2020-04-30 02:03:05 +00:00
|
|
|
package validator
|
|
|
|
|
|
|
|
import (
|
2022-04-04 23:57:47 +00:00
|
|
|
"os"
|
2020-04-30 02:03:05 +00:00
|
|
|
"testing"
|
|
|
|
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
"github.com/stretchr/testify/require"
|
|
|
|
|
2021-08-11 01:04:35 +00:00
|
|
|
"github.com/authelia/authelia/v4/internal/configuration/schema"
|
2020-04-30 02:03:05 +00:00
|
|
|
)
|
|
|
|
|
2022-04-04 23:57:47 +00:00
|
|
|
const unexistingFilePath = "/tmp/unexisting_file"
|
|
|
|
|
2021-08-02 11:55:30 +00:00
|
|
|
func TestShouldSetDefaultServerValues(t *testing.T) {
|
2020-04-30 02:03:05 +00:00
|
|
|
validator := schema.NewStructValidator()
|
2021-08-02 11:55:30 +00:00
|
|
|
config := &schema.Configuration{}
|
|
|
|
|
|
|
|
ValidateServer(config, validator)
|
|
|
|
|
|
|
|
assert.Len(t, validator.Errors(), 0)
|
|
|
|
assert.Len(t, validator.Warnings(), 0)
|
|
|
|
|
|
|
|
assert.Equal(t, schema.DefaultServerConfiguration.Host, config.Server.Host)
|
|
|
|
assert.Equal(t, schema.DefaultServerConfiguration.Port, config.Server.Port)
|
|
|
|
assert.Equal(t, schema.DefaultServerConfiguration.ReadBufferSize, config.Server.ReadBufferSize)
|
|
|
|
assert.Equal(t, schema.DefaultServerConfiguration.WriteBufferSize, config.Server.WriteBufferSize)
|
|
|
|
assert.Equal(t, schema.DefaultServerConfiguration.TLS.Key, config.Server.TLS.Key)
|
|
|
|
assert.Equal(t, schema.DefaultServerConfiguration.TLS.Certificate, config.Server.TLS.Certificate)
|
|
|
|
assert.Equal(t, schema.DefaultServerConfiguration.Path, config.Server.Path)
|
|
|
|
assert.Equal(t, schema.DefaultServerConfiguration.EnableExpvars, config.Server.EnableExpvars)
|
|
|
|
assert.Equal(t, schema.DefaultServerConfiguration.EnablePprof, config.Server.EnablePprof)
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestShouldSetDefaultConfig(t *testing.T) {
|
|
|
|
validator := schema.NewStructValidator()
|
|
|
|
config := &schema.Configuration{}
|
|
|
|
|
|
|
|
ValidateServer(config, validator)
|
|
|
|
|
|
|
|
assert.Len(t, validator.Errors(), 0)
|
|
|
|
assert.Len(t, validator.Warnings(), 0)
|
|
|
|
|
|
|
|
assert.Equal(t, schema.DefaultServerConfiguration.ReadBufferSize, config.Server.ReadBufferSize)
|
|
|
|
assert.Equal(t, schema.DefaultServerConfiguration.WriteBufferSize, config.Server.WriteBufferSize)
|
2020-04-30 02:03:05 +00:00
|
|
|
}
|
|
|
|
|
2021-03-22 09:04:09 +00:00
|
|
|
func TestShouldParsePathCorrectly(t *testing.T) {
|
|
|
|
validator := schema.NewStructValidator()
|
2021-08-02 11:55:30 +00:00
|
|
|
config := &schema.Configuration{
|
|
|
|
Server: schema.ServerConfiguration{
|
|
|
|
Path: "apple",
|
|
|
|
},
|
2021-03-22 09:04:09 +00:00
|
|
|
}
|
|
|
|
|
2021-08-02 11:55:30 +00:00
|
|
|
ValidateServer(config, validator)
|
2021-03-22 09:04:09 +00:00
|
|
|
|
2021-08-02 11:55:30 +00:00
|
|
|
assert.Len(t, validator.Errors(), 0)
|
|
|
|
assert.Len(t, validator.Warnings(), 0)
|
|
|
|
|
|
|
|
assert.Equal(t, "/apple", config.Server.Path)
|
2021-03-22 09:04:09 +00:00
|
|
|
}
|
|
|
|
|
2020-04-30 02:03:05 +00:00
|
|
|
func TestShouldRaiseOnNegativeValues(t *testing.T) {
|
|
|
|
validator := schema.NewStructValidator()
|
2021-08-02 11:55:30 +00:00
|
|
|
config := &schema.Configuration{
|
|
|
|
Server: schema.ServerConfiguration{
|
|
|
|
ReadBufferSize: -1,
|
|
|
|
WriteBufferSize: -1,
|
|
|
|
},
|
2020-04-30 02:03:05 +00:00
|
|
|
}
|
2021-08-02 11:55:30 +00:00
|
|
|
|
|
|
|
ValidateServer(config, validator)
|
|
|
|
|
2020-04-30 02:03:05 +00:00
|
|
|
require.Len(t, validator.Errors(), 2)
|
2021-08-02 11:55:30 +00:00
|
|
|
|
2022-02-28 03:15:01 +00:00
|
|
|
assert.EqualError(t, validator.Errors()[0], "server: option 'read_buffer_size' must be above 0 but it is configured as '-1'")
|
|
|
|
assert.EqualError(t, validator.Errors()[1], "server: option 'write_buffer_size' must be above 0 but it is configured as '-1'")
|
2020-04-30 02:03:05 +00:00
|
|
|
}
|
2020-05-21 02:20:55 +00:00
|
|
|
|
|
|
|
func TestShouldRaiseOnNonAlphanumericCharsInPath(t *testing.T) {
|
|
|
|
validator := schema.NewStructValidator()
|
2021-08-02 11:55:30 +00:00
|
|
|
config := &schema.Configuration{
|
|
|
|
Server: schema.ServerConfiguration{
|
|
|
|
Path: "app le",
|
|
|
|
},
|
2020-05-21 02:20:55 +00:00
|
|
|
}
|
2021-08-02 11:55:30 +00:00
|
|
|
|
|
|
|
ValidateServer(config, validator)
|
|
|
|
|
2020-05-21 02:20:55 +00:00
|
|
|
require.Len(t, validator.Errors(), 1)
|
2021-08-02 11:55:30 +00:00
|
|
|
|
2020-05-21 02:20:55 +00:00
|
|
|
assert.Error(t, validator.Errors()[0], "server path must only be alpha numeric characters")
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestShouldRaiseOnForwardSlashInPath(t *testing.T) {
|
|
|
|
validator := schema.NewStructValidator()
|
2021-08-02 11:55:30 +00:00
|
|
|
config := &schema.Configuration{
|
|
|
|
Server: schema.ServerConfiguration{
|
|
|
|
Path: "app/le",
|
|
|
|
},
|
2020-05-21 02:20:55 +00:00
|
|
|
}
|
2021-08-02 11:55:30 +00:00
|
|
|
|
|
|
|
ValidateServer(config, validator)
|
|
|
|
|
2020-05-21 02:20:55 +00:00
|
|
|
assert.Len(t, validator.Errors(), 1)
|
2021-08-02 11:55:30 +00:00
|
|
|
|
2020-05-21 02:20:55 +00:00
|
|
|
assert.Error(t, validator.Errors()[0], "server path must not contain any forward slashes")
|
|
|
|
}
|
2021-08-02 11:55:30 +00:00
|
|
|
|
|
|
|
func TestShouldValidateAndUpdateHost(t *testing.T) {
|
|
|
|
validator := schema.NewStructValidator()
|
|
|
|
config := newDefaultConfig()
|
|
|
|
config.Server.Host = ""
|
|
|
|
|
|
|
|
ValidateServer(&config, validator)
|
|
|
|
|
|
|
|
require.Len(t, validator.Errors(), 0)
|
|
|
|
assert.Equal(t, "0.0.0.0", config.Server.Host)
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestShouldRaiseErrorWhenTLSCertWithoutKeyIsProvided(t *testing.T) {
|
|
|
|
validator := schema.NewStructValidator()
|
|
|
|
config := newDefaultConfig()
|
2022-04-04 23:57:47 +00:00
|
|
|
|
|
|
|
file, err := os.CreateTemp("", "cert")
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
defer os.Remove(file.Name())
|
|
|
|
|
|
|
|
config.Server.TLS.Certificate = file.Name()
|
2021-08-02 11:55:30 +00:00
|
|
|
|
|
|
|
ValidateServer(&config, validator)
|
|
|
|
require.Len(t, validator.Errors(), 1)
|
2022-02-28 03:15:01 +00:00
|
|
|
assert.EqualError(t, validator.Errors()[0], "server: tls: option 'certificate' must also be accompanied by option 'key'")
|
2021-08-02 11:55:30 +00:00
|
|
|
}
|
|
|
|
|
2022-04-04 23:57:47 +00:00
|
|
|
func TestShouldRaiseErrorWhenTLSCertDoesNotExist(t *testing.T) {
|
|
|
|
validator := schema.NewStructValidator()
|
|
|
|
config := newDefaultConfig()
|
|
|
|
|
|
|
|
file, err := os.CreateTemp("", "key")
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
defer os.Remove(file.Name())
|
|
|
|
|
|
|
|
config.Server.TLS.Certificate = unexistingFilePath
|
|
|
|
config.Server.TLS.Key = file.Name()
|
|
|
|
|
|
|
|
ValidateServer(&config, validator)
|
|
|
|
require.Len(t, validator.Errors(), 1)
|
|
|
|
assert.EqualError(t, validator.Errors()[0], "server: tls: file path /tmp/unexisting_file provided in 'certificate' does not exist")
|
|
|
|
}
|
|
|
|
|
2021-08-02 11:55:30 +00:00
|
|
|
func TestShouldRaiseErrorWhenTLSKeyWithoutCertIsProvided(t *testing.T) {
|
|
|
|
validator := schema.NewStructValidator()
|
|
|
|
config := newDefaultConfig()
|
2022-04-04 23:57:47 +00:00
|
|
|
|
|
|
|
file, err := os.CreateTemp("", "key")
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
defer os.Remove(file.Name())
|
|
|
|
|
|
|
|
config.Server.TLS.Key = file.Name()
|
2021-08-02 11:55:30 +00:00
|
|
|
|
|
|
|
ValidateServer(&config, validator)
|
|
|
|
require.Len(t, validator.Errors(), 1)
|
2022-02-28 03:15:01 +00:00
|
|
|
assert.EqualError(t, validator.Errors()[0], "server: tls: option 'key' must also be accompanied by option 'certificate'")
|
2021-08-02 11:55:30 +00:00
|
|
|
}
|
|
|
|
|
2022-04-04 23:57:47 +00:00
|
|
|
func TestShouldRaiseErrorWhenTLSKeyDoesNotExist(t *testing.T) {
|
|
|
|
validator := schema.NewStructValidator()
|
|
|
|
config := newDefaultConfig()
|
|
|
|
|
|
|
|
file, err := os.CreateTemp("", "key")
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
defer os.Remove(file.Name())
|
|
|
|
|
|
|
|
config.Server.TLS.Key = unexistingFilePath
|
|
|
|
config.Server.TLS.Certificate = file.Name()
|
|
|
|
|
|
|
|
ValidateServer(&config, validator)
|
|
|
|
require.Len(t, validator.Errors(), 1)
|
|
|
|
assert.EqualError(t, validator.Errors()[0], "server: tls: file path /tmp/unexisting_file provided in 'key' does not exist")
|
|
|
|
}
|
|
|
|
|
2021-08-02 11:55:30 +00:00
|
|
|
func TestShouldNotRaiseErrorWhenBothTLSCertificateAndKeyAreProvided(t *testing.T) {
|
|
|
|
validator := schema.NewStructValidator()
|
|
|
|
config := newDefaultConfig()
|
2022-04-04 23:57:47 +00:00
|
|
|
|
|
|
|
certFile, err := os.CreateTemp("", "cert")
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
defer os.Remove(certFile.Name())
|
|
|
|
|
|
|
|
keyFile, err := os.CreateTemp("", "key")
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
defer os.Remove(keyFile.Name())
|
|
|
|
|
|
|
|
config.Server.TLS.Certificate = certFile.Name()
|
|
|
|
config.Server.TLS.Key = keyFile.Name()
|
2021-08-02 11:55:30 +00:00
|
|
|
|
|
|
|
ValidateServer(&config, validator)
|
|
|
|
require.Len(t, validator.Errors(), 0)
|
|
|
|
}
|
|
|
|
|
2022-04-04 23:57:47 +00:00
|
|
|
func TestShouldRaiseErrorWhenTLSClientCertificateDoesNotExist(t *testing.T) {
|
|
|
|
validator := schema.NewStructValidator()
|
|
|
|
config := newDefaultConfig()
|
|
|
|
|
|
|
|
certFile, err := os.CreateTemp("", "cert")
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
defer os.Remove(certFile.Name())
|
|
|
|
|
|
|
|
keyFile, err := os.CreateTemp("", "key")
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
defer os.Remove(keyFile.Name())
|
|
|
|
|
|
|
|
config.Server.TLS.Certificate = certFile.Name()
|
|
|
|
config.Server.TLS.Key = keyFile.Name()
|
|
|
|
config.Server.TLS.ClientCertificates = []string{"/tmp/unexisting"}
|
|
|
|
|
|
|
|
ValidateServer(&config, validator)
|
|
|
|
require.Len(t, validator.Errors(), 1)
|
|
|
|
assert.EqualError(t, validator.Errors()[0], "server: tls: client_certificates: certificates: file path /tmp/unexisting does not exist")
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestShouldRaiseErrorWhenTLSClientAuthIsDefinedButNotServerCertificate(t *testing.T) {
|
|
|
|
validator := schema.NewStructValidator()
|
|
|
|
config := newDefaultConfig()
|
|
|
|
|
|
|
|
certFile, err := os.CreateTemp("", "cert")
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
defer os.Remove(certFile.Name())
|
|
|
|
|
|
|
|
config.Server.TLS.ClientCertificates = []string{certFile.Name()}
|
|
|
|
|
|
|
|
ValidateServer(&config, validator)
|
|
|
|
require.Len(t, validator.Errors(), 1)
|
|
|
|
assert.EqualError(t, validator.Errors()[0], "server: tls: client authentication cannot be configured if no server certificate and key are provided")
|
|
|
|
}
|
|
|
|
|
2021-08-02 11:55:30 +00:00
|
|
|
func TestShouldNotUpdateConfig(t *testing.T) {
|
|
|
|
validator := schema.NewStructValidator()
|
|
|
|
config := newDefaultConfig()
|
|
|
|
|
|
|
|
ValidateServer(&config, validator)
|
|
|
|
|
|
|
|
require.Len(t, validator.Errors(), 0)
|
|
|
|
assert.Equal(t, 9090, config.Server.Port)
|
|
|
|
assert.Equal(t, loopback, config.Server.Host)
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestShouldValidateAndUpdatePort(t *testing.T) {
|
|
|
|
validator := schema.NewStructValidator()
|
|
|
|
config := newDefaultConfig()
|
|
|
|
config.Server.Port = 0
|
|
|
|
|
|
|
|
ValidateServer(&config, validator)
|
|
|
|
|
|
|
|
require.Len(t, validator.Errors(), 0)
|
|
|
|
assert.Equal(t, 9091, config.Server.Port)
|
|
|
|
}
|