mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
4264e64f9b
This is a regression from v3. With this change session data is encrypted with AES-GCM using a 256-bit key derived from the provided secret. Fixes #652.
46 lines
1.0 KiB
Go
46 lines
1.0 KiB
Go
package session
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/fasthttp/session"
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func TestShouldEncryptAndDecrypt(t *testing.T) {
|
|
payload := session.Dict{}
|
|
payload.Set("key", "value")
|
|
|
|
dst, err := payload.MarshalMsg(nil)
|
|
require.NoError(t, err)
|
|
|
|
serializer := NewEncryptingSerializer("asecret")
|
|
encryptedDst, err := serializer.Encode(payload)
|
|
require.NoError(t, err)
|
|
|
|
assert.NotEqual(t, dst, encryptedDst)
|
|
|
|
decodedPayload := session.Dict{}
|
|
err = serializer.Decode(&decodedPayload, encryptedDst)
|
|
require.NoError(t, err)
|
|
|
|
assert.Equal(t, "value", decodedPayload.Get("key"))
|
|
}
|
|
|
|
func TestShouldSupportUnencryptedSessionForBackwardCompatibility(t *testing.T) {
|
|
payload := session.Dict{}
|
|
payload.Set("key", "value")
|
|
|
|
dst, err := payload.MarshalMsg(nil)
|
|
require.NoError(t, err)
|
|
|
|
serializer := NewEncryptingSerializer("asecret")
|
|
|
|
decodedPayload := session.Dict{}
|
|
err = serializer.Decode(&decodedPayload, dst)
|
|
require.NoError(t, err)
|
|
|
|
assert.Equal(t, "value", decodedPayload.Get("key"))
|
|
}
|