configuration.SSLMode == testModeDisabled || configuration.SSLMode == "require" ||
|
||||
configuration.SSLMode == "verify-ca" || configuration.SSLMode == "verify-full") {
|
||||
validator.Push(errors.New("SSL mode must be 'disable', 'require', 'verify-ca', or 'verify-full'"))
|
||||
}
|
||||
|
|
|
@ -34,3 +34,9 @@ const unableToRegisterOneTimePasswordMessage = "Unable to set up one-time passwo
|
|||
const unableToRegisterSecurityKeyMessage = "Unable to register your security key."
|
||||
const unableToResetPasswordMessage = "Unable to reset your password."
|
||||
const mfaValidationFailedMessage = "Authentication failed, please retry later."
|
||||
|
||||
const testGATrackingID = "ABC"
|
||||
const testInactivity = "10"
|
||||
const testRedirectionURL = "http://redirection.local"
|
||||
const testResultAllow = "allow"
|
||||
const testUsername = "john"
|
||||
|
|
|
@ -25,7 +25,7 @@ func (s *ConfigurationSuite) TearDownTest() {
|
|||
}
|
||||
|
||||
func (s *ConfigurationSuite) TestShouldReturnConfiguredGATrackingID() {
|
||||
GATrackingID := "ABC"
|
||||
GATrackingID := testGATrackingID
|
||||
s.mock.Ctx.Configuration.GoogleAnalyticsTrackingID = GATrackingID
|
||||
s.mock.Ctx.Configuration.Session.RememberMeDuration = schema.DefaultSessionConfiguration.RememberMeDuration
|
||||
|
||||
|
@ -40,7 +40,7 @@ func (s *ConfigurationSuite) TestShouldReturnConfiguredGATrackingID() {
|
|||
}
|
||||
|
||||
func (s *ConfigurationSuite) TestShouldDisableRememberMe() {
|
||||
GATrackingID := "ABC"
|
||||
GATrackingID := testGATrackingID
|
||||
s.mock.Ctx.Configuration.GoogleAnalyticsTrackingID = GATrackingID
|
||||
s.mock.Ctx.Configuration.Session.RememberMeDuration = "0"
|
||||
s.mock.Ctx.Providers.SessionProvider = session.NewProvider(
|
||||
|
@ -56,7 +56,7 @@ func (s *ConfigurationSuite) TestShouldDisableRememberMe() {
|
|||
}
|
||||
|
||||
func (s *ConfigurationSuite) TestShouldDisableResetPassword() {
|
||||
GATrackingID := "ABC"
|
||||
GATrackingID := testGATrackingID
|
||||
s.mock.Ctx.Configuration.GoogleAnalyticsTrackingID = GATrackingID
|
||||
s.mock.Ctx.Configuration.AuthenticationBackend.DisableResetPassword = true
|
||||
expectedBody := ConfigurationBody{
|
||||
|
|
|
@ -19,7 +19,7 @@ type LogoutSuite struct {
|
|||
func (s *LogoutSuite) SetupTest() {
|
||||
s.mock = mocks.NewMockAutheliaCtx(s.T())
|
||||
userSession := s.mock.Ctx.GetSession()
|
||||
userSession.Username = "john"
|
||||
userSession.Username = testUsername
|
||||
s.mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
||||
}
|
||||
|
||||
|
|
|
@ -24,7 +24,7 @@ func (s *HandlerRegisterU2FStep1Suite) SetupTest() {
|
|||
s.mock = mocks.NewMockAutheliaCtx(s.T())
|
||||
|
||||
userSession := s.mock.Ctx.GetSession()
|
||||
userSession.Username = "john"
|
||||
userSession.Username = testUsername
|
||||
s.mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
||||
}
|
||||
|
||||
|
|
|
@ -52,7 +52,7 @@ func SecondFactorDuoPost(duoAPI duo.API) middlewares.RequestHandler {
|
|||
}
|
||||
}
|
||||
|
||||
if duoResponse.Response.Result != "allow" {
|
||||
if duoResponse.Response.Result != testResultAllow {
|
||||
ctx.ReplyUnauthorized()
|
||||
return
|
||||
}
|
||||
|
|
|
@ -24,7 +24,7 @@ type SecondFactorDuoPostSuite struct {
|
|||
func (s *SecondFactorDuoPostSuite) SetupTest() {
|
||||
s.mock = mocks.NewMockAutheliaCtx(s.T())
|
||||
userSession := s.mock.Ctx.GetSession()
|
||||
userSession.Username = "john"
|
||||
userSession.Username = testUsername
|
||||
s.mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
||||
}
|
||||
|
||||
|
@ -43,7 +43,7 @@ func (s *SecondFactorDuoPostSuite) TestShouldCallDuoAPIAndAllowAccess() {
|
|||
values.Set("pushinfo", "target%20url=https://target.example.com")
|
||||
|
||||
response := duo.Response{}
|
||||
response.Response.Result = "allow"
|
||||
response.Response.Result = testResultAllow
|
||||
|
||||
duoMock.EXPECT().Call(gomock.Eq(values), s.mock.Ctx).Return(&response, nil)
|
||||
|
||||
|
@ -99,11 +99,11 @@ func (s *SecondFactorDuoPostSuite) TestShouldRedirectUserToDefaultURL() {
|
|||
duoMock := mocks.NewMockAPI(s.mock.Ctrl)
|
||||
|
||||
response := duo.Response{}
|
||||
response.Response.Result = "allow"
|
||||
response.Response.Result = testResultAllow
|
||||
|
||||
duoMock.EXPECT().Call(gomock.Any(), s.mock.Ctx).Return(&response, nil)
|
||||
|
||||
s.mock.Ctx.Configuration.DefaultRedirectionURL = "http://redirection.local"
|
||||
s.mock.Ctx.Configuration.DefaultRedirectionURL = testRedirectionURL
|
||||
|
||||
bodyBytes, err := json.Marshal(signDuoRequestBody{})
|
||||
s.Require().NoError(err)
|
||||
|
@ -111,7 +111,7 @@ func (s *SecondFactorDuoPostSuite) TestShouldRedirectUserToDefaultURL() {
|
|||
|
||||
SecondFactorDuoPost(duoMock)(s.mock.Ctx)
|
||||
s.mock.Assert200OK(s.T(), redirectResponse{
|
||||
Redirect: "http://redirection.local",
|
||||
Redirect: testRedirectionURL,
|
||||
})
|
||||
}
|
||||
|
||||
|
@ -119,7 +119,7 @@ func (s *SecondFactorDuoPostSuite) TestShouldNotReturnRedirectURL() {
|
|||
duoMock := mocks.NewMockAPI(s.mock.Ctrl)
|
||||
|
||||
response := duo.Response{}
|
||||
response.Response.Result = "allow"
|
||||
response.Response.Result = testResultAllow
|
||||
|
||||
duoMock.EXPECT().Call(gomock.Any(), s.mock.Ctx).Return(&response, nil)
|
||||
|
||||
|
@ -135,7 +135,7 @@ func (s *SecondFactorDuoPostSuite) TestShouldRedirectUserToSafeTargetURL() {
|
|||
duoMock := mocks.NewMockAPI(s.mock.Ctrl)
|
||||
|
||||
response := duo.Response{}
|
||||
response.Response.Result = "allow"
|
||||
response.Response.Result = testResultAllow
|
||||
|
||||
duoMock.EXPECT().Call(gomock.Any(), s.mock.Ctx).Return(&response, nil)
|
||||
|
||||
|
@ -155,7 +155,7 @@ func (s *SecondFactorDuoPostSuite) TestShouldNotRedirectToUnsafeURL() {
|
|||
duoMock := mocks.NewMockAPI(s.mock.Ctrl)
|
||||
|
||||
response := duo.Response{}
|
||||
response.Response.Result = "allow"
|
||||
response.Response.Result = testResultAllow
|
||||
|
||||
duoMock.EXPECT().Call(gomock.Any(), s.mock.Ctx).Return(&response, nil)
|
||||
|
||||
|
@ -173,7 +173,7 @@ func (s *SecondFactorDuoPostSuite) TestShouldRegenerateSessionForPreventingSessi
|
|||
duoMock := mocks.NewMockAPI(s.mock.Ctrl)
|
||||
|
||||
response := duo.Response{}
|
||||
response.Response.Result = "allow"
|
||||
response.Response.Result = testResultAllow
|
||||
|
||||
duoMock.EXPECT().Call(gomock.Any(), s.mock.Ctx).Return(&response, nil)
|
||||
|
||||
|
|
|
@ -22,7 +22,7 @@ type HandlerSignTOTPSuite struct {
|
|||
func (s *HandlerSignTOTPSuite) SetupTest() {
|
||||
s.mock = mocks.NewMockAutheliaCtx(s.T())
|
||||
userSession := s.mock.Ctx.GetSession()
|
||||
userSession.Username = "john"
|
||||
userSession.Username = testUsername
|
||||
userSession.U2FChallenge = &u2f.Challenge{}
|
||||
userSession.U2FRegistration = &session.U2FRegistration{}
|
||||
s.mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
||||
|
@ -43,7 +43,7 @@ func (s *HandlerSignTOTPSuite) TestShouldRedirectUserToDefaultURL() {
|
|||
Verify(gomock.Eq("abc"), gomock.Eq("secret")).
|
||||
Return(true, nil)
|
||||
|
||||
s.mock.Ctx.Configuration.DefaultRedirectionURL = "http://redirection.local"
|
||||
s.mock.Ctx.Configuration.DefaultRedirectionURL = testRedirectionURL
|
||||
|
||||
bodyBytes, err := json.Marshal(signTOTPRequestBody{
|
||||
Token: "abc",
|
||||
|
@ -53,7 +53,7 @@ func (s *HandlerSignTOTPSuite) TestShouldRedirectUserToDefaultURL() {
|
|||
|
||||
SecondFactorTOTPPost(verifier)(s.mock.Ctx)
|
||||
s.mock.Assert200OK(s.T(), redirectResponse{
|
||||
Redirect: "http://redirection.local",
|
||||
Redirect: testRedirectionURL,
|
||||
})
|
||||
}
|
||||
|
||||
|
|
|
@ -22,7 +22,7 @@ type HandlerSignU2FStep2Suite struct {
|
|||
func (s *HandlerSignU2FStep2Suite) SetupTest() {
|
||||
s.mock = mocks.NewMockAutheliaCtx(s.T())
|
||||
userSession := s.mock.Ctx.GetSession()
|
||||
userSession.Username = "john"
|
||||
userSession.Username = testUsername
|
||||
userSession.U2FChallenge = &u2f.Challenge{}
|
||||
userSession.U2FRegistration = &session.U2FRegistration{}
|
||||
s.mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
||||
|
@ -39,7 +39,7 @@ func (s *HandlerSignU2FStep2Suite) TestShouldRedirectUserToDefaultURL() {
|
|||
Verify(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).
|
||||
Return(nil)
|
||||
|
||||
s.mock.Ctx.Configuration.DefaultRedirectionURL = "http://redirection.local"
|
||||
s.mock.Ctx.Configuration.DefaultRedirectionURL = testRedirectionURL
|
||||
|
||||
bodyBytes, err := json.Marshal(signU2FRequestBody{
|
||||
SignResponse: u2f.SignResponse{},
|
||||
|
@ -49,7 +49,7 @@ func (s *HandlerSignU2FStep2Suite) TestShouldRedirectUserToDefaultURL() {
|
|||
|
||||
SecondFactorU2FSignPost(u2fVerifier)(s.mock.Ctx)
|
||||
s.mock.Assert200OK(s.T(), redirectResponse{
|
||||
Redirect: "http://redirection.local",
|
||||
Redirect: testRedirectionURL,
|
||||
})
|
||||
}
|
||||
|
||||
|
|
|
@ -22,7 +22,7 @@ func (s *FetchSuite) SetupTest() {
|
|||
s.mock = mocks.NewMockAutheliaCtx(s.T())
|
||||
// Set the initial user session.
|
||||
userSession := s.mock.Ctx.GetSession()
|
||||
userSession.Username = "john"
|
||||
userSession.Username = testUsername
|
||||
userSession.AuthenticationLevel = 1
|
||||
s.mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
||||
}
|
||||
|
@ -90,7 +90,7 @@ func TestMethodSetToU2F(t *testing.T) {
|
|||
mock := mocks.NewMockAutheliaCtx(t)
|
||||
// Set the initial user session.
|
||||
userSession := mock.Ctx.GetSession()
|
||||
userSession.Username = "john"
|
||||
userSession.Username = testUsername
|
||||
userSession.AuthenticationLevel = 1
|
||||
mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
||||
|
||||
|
@ -168,7 +168,7 @@ func (s *SaveSuite) SetupTest() {
|
|||
s.mock = mocks.NewMockAutheliaCtx(s.T())
|
||||
// Set the initial user session.
|
||||
userSession := s.mock.Ctx.GetSession()
|
||||
userSession.Username = "john"
|
||||
userSession.Username = testUsername
|
||||
userSession.AuthenticationLevel = 1
|
||||
s.mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
||||
}
|
||||
|
|
|
@ -176,7 +176,7 @@ func TestShouldCheckAuthorizationMatching(t *testing.T) {
|
|||
|
||||
username := ""
|
||||
if rule.AuthLevel > authentication.NotAuthenticated {
|
||||
username = "john"
|
||||
username = testUsername
|
||||
}
|
||||
|
||||
matching := isTargetURLAuthorized(authorizer, *url, username, []string{}, net.ParseIP("127.0.0.1"), rule.AuthLevel)
|
||||
|
@ -472,13 +472,13 @@ func TestShouldDestroySessionWhenInactiveForTooLong(t *testing.T) {
|
|||
clock.Set(time.Now())
|
||||
past := clock.Now().Add(-1 * time.Hour)
|
||||
|
||||
mock.Ctx.Configuration.Session.Inactivity = "10"
|
||||
mock.Ctx.Configuration.Session.Inactivity = testInactivity
|
||||
// Reload the session provider since the configuration is indirect.
|
||||
mock.Ctx.Providers.SessionProvider = session.NewProvider(mock.Ctx.Configuration.Session)
|
||||
assert.Equal(t, time.Second*10, mock.Ctx.Providers.SessionProvider.Inactivity)
|
||||
|
||||
userSession := mock.Ctx.GetSession()
|
||||
userSession.Username = "john"
|
||||
userSession.Username = testUsername
|
||||
userSession.AuthenticationLevel = authentication.TwoFactor
|
||||
userSession.LastActivity = past.Unix()
|
||||
mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
||||
|
@ -509,7 +509,7 @@ func TestShouldDestroySessionWhenInactiveForTooLongUsingDurationNotation(t *test
|
|||
assert.Equal(t, time.Second*10, mock.Ctx.Providers.SessionProvider.Inactivity)
|
||||
|
||||
userSession := mock.Ctx.GetSession()
|
||||
userSession.Username = "john"
|
||||
userSession.Username = testUsername
|
||||
userSession.AuthenticationLevel = authentication.TwoFactor
|
||||
userSession.LastActivity = clock.Now().Add(-1 * time.Hour).Unix()
|
||||
mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
||||
|
@ -531,10 +531,10 @@ func TestShouldKeepSessionWhenUserCheckedRememberMeAndIsInactiveForTooLong(t *te
|
|||
clock := mocks.TestingClock{}
|
||||
clock.Set(time.Now())
|
||||
|
||||
mock.Ctx.Configuration.Session.Inactivity = "10"
|
||||
mock.Ctx.Configuration.Session.Inactivity = testInactivity
|
||||
|
||||
userSession := mock.Ctx.GetSession()
|
||||
userSession.Username = "john"
|
||||
userSession.Username = testUsername
|
||||
userSession.AuthenticationLevel = authentication.TwoFactor
|
||||
userSession.LastActivity = 0
|
||||
userSession.KeepMeLoggedIn = true
|
||||
|
@ -560,12 +560,12 @@ func TestShouldKeepSessionWhenInactivityTimeoutHasNotBeenExceeded(t *testing.T)
|
|||
clock := mocks.TestingClock{}
|
||||
clock.Set(time.Now())
|
||||
|
||||
mock.Ctx.Configuration.Session.Inactivity = "10"
|
||||
mock.Ctx.Configuration.Session.Inactivity = testInactivity
|
||||
|
||||
past := clock.Now().Add(-1 * time.Hour)
|
||||
|
||||
userSession := mock.Ctx.GetSession()
|
||||
userSession.Username = "john"
|
||||
userSession.Username = testUsername
|
||||
userSession.AuthenticationLevel = authentication.TwoFactor
|
||||
userSession.LastActivity = past.Unix()
|
||||
mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
||||
|
@ -592,7 +592,7 @@ func TestShouldRedirectWhenSessionInactiveForTooLongAndRDParamProvided(t *testin
|
|||
clock := mocks.TestingClock{}
|
||||
clock.Set(time.Now())
|
||||
|
||||
mock.Ctx.Configuration.Session.Inactivity = "10"
|
||||
mock.Ctx.Configuration.Session.Inactivity = testInactivity
|
||||
// Reload the session provider since the configuration is indirect.
|
||||
mock.Ctx.Providers.SessionProvider = session.NewProvider(mock.Ctx.Configuration.Session)
|
||||
assert.Equal(t, time.Second*10, mock.Ctx.Providers.SessionProvider.Inactivity)
|
||||
|
@ -600,7 +600,7 @@ func TestShouldRedirectWhenSessionInactiveForTooLongAndRDParamProvided(t *testin
|
|||
past := clock.Now().Add(-1 * time.Hour)
|
||||
|
||||
userSession := mock.Ctx.GetSession()
|
||||
userSession.Username = "john"
|
||||
userSession.Username = testUsername
|
||||
userSession.AuthenticationLevel = authentication.TwoFactor
|
||||
userSession.LastActivity = past.Unix()
|
||||
mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
||||
|
@ -626,12 +626,12 @@ func TestShouldUpdateInactivityTimestampEvenWhenHittingForbiddenResources(t *tes
|
|||
clock := mocks.TestingClock{}
|
||||
clock.Set(time.Now())
|
||||
|
||||
mock.Ctx.Configuration.Session.Inactivity = "10"
|
||||
mock.Ctx.Configuration.Session.Inactivity = testInactivity
|
||||
|
||||
past := clock.Now().Add(-1 * time.Hour)
|
||||
|
||||
userSession := mock.Ctx.GetSession()
|
||||
userSession.Username = "john"
|
||||
userSession.Username = testUsername
|
||||
userSession.AuthenticationLevel = authentication.TwoFactor
|
||||
userSession.LastActivity = past.Unix()
|
||||
mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
||||
|
@ -653,7 +653,7 @@ func TestShouldURLEncodeRedirectionURLParameter(t *testing.T) {
|
|||
defer mock.Close()
|
||||
|
||||
userSession := mock.Ctx.GetSession()
|
||||
userSession.Username = "john"
|
||||
userSession.Username = testUsername
|
||||
userSession.AuthenticationLevel = authentication.NotAuthenticated
|
||||
mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
||||
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
package middlewares
|
||||
|
||||
// JWTIssuer is.
|
||||
const jwtIssuer = "Authelia"
|
||||
|
||||
const xForwardedProtoHeader = "X-Forwarded-Proto"
|
||||
|
|
|
@ -15,6 +15,8 @@ import (
|
|||
"github.com/authelia/authelia/internal/session"
|
||||
)
|
||||
|
||||
const testJWTSecret = "abc"
|
||||
|
||||
func newArgs(retriever func(ctx *middlewares.AutheliaCtx) (*session.Identity, error)) middlewares.IdentityVerificationStartArgs {
|
||||
return middlewares.IdentityVerificationStartArgs{
|
||||
ActionClaim: "Claim",
|
||||
|
@ -50,7 +52,7 @@ func TestShouldFailIfJWTCannotBeSaved(t *testing.T) {
|
|||
mock := mocks.NewMockAutheliaCtx(t)
|
||||
defer mock.Close()
|
||||
|
||||
mock.Ctx.Configuration.JWTSecret = "abc"
|
||||
mock.Ctx.Configuration.JWTSecret = testJWTSecret
|
||||
|
||||
mock.StorageProviderMock.EXPECT().
|
||||
SaveIdentityVerificationToken(gomock.Any()).
|
||||
|
@ -67,7 +69,7 @@ func TestShouldFailSendingAnEmail(t *testing.T) {
|
|||
mock := mocks.NewMockAutheliaCtx(t)
|
||||
defer mock.Close()
|
||||
|
||||
mock.Ctx.Configuration.JWTSecret = "abc"
|
||||
mock.Ctx.Configuration.JWTSecret = testJWTSecret
|
||||
mock.Ctx.Request.Header.Add("X-Forwarded-Proto", "http")
|
||||
mock.Ctx.Request.Header.Add("X-Forwarded-Host", "host")
|
||||
|
||||
|
@ -90,7 +92,7 @@ func TestShouldFailWhenXForwardedProtoHeaderIsMissing(t *testing.T) {
|
|||
mock := mocks.NewMockAutheliaCtx(t)
|
||||
defer mock.Close()
|
||||
|
||||
mock.Ctx.Configuration.JWTSecret = "abc"
|
||||
mock.Ctx.Configuration.JWTSecret = testJWTSecret
|
||||
mock.Ctx.Request.Header.Add("X-Forwarded-Host", "host")
|
||||
|
||||
mock.StorageProviderMock.EXPECT().
|
||||
|
@ -108,7 +110,7 @@ func TestShouldFailWhenXForwardedHostHeaderIsMissing(t *testing.T) {
|
|||
mock := mocks.NewMockAutheliaCtx(t)
|
||||
defer mock.Close()
|
||||
|
||||
mock.Ctx.Configuration.JWTSecret = "abc"
|
||||
mock.Ctx.Configuration.JWTSecret = testJWTSecret
|
||||
mock.Ctx.Request.Header.Add("X-Forwarded-Proto", "http")
|
||||
|
||||
mock.StorageProviderMock.EXPECT().
|
||||
|
@ -126,7 +128,7 @@ func TestShouldSucceedIdentityVerificationStartProcess(t *testing.T) {
|
|||
mock := mocks.NewMockAutheliaCtx(t)
|
||||
defer mock.Close()
|
||||
|
||||
mock.Ctx.Configuration.JWTSecret = "abc"
|
||||
mock.Ctx.Configuration.JWTSecret = testJWTSecret
|
||||
mock.Ctx.Request.Header.Add("X-Forwarded-Proto", "http")
|
||||
mock.Ctx.Request.Header.Add("X-Forwarded-Host", "host")
|
||||
|
||||
|
@ -154,7 +156,7 @@ type IdentityVerificationFinishProcess struct {
|
|||
func (s *IdentityVerificationFinishProcess) SetupTest() {
|
||||
s.mock = mocks.NewMockAutheliaCtx(s.T())
|
||||
|
||||
s.mock.Ctx.Configuration.JWTSecret = "abc"
|
||||
s.mock.Ctx.Configuration.JWTSecret = testJWTSecret
|
||||
}
|
||||
|
||||
func (s *IdentityVerificationFinishProcess) TearDownTest() {
|
||||
|
|
|
@ -1,3 +1,8 @@
|
|||
package session
|
||||
|
||||
const userSessionStorerKey = "UserSession"
|
||||
|
||||
const testDomain = "example.com"
|
||||
const testExpiration = "40"
|
||||
const testName = "my_session"
|
||||
const testUsername = "john"
|
||||
|
|
|
@ -18,13 +18,13 @@ import (
|
|||
func TestShouldCreateInMemorySessionProvider(t *testing.T) {
|
||||
// The redis configuration is not provided so we create a in-memory provider.
|
||||
configuration := schema.SessionConfiguration{}
|
||||
configuration.Domain = "example.com"
|
||||
configuration.Name = "my_session"
|
||||
configuration.Expiration = "40"
|
||||
configuration.Domain = testDomain
|
||||
configuration.Name = testName
|
||||
configuration.Expiration = testExpiration
|
||||
providerConfig := NewProviderConfig(configuration)
|
||||
|
||||
assert.Equal(t, "my_session", providerConfig.config.CookieName)
|
||||
assert.Equal(t, "example.com", providerConfig.config.Domain)
|
||||
assert.Equal(t, testDomain, providerConfig.config.Domain)
|
||||
assert.Equal(t, true, providerConfig.config.Secure)
|
||||
assert.Equal(t, time.Duration(40)*time.Second, providerConfig.config.Expires)
|
||||
assert.True(t, providerConfig.config.IsSecureFunc(nil))
|
||||
|
@ -36,9 +36,9 @@ func TestShouldCreateInMemorySessionProvider(t *testing.T) {
|
|||
func TestShouldCreateRedisSessionProvider(t *testing.T) {
|
||||
// The redis configuration is not provided so we create a in-memory provider.
|
||||
configuration := schema.SessionConfiguration{}
|
||||
configuration.Domain = "example.com"
|
||||
configuration.Name = "my_session"
|
||||
configuration.Expiration = "40"
|
||||
configuration.Domain = testDomain
|
||||
configuration.Name = testName
|
||||
configuration.Expiration = testExpiration
|
||||
configuration.Redis = &schema.RedisSessionConfiguration{
|
||||
Host: "redis.example.com",
|
||||
Port: 6379,
|
||||
|
@ -47,7 +47,7 @@ func TestShouldCreateRedisSessionProvider(t *testing.T) {
|
|||
providerConfig := NewProviderConfig(configuration)
|
||||
|
||||
assert.Equal(t, "my_session", providerConfig.config.CookieName)
|
||||
assert.Equal(t, "example.com", providerConfig.config.Domain)
|
||||
assert.Equal(t, testDomain, providerConfig.config.Domain)
|
||||
assert.Equal(t, true, providerConfig.config.Secure)
|
||||
assert.Equal(t, time.Duration(40)*time.Second, providerConfig.config.Expires)
|
||||
assert.True(t, providerConfig.config.IsSecureFunc(nil))
|
||||
|
@ -65,9 +65,9 @@ func TestShouldCreateRedisSessionProvider(t *testing.T) {
|
|||
|
||||
func TestShouldSetDbNumber(t *testing.T) {
|
||||
configuration := schema.SessionConfiguration{}
|
||||
configuration.Domain = "example.com"
|
||||
configuration.Name = "my_session"
|
||||
configuration.Expiration = "40"
|
||||
configuration.Domain = testDomain
|
||||
configuration.Name = testName
|
||||
configuration.Expiration = testExpiration
|
||||
configuration.Redis = &schema.RedisSessionConfiguration{
|
||||
Host: "redis.example.com",
|
||||
Port: 6379,
|
||||
|
|
|
@ -14,9 +14,9 @@ import (
|
|||
func TestShouldInitializerSession(t *testing.T) {
|
||||
ctx := &fasthttp.RequestCtx{}
|
||||
configuration := schema.SessionConfiguration{}
|
||||
configuration.Domain = "example.com"
|
||||
configuration.Name = "my_session"
|
||||
configuration.Expiration = "40"
|
||||
configuration.Domain = testDomain
|
||||
configuration.Name = testName
|
||||
configuration.Expiration = testExpiration
|
||||
|
||||
provider := NewProvider(configuration)
|
||||
session, err := provider.GetSession(ctx)
|
||||
|
@ -28,14 +28,14 @@ func TestShouldInitializerSession(t *testing.T) {
|
|||
func TestShouldUpdateSession(t *testing.T) {
|
||||
ctx := &fasthttp.RequestCtx{}
|
||||
configuration := schema.SessionConfiguration{}
|
||||
configuration.Domain = "example.com"
|
||||
configuration.Name = "my_session"
|
||||
configuration.Expiration = "40"
|
||||
configuration.Domain = testDomain
|
||||
configuration.Name = testName
|
||||
configuration.Expiration = testExpiration
|
||||
|
||||
provider := NewProvider(configuration)
|
||||
session, _ := provider.GetSession(ctx)
|
||||
|
||||
session.Username = "john"
|
||||
session.Username = testUsername
|
||||
session.AuthenticationLevel = authentication.TwoFactor
|
||||
|
||||
err := provider.SaveSession(ctx, session)
|
||||
|
@ -45,7 +45,7 @@ func TestShouldUpdateSession(t *testing.T) {
|
|||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, UserSession{
|
||||
Username: "john",
|
||||
Username: testUsername,
|
||||
AuthenticationLevel: authentication.TwoFactor,
|
||||
}, session)
|
||||
}
|
||||
|
@ -53,15 +53,15 @@ func TestShouldUpdateSession(t *testing.T) {
|
|||
func TestShouldDestroySessionAndWipeSessionData(t *testing.T) {
|
||||
ctx := &fasthttp.RequestCtx{}
|
||||
configuration := schema.SessionConfiguration{}
|
||||
configuration.Domain = "example.com"
|
||||
configuration.Name = "my_session"
|
||||
configuration.Expiration = "40"
|
||||
configuration.Domain = testDomain
|
||||
configuration.Name = testName
|
||||
configuration.Expiration = testExpiration
|
||||
|
||||
provider := NewProvider(configuration)
|
||||
session, err := provider.GetSession(ctx)
|
||||
require.NoError(t, err)
|
||||
|
||||
session.Username = "john"
|
||||
session.Username = testUsername
|
||||
session.AuthenticationLevel = authentication.TwoFactor
|
||||
|
||||
err = provider.SaveSession(ctx, session)
|
||||
|
@ -69,7 +69,7 @@ func TestShouldDestroySessionAndWipeSessionData(t *testing.T) {
|
|||
|
||||
newUserSession, err := provider.GetSession(ctx)
|
||||
require.NoError(t, err)
|
||||
assert.Equal(t, "john", newUserSession.Username)
|
||||
assert.Equal(t, testUsername, newUserSession.Username)
|
||||
assert.Equal(t, authentication.TwoFactor, newUserSession.AuthenticationLevel)
|
||||
|
||||
err = provider.DestroySession(ctx)
|
||||
|
|
|
@ -40,3 +40,8 @@ var DuoBaseURL = "https://duo.example.com"
|
|||
|
||||
// AutheliaBaseURL the base URL of Authelia service.
|
||||
var AutheliaBaseURL = "https://authelia.example.com:9091"
|
||||
|
||||
const stringTrue = "true"
|
||||
|
||||
const testUsername = "john"
|
||||
const testPassword = "password"
|
|
@ -18,7 +18,7 @@ type DockerEnvironment struct {
|
|||
|
||||
// NewDockerEnvironment create a new docker environment.
|
||||
func NewDockerEnvironment(files []string) *DockerEnvironment {
|
||||
if os.Getenv("CI") == "true" {
|
||||
if os.Getenv("CI") == stringTrue {
|
||||
for i := range files {
|
||||
files[i] = strings.ReplaceAll(files[i], "{}", "dist")
|
||||
}
|
||||
|
|
|
@ -63,7 +63,7 @@ func waitUntilAutheliaIsReady(dockerEnvironment *DockerEnvironment) error {
|
|||
return err
|
||||
}
|
||||
|
||||
if os.Getenv("CI") != "true" {
|
||||
if os.Getenv("CI") != stringTrue {
|
||||
if err := waitUntilAutheliaFrontendIsReady(dockerEnvironment); err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
|
@ -51,8 +51,8 @@ func (s *TwoFactorSuite) TestShouldAuthorizeSecretAfterTwoFactor() {
|
|||
ctx, cancel := context.WithTimeout(context.Background(), 15*time.Second)
|
||||
defer cancel()
|
||||
|
||||
username := "john"
|
||||
password := "password"
|
||||
username := testUsername
|
||||
password := testPassword
|
||||
|
||||
// Login one factor
|
||||
s.doLoginOneFactor(ctx, s.T(), username, password, false, "")
|
||||
|
@ -68,7 +68,7 @@ func (s *TwoFactorSuite) TestShouldAuthorizeSecretAfterTwoFactor() {
|
|||
|
||||
// Login again with 1FA & 2FA
|
||||
targetURL := fmt.Sprintf("%s/secret.html", AdminBaseURL)
|
||||
s.doLoginTwoFactor(ctx, s.T(), "john", "password", false, secret, targetURL)
|
||||
s.doLoginTwoFactor(ctx, s.T(), testUsername, testPassword, false, secret, targetURL)
|
||||
|
||||
// And check if the user is redirected to the secret.
|
||||
s.verifySecretAuthorized(ctx, s.T())
|
||||
|
@ -87,10 +87,10 @@ func (s *TwoFactorSuite) TestShouldFailTwoFactor() {
|
|||
defer cancel()
|
||||
|
||||
// Register TOTP secret and logout.
|
||||
s.doRegisterThenLogout(ctx, s.T(), "john", "password")
|
||||
s.doRegisterThenLogout(ctx, s.T(), testUsername, testPassword)
|
||||
|
||||
wrongPasscode := "123456"
|
||||
s.doLoginOneFactor(ctx, s.T(), "john", "password", false, "")
|
||||
s.doLoginOneFactor(ctx, s.T(), testUsername, testPassword, false, "")
|
||||
s.verifyIsSecondFactorPage(ctx, s.T())
|
||||
s.doEnterOTP(ctx, s.T(), wrongPasscode)
|
||||
|
||||
|
|
|
@ -44,7 +44,7 @@ func init() {
|
|||
}
|
||||
|
||||
log.Debug("Building authelia:dist image or use cache if already built...")
|
||||
if os.Getenv("CI") != "true" {
|
||||
if os.Getenv("CI") != stringTrue {
|
||||
if err := utils.Shell("authelia-scripts docker build").Run(); err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
|
@ -24,3 +24,5 @@ const Year = Day * 365
|
|||
|
||||
// Month is an int based representation of the time unit.
|
||||
const Month = Year / 12
|
||||
|
||||
const testStringInput = "abcdefghijkl"
|
||||
|
|
|
@ -7,7 +7,7 @@ import (
|
|||
)
|
||||
|
||||
func TestShouldSplitIntoEvenStringsOfFour(t *testing.T) {
|
||||
input := "abcdefghijkl"
|
||||
input := testStringInput
|
||||
arrayOfStrings := SliceString(input, 4)
|
||||
assert.Equal(t, len(arrayOfStrings), 3)
|
||||
assert.Equal(t, "abcd", arrayOfStrings[0])
|
||||
|
@ -16,7 +16,7 @@ func TestShouldSplitIntoEvenStringsOfFour(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestShouldSplitIntoEvenStringsOfOne(t *testing.T) {
|
||||
input := "abcdefghijkl"
|
||||
input := testStringInput
|
||||
arrayOfStrings := SliceString(input, 1)
|
||||
assert.Equal(t, 12, len(arrayOfStrings))
|
||||
assert.Equal(t, "a", arrayOfStrings[0])
|
||||
|
@ -27,7 +27,7 @@ func TestShouldSplitIntoEvenStringsOfOne(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestShouldSplitIntoUnevenStringsOfFour(t *testing.T) {
|
||||
input := "abcdefghijklm"
|
||||
input := testStringInput + "m"
|
||||
arrayOfStrings := SliceString(input, 4)
|
||||
assert.Equal(t, len(arrayOfStrings), 4)
|
||||
assert.Equal(t, "abcd", arrayOfStrings[0])
|
||||
|
|
Loading…
Reference in New Issue
Block a user