RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
authelia/internal/session/encrypting_serializer_test.go

42 lines
1.1 KiB
Go
Raw Permalink Normal View History

[MISC] Encrypt session data in redis store. (#789) This is a regression from v3. With this change session data is encrypted with AES-GCM using a 256-bit key derived from the provided secret. Fixes #652.
2020-03-28 06:10:39 +00:00
package session
import (
"testing"
refactor(session): use github.com/fasthttp/session/v2 instead of github.com/authelia/session/v2 (#1809) Reverts to the upstream library instead of our maintenance fork.
2021-03-13 05:06:19 +00:00
"github.com/fasthttp/session/v2"
[MISC] Encrypt session data in redis store. (#789) This is a regression from v3. With this change session data is encrypted with AES-GCM using a 256-bit key derived from the provided secret. Fixes #652.
2020-03-28 06:10:39 +00:00
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
func TestShouldEncryptAndDecrypt(t *testing.T) {
refactor: interfaces (#5252) Use any alias instead of empty interfaces. Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 12:35:44 +00:00
payload := session.Dict{KV: map[string]any{"key": "value"}}
[MISC] Encrypt session data in redis store. (#789) This is a regression from v3. With this change session data is encrypted with AES-GCM using a 256-bit key derived from the provided secret. Fixes #652.
2020-03-28 06:10:39 +00:00
dst, err := payload.MarshalMsg(nil)
require.NoError(t, err)
serializer := NewEncryptingSerializer("asecret")
encryptedDst, err := serializer.Encode(payload)
require.NoError(t, err)
assert.NotEqual(t, dst, encryptedDst)
decodedPayload := session.Dict{}
err = serializer.Decode(&decodedPayload, encryptedDst)
require.NoError(t, err)
build(deps): update module github.com/fasthttp/session/v2 to v2.4.15 (#4292) * build(deps): update module github.com/fasthttp/session/v2 to v2.4.15 * fix(session): adjust api for changes in upstream library Fixes #3751. Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-09 04:57:40 +00:00
assert.Equal(t, "value", decodedPayload.KV["key"])
[MISC] Encrypt session data in redis store. (#789) This is a regression from v3. With this change session data is encrypted with AES-GCM using a 256-bit key derived from the provided secret. Fixes #652.
2020-03-28 06:10:39 +00:00
}
refactor(session): remove unencrypted session fallback (#2314) This removes a temporary session fallback for unencrypted sessions.
2021-08-26 11:48:14 +00:00
func TestShouldNotSupportUnencryptedSessionForBackwardCompatibility(t *testing.T) {
refactor: interfaces (#5252) Use any alias instead of empty interfaces. Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 12:35:44 +00:00
payload := session.Dict{KV: map[string]any{"key": "value"}}
[MISC] Encrypt session data in redis store. (#789) This is a regression from v3. With this change session data is encrypted with AES-GCM using a 256-bit key derived from the provided secret. Fixes #652.
2020-03-28 06:10:39 +00:00
dst, err := payload.MarshalMsg(nil)
require.NoError(t, err)
serializer := NewEncryptingSerializer("asecret")
decodedPayload := session.Dict{}
err = serializer.Decode(&decodedPayload, dst)
refactor(session): remove unencrypted session fallback (#2314) This removes a temporary session fallback for unencrypted sessions.
2021-08-26 11:48:14 +00:00
assert.EqualError(t, err, "unable to decrypt session: cipher: message authentication failed")
[MISC] Encrypt session data in redis store. (#789) This is a regression from v3. With this change session data is encrypted with AES-GCM using a 256-bit key derived from the provided secret. Fixes #652.
2020-03-28 06:10:39 +00:00
}