authelia/internal/configuration/validator/session_test.go
Clément Michaud 4264e64f9b
[MISC] Encrypt session data in redis store. (#789)
This is a regression from v3. With this change session data is encrypted with AES-GCM using a 256-bit key derived from the provided secret.

Fixes #652.
2020-03-28 17:10:39 +11:00

56 lines
1.4 KiB
Go

package validator
import (
"testing"
"github.com/authelia/authelia/internal/configuration/schema"
"github.com/stretchr/testify/assert"
)
func newDefaultSessionConfig() schema.SessionConfiguration {
config := schema.SessionConfiguration{}
config.Secret = "a_secret"
config.Domain = "example.com"
return config
}
func TestShouldSetDefaultSessionName(t *testing.T) {
validator := schema.NewStructValidator()
config := newDefaultSessionConfig()
ValidateSession(&config, validator)
assert.Len(t, validator.Errors(), 0)
assert.Equal(t, "authelia_session", config.Name)
}
func TestShouldRaiseErrorWhenRedisIsUsedAndPasswordNotSet(t *testing.T) {
validator := schema.NewStructValidator()
config := newDefaultSessionConfig()
config.Secret = ""
ValidateSession(&config, validator)
assert.Len(t, validator.Errors(), 0)
validator.Clear()
// Set redis config because password must be set only when redis is used.
config.Redis = &schema.RedisSessionConfiguration{}
ValidateSession(&config, validator)
assert.Len(t, validator.Errors(), 1)
assert.EqualError(t, validator.Errors()[0], "Set secret of the session object")
}
func TestShouldRaiseErrorWhenDomainNotSet(t *testing.T) {
validator := schema.NewStructValidator()
config := newDefaultSessionConfig()
config.Domain = ""
ValidateSession(&config, validator)
assert.Len(t, validator.Errors(), 1)
assert.EqualError(t, validator.Errors()[0], "Set domain of the session object")
}