mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
7c6a86882f
* [MISC] Catch OpenLDAP ppolicy error Further to the discussion over at #361, this change now ensures that OpenLDAP password complexity errors are caught and appropriately handled. This change also includes the PasswordComplexity test suite in the LDAP integration suite. This is because a ppolicy has been setup and enforced. * Remove password history for integration tests * Adjust max failures due to regulation trigger * Fix error handling for password resets * Refactor and include code suggestions
123 lines
2.8 KiB
Go
123 lines
2.8 KiB
Go
package utils
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"math/rand"
|
|
"strings"
|
|
"time"
|
|
"unicode"
|
|
)
|
|
|
|
// IsStringAlphaNumeric returns false if any rune in the string is not alpha-numeric.
|
|
func IsStringAlphaNumeric(input string) bool {
|
|
for _, r := range input {
|
|
if !unicode.IsLetter(r) && !unicode.IsNumber(r) {
|
|
return false
|
|
}
|
|
}
|
|
|
|
return true
|
|
}
|
|
|
|
// IsStringInSlice checks if a single string is in an array of strings.
|
|
func IsStringInSlice(a string, list []string) (inSlice bool) {
|
|
for _, b := range list {
|
|
if b == a {
|
|
return true
|
|
}
|
|
}
|
|
|
|
return false
|
|
}
|
|
|
|
// IsStringInSliceContains checks if a single string is in an array of strings.
|
|
func IsStringInSliceContains(a string, list []string) (inSlice bool) {
|
|
for _, b := range list {
|
|
if strings.Contains(a, b) {
|
|
return true
|
|
}
|
|
}
|
|
|
|
return false
|
|
}
|
|
|
|
// SliceString splits a string s into an array with each item being a max of int d
|
|
// d = denominator, n = numerator, q = quotient, r = remainder.
|
|
func SliceString(s string, d int) (array []string) {
|
|
n := len(s)
|
|
q := n / d
|
|
r := n % d
|
|
|
|
for i := 0; i < q; i++ {
|
|
array = append(array, s[i*d:i*d+d])
|
|
if i+1 == q && r != 0 {
|
|
array = append(array, s[i*d+d:])
|
|
}
|
|
}
|
|
|
|
return
|
|
}
|
|
|
|
// IsStringSlicesDifferent checks two slices of strings and on the first occurrence of a string item not existing in the
|
|
// other slice returns true, otherwise returns false.
|
|
func IsStringSlicesDifferent(a, b []string) (different bool) {
|
|
for _, s := range a {
|
|
if !IsStringInSlice(s, b) {
|
|
return true
|
|
}
|
|
}
|
|
|
|
for _, s := range b {
|
|
if !IsStringInSlice(s, a) {
|
|
return true
|
|
}
|
|
}
|
|
|
|
return false
|
|
}
|
|
|
|
// StringSlicesDelta takes a before and after []string and compares them returning a added and removed []string.
|
|
func StringSlicesDelta(before, after []string) (added, removed []string) {
|
|
for _, s := range before {
|
|
if !IsStringInSlice(s, after) {
|
|
removed = append(removed, s)
|
|
}
|
|
}
|
|
|
|
for _, s := range after {
|
|
if !IsStringInSlice(s, before) {
|
|
added = append(added, s)
|
|
}
|
|
}
|
|
|
|
return added, removed
|
|
}
|
|
|
|
// RandomString generate a random string of n characters.
|
|
func RandomString(n int, characters []rune) (randomString string) {
|
|
rand.Seed(time.Now().UnixNano())
|
|
|
|
b := make([]rune, n)
|
|
for i := range b {
|
|
b[i] = characters[rand.Intn(len(characters))] //nolint:gosec // Likely isn't necessary to use the more expensive crypto/rand for this utility func.
|
|
}
|
|
|
|
return string(b)
|
|
}
|
|
|
|
// TLSStringToTLSConfigVersion returns a go crypto/tls version for a tls.Config based on string input.
|
|
func TLSStringToTLSConfigVersion(input string) (version uint16, err error) {
|
|
switch strings.ToUpper(input) {
|
|
case "TLS1.3", TLS13:
|
|
return tls.VersionTLS13, nil
|
|
case "TLS1.2", TLS12:
|
|
return tls.VersionTLS12, nil
|
|
case "TLS1.1", TLS11:
|
|
return tls.VersionTLS11, nil
|
|
case "TLS1.0", TLS10:
|
|
return tls.VersionTLS10, nil
|
|
}
|
|
|
|
return 0, ErrTLSVersionNotSupported
|
|
}
|