2019-04-24 21:52:08 +00:00
package validator
import (
2022-10-21 08:41:33 +00:00
"crypto/tls"
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
"fmt"
2019-04-24 21:52:08 +00:00
"testing"
"github.com/stretchr/testify/assert"
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
"github.com/stretchr/testify/require"
2020-04-05 12:37:21 +00:00
2021-08-11 01:04:35 +00:00
"github.com/authelia/authelia/v4/internal/configuration/schema"
2019-04-24 21:52:08 +00:00
)
func newDefaultSessionConfig ( ) schema . SessionConfiguration {
config := schema . SessionConfiguration { }
2020-05-02 16:20:40 +00:00
config . Secret = testJWTSecret
2022-10-21 08:41:33 +00:00
config . Domain = examplecom
2020-05-05 19:35:32 +00:00
2019-04-24 21:52:08 +00:00
return config
}
2022-03-03 11:20:43 +00:00
func TestShouldSetDefaultSessionValues ( t * testing . T ) {
2019-04-24 21:52:08 +00:00
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
ValidateSession ( & config , validator )
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
assert . False ( t , validator . HasWarnings ( ) )
assert . False ( t , validator . HasErrors ( ) )
2020-04-05 12:37:21 +00:00
assert . Equal ( t , schema . DefaultSessionConfiguration . Name , config . Name )
assert . Equal ( t , schema . DefaultSessionConfiguration . Inactivity , config . Inactivity )
assert . Equal ( t , schema . DefaultSessionConfiguration . Expiration , config . Expiration )
2022-03-03 11:20:43 +00:00
assert . Equal ( t , schema . DefaultSessionConfiguration . RememberMeDuration , config . RememberMeDuration )
assert . Equal ( t , schema . DefaultSessionConfiguration . SameSite , config . SameSite )
2019-04-24 21:52:08 +00:00
}
2022-03-03 11:20:43 +00:00
func TestShouldSetDefaultSessionValuesWhenNegative ( t * testing . T ) {
2021-04-18 00:02:04 +00:00
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
2022-03-09 22:01:04 +00:00
config . Expiration , config . Inactivity , config . RememberMeDuration = - 1 , - 1 , - 2
2022-03-03 11:20:43 +00:00
2021-04-18 00:02:04 +00:00
ValidateSession ( & config , validator )
2022-03-09 22:01:04 +00:00
assert . Len ( t , validator . Warnings ( ) , 0 )
assert . Len ( t , validator . Errors ( ) , 0 )
2022-03-03 11:20:43 +00:00
assert . Equal ( t , schema . DefaultSessionConfiguration . Inactivity , config . Inactivity )
assert . Equal ( t , schema . DefaultSessionConfiguration . Expiration , config . Expiration )
assert . Equal ( t , schema . DefaultSessionConfiguration . RememberMeDuration , config . RememberMeDuration )
2021-04-18 00:02:04 +00:00
}
2022-11-23 23:16:23 +00:00
func TestShouldWarnSessionValuesWhenPotentiallyInvalid ( t * testing . T ) {
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
config . Domain = ".example.com"
ValidateSession ( & config , validator )
require . Len ( t , validator . Warnings ( ) , 1 )
assert . Len ( t , validator . Errors ( ) , 0 )
assert . EqualError ( t , validator . Warnings ( ) [ 0 ] , "session: option 'domain' has a prefix of '.' which is not supported or intended behaviour: you can use this at your own risk but we recommend removing it" )
}
2020-05-18 02:45:47 +00:00
func TestShouldHandleRedisConfigSuccessfully ( t * testing . T ) {
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
ValidateSession ( & config , validator )
assert . Len ( t , validator . Errors ( ) , 0 )
validator . Clear ( )
// Set redis config because password must be set only when redis is used.
config . Redis = & schema . RedisSessionConfiguration {
Host : "redis.localhost" ,
Port : 6379 ,
Password : "password" ,
}
ValidateSession ( & config , validator )
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
assert . False ( t , validator . HasWarnings ( ) )
assert . False ( t , validator . HasErrors ( ) )
assert . Equal ( t , 8 , config . Redis . MaximumActiveConnections )
}
func TestShouldRaiseErrorWithInvalidRedisPortLow ( t * testing . T ) {
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
config . Redis = & schema . RedisSessionConfiguration {
Host : "authelia-port-1" ,
Port : - 1 ,
}
ValidateSession ( & config , validator )
assert . False ( t , validator . HasWarnings ( ) )
require . Len ( t , validator . Errors ( ) , 1 )
2022-02-28 03:15:01 +00:00
assert . EqualError ( t , validator . Errors ( ) [ 0 ] , fmt . Sprintf ( errFmtSessionRedisPortRange , - 1 ) )
2020-05-18 02:45:47 +00:00
}
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
func TestShouldRaiseErrorWithInvalidRedisPortHigh ( t * testing . T ) {
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
config . Redis = & schema . RedisSessionConfiguration {
Host : "authelia-port-1" ,
Port : 65536 ,
}
ValidateSession ( & config , validator )
assert . False ( t , validator . HasWarnings ( ) )
require . Len ( t , validator . Errors ( ) , 1 )
2022-02-28 03:15:01 +00:00
assert . EqualError ( t , validator . Errors ( ) [ 0 ] , fmt . Sprintf ( errFmtSessionRedisPortRange , 65536 ) )
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
}
func TestShouldRaiseErrorWhenRedisIsUsedAndSecretNotSet ( t * testing . T ) {
2019-04-24 21:52:08 +00:00
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
config . Secret = ""
ValidateSession ( & config , validator )
2020-03-28 06:10:39 +00:00
assert . Len ( t , validator . Errors ( ) , 0 )
validator . Clear ( )
// Set redis config because password must be set only when redis is used.
2020-05-18 02:45:47 +00:00
config . Redis = & schema . RedisSessionConfiguration {
Host : "redis.localhost" ,
Port : 6379 ,
}
2020-03-28 06:10:39 +00:00
ValidateSession ( & config , validator )
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
assert . False ( t , validator . HasWarnings ( ) )
2019-04-24 21:52:08 +00:00
assert . Len ( t , validator . Errors ( ) , 1 )
2022-02-28 03:15:01 +00:00
assert . EqualError ( t , validator . Errors ( ) [ 0 ] , fmt . Sprintf ( errFmtSessionSecretRequired , "redis" ) )
2019-04-24 21:52:08 +00:00
}
2020-05-18 02:45:47 +00:00
func TestShouldRaiseErrorWhenRedisHasHostnameButNoPort ( t * testing . T ) {
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
ValidateSession ( & config , validator )
assert . Len ( t , validator . Errors ( ) , 0 )
validator . Clear ( )
// Set redis config because password must be set only when redis is used.
config . Redis = & schema . RedisSessionConfiguration {
Host : "redis.localhost" ,
Port : 0 ,
}
ValidateSession ( & config , validator )
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
assert . False ( t , validator . HasWarnings ( ) )
2020-05-18 02:45:47 +00:00
assert . Len ( t , validator . Errors ( ) , 1 )
2022-10-22 05:41:27 +00:00
assert . EqualError ( t , validator . Errors ( ) [ 0 ] , "session: redis: option 'port' must be between 1 and 65535 but is configured as '0'" )
2020-05-18 02:45:47 +00:00
}
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
func TestShouldRaiseOneErrorWhenRedisHighAvailabilityHasNodesWithNoHost ( t * testing . T ) {
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
config . Redis = & schema . RedisSessionConfiguration {
Host : "redis" ,
Port : 6379 ,
HighAvailability : & schema . RedisHighAvailabilityConfiguration {
SentinelName : "authelia-sentinel" ,
SentinelPassword : "abc123" ,
Nodes : [ ] schema . RedisNode {
{
Port : 26379 ,
} ,
{
Port : 26379 ,
} ,
} ,
} ,
}
ValidateSession ( & config , validator )
errors := validator . Errors ( )
assert . False ( t , validator . HasWarnings ( ) )
require . Len ( t , errors , 1 )
2022-02-28 03:15:01 +00:00
assert . EqualError ( t , errors [ 0 ] , "session: redis: high_availability: option 'nodes': option 'host' is required for each node but one or more nodes are missing this" )
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
}
func TestShouldRaiseOneErrorWhenRedisHighAvailabilityDoesNotHaveSentinelName ( t * testing . T ) {
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
config . Redis = & schema . RedisSessionConfiguration {
Host : "redis" ,
Port : 6379 ,
HighAvailability : & schema . RedisHighAvailabilityConfiguration {
SentinelPassword : "abc123" ,
} ,
}
ValidateSession ( & config , validator )
errors := validator . Errors ( )
assert . False ( t , validator . HasWarnings ( ) )
require . Len ( t , errors , 1 )
2022-02-28 03:15:01 +00:00
assert . EqualError ( t , errors [ 0 ] , "session: redis: high_availability: option 'sentinel_name' is required" )
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
}
func TestShouldUpdateDefaultPortWhenRedisSentinelHasNodes ( t * testing . T ) {
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
config . Redis = & schema . RedisSessionConfiguration {
Host : "redis" ,
Port : 6379 ,
HighAvailability : & schema . RedisHighAvailabilityConfiguration {
SentinelName : "authelia-sentinel" ,
SentinelPassword : "abc123" ,
Nodes : [ ] schema . RedisNode {
{
Host : "node-1" ,
Port : 333 ,
} ,
{
Host : "node-2" ,
} ,
{
Host : "node-3" ,
} ,
} ,
} ,
}
ValidateSession ( & config , validator )
assert . False ( t , validator . HasWarnings ( ) )
assert . False ( t , validator . HasErrors ( ) )
assert . Equal ( t , 333 , config . Redis . HighAvailability . Nodes [ 0 ] . Port )
assert . Equal ( t , 26379 , config . Redis . HighAvailability . Nodes [ 1 ] . Port )
assert . Equal ( t , 26379 , config . Redis . HighAvailability . Nodes [ 2 ] . Port )
}
func TestShouldRaiseErrorsWhenRedisSentinelOptionsIncorrectlyConfigured ( t * testing . T ) {
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
config . Secret = ""
config . Redis = & schema . RedisSessionConfiguration {
Port : 65536 ,
HighAvailability : & schema . RedisHighAvailabilityConfiguration {
SentinelName : "sentinel" ,
SentinelPassword : "abc123" ,
Nodes : [ ] schema . RedisNode {
{
Host : "node1" ,
Port : 26379 ,
} ,
} ,
RouteByLatency : true ,
RouteRandomly : true ,
} ,
}
ValidateSession ( & config , validator )
errors := validator . Errors ( )
assert . False ( t , validator . HasWarnings ( ) )
require . Len ( t , errors , 2 )
2022-02-28 03:15:01 +00:00
assert . EqualError ( t , errors [ 0 ] , fmt . Sprintf ( errFmtSessionRedisPortRange , 65536 ) )
assert . EqualError ( t , errors [ 1 ] , fmt . Sprintf ( errFmtSessionSecretRequired , "redis" ) )
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
validator . Clear ( )
config . Redis . Port = - 1
ValidateSession ( & config , validator )
errors = validator . Errors ( )
assert . False ( t , validator . HasWarnings ( ) )
require . Len ( t , errors , 2 )
2022-02-28 03:15:01 +00:00
assert . EqualError ( t , errors [ 0 ] , fmt . Sprintf ( errFmtSessionRedisPortRange , - 1 ) )
assert . EqualError ( t , errors [ 1 ] , fmt . Sprintf ( errFmtSessionSecretRequired , "redis" ) )
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
}
func TestShouldNotRaiseErrorsAndSetDefaultPortWhenRedisSentinelPortBlank ( t * testing . T ) {
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
config . Redis = & schema . RedisSessionConfiguration {
Host : "mysentinelHost" ,
Port : 0 ,
HighAvailability : & schema . RedisHighAvailabilityConfiguration {
SentinelName : "sentinel" ,
SentinelPassword : "abc123" ,
Nodes : [ ] schema . RedisNode {
{
Host : "node1" ,
Port : 26379 ,
} ,
} ,
RouteByLatency : true ,
RouteRandomly : true ,
} ,
}
ValidateSession ( & config , validator )
assert . False ( t , validator . HasWarnings ( ) )
assert . False ( t , validator . HasErrors ( ) )
assert . Equal ( t , 26379 , config . Redis . Port )
}
func TestShouldRaiseErrorWhenRedisHostAndHighAvailabilityNodesEmpty ( t * testing . T ) {
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
config . Redis = & schema . RedisSessionConfiguration {
Port : 26379 ,
HighAvailability : & schema . RedisHighAvailabilityConfiguration {
SentinelName : "sentinel" ,
SentinelPassword : "abc123" ,
RouteByLatency : true ,
RouteRandomly : true ,
} ,
}
ValidateSession ( & config , validator )
assert . False ( t , validator . HasWarnings ( ) )
require . Len ( t , validator . Errors ( ) , 1 )
2022-02-28 03:15:01 +00:00
assert . EqualError ( t , validator . Errors ( ) [ 0 ] , errFmtSessionRedisHostOrNodesRequired )
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
}
func TestShouldRaiseErrorsWhenRedisHostNotSet ( t * testing . T ) {
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
config . Redis = & schema . RedisSessionConfiguration {
Port : 6379 ,
}
ValidateSession ( & config , validator )
errors := validator . Errors ( )
assert . False ( t , validator . HasWarnings ( ) )
require . Len ( t , errors , 1 )
2022-02-28 03:15:01 +00:00
assert . EqualError ( t , errors [ 0 ] , errFmtSessionRedisHostRequired )
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
}
2022-10-21 08:41:33 +00:00
func TestShouldSetDefaultRedisTLSOptions ( t * testing . T ) {
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
config . Redis = & schema . RedisSessionConfiguration {
Host : "redis.local" ,
Port : 6379 ,
TLS : & schema . TLSConfig { } ,
}
ValidateSession ( & config , validator )
assert . Len ( t , validator . Warnings ( ) , 0 )
assert . Len ( t , validator . Errors ( ) , 0 )
assert . Equal ( t , uint16 ( tls . VersionTLS12 ) , config . Redis . TLS . MinimumVersion . Value )
assert . Equal ( t , uint16 ( 0 ) , config . Redis . TLS . MaximumVersion . Value )
assert . Equal ( t , "redis.local" , config . Redis . TLS . ServerName )
}
func TestShouldRaiseErrorOnBadRedisTLSOptionsSSL30 ( t * testing . T ) {
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
config . Redis = & schema . RedisSessionConfiguration {
Host : "redis.local" ,
Port : 6379 ,
TLS : & schema . TLSConfig {
MinimumVersion : schema . TLSVersion { Value : tls . VersionSSL30 } , //nolint:staticcheck
} ,
}
ValidateSession ( & config , validator )
assert . Len ( t , validator . Warnings ( ) , 0 )
require . Len ( t , validator . Errors ( ) , 1 )
assert . EqualError ( t , validator . Errors ( ) [ 0 ] , "session: redis: tls: option 'minimum_version' is invalid: minimum version is TLS1.0 but SSL3.0 was configured" )
}
func TestShouldRaiseErrorOnBadRedisTLSOptionsMinVerGreaterThanMax ( t * testing . T ) {
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
config . Redis = & schema . RedisSessionConfiguration {
Host : "redis.local" ,
Port : 6379 ,
TLS : & schema . TLSConfig {
MinimumVersion : schema . TLSVersion { Value : tls . VersionTLS13 } ,
MaximumVersion : schema . TLSVersion { Value : tls . VersionTLS10 } ,
} ,
}
ValidateSession ( & config , validator )
assert . Len ( t , validator . Warnings ( ) , 0 )
require . Len ( t , validator . Errors ( ) , 1 )
assert . EqualError ( t , validator . Errors ( ) [ 0 ] , "session: redis: tls: option combination of 'minimum_version' and 'maximum_version' is invalid: minimum version TLS1.3 is greater than the maximum version TLS1.0" )
}
2019-04-24 21:52:08 +00:00
func TestShouldRaiseErrorWhenDomainNotSet ( t * testing . T ) {
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
config . Domain = ""
ValidateSession ( & config , validator )
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
assert . False ( t , validator . HasWarnings ( ) )
2019-04-24 21:52:08 +00:00
assert . Len ( t , validator . Errors ( ) , 1 )
2022-02-28 03:15:01 +00:00
assert . EqualError ( t , validator . Errors ( ) [ 0 ] , "session: option 'domain' is required" )
2019-04-24 21:52:08 +00:00
}
2020-04-03 23:11:33 +00:00
2020-06-07 15:47:02 +00:00
func TestShouldRaiseErrorWhenDomainIsWildcard ( t * testing . T ) {
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
config . Domain = "*.example.com"
ValidateSession ( & config , validator )
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
assert . False ( t , validator . HasWarnings ( ) )
2020-06-07 15:47:02 +00:00
assert . Len ( t , validator . Errors ( ) , 1 )
2022-02-28 03:15:01 +00:00
assert . EqualError ( t , validator . Errors ( ) [ 0 ] , "session: option 'domain' must be the domain you wish to protect not a wildcard domain but it is configured as '*.example.com'" )
2020-06-07 15:47:02 +00:00
}
2021-04-18 00:02:04 +00:00
func TestShouldRaiseErrorWhenSameSiteSetIncorrectly ( t * testing . T ) {
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
config . SameSite = "NOne"
ValidateSession ( & config , validator )
assert . False ( t , validator . HasWarnings ( ) )
assert . Len ( t , validator . Errors ( ) , 1 )
2022-02-28 03:15:01 +00:00
assert . EqualError ( t , validator . Errors ( ) [ 0 ] , "session: option 'same_site' must be one of 'none', 'lax', 'strict' but is configured as 'NOne'" )
2021-04-18 00:02:04 +00:00
}
func TestShouldNotRaiseErrorWhenSameSiteSetCorrectly ( t * testing . T ) {
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
validOptions := [ ] string { "none" , "lax" , "strict" }
for _ , opt := range validOptions {
config . SameSite = opt
ValidateSession ( & config , validator )
assert . False ( t , validator . HasWarnings ( ) )
assert . Len ( t , validator . Errors ( ) , 0 )
}
}
2022-03-09 22:01:04 +00:00
func TestShouldSetDefaultWhenNegativeAndNotOverrideDisabledRememberMe ( t * testing . T ) {
2020-04-03 23:11:33 +00:00
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
2022-03-02 06:40:26 +00:00
config . Inactivity = - 1
config . Expiration = - 1
2022-03-13 02:51:23 +00:00
config . RememberMeDuration = schema . RememberMeDisabled
2020-04-03 23:11:33 +00:00
ValidateSession ( & config , validator )
2022-03-02 06:40:26 +00:00
assert . Len ( t , validator . Warnings ( ) , 0 )
assert . Len ( t , validator . Errors ( ) , 0 )
2020-04-03 23:11:33 +00:00
2022-03-02 06:40:26 +00:00
assert . Equal ( t , schema . DefaultSessionConfiguration . Inactivity , config . Inactivity )
assert . Equal ( t , schema . DefaultSessionConfiguration . Expiration , config . Expiration )
2022-03-13 02:51:23 +00:00
assert . Equal ( t , schema . RememberMeDisabled , config . RememberMeDuration )
2020-04-03 23:11:33 +00:00
}
func TestShouldSetDefaultRememberMeDuration ( t * testing . T ) {
validator := schema . NewStructValidator ( )
config := newDefaultSessionConfig ( )
ValidateSession ( & config , validator )
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-09 23:03:05 +00:00
assert . False ( t , validator . HasWarnings ( ) )
assert . False ( t , validator . HasErrors ( ) )
2020-04-03 23:11:33 +00:00
assert . Equal ( t , config . RememberMeDuration , schema . DefaultSessionConfiguration . RememberMeDuration )
}