mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
158783a9d4
This change adjusts several global options moving them into the server block. It additionally notes other breaking changes in the configuration. BREAKING CHANGE: Several configuration options have been changed and moved into other sections. Migration instructions are documented here: https://authelia.com/docs/configuration/migration.html#4.30.0
86 lines
3.1 KiB
Go
86 lines
3.1 KiB
Go
package validator
|
|
|
|
import (
|
|
"fmt"
|
|
"path"
|
|
"strings"
|
|
|
|
"github.com/authelia/authelia/internal/configuration/schema"
|
|
"github.com/authelia/authelia/internal/utils"
|
|
)
|
|
|
|
// ValidateServer checks a server configuration is correct.
|
|
func ValidateServer(configuration *schema.Configuration, validator *schema.StructValidator) {
|
|
applyDeprecatedServerConfiguration(configuration, validator)
|
|
|
|
if configuration.Server.Host == "" {
|
|
configuration.Server.Host = schema.DefaultServerConfiguration.Host
|
|
}
|
|
|
|
if configuration.Server.Port == 0 {
|
|
configuration.Server.Port = schema.DefaultServerConfiguration.Port
|
|
}
|
|
|
|
if configuration.Server.TLS.Key != "" && configuration.Server.TLS.Certificate == "" {
|
|
validator.Push(fmt.Errorf("server: no TLS certificate provided to accompany the TLS key, please configure the 'server.tls.certificate' option"))
|
|
} else if configuration.Server.TLS.Key == "" && configuration.Server.TLS.Certificate != "" {
|
|
validator.Push(fmt.Errorf("server: no TLS key provided to accompany the TLS certificate, please configure the 'server.tls.key' option"))
|
|
}
|
|
|
|
switch {
|
|
case strings.Contains(configuration.Server.Path, "/"):
|
|
validator.Push(fmt.Errorf("server path must not contain any forward slashes"))
|
|
case !utils.IsStringAlphaNumeric(configuration.Server.Path):
|
|
validator.Push(fmt.Errorf("server path must only be alpha numeric characters"))
|
|
case configuration.Server.Path == "": // Don't do anything if it's blank.
|
|
default:
|
|
configuration.Server.Path = path.Clean("/" + configuration.Server.Path)
|
|
}
|
|
|
|
if configuration.Server.ReadBufferSize == 0 {
|
|
configuration.Server.ReadBufferSize = schema.DefaultServerConfiguration.ReadBufferSize
|
|
} else if configuration.Server.ReadBufferSize < 0 {
|
|
validator.Push(fmt.Errorf("server read buffer size must be above 0"))
|
|
}
|
|
|
|
if configuration.Server.WriteBufferSize == 0 {
|
|
configuration.Server.WriteBufferSize = schema.DefaultServerConfiguration.WriteBufferSize
|
|
} else if configuration.Server.WriteBufferSize < 0 {
|
|
validator.Push(fmt.Errorf("server write buffer size must be above 0"))
|
|
}
|
|
}
|
|
|
|
func applyDeprecatedServerConfiguration(configuration *schema.Configuration, validator *schema.StructValidator) {
|
|
if configuration.Host != "" {
|
|
validator.PushWarning(fmt.Errorf(errFmtDeprecatedConfigurationKey, "host", "4.33.0", "server.host"))
|
|
|
|
if configuration.Server.Host == "" {
|
|
configuration.Server.Host = configuration.Host
|
|
}
|
|
}
|
|
|
|
if configuration.Port != 0 {
|
|
validator.PushWarning(fmt.Errorf(errFmtDeprecatedConfigurationKey, "port", "4.33.0", "server.port"))
|
|
|
|
if configuration.Server.Port == 0 {
|
|
configuration.Server.Port = configuration.Port
|
|
}
|
|
}
|
|
|
|
if configuration.TLSCert != "" {
|
|
validator.PushWarning(fmt.Errorf(errFmtDeprecatedConfigurationKey, "tls_cert", "4.33.0", "server.tls_cert"))
|
|
|
|
if configuration.Server.TLS.Certificate == "" {
|
|
configuration.Server.TLS.Certificate = configuration.TLSCert
|
|
}
|
|
}
|
|
|
|
if configuration.TLSKey != "" {
|
|
validator.PushWarning(fmt.Errorf(errFmtDeprecatedConfigurationKey, "tls_key", "4.33.0", "server.tls_key"))
|
|
|
|
if configuration.Server.TLS.Key == "" {
|
|
configuration.Server.TLS.Key = configuration.TLSKey
|
|
}
|
|
}
|
|
}
|