2019-04-24 21:52:08 +00:00
|
|
|
package validator
|
|
|
|
|
|
|
|
import (
|
2020-04-03 23:11:33 +00:00
|
|
|
"fmt"
|
2022-10-22 05:41:27 +00:00
|
|
|
"path"
|
2020-05-18 02:45:47 +00:00
|
|
|
"strings"
|
2020-04-05 12:37:21 +00:00
|
|
|
|
2021-08-11 01:04:35 +00:00
|
|
|
"github.com/authelia/authelia/v4/internal/configuration/schema"
|
|
|
|
"github.com/authelia/authelia/v4/internal/utils"
|
2019-04-24 21:52:08 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
// ValidateSession validates and update session configuration.
|
2022-02-28 03:15:01 +00:00
|
|
|
func ValidateSession(config *schema.SessionConfiguration, validator *schema.StructValidator) {
|
|
|
|
if config.Name == "" {
|
|
|
|
config.Name = schema.DefaultSessionConfiguration.Name
|
|
|
|
}
|
|
|
|
|
|
|
|
if config.Redis != nil {
|
|
|
|
if config.Redis.HighAvailability != nil {
|
|
|
|
validateRedisSentinel(config, validator)
|
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
|
|
|
} else {
|
2022-02-28 03:15:01 +00:00
|
|
|
validateRedis(config, validator)
|
2020-05-18 02:45:47 +00:00
|
|
|
}
|
2019-04-24 21:52:08 +00:00
|
|
|
}
|
|
|
|
|
2022-02-28 03:15:01 +00:00
|
|
|
validateSession(config, validator)
|
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
|
|
|
}
|
|
|
|
|
2022-02-28 03:15:01 +00:00
|
|
|
func validateSession(config *schema.SessionConfiguration, validator *schema.StructValidator) {
|
2022-03-02 06:40:26 +00:00
|
|
|
if config.Expiration <= 0 {
|
2022-02-28 03:15:01 +00:00
|
|
|
config.Expiration = schema.DefaultSessionConfiguration.Expiration // 1 hour.
|
2020-04-03 23:11:33 +00:00
|
|
|
}
|
|
|
|
|
2022-03-02 06:40:26 +00:00
|
|
|
if config.Inactivity <= 0 {
|
2022-02-28 03:15:01 +00:00
|
|
|
config.Inactivity = schema.DefaultSessionConfiguration.Inactivity // 5 min.
|
2020-04-03 23:11:33 +00:00
|
|
|
}
|
|
|
|
|
2023-01-12 10:57:44 +00:00
|
|
|
switch {
|
|
|
|
case config.RememberMe == schema.RememberMeDisabled:
|
|
|
|
config.DisableRememberMe = true
|
|
|
|
case config.RememberMe <= 0:
|
|
|
|
config.RememberMe = schema.DefaultSessionConfiguration.RememberMe // 1 month.
|
2019-04-24 21:52:08 +00:00
|
|
|
}
|
|
|
|
|
2023-01-12 10:57:44 +00:00
|
|
|
if config.SameSite == "" {
|
|
|
|
config.SameSite = schema.DefaultSessionConfiguration.SameSite
|
|
|
|
} else if !utils.IsStringInSlice(config.SameSite, validSessionSameSiteValues) {
|
|
|
|
validator.Push(fmt.Errorf(errFmtSessionSameSite, strings.Join(validSessionSameSiteValues, "', '"), config.SameSite))
|
|
|
|
}
|
|
|
|
|
|
|
|
cookies := len(config.Cookies)
|
|
|
|
|
|
|
|
switch {
|
|
|
|
case cookies == 0 && config.Domain != "":
|
|
|
|
// Add legacy configuration to the domains list.
|
|
|
|
config.Cookies = append(config.Cookies, schema.SessionCookieConfiguration{
|
|
|
|
SessionCookieCommonConfiguration: schema.SessionCookieCommonConfiguration{
|
|
|
|
Name: config.Name,
|
|
|
|
Domain: config.Domain,
|
|
|
|
SameSite: config.SameSite,
|
|
|
|
Expiration: config.Expiration,
|
|
|
|
Inactivity: config.Inactivity,
|
|
|
|
RememberMe: config.RememberMe,
|
|
|
|
DisableRememberMe: config.DisableRememberMe,
|
|
|
|
},
|
|
|
|
})
|
|
|
|
case cookies != 0 && config.Domain != "":
|
|
|
|
validator.Push(fmt.Errorf(errFmtSessionLegacyAndWarning))
|
|
|
|
}
|
|
|
|
|
|
|
|
validateSessionCookieDomains(config, validator)
|
|
|
|
}
|
|
|
|
|
|
|
|
func validateSessionCookieDomains(config *schema.SessionConfiguration, validator *schema.StructValidator) {
|
|
|
|
if len(config.Cookies) == 0 {
|
2022-02-28 03:15:01 +00:00
|
|
|
validator.Push(fmt.Errorf(errFmtSessionOptionRequired, "domain"))
|
2019-04-24 21:52:08 +00:00
|
|
|
}
|
2020-06-07 15:47:02 +00:00
|
|
|
|
2023-01-12 10:57:44 +00:00
|
|
|
domains := make([]string, 0)
|
|
|
|
|
|
|
|
for i, d := range config.Cookies {
|
|
|
|
validateSessionDomainName(i, config, validator)
|
|
|
|
|
|
|
|
validateSessionUniqueCookieDomain(i, config, domains, validator)
|
|
|
|
|
|
|
|
validateSessionCookieName(i, config)
|
|
|
|
|
|
|
|
validateSessionSafeRedirection(i, config, validator)
|
|
|
|
|
|
|
|
validateSessionExpiration(i, config)
|
|
|
|
|
|
|
|
validateSessionRememberMe(i, config)
|
|
|
|
|
|
|
|
validateSessionSameSite(i, config, validator)
|
|
|
|
|
|
|
|
domains = append(domains, d.Domain)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// validateSessionDomainName returns error if the domain name is invalid.
|
|
|
|
func validateSessionDomainName(i int, config *schema.SessionConfiguration, validator *schema.StructValidator) {
|
|
|
|
var d = config.Cookies[i]
|
|
|
|
|
|
|
|
switch {
|
|
|
|
case d.Domain == "":
|
|
|
|
validator.Push(fmt.Errorf(errFmtSessionDomainRequired, sessionDomainDescriptor(i, d)))
|
|
|
|
case strings.HasPrefix(d.Domain, "*."):
|
|
|
|
validator.Push(fmt.Errorf(errFmtSessionDomainMustBeRoot, sessionDomainDescriptor(i, d), d.Domain))
|
|
|
|
case strings.HasPrefix(d.Domain, "."):
|
|
|
|
validator.PushWarning(fmt.Errorf(errFmtSessionDomainHasPeriodPrefix, sessionDomainDescriptor(i, d)))
|
|
|
|
case !reDomainCharacters.MatchString(d.Domain):
|
|
|
|
validator.Push(fmt.Errorf(errFmtSessionDomainInvalidDomain, sessionDomainDescriptor(i, d)))
|
2020-06-07 15:47:02 +00:00
|
|
|
}
|
2023-01-12 10:57:44 +00:00
|
|
|
}
|
2021-04-18 00:02:04 +00:00
|
|
|
|
2023-01-12 10:57:44 +00:00
|
|
|
func validateSessionCookieName(i int, config *schema.SessionConfiguration) {
|
|
|
|
if config.Cookies[i].Name == "" {
|
|
|
|
config.Cookies[i].Name = config.Name
|
2021-04-18 00:02:04 +00:00
|
|
|
}
|
2019-04-24 21:52:08 +00:00
|
|
|
}
|
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
|
|
|
|
2023-01-12 10:57:44 +00:00
|
|
|
func validateSessionExpiration(i int, config *schema.SessionConfiguration) {
|
|
|
|
if config.Cookies[i].Expiration <= 0 {
|
|
|
|
config.Cookies[i].Expiration = config.Expiration
|
|
|
|
}
|
|
|
|
|
|
|
|
if config.Cookies[i].Inactivity <= 0 {
|
|
|
|
config.Cookies[i].Inactivity = config.Inactivity
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// validateSessionUniqueCookieDomain Check the current domains do not share a root domain with previous domains.
|
|
|
|
func validateSessionUniqueCookieDomain(i int, config *schema.SessionConfiguration, domains []string, validator *schema.StructValidator) {
|
|
|
|
var d = config.Cookies[i]
|
|
|
|
if utils.IsStringInSliceF(d.Domain, domains, utils.HasDomainSuffix) {
|
|
|
|
if utils.IsStringInSlice(d.Domain, domains) {
|
|
|
|
validator.Push(fmt.Errorf(errFmtSessionDomainDuplicate, sessionDomainDescriptor(i, d)))
|
|
|
|
} else {
|
|
|
|
validator.Push(fmt.Errorf(errFmtSessionDomainDuplicateCookieScope, sessionDomainDescriptor(i, d)))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// validateSessionSafeRedirection validates that AutheliaURL is safe for redirection.
|
|
|
|
func validateSessionSafeRedirection(index int, config *schema.SessionConfiguration, validator *schema.StructValidator) {
|
|
|
|
var d = config.Cookies[index]
|
|
|
|
|
|
|
|
if d.AutheliaURL != nil && d.Domain != "" && !utils.IsURISafeRedirection(d.AutheliaURL, d.Domain) {
|
|
|
|
if utils.IsURISecure(d.AutheliaURL) {
|
|
|
|
validator.Push(fmt.Errorf(errFmtSessionDomainPortalURLNotInCookieScope, sessionDomainDescriptor(index, d), d.Domain, d.AutheliaURL))
|
|
|
|
} else {
|
|
|
|
validator.Push(fmt.Errorf(errFmtSessionDomainPortalURLInsecure, sessionDomainDescriptor(index, d), d.AutheliaURL))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func validateSessionRememberMe(i int, config *schema.SessionConfiguration) {
|
|
|
|
if config.Cookies[i].RememberMe <= 0 && config.Cookies[i].RememberMe != schema.RememberMeDisabled {
|
|
|
|
config.Cookies[i].RememberMe = config.RememberMe
|
|
|
|
}
|
|
|
|
|
|
|
|
if config.Cookies[i].RememberMe == schema.RememberMeDisabled {
|
|
|
|
config.Cookies[i].DisableRememberMe = true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func validateSessionSameSite(i int, config *schema.SessionConfiguration, validator *schema.StructValidator) {
|
|
|
|
if config.Cookies[i].SameSite == "" {
|
|
|
|
if utils.IsStringInSlice(config.SameSite, validSessionSameSiteValues) {
|
|
|
|
config.Cookies[i].SameSite = config.SameSite
|
|
|
|
} else {
|
|
|
|
config.Cookies[i].SameSite = schema.DefaultSessionConfiguration.SameSite
|
|
|
|
}
|
|
|
|
} else if !utils.IsStringInSlice(config.Cookies[i].SameSite, validSessionSameSiteValues) {
|
|
|
|
validator.Push(fmt.Errorf(errFmtSessionDomainSameSite, sessionDomainDescriptor(i, config.Cookies[i]), strings.Join(validSessionSameSiteValues, "', '"), config.Cookies[i].SameSite))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func sessionDomainDescriptor(position int, domain schema.SessionCookieConfiguration) string {
|
|
|
|
return fmt.Sprintf("#%d (domain '%s')", position+1, domain.Domain)
|
|
|
|
}
|
|
|
|
|
2022-02-28 03:15:01 +00:00
|
|
|
func validateRedisCommon(config *schema.SessionConfiguration, validator *schema.StructValidator) {
|
|
|
|
if config.Secret == "" {
|
|
|
|
validator.Push(fmt.Errorf(errFmtSessionSecretRequired, "redis"))
|
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
|
|
|
}
|
2022-10-21 08:41:33 +00:00
|
|
|
|
|
|
|
if config.Redis.TLS != nil {
|
|
|
|
configDefaultTLS := &schema.TLSConfig{
|
|
|
|
ServerName: config.Redis.Host,
|
|
|
|
MinimumVersion: schema.DefaultRedisConfiguration.TLS.MinimumVersion,
|
|
|
|
MaximumVersion: schema.DefaultRedisConfiguration.TLS.MaximumVersion,
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := ValidateTLSConfig(config.Redis.TLS, configDefaultTLS); err != nil {
|
|
|
|
validator.Push(fmt.Errorf(errFmtSessionRedisTLSConfigInvalid, err))
|
|
|
|
}
|
|
|
|
}
|
2022-02-28 03:15:01 +00:00
|
|
|
}
|
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
|
|
|
|
2022-02-28 03:15:01 +00:00
|
|
|
func validateRedis(config *schema.SessionConfiguration, validator *schema.StructValidator) {
|
|
|
|
if config.Redis.Host == "" {
|
|
|
|
validator.Push(fmt.Errorf(errFmtSessionRedisHostRequired))
|
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
|
|
|
}
|
|
|
|
|
2022-02-28 03:15:01 +00:00
|
|
|
validateRedisCommon(config, validator)
|
|
|
|
|
2022-10-22 05:41:27 +00:00
|
|
|
if !path.IsAbs(config.Redis.Host) && (config.Redis.Port < 1 || config.Redis.Port > 65535) {
|
2022-02-28 03:15:01 +00:00
|
|
|
validator.Push(fmt.Errorf(errFmtSessionRedisPortRange, config.Redis.Port))
|
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
|
|
|
}
|
|
|
|
|
2022-02-28 03:15:01 +00:00
|
|
|
if config.Redis.MaximumActiveConnections <= 0 {
|
|
|
|
config.Redis.MaximumActiveConnections = 8
|
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-02-28 03:15:01 +00:00
|
|
|
func validateRedisSentinel(config *schema.SessionConfiguration, validator *schema.StructValidator) {
|
|
|
|
if config.Redis.HighAvailability.SentinelName == "" {
|
|
|
|
validator.Push(fmt.Errorf(errFmtSessionRedisSentinelMissingName))
|
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
|
|
|
}
|
|
|
|
|
2022-02-28 03:15:01 +00:00
|
|
|
if config.Redis.Port == 0 {
|
|
|
|
config.Redis.Port = 26379
|
|
|
|
} else if config.Redis.Port < 0 || config.Redis.Port > 65535 {
|
|
|
|
validator.Push(fmt.Errorf(errFmtSessionRedisPortRange, config.Redis.Port))
|
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
|
|
|
}
|
|
|
|
|
2022-02-28 03:15:01 +00:00
|
|
|
if config.Redis.Host == "" && len(config.Redis.HighAvailability.Nodes) == 0 {
|
|
|
|
validator.Push(fmt.Errorf(errFmtSessionRedisHostOrNodesRequired))
|
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
|
|
|
}
|
|
|
|
|
2022-02-28 03:15:01 +00:00
|
|
|
validateRedisCommon(config, validator)
|
|
|
|
|
|
|
|
hostMissing := false
|
|
|
|
|
|
|
|
for i, node := range config.Redis.HighAvailability.Nodes {
|
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
|
|
|
if node.Host == "" {
|
2022-02-28 03:15:01 +00:00
|
|
|
hostMissing = true
|
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if node.Port == 0 {
|
2022-02-28 03:15:01 +00:00
|
|
|
config.Redis.HighAvailability.Nodes[i].Port = 26379
|
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
|
|
|
}
|
|
|
|
}
|
2022-02-28 03:15:01 +00:00
|
|
|
|
|
|
|
if hostMissing {
|
|
|
|
validator.Push(fmt.Errorf(errFmtSessionRedisSentinelNodeHostMissing))
|
|
|
|
}
|
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
|
|
|
}
|