RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
authelia/internal/handlers/handler_user_info_test.go

448 lines
12 KiB
Go
Raw Normal View History

Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
package handlers
import (
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
"database/sql"
"errors"
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
"fmt"
"testing"
"github.com/golang/mock/gomock"
"github.com/sirupsen/logrus"
"github.com/stretchr/testify/assert"
[MISC] Refactor and address most errcheck linter ignores (#1511) * [MISC] Refactor and address most errcheck linter ignores This is mostly a quality of life change. When we first implemented the errcheck linter we ignored a number of items in our legacy codebase with intent to revisit down the track. * Handle errors for regulation marks and remove unnecessary logging
2020-12-16 01:47:31 +00:00
"github.com/stretchr/testify/require"
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
"github.com/stretchr/testify/suite"
[MISC] Fix goimports ordering for repo (#947)
2020-05-01 06:56:42 +00:00
fix(web): show appropriate default and available methods (#2999) This ensures that; the method set when a user does not have a preference is a method that is available, that if a user has a preferred method that is not available it is changed to an enabled method with preference put on methods the user has configured, that the frontend does not show the method selection option when only one method is available.
2022-03-28 01:26:30 +00:00
"github.com/authelia/authelia/v4/internal/configuration/schema"
fix: include major in go.mod module directive (#2278) * build: include major in go.mod module directive * fix: xflags * revert: cobra changes * fix: mock doc
2021-08-11 01:04:35 +00:00
"github.com/authelia/authelia/v4/internal/mocks"
refactor(model): rename from models (#2968)
2022-03-06 05:47:40 +00:00
"github.com/authelia/authelia/v4/internal/model"
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
)
type FetchSuite struct {
suite.Suite
mock *mocks.MockAutheliaCtx
}
func (s *FetchSuite) SetupTest() {
s.mock = mocks.NewMockAutheliaCtx(s.T())
Fix spelling errors
2020-01-05 23:03:16 +00:00
// Set the initial user session.
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
userSession := s.mock.Ctx.GetSession()
[CI] Add goconst linter (#961) * [CI] Add goconst linter * Implement goconst recommendations * Rename defaultPolicy to denyPolicy * Change order for test constants Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-05-02 16:20:40 +00:00
userSession.Username = testUsername
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
userSession.AuthenticationLevel = 1
[MISC] Refactor and address most errcheck linter ignores (#1511) * [MISC] Refactor and address most errcheck linter ignores This is mostly a quality of life change. When we first implemented the errcheck linter we ignored a number of items in our legacy codebase with intent to revisit down the track. * Handle errors for regulation marks and remove unnecessary logging
2020-12-16 01:47:31 +00:00
err := s.mock.Ctx.SaveSession(userSession)
require.NoError(s.T(), err)
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
}
func (s *FetchSuite) TearDownTest() {
s.mock.Close()
}
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
type expectedResponse struct {
refactor(model): rename from models (#2968)
2022-03-06 05:47:40 +00:00
db model.UserInfo
api *model.UserInfo
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
err error
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
}
fix(web): show appropriate default and available methods (#2999) This ensures that; the method set when a user does not have a preference is a method that is available, that if a user has a preferred method that is not available it is changed to an enabled method with preference put on methods the user has configured, that the frontend does not show the method selection option when only one method is available.
2022-03-28 01:26:30 +00:00
type expectedResponseAlt struct {
description string
db model.UserInfo
api *model.UserInfo
loadErr error
saveErr error
config *schema.Configuration
}
func TestUserInfoEndpoint_SetCorrectMethod(t *testing.T) {
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
expectedResponses := []expectedResponse{
{
refactor(model): rename from models (#2968)
2022-03-06 05:47:40 +00:00
db: model.UserInfo{
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
Method: "totp",
},
err: nil,
},
{
refactor(model): rename from models (#2968)
2022-03-06 05:47:40 +00:00
db: model.UserInfo{
feat: webauthn (#2707) This implements Webauthn. Old devices can be used to authenticate via the appid compatibility layer which should be automatic. New devices will be registered via Webauthn, and devices which do not support FIDO2 will no longer be able to be registered. At this time it does not fully support multiple devices (backend does, frontend doesn't allow registration of additional devices). Does not support passwordless.
2022-03-03 11:20:43 +00:00
Method: "webauthn",
HasWebauthn: true,
HasTOTP: true,
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
},
err: nil,
},
[Buildkite] Introduce CI linting with golangci-lint and reviewdog (#832) * [Buildkite] Introduce CI linting with golangci-lint and reviewdog * Initial pass of golangci-lint * Add gosimple (megacheck) recommendations * Add golint recommendations * [BUGFIX] Migrate authentication traces from v3 mongodb * Add deadcode recommendations * [BUGFIX] Fix ShortTimeouts suite when run in dev workflow * Add unused recommendations * Add unparam recommendations * Disable linting on unfixable errors instead of skipping files * Adjust nolint notation for unparam * Fix ineffectual assignment to err raised by linter. * Export environment variable in agent hook * Add ineffassign recommendations * Add staticcheck recommendations * Add gocyclo recommendations * Adjust ineffassign recommendations Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
2020-04-09 01:05:17 +00:00
{
refactor(model): rename from models (#2968)
2022-03-06 05:47:40 +00:00
db: model.UserInfo{
feat: webauthn (#2707) This implements Webauthn. Old devices can be used to authenticate via the appid compatibility layer which should be automatic. New devices will be registered via Webauthn, and devices which do not support FIDO2 will no longer be able to be registered. At this time it does not fully support multiple devices (backend does, frontend doesn't allow registration of additional devices). Does not support passwordless.
2022-03-03 11:20:43 +00:00
Method: "webauthn",
HasWebauthn: true,
HasTOTP: false,
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
},
err: nil,
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
},
[Buildkite] Introduce CI linting with golangci-lint and reviewdog (#832) * [Buildkite] Introduce CI linting with golangci-lint and reviewdog * Initial pass of golangci-lint * Add gosimple (megacheck) recommendations * Add golint recommendations * [BUGFIX] Migrate authentication traces from v3 mongodb * Add deadcode recommendations * [BUGFIX] Fix ShortTimeouts suite when run in dev workflow * Add unused recommendations * Add unparam recommendations * Disable linting on unfixable errors instead of skipping files * Adjust nolint notation for unparam * Fix ineffectual assignment to err raised by linter. * Export environment variable in agent hook * Add ineffassign recommendations * Add staticcheck recommendations * Add gocyclo recommendations * Adjust ineffassign recommendations Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
2020-04-09 01:05:17 +00:00
{
refactor(model): rename from models (#2968)
2022-03-06 05:47:40 +00:00
db: model.UserInfo{
feat: webauthn (#2707) This implements Webauthn. Old devices can be used to authenticate via the appid compatibility layer which should be automatic. New devices will be registered via Webauthn, and devices which do not support FIDO2 will no longer be able to be registered. At this time it does not fully support multiple devices (backend does, frontend doesn't allow registration of additional devices). Does not support passwordless.
2022-03-03 11:20:43 +00:00
Method: "mobile_push",
HasWebauthn: false,
HasTOTP: false,
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
},
err: nil,
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
},
[Buildkite] Introduce CI linting with golangci-lint and reviewdog (#832) * [Buildkite] Introduce CI linting with golangci-lint and reviewdog * Initial pass of golangci-lint * Add gosimple (megacheck) recommendations * Add golint recommendations * [BUGFIX] Migrate authentication traces from v3 mongodb * Add deadcode recommendations * [BUGFIX] Fix ShortTimeouts suite when run in dev workflow * Add unused recommendations * Add unparam recommendations * Disable linting on unfixable errors instead of skipping files * Adjust nolint notation for unparam * Fix ineffectual assignment to err raised by linter. * Export environment variable in agent hook * Add ineffassign recommendations * Add staticcheck recommendations * Add gocyclo recommendations * Adjust ineffassign recommendations Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
2020-04-09 01:05:17 +00:00
{
refactor(model): rename from models (#2968)
2022-03-06 05:47:40 +00:00
db: model.UserInfo{},
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
err: sql.ErrNoRows,
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
},
[Buildkite] Introduce CI linting with golangci-lint and reviewdog (#832) * [Buildkite] Introduce CI linting with golangci-lint and reviewdog * Initial pass of golangci-lint * Add gosimple (megacheck) recommendations * Add golint recommendations * [BUGFIX] Migrate authentication traces from v3 mongodb * Add deadcode recommendations * [BUGFIX] Fix ShortTimeouts suite when run in dev workflow * Add unused recommendations * Add unparam recommendations * Disable linting on unfixable errors instead of skipping files * Adjust nolint notation for unparam * Fix ineffectual assignment to err raised by linter. * Export environment variable in agent hook * Add ineffassign recommendations * Add staticcheck recommendations * Add gocyclo recommendations * Adjust ineffassign recommendations Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
2020-04-09 01:05:17 +00:00
{
refactor(model): rename from models (#2968)
2022-03-06 05:47:40 +00:00
db: model.UserInfo{},
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
err: errors.New("invalid thing"),
Fix backend unit tests.
2019-12-07 17:51:47 +00:00
},
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
}
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
for _, resp := range expectedResponses {
if resp.api == nil {
resp.api = &resp.db
}
Fix backend unit tests.
2019-12-07 17:51:47 +00:00
mock := mocks.NewMockAutheliaCtx(t)
fix(web): show appropriate default and available methods (#2999) This ensures that; the method set when a user does not have a preference is a method that is available, that if a user has a preferred method that is not available it is changed to an enabled method with preference put on methods the user has configured, that the frontend does not show the method selection option when only one method is available.
2022-03-28 01:26:30 +00:00
Fix spelling errors
2020-01-05 23:03:16 +00:00
// Set the initial user session.
Fix backend unit tests.
2019-12-07 17:51:47 +00:00
userSession := mock.Ctx.GetSession()
[CI] Add goconst linter (#961) * [CI] Add goconst linter * Implement goconst recommendations * Rename defaultPolicy to denyPolicy * Change order for test constants Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-05-02 16:20:40 +00:00
userSession.Username = testUsername
Fix backend unit tests.
2019-12-07 17:51:47 +00:00
userSession.AuthenticationLevel = 1
[MISC] Refactor and address most errcheck linter ignores (#1511) * [MISC] Refactor and address most errcheck linter ignores This is mostly a quality of life change. When we first implemented the errcheck linter we ignored a number of items in our legacy codebase with intent to revisit down the track. * Handle errors for regulation marks and remove unnecessary logging
2020-12-16 01:47:31 +00:00
err := mock.Ctx.SaveSession(userSession)
require.NoError(t, err)
Fix backend unit tests.
2019-12-07 17:51:47 +00:00
feat(totp): algorithm and digits config (#2634) Allow users to configure the TOTP Algorithm and Digits. This should be used with caution as many TOTP applications do not support it. Some will also fail to notify the user that there is an issue. i.e. if the algorithm in the QR code is sha512, they continue to generate one time passwords with sha1. In addition this drastically refactors TOTP in general to be more user friendly by not forcing them to register a new device if the administrator changes the period (or algorithm). Fixes #1226.
2021-12-01 12:11:29 +00:00
mock.StorageMock.
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
EXPECT().
LoadUserInfo(mock.Ctx, gomock.Eq("john")).
Return(resp.db, resp.err)
fix(web): show appropriate default and available methods (#2999) This ensures that; the method set when a user does not have a preference is a method that is available, that if a user has a preferred method that is not available it is changed to an enabled method with preference put on methods the user has configured, that the frontend does not show the method selection option when only one method is available.
2022-03-28 01:26:30 +00:00
UserInfoGET(mock.Ctx)
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
if resp.err == nil {
t.Run("expected status code", func(t *testing.T) {
assert.Equal(t, 200, mock.Ctx.Response.StatusCode())
})
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
refactor(model): rename from models (#2968)
2022-03-06 05:47:40 +00:00
actualPreferences := model.UserInfo{}
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
mock.GetResponseData(t, &actualPreferences)
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
t.Run("expected method", func(t *testing.T) {
assert.Equal(t, resp.api.Method, actualPreferences.Method)
})
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
feat: webauthn (#2707) This implements Webauthn. Old devices can be used to authenticate via the appid compatibility layer which should be automatic. New devices will be registered via Webauthn, and devices which do not support FIDO2 will no longer be able to be registered. At this time it does not fully support multiple devices (backend does, frontend doesn't allow registration of additional devices). Does not support passwordless.
2022-03-03 11:20:43 +00:00
t.Run("registered webauthn", func(t *testing.T) {
assert.Equal(t, resp.api.HasWebauthn, actualPreferences.HasWebauthn)
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
})
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
t.Run("registered totp", func(t *testing.T) {
assert.Equal(t, resp.api.HasTOTP, actualPreferences.HasTOTP)
})
fix(web): show appropriate default and available methods (#2999) This ensures that; the method set when a user does not have a preference is a method that is available, that if a user has a preferred method that is not available it is changed to an enabled method with preference put on methods the user has configured, that the frontend does not show the method selection option when only one method is available.
2022-03-28 01:26:30 +00:00
t.Run("registered duo", func(t *testing.T) {
assert.Equal(t, resp.api.HasDuo, actualPreferences.HasDuo)
})
} else {
t.Run("expected status code", func(t *testing.T) {
assert.Equal(t, 200, mock.Ctx.Response.StatusCode())
})
errResponse := mock.GetResponseError(t)
assert.Equal(t, "KO", errResponse.Status)
assert.Equal(t, "Operation failed.", errResponse.Message)
}
mock.Close()
}
}
func TestUserInfoEndpoint_SetDefaultMethod(t *testing.T) {
expectedResponses := []expectedResponseAlt{
{
description: "should set method to totp by default even when user doesn't have totp configured and no preferred method",
db: model.UserInfo{
Method: "",
HasTOTP: false,
HasWebauthn: false,
HasDuo: false,
},
api: &model.UserInfo{
Method: "totp",
HasTOTP: false,
HasWebauthn: false,
HasDuo: false,
},
refactor(configuration): remove ptr for duoapi and notifier (#3200) This adds to the ongoing effort to remove all pointers to structs in the configuration without breaking backwards compatibility.
2022-04-15 23:34:26 +00:00
config: &schema.Configuration{},
fix(web): show appropriate default and available methods (#2999) This ensures that; the method set when a user does not have a preference is a method that is available, that if a user has a preferred method that is not available it is changed to an enabled method with preference put on methods the user has configured, that the frontend does not show the method selection option when only one method is available.
2022-03-28 01:26:30 +00:00
loadErr: nil,
saveErr: nil,
},
{
description: "should set method to duo by default when user has duo configured and no preferred method",
db: model.UserInfo{
Method: "",
HasTOTP: false,
HasWebauthn: false,
HasDuo: true,
},
api: &model.UserInfo{
Method: "mobile_push",
HasTOTP: false,
HasWebauthn: false,
HasDuo: true,
},
refactor(configuration): remove ptr for duoapi and notifier (#3200) This adds to the ongoing effort to remove all pointers to structs in the configuration without breaking backwards compatibility.
2022-04-15 23:34:26 +00:00
config: &schema.Configuration{},
fix(web): show appropriate default and available methods (#2999) This ensures that; the method set when a user does not have a preference is a method that is available, that if a user has a preferred method that is not available it is changed to an enabled method with preference put on methods the user has configured, that the frontend does not show the method selection option when only one method is available.
2022-03-28 01:26:30 +00:00
loadErr: nil,
saveErr: nil,
},
{
description: "should set method to totp by default when user has duo configured and no preferred method but duo is not enabled",
db: model.UserInfo{
Method: "",
HasTOTP: false,
HasWebauthn: false,
HasDuo: true,
},
api: &model.UserInfo{
Method: "totp",
HasTOTP: false,
HasWebauthn: false,
HasDuo: true,
},
refactor(configuration): remove ptr for duoapi and notifier (#3200) This adds to the ongoing effort to remove all pointers to structs in the configuration without breaking backwards compatibility.
2022-04-15 23:34:26 +00:00
config: &schema.Configuration{DuoAPI: schema.DuoAPIConfiguration{Disable: true}},
fix(web): show appropriate default and available methods (#2999) This ensures that; the method set when a user does not have a preference is a method that is available, that if a user has a preferred method that is not available it is changed to an enabled method with preference put on methods the user has configured, that the frontend does not show the method selection option when only one method is available.
2022-03-28 01:26:30 +00:00
loadErr: nil,
saveErr: nil,
},
{
description: "should set method to duo by default when user has duo configured and no preferred method",
db: model.UserInfo{
Method: "",
HasTOTP: true,
HasWebauthn: true,
HasDuo: true,
},
api: &model.UserInfo{
Method: "webauthn",
HasTOTP: true,
HasWebauthn: true,
HasDuo: true,
},
config: &schema.Configuration{
TOTP: schema.TOTPConfiguration{
Disable: true,
},
},
loadErr: nil,
saveErr: nil,
},
{
description: "should default new users to totp if all enabled",
db: model.UserInfo{
Method: "",
HasTOTP: false,
HasWebauthn: false,
HasDuo: false,
},
api: &model.UserInfo{
Method: "totp",
HasTOTP: true,
HasWebauthn: true,
HasDuo: true,
},
refactor(configuration): remove ptr for duoapi and notifier (#3200) This adds to the ongoing effort to remove all pointers to structs in the configuration without breaking backwards compatibility.
2022-04-15 23:34:26 +00:00
config: &schema.Configuration{},
fix(web): show appropriate default and available methods (#2999) This ensures that; the method set when a user does not have a preference is a method that is available, that if a user has a preferred method that is not available it is changed to an enabled method with preference put on methods the user has configured, that the frontend does not show the method selection option when only one method is available.
2022-03-28 01:26:30 +00:00
loadErr: nil,
saveErr: errors.New("could not save"),
},
}
for _, resp := range expectedResponses {
refactor(configuration): remove ptr for duoapi and notifier (#3200) This adds to the ongoing effort to remove all pointers to structs in the configuration without breaking backwards compatibility.
2022-04-15 23:34:26 +00:00
t.Run(resp.description, func(t *testing.T) {
if resp.api == nil {
resp.api = &resp.db
}
mock := mocks.NewMockAutheliaCtx(t)
if resp.config != nil {
mock.Ctx.Configuration = *resp.config
}
// Set the initial user session.
userSession := mock.Ctx.GetSession()
userSession.Username = testUsername
userSession.AuthenticationLevel = 1
err := mock.Ctx.SaveSession(userSession)
require.NoError(t, err)
if resp.db.Method == "" {
gomock.InOrder(
mock.StorageMock.
EXPECT().
LoadPreferred2FAMethod(mock.Ctx, gomock.Eq("john")).
Return("", sql.ErrNoRows),
mock.StorageMock.
EXPECT().
SavePreferred2FAMethod(mock.Ctx, gomock.Eq("john"), gomock.Eq("")).
Return(resp.saveErr),
mock.StorageMock.
EXPECT().
LoadUserInfo(mock.Ctx, gomock.Eq("john")).
Return(resp.db, nil),
mock.StorageMock.EXPECT().
SavePreferred2FAMethod(mock.Ctx, gomock.Eq("john"), gomock.Eq(resp.api.Method)).
Return(resp.saveErr),
)
} else {
gomock.InOrder(
mock.StorageMock.
EXPECT().
LoadPreferred2FAMethod(mock.Ctx, gomock.Eq("john")).
Return(resp.db.Method, nil),
mock.StorageMock.
EXPECT().
LoadUserInfo(mock.Ctx, gomock.Eq("john")).
Return(resp.db, nil),
mock.StorageMock.EXPECT().
SavePreferred2FAMethod(mock.Ctx, gomock.Eq("john"), gomock.Eq(resp.api.Method)).
Return(resp.saveErr),
)
}
UserInfoPOST(mock.Ctx)
if resp.loadErr == nil && resp.saveErr == nil {
t.Run(fmt.Sprintf("%s/%s", resp.description, "expected status code"), func(t *testing.T) {
assert.Equal(t, 200, mock.Ctx.Response.StatusCode())
})
actualPreferences := model.UserInfo{}
mock.GetResponseData(t, &actualPreferences)
t.Run("expected method", func(t *testing.T) {
assert.Equal(t, resp.api.Method, actualPreferences.Method)
})
t.Run("registered webauthn", func(t *testing.T) {
assert.Equal(t, resp.api.HasWebauthn, actualPreferences.HasWebauthn)
})
t.Run("registered totp", func(t *testing.T) {
assert.Equal(t, resp.api.HasTOTP, actualPreferences.HasTOTP)
})
t.Run("registered duo", func(t *testing.T) {
assert.Equal(t, resp.api.HasDuo, actualPreferences.HasDuo)
})
} else {
t.Run("expected status code", func(t *testing.T) {
assert.Equal(t, 200, mock.Ctx.Response.StatusCode())
})
errResponse := mock.GetResponseError(t)
assert.Equal(t, "KO", errResponse.Status)
assert.Equal(t, "Operation failed.", errResponse.Message)
}
mock.Close()
})
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
}
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
}
func (s *FetchSuite) TestShouldReturnError500WhenStorageFailsToLoad() {
feat(totp): algorithm and digits config (#2634) Allow users to configure the TOTP Algorithm and Digits. This should be used with caution as many TOTP applications do not support it. Some will also fail to notify the user that there is an issue. i.e. if the algorithm in the QR code is sha512, they continue to generate one time passwords with sha1. In addition this drastically refactors TOTP in general to be more user friendly by not forcing them to register a new device if the administrator changes the period (or algorithm). Fixes #1226.
2021-12-01 12:11:29 +00:00
s.mock.StorageMock.EXPECT().
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
LoadUserInfo(s.mock.Ctx, gomock.Eq("john")).
refactor(model): rename from models (#2968)
2022-03-06 05:47:40 +00:00
Return(model.UserInfo{}, fmt.Errorf("failure"))
Fix backend unit tests.
2019-12-07 17:51:47 +00:00
fix(web): show appropriate default and available methods (#2999) This ensures that; the method set when a user does not have a preference is a method that is available, that if a user has a preferred method that is not available it is changed to an enabled method with preference put on methods the user has configured, that the frontend does not show the method selection option when only one method is available.
2022-03-28 01:26:30 +00:00
UserInfoGET(s.mock.Ctx)
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
s.mock.Assert200KO(s.T(), "Operation failed.")
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
assert.Equal(s.T(), "unable to load user information: failure", s.mock.Hook.LastEntry().Message)
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
assert.Equal(s.T(), logrus.ErrorLevel, s.mock.Hook.LastEntry().Level)
}
func TestFetchSuite(t *testing.T) {
suite.Run(t, &FetchSuite{})
}
type SaveSuite struct {
suite.Suite
mock *mocks.MockAutheliaCtx
}
func (s *SaveSuite) SetupTest() {
s.mock = mocks.NewMockAutheliaCtx(s.T())
Fix spelling errors
2020-01-05 23:03:16 +00:00
// Set the initial user session.
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
userSession := s.mock.Ctx.GetSession()
[CI] Add goconst linter (#961) * [CI] Add goconst linter * Implement goconst recommendations * Rename defaultPolicy to denyPolicy * Change order for test constants Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-05-02 16:20:40 +00:00
userSession.Username = testUsername
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
userSession.AuthenticationLevel = 1
[MISC] Refactor and address most errcheck linter ignores (#1511) * [MISC] Refactor and address most errcheck linter ignores This is mostly a quality of life change. When we first implemented the errcheck linter we ignored a number of items in our legacy codebase with intent to revisit down the track. * Handle errors for regulation marks and remove unnecessary logging
2020-12-16 01:47:31 +00:00
err := s.mock.Ctx.SaveSession(userSession)
require.NoError(s.T(), err)
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
}
func (s *SaveSuite) TearDownTest() {
s.mock.Close()
}
func (s *SaveSuite) TestShouldReturnError500WhenNoBodyProvided() {
s.mock.Ctx.Request.SetBody(nil)
fix(server): incorrect remote ip logged in error handler (#3139) This fixes edge cases where the remote IP was not correctly logged. Generally this is not an issue as most errors do not hit this handler, but in instances where a transport error occurs this is important.
2022-04-08 04:13:47 +00:00
MethodPreferencePOST(s.mock.Ctx)
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
s.mock.Assert200KO(s.T(), "Operation failed.")
feat(regulator): enhance authentication logs (#2622) This adds additional logging to the authentication logs such as type, remote IP, request method, redirect URL, and if the attempt was done during a ban. This also means we log attempts that occur when the attempt was blocked by the regulator for record keeping purposes, as well as record 2FA attempts which can be used to inform admins and later to regulate based on other factors. Fixes #116, Fixes #1293.
2021-11-29 03:09:14 +00:00
assert.Equal(s.T(), "unable to parse body: unexpected end of JSON input", s.mock.Hook.LastEntry().Message)
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
assert.Equal(s.T(), logrus.ErrorLevel, s.mock.Hook.LastEntry().Level)
}
func (s *SaveSuite) TestShouldReturnError500WhenMalformedBodyProvided() {
s.mock.Ctx.Request.SetBody([]byte("{\"method\":\"abc\""))
fix(server): incorrect remote ip logged in error handler (#3139) This fixes edge cases where the remote IP was not correctly logged. Generally this is not an issue as most errors do not hit this handler, but in instances where a transport error occurs this is important.
2022-04-08 04:13:47 +00:00
MethodPreferencePOST(s.mock.Ctx)
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
s.mock.Assert200KO(s.T(), "Operation failed.")
feat(regulator): enhance authentication logs (#2622) This adds additional logging to the authentication logs such as type, remote IP, request method, redirect URL, and if the attempt was done during a ban. This also means we log attempts that occur when the attempt was blocked by the regulator for record keeping purposes, as well as record 2FA attempts which can be used to inform admins and later to regulate based on other factors. Fixes #116, Fixes #1293.
2021-11-29 03:09:14 +00:00
assert.Equal(s.T(), "unable to parse body: unexpected end of JSON input", s.mock.Hook.LastEntry().Message)
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
assert.Equal(s.T(), logrus.ErrorLevel, s.mock.Hook.LastEntry().Level)
}
func (s *SaveSuite) TestShouldReturnError500WhenBadBodyProvided() {
s.mock.Ctx.Request.SetBody([]byte("{\"weird_key\":\"abc\"}"))
fix(server): incorrect remote ip logged in error handler (#3139) This fixes edge cases where the remote IP was not correctly logged. Generally this is not an issue as most errors do not hit this handler, but in instances where a transport error occurs this is important.
2022-04-08 04:13:47 +00:00
MethodPreferencePOST(s.mock.Ctx)
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
s.mock.Assert200KO(s.T(), "Operation failed.")
feat(regulator): enhance authentication logs (#2622) This adds additional logging to the authentication logs such as type, remote IP, request method, redirect URL, and if the attempt was done during a ban. This also means we log attempts that occur when the attempt was blocked by the regulator for record keeping purposes, as well as record 2FA attempts which can be used to inform admins and later to regulate based on other factors. Fixes #116, Fixes #1293.
2021-11-29 03:09:14 +00:00
assert.Equal(s.T(), "unable to validate body: method: non zero value required", s.mock.Hook.LastEntry().Message)
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
assert.Equal(s.T(), logrus.ErrorLevel, s.mock.Hook.LastEntry().Level)
}
func (s *SaveSuite) TestShouldReturnError500WhenBadMethodProvided() {
s.mock.Ctx.Request.SetBody([]byte("{\"method\":\"abc\"}"))
fix(server): incorrect remote ip logged in error handler (#3139) This fixes edge cases where the remote IP was not correctly logged. Generally this is not an issue as most errors do not hit this handler, but in instances where a transport error occurs this is important.
2022-04-08 04:13:47 +00:00
MethodPreferencePOST(s.mock.Ctx)
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
s.mock.Assert200KO(s.T(), "Operation failed.")
refactor(configuration): remove ptr for duoapi and notifier (#3200) This adds to the ongoing effort to remove all pointers to structs in the configuration without breaking backwards compatibility.
2022-04-15 23:34:26 +00:00
assert.Equal(s.T(), "unknown or unavailable method 'abc', it should be one of totp, webauthn, mobile_push", s.mock.Hook.LastEntry().Message)
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
assert.Equal(s.T(), logrus.ErrorLevel, s.mock.Hook.LastEntry().Level)
}
func (s *SaveSuite) TestShouldReturnError500WhenDatabaseFailsToSave() {
feat: webauthn (#2707) This implements Webauthn. Old devices can be used to authenticate via the appid compatibility layer which should be automatic. New devices will be registered via Webauthn, and devices which do not support FIDO2 will no longer be able to be registered. At this time it does not fully support multiple devices (backend does, frontend doesn't allow registration of additional devices). Does not support passwordless.
2022-03-03 11:20:43 +00:00
s.mock.Ctx.Request.SetBody([]byte("{\"method\":\"webauthn\"}"))
feat(totp): algorithm and digits config (#2634) Allow users to configure the TOTP Algorithm and Digits. This should be used with caution as many TOTP applications do not support it. Some will also fail to notify the user that there is an issue. i.e. if the algorithm in the QR code is sha512, they continue to generate one time passwords with sha1. In addition this drastically refactors TOTP in general to be more user friendly by not forcing them to register a new device if the administrator changes the period (or algorithm). Fixes #1226.
2021-12-01 12:11:29 +00:00
s.mock.StorageMock.EXPECT().
feat: webauthn (#2707) This implements Webauthn. Old devices can be used to authenticate via the appid compatibility layer which should be automatic. New devices will be registered via Webauthn, and devices which do not support FIDO2 will no longer be able to be registered. At this time it does not fully support multiple devices (backend does, frontend doesn't allow registration of additional devices). Does not support passwordless.
2022-03-03 11:20:43 +00:00
SavePreferred2FAMethod(s.mock.Ctx, gomock.Eq("john"), gomock.Eq("webauthn")).
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
Return(fmt.Errorf("Failure"))
fix(server): incorrect remote ip logged in error handler (#3139) This fixes edge cases where the remote IP was not correctly logged. Generally this is not an issue as most errors do not hit this handler, but in instances where a transport error occurs this is important.
2022-04-08 04:13:47 +00:00
MethodPreferencePOST(s.mock.Ctx)
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
s.mock.Assert200KO(s.T(), "Operation failed.")
refactor(handlers): lower case error messages (#2289) * refactor(handlers): lower case error messages also refactor verifyAuth function to detect malicious activity both with session cookie and authorization header. * refacto(handlers): simplify error construction * fix(handlers): check prefix in authorization header to determine auth method * fix(handlers): determining the method should be done with headers instead of query arg * refacto(handlers): rollback changes of verifyAuth * don't lowercase log messages * Apply suggestions from code review Make sure logger errors are not lowercased. * fix: uppercase logger errors and remove unused param * Do not lowercase logger errors * Remove unused param targetURL * Rename url variable to not conflict with imported package Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-09-17 05:53:40 +00:00
assert.Equal(s.T(), "unable to save new preferred 2FA method: Failure", s.mock.Hook.LastEntry().Message)
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
assert.Equal(s.T(), logrus.ErrorLevel, s.mock.Hook.LastEntry().Level)
}
func (s *SaveSuite) TestShouldReturn200WhenMethodIsSuccessfullySaved() {
feat: webauthn (#2707) This implements Webauthn. Old devices can be used to authenticate via the appid compatibility layer which should be automatic. New devices will be registered via Webauthn, and devices which do not support FIDO2 will no longer be able to be registered. At this time it does not fully support multiple devices (backend does, frontend doesn't allow registration of additional devices). Does not support passwordless.
2022-03-03 11:20:43 +00:00
s.mock.Ctx.Request.SetBody([]byte("{\"method\":\"webauthn\"}"))
feat(totp): algorithm and digits config (#2634) Allow users to configure the TOTP Algorithm and Digits. This should be used with caution as many TOTP applications do not support it. Some will also fail to notify the user that there is an issue. i.e. if the algorithm in the QR code is sha512, they continue to generate one time passwords with sha1. In addition this drastically refactors TOTP in general to be more user friendly by not forcing them to register a new device if the administrator changes the period (or algorithm). Fixes #1226.
2021-12-01 12:11:29 +00:00
s.mock.StorageMock.EXPECT().
feat: webauthn (#2707) This implements Webauthn. Old devices can be used to authenticate via the appid compatibility layer which should be automatic. New devices will be registered via Webauthn, and devices which do not support FIDO2 will no longer be able to be registered. At this time it does not fully support multiple devices (backend does, frontend doesn't allow registration of additional devices). Does not support passwordless.
2022-03-03 11:20:43 +00:00
SavePreferred2FAMethod(s.mock.Ctx, gomock.Eq("john"), gomock.Eq("webauthn")).
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
Return(nil)
fix(server): incorrect remote ip logged in error handler (#3139) This fixes edge cases where the remote IP was not correctly logged. Generally this is not an issue as most errors do not hit this handler, but in instances where a transport error occurs this is important.
2022-04-08 04:13:47 +00:00
MethodPreferencePOST(s.mock.Ctx)
Introduce hasU2F and hasTOTP in user info.
2019-12-07 11:18:22 +00:00
assert.Equal(s.T(), 200, s.mock.Ctx.Response.StatusCode())
}
func TestSaveSuite(t *testing.T) {
suite.Run(t, &SaveSuite{})
}