mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
3c81e75d79
This adds an access-control command that checks the policy enforcement for a given criteria using a configuration file and refactors the configuration validation command to include all configuration sources.
49 lines
1.4 KiB
Go
49 lines
1.4 KiB
Go
package validator
|
|
|
|
import (
|
|
"fmt"
|
|
"strings"
|
|
|
|
"github.com/authelia/authelia/v4/internal/configuration/schema"
|
|
"github.com/authelia/authelia/v4/internal/utils"
|
|
)
|
|
|
|
// ValidateTOTP validates and update TOTP configuration.
|
|
func ValidateTOTP(config *schema.Configuration, validator *schema.StructValidator) {
|
|
if config.TOTP == nil {
|
|
config.TOTP = &schema.DefaultTOTPConfiguration
|
|
|
|
return
|
|
}
|
|
|
|
if config.TOTP.Issuer == "" {
|
|
config.TOTP.Issuer = schema.DefaultTOTPConfiguration.Issuer
|
|
}
|
|
|
|
if config.TOTP.Algorithm == "" {
|
|
config.TOTP.Algorithm = schema.DefaultTOTPConfiguration.Algorithm
|
|
} else {
|
|
config.TOTP.Algorithm = strings.ToUpper(config.TOTP.Algorithm)
|
|
|
|
if !utils.IsStringInSlice(config.TOTP.Algorithm, schema.TOTPPossibleAlgorithms) {
|
|
validator.Push(fmt.Errorf(errFmtTOTPInvalidAlgorithm, strings.Join(schema.TOTPPossibleAlgorithms, "', '"), config.TOTP.Algorithm))
|
|
}
|
|
}
|
|
|
|
if config.TOTP.Period == 0 {
|
|
config.TOTP.Period = schema.DefaultTOTPConfiguration.Period
|
|
} else if config.TOTP.Period < 15 {
|
|
validator.Push(fmt.Errorf(errFmtTOTPInvalidPeriod, config.TOTP.Period))
|
|
}
|
|
|
|
if config.TOTP.Digits == 0 {
|
|
config.TOTP.Digits = schema.DefaultTOTPConfiguration.Digits
|
|
} else if config.TOTP.Digits != 6 && config.TOTP.Digits != 8 {
|
|
validator.Push(fmt.Errorf(errFmtTOTPInvalidDigits, config.TOTP.Digits))
|
|
}
|
|
|
|
if config.TOTP.Skew == nil {
|
|
config.TOTP.Skew = schema.DefaultTOTPConfiguration.Skew
|
|
}
|
|
}
|