RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refactor: collect backend coverage via go build -cover (#4921) 

* refactor: collect backend coverage via go build -cover

* refactor: print percentage coverage collected
pull/4928/head
Amir Zarrinkafsh 2023-02-14 14:44:08 +11:00 committed by GitHub
parent cea4bdf879
commit 59e82e786c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 130 additions and 185 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.buildkite/hooks/post-command
View File

@ -15,6 +15,8 @@ if [[ ! "${BUILDKITE_BRANCH}" =~ ^(v.*) ]] && [[ "${BUILDKITE_COMMAND_EXIT_STATU
NAME="UnitTest" NAME="UnitTest"
if [[ "${SUITE}" != "" ]]; then if [[ "${SUITE}" != "" ]]; then
NAME=${SUITE} NAME=${SUITE}
go tool covdata percent -i=coverage
go tool covdata textfmt -i=coverage -o coverage.txt
fi fi
if [[ "${BUILDKITE_AGENT_META_DATA_CODECOV}" == "verbose" ]]; then if [[ "${BUILDKITE_AGENT_META_DATA_CODECOV}" == "verbose" ]]; then
BUILDKITE_AGENT_META_DATA_CODECOV="-v" BUILDKITE_AGENT_META_DATA_CODECOV="-v"

1
.buildkite/hooks/pre-command
View File

@ -31,6 +31,7 @@ fi
if [[ "${BUILDKITE_LABEL}" =~ ":selenium:" ]]; then if [[ "${BUILDKITE_LABEL}" =~ ":selenium:" ]]; then
DEFAULT_ARCH=coverage DEFAULT_ARCH=coverage
echo "--- :docker: Extract and load build container" echo "--- :docker: Extract and load build container"
mkdir coverage
buildkite-agent artifact download "authelia-image-${DEFAULT_ARCH}*" . buildkite-agent artifact download "authelia-image-${DEFAULT_ARCH}*" .
if [[ "${SUITE}" == "Kubernetes" ]]; then if [[ "${SUITE}" == "Kubernetes" ]]; then
zstd -d authelia-image-coverage.tar.zst --stdout > ./internal/suites/example/kube/authelia-image-${DEFAULT_ARCH}.tar zstd -d authelia-image-coverage.tar.zst --stdout > ./internal/suites/example/kube/authelia-image-${DEFAULT_ARCH}.tar

9
Dockerfile.coverage
View File

@ -39,9 +39,9 @@ RUN \
mv api internal/server/public_html/api && \ mv api internal/server/public_html/api && \
cd cmd/authelia && \ cd cmd/authelia && \
chmod 0666 /go/src/app/.healthcheck.env && \ chmod 0666 /go/src/app/.healthcheck.env && \
echo ">> Starting go build (coverage via go test)..." && \ echo ">> Starting go build (coverage via -cover)..." && \
CGO_ENABLED=1 CGO_CPPFLAGS="-D_FORTIFY_SOURCE=2 -fstack-protector-strong" CGO_LDFLAGS="-Wl,-z,relro,-z,now" go test -c --tags coverage -covermode=atomic \ CGO_ENABLED=1 CGO_CPPFLAGS="-D_FORTIFY_SOURCE=2 -fstack-protector-strong" CGO_LDFLAGS="-Wl,-z,relro,-z,now" go build -cover -covermode=atomic \
-ldflags "${LDFLAGS_EXTRA}" -o authelia -coverpkg github.com/authelia/authelia/... -ldflags "${LDFLAGS_EXTRA}" -o authelia
# =================================== # ===================================
# ===== Authelia official image ===== # ===== Authelia official image =====
@ -59,7 +59,8 @@ EXPOSE 9091
VOLUME /config VOLUME /config
ENV PATH="/app:${PATH}" \ ENV PATH="/app:${PATH}" \
GOCOVERDIR="/authelia/coverage/" \
X_AUTHELIA_CONFIG="/config/configuration.yml" X_AUTHELIA_CONFIG="/config/configuration.yml"
CMD ["authelia", "-test.coverprofile=/authelia/coverage.txt", "COVERAGE"] CMD ["authelia"]
HEALTHCHECK --interval=30s --timeout=3s CMD /app/healthcheck.sh HEALTHCHECK --interval=30s --timeout=3s CMD /app/healthcheck.sh

43
cmd/authelia/coverage_test.go
View File

@ -1,43 +0,0 @@
// +build coverage
package main
import (
"os"
"os/signal"
"strings"
"syscall"
"testing"
)
func TestCoverage(t *testing.T) {
var (
args []string
)
for _, arg := range os.Args {
switch {
case strings.HasPrefix(arg, "COVERAGE"):
case strings.HasPrefix(arg, "-test"):
default:
args = append(args, arg)
}
}
waitCh := make(chan int, 1)
os.Args = args
go func() {
main()
close(waitCh)
}()
signalCh := make(chan os.Signal, 1)
signal.Notify(signalCh, syscall.SIGINT, syscall.SIGQUIT, syscall.SIGTERM, syscall.SIGHUP)
select {
case <-signalCh:
return
case <-waitCh:
return
}
}

257
internal/suites/suite_cli_test.go
View File

@ -43,25 +43,12 @@ func (s *CLISuite) SetupSuite() {
s.DockerEnvironment = dockerEnvironment s.DockerEnvironment = dockerEnvironment
} }
func (s *CLISuite) SetupTest() {
testArg := ""
coverageArg := ""
if os.Getenv("CI") == t {
testArg = "-test.coverprofile=/authelia/coverage-$(cat /proc/sys/kernel/random/uuid).txt"
coverageArg = "COVERAGE"
}
s.testArg = testArg
s.coverageArg = coverageArg
}
func (s *CLISuite) TestShouldPrintBuildInformation() { func (s *CLISuite) TestShouldPrintBuildInformation() {
if os.Getenv("CI") == "false" { if os.Getenv("CI") == "false" {
s.T().Skip("Skipping testing in dev environment") s.T().Skip("Skipping testing in dev environment")
} }
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "build-info"}) output, err := s.Exec("authelia-backend", []string{"authelia", "build-info"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Last Tag: ") s.Assert().Contains(output, "Last Tag: ")
s.Assert().Contains(output, "State: ") s.Assert().Contains(output, "State: ")
@ -76,19 +63,19 @@ func (s *CLISuite) TestShouldPrintBuildInformation() {
} }
func (s *CLISuite) TestShouldPrintVersion() { func (s *CLISuite) TestShouldPrintVersion() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "--version"}) output, err := s.Exec("authelia-backend", []string{"authelia", "--version"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "authelia version") s.Assert().Contains(output, "authelia version")
} }
func (s *CLISuite) TestShouldValidateConfig() { func (s *CLISuite) TestShouldValidateConfig() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "validate-config"}) output, err := s.Exec("authelia-backend", []string{"authelia", "validate-config"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Configuration parsed and loaded successfully without errors.") s.Assert().Contains(output, "Configuration parsed and loaded successfully without errors.")
} }
func (s *CLISuite) TestShouldFailValidateConfig() { func (s *CLISuite) TestShouldFailValidateConfig() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "validate-config", "--config=/config/invalid.yml"}) output, err := s.Exec("authelia-backend", []string{"authelia", "validate-config", "--config=/config/invalid.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "failed to load configuration from file path(/config/invalid.yml) source: stat /config/invalid.yml: no such file or directory\n") s.Assert().Contains(output, "failed to load configuration from file path(/config/invalid.yml) source: stat /config/invalid.yml: no such file or directory\n")
} }
@ -99,37 +86,37 @@ func (s *CLISuite) TestShouldHashPasswordArgon2() {
err error err error
) )
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "argon2", "--password=apple123", "-m=32768"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "argon2", "--password=apple123", "-m=32768"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $argon2id$v=19$m=32768,t=3,p=4$") s.Assert().Contains(output, "Digest: $argon2id$v=19$m=32768,t=3,p=4$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "argon2", "--password=apple123", "-m", "32768", "-v=argon2i"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "argon2", "--password=apple123", "-m", "32768", "-v=argon2i"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $argon2i$v=19$m=32768,t=3,p=4$") s.Assert().Contains(output, "Digest: $argon2i$v=19$m=32768,t=3,p=4$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "argon2", "--password=apple123", "-m=32768", "-v=argon2d"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "argon2", "--password=apple123", "-m=32768", "-v=argon2d"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $argon2d$v=19$m=32768,t=3,p=4$") s.Assert().Contains(output, "Digest: $argon2d$v=19$m=32768,t=3,p=4$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "argon2", "--random", "-m=32"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "argon2", "--random", "-m=32"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Random Password: ") s.Assert().Contains(output, "Random Password: ")
s.Assert().Contains(output, "Digest: $argon2id$v=19$m=32,t=3,p=4$") s.Assert().Contains(output, "Digest: $argon2id$v=19$m=32,t=3,p=4$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "argon2", "--password=apple123", "-p=1"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "argon2", "--password=apple123", "-p=1"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $argon2id$v=19$m=65536,t=3,p=1$") s.Assert().Contains(output, "Digest: $argon2id$v=19$m=65536,t=3,p=1$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "argon2", "--password=apple123", "-i=1"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "argon2", "--password=apple123", "-i=1"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $argon2id$v=19$m=65536,t=1,p=4$") s.Assert().Contains(output, "Digest: $argon2id$v=19$m=65536,t=1,p=4$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "argon2", "--password=apple123", "-s=64"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "argon2", "--password=apple123", "-s=64"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $argon2id$v=19$m=65536,t=3,p=4$") s.Assert().Contains(output, "Digest: $argon2id$v=19$m=65536,t=3,p=4$")
s.Assert().GreaterOrEqual(len(output), 169) s.Assert().GreaterOrEqual(len(output), 169)
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "argon2", "--password=apple123", "-k=128"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "argon2", "--password=apple123", "-k=128"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $argon2id$v=19$m=65536,t=3,p=4$") s.Assert().Contains(output, "Digest: $argon2id$v=19$m=65536,t=3,p=4$")
s.Assert().GreaterOrEqual(len(output), 233) s.Assert().GreaterOrEqual(len(output), 233)
@ -141,33 +128,33 @@ func (s *CLISuite) TestShouldHashPasswordSHA2Crypt() {
err error err error
) )
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "sha2crypt", "--password=apple123", "-v=sha256"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "sha2crypt", "--password=apple123", "-v=sha256"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $5$rounds=50000$") s.Assert().Contains(output, "Digest: $5$rounds=50000$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "sha2crypt", "--password=apple123", "-v=sha512"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "sha2crypt", "--password=apple123", "-v=sha512"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $6$rounds=50000$") s.Assert().Contains(output, "Digest: $6$rounds=50000$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "sha2crypt", "--random", "-s=8"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "sha2crypt", "--random", "-s=8"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $6$rounds=50000$") s.Assert().Contains(output, "Digest: $6$rounds=50000$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "sha2crypt", "--password=apple123", "-i=10000"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "sha2crypt", "--password=apple123", "-i=10000"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $6$rounds=10000$") s.Assert().Contains(output, "Digest: $6$rounds=10000$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "sha2crypt", "--password=apple123", "-s=20"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "sha2crypt", "--password=apple123", "-s=20"})
s.Assert().NotNil(err) s.Assert().NotNil(err)
s.Assert().Contains(output, "Error: errors occurred validating the password configuration: authentication_backend: file: password: sha2crypt: option 'salt_length' is configured as '20' but must be less than or equal to '16'") s.Assert().Contains(output, "Error: errors occurred validating the password configuration: authentication_backend: file: password: sha2crypt: option 'salt_length' is configured as '20' but must be less than or equal to '16'")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "sha2crypt", "--password=apple123", "-i=20"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "sha2crypt", "--password=apple123", "-i=20"})
s.Assert().NotNil(err) s.Assert().NotNil(err)
s.Assert().Contains(output, "Error: errors occurred validating the password configuration: authentication_backend: file: password: sha2crypt: option 'iterations' is configured as '20' but must be greater than or equal to '1000'") s.Assert().Contains(output, "Error: errors occurred validating the password configuration: authentication_backend: file: password: sha2crypt: option 'iterations' is configured as '20' but must be greater than or equal to '1000'")
} }
func (s *CLISuite) TestShouldHashPasswordSHA2CryptSHA512() { func (s *CLISuite) TestShouldHashPasswordSHA2CryptSHA512() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "sha2crypt", "--password=apple123", "-v=sha512"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "sha2crypt", "--password=apple123", "-v=sha512"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $6$rounds=50000$") s.Assert().Contains(output, "Digest: $6$rounds=50000$")
} }
@ -178,28 +165,28 @@ func (s *CLISuite) TestShouldHashPasswordPBKDF2() {
err error err error
) )
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "pbkdf2", "--password=apple123", "-v=sha1"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "pbkdf2", "--password=apple123", "-v=sha1"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $pbkdf2$310000$") s.Assert().Contains(output, "Digest: $pbkdf2$310000$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "pbkdf2", "--random", "-v=sha256", "-i=100000"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "pbkdf2", "--random", "-v=sha256", "-i=100000"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Random Password: ") s.Assert().Contains(output, "Random Password: ")
s.Assert().Contains(output, "Digest: $pbkdf2-sha256$100000$") s.Assert().Contains(output, "Digest: $pbkdf2-sha256$100000$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "pbkdf2", "--password=apple123", "-v=sha512", "-i=100000"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "pbkdf2", "--password=apple123", "-v=sha512", "-i=100000"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $pbkdf2-sha512$100000$") s.Assert().Contains(output, "Digest: $pbkdf2-sha512$100000$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "pbkdf2", "--password=apple123", "-v=sha224", "-i=100000"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "pbkdf2", "--password=apple123", "-v=sha224", "-i=100000"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $pbkdf2-sha224$100000$") s.Assert().Contains(output, "Digest: $pbkdf2-sha224$100000$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "pbkdf2", "--password=apple123", "-v=sha384", "-i=100000"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "pbkdf2", "--password=apple123", "-v=sha384", "-i=100000"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $pbkdf2-sha384$100000$") s.Assert().Contains(output, "Digest: $pbkdf2-sha384$100000$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "pbkdf2", "--password=apple123", "-s=32", "-i=100000"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "pbkdf2", "--password=apple123", "-s=32", "-i=100000"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $pbkdf2-sha512$100000$") s.Assert().Contains(output, "Digest: $pbkdf2-sha512$100000$")
} }
@ -210,20 +197,20 @@ func (s *CLISuite) TestShouldHashPasswordBCrypt() {
err error err error
) )
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "bcrypt", "--password=apple123"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "bcrypt", "--password=apple123"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $2b$12$") s.Assert().Contains(output, "Digest: $2b$12$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "bcrypt", "--random", "-i=10"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "bcrypt", "--random", "-i=10"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Random Password: ") s.Assert().Contains(output, "Random Password: ")
s.Assert().Contains(output, "Digest: $2b$10$") s.Assert().Contains(output, "Digest: $2b$10$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "bcrypt", "--password=apple123", "-v=sha256"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "bcrypt", "--password=apple123", "-v=sha256"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $bcrypt-sha256$v=2,t=2b,r=12$") s.Assert().Contains(output, "Digest: $bcrypt-sha256$v=2,t=2b,r=12$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "bcrypt", "--random", "-v=sha256", "-i=10"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "bcrypt", "--random", "-v=sha256", "-i=10"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Random Password: ") s.Assert().Contains(output, "Random Password: ")
s.Assert().Contains(output, "Digest: $bcrypt-sha256$v=2,t=2b,r=10$") s.Assert().Contains(output, "Digest: $bcrypt-sha256$v=2,t=2b,r=10$")
@ -235,30 +222,30 @@ func (s *CLISuite) TestShouldHashPasswordSCrypt() {
err error err error
) )
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "scrypt", "--password=apple123"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "scrypt", "--password=apple123"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $scrypt$ln=16,r=8,p=1$") s.Assert().Contains(output, "Digest: $scrypt$ln=16,r=8,p=1$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "scrypt", "--random"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "scrypt", "--random"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Random Password: ") s.Assert().Contains(output, "Random Password: ")
s.Assert().Contains(output, "Digest: $scrypt$ln=16,r=8,p=1$") s.Assert().Contains(output, "Digest: $scrypt$ln=16,r=8,p=1$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "scrypt", "--password=apple123", "-i=1"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "scrypt", "--password=apple123", "-i=1"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $scrypt$ln=1,r=8,p=1$") s.Assert().Contains(output, "Digest: $scrypt$ln=1,r=8,p=1$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "scrypt", "--password=apple123", "-i=1", "-p=2"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "scrypt", "--password=apple123", "-i=1", "-p=2"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $scrypt$ln=1,r=8,p=2$") s.Assert().Contains(output, "Digest: $scrypt$ln=1,r=8,p=2$")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "hash", "generate", "scrypt", "--password=apple123", "-i=1", "-r=2"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "hash", "generate", "scrypt", "--password=apple123", "-i=1", "-r=2"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Digest: $scrypt$ln=1,r=2,p=1$") s.Assert().Contains(output, "Digest: $scrypt$ln=1,r=2,p=1$")
} }
func (s *CLISuite) TestShouldGenerateRSACertificateRequest() { func (s *CLISuite) TestShouldGenerateRSACertificateRequest() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "rsa", "request", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "rsa", "request", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating Certificate Request") s.Assert().Contains(output, "Generating Certificate Request")
@ -273,7 +260,7 @@ func (s *CLISuite) TestShouldGenerateRSACertificateRequest() {
} }
func (s *CLISuite) TestShouldGenerateECDSACurveP224CertificateRequest() { func (s *CLISuite) TestShouldGenerateECDSACurveP224CertificateRequest() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "ecdsa", "request", "--curve=P224", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "ecdsa", "request", "--curve=P224", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating Certificate Request") s.Assert().Contains(output, "Generating Certificate Request")
@ -288,7 +275,7 @@ func (s *CLISuite) TestShouldGenerateECDSACurveP224CertificateRequest() {
} }
func (s *CLISuite) TestShouldGenerateECDSACurveP256CertificateRequest() { func (s *CLISuite) TestShouldGenerateECDSACurveP256CertificateRequest() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "ecdsa", "request", "--curve=P256", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "ecdsa", "request", "--curve=P256", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating Certificate Request") s.Assert().Contains(output, "Generating Certificate Request")
@ -303,7 +290,7 @@ func (s *CLISuite) TestShouldGenerateECDSACurveP256CertificateRequest() {
} }
func (s *CLISuite) TestShouldGenerateECDSACurveP384CertificateRequest() { func (s *CLISuite) TestShouldGenerateECDSACurveP384CertificateRequest() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "ecdsa", "request", "--curve=P384", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "ecdsa", "request", "--curve=P384", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating Certificate Request") s.Assert().Contains(output, "Generating Certificate Request")
@ -318,7 +305,7 @@ func (s *CLISuite) TestShouldGenerateECDSACurveP384CertificateRequest() {
} }
func (s *CLISuite) TestShouldGenerateECDSACurveP521CertificateRequest() { func (s *CLISuite) TestShouldGenerateECDSACurveP521CertificateRequest() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "ecdsa", "request", "--curve=P521", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "ecdsa", "request", "--curve=P521", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating Certificate Request") s.Assert().Contains(output, "Generating Certificate Request")
@ -333,7 +320,7 @@ func (s *CLISuite) TestShouldGenerateECDSACurveP521CertificateRequest() {
} }
func (s *CLISuite) TestShouldGenerateEd25519CertificateRequest() { func (s *CLISuite) TestShouldGenerateEd25519CertificateRequest() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "ed25519", "request", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "ed25519", "request", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating Certificate Request") s.Assert().Contains(output, "Generating Certificate Request")
@ -348,7 +335,7 @@ func (s *CLISuite) TestShouldGenerateEd25519CertificateRequest() {
} }
func (s *CLISuite) TestShouldGenerateCertificateRSA() { func (s *CLISuite) TestShouldGenerateCertificateRSA() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "rsa", "generate", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "rsa", "generate", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating Certificate") s.Assert().Contains(output, "Generating Certificate")
s.Assert().Contains(output, "\tSerial: ") s.Assert().Contains(output, "\tSerial: ")
@ -365,7 +352,7 @@ func (s *CLISuite) TestShouldGenerateCertificateRSA() {
} }
func (s *CLISuite) TestShouldGenerateCertificateRSAWithIPAddress() { func (s *CLISuite) TestShouldGenerateCertificateRSAWithIPAddress() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "rsa", "generate", "--common-name=example.com", "--sans", "*.example.com,127.0.0.1", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "rsa", "generate", "--common-name=example.com", "--sans", "*.example.com,127.0.0.1", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating Certificate") s.Assert().Contains(output, "Generating Certificate")
s.Assert().Contains(output, "\tSerial: ") s.Assert().Contains(output, "\tSerial: ")
@ -382,7 +369,7 @@ func (s *CLISuite) TestShouldGenerateCertificateRSAWithIPAddress() {
} }
func (s *CLISuite) TestShouldGenerateCertificateRSAWithNotBefore() { func (s *CLISuite) TestShouldGenerateCertificateRSAWithNotBefore() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "rsa", "generate", "--common-name=example.com", "--sans='*.example.com'", "--not-before", "'Jan 1 15:04:05 2011'", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "rsa", "generate", "--common-name=example.com", "--sans='*.example.com'", "--not-before", "'Jan 1 15:04:05 2011'", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating Certificate") s.Assert().Contains(output, "Generating Certificate")
s.Assert().Contains(output, "\tSerial: ") s.Assert().Contains(output, "\tSerial: ")
@ -400,13 +387,13 @@ func (s *CLISuite) TestShouldGenerateCertificateRSAWithNotBefore() {
} }
func (s *CLISuite) TestShouldFailGenerateCertificateRSAWithInvalidNotBefore() { func (s *CLISuite) TestShouldFailGenerateCertificateRSAWithInvalidNotBefore() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "rsa", "generate", "--common-name=example.com", "--sans='*.example.com'", "--not-before", "Jan", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "rsa", "generate", "--common-name=example.com", "--sans='*.example.com'", "--not-before", "Jan", "--directory=/tmp/"})
s.Assert().NotNil(err) s.Assert().NotNil(err)
s.Assert().Contains(output, "Error: failed to parse not before: failed to find a suitable time layout for time 'Jan'") s.Assert().Contains(output, "Error: failed to parse not before: failed to find a suitable time layout for time 'Jan'")
} }
func (s *CLISuite) TestShouldGenerateCertificateRSAWith4096Bits() { func (s *CLISuite) TestShouldGenerateCertificateRSAWith4096Bits() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "rsa", "generate", "--bits=4096", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "rsa", "generate", "--bits=4096", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating Certificate") s.Assert().Contains(output, "Generating Certificate")
s.Assert().Contains(output, "\tSerial: ") s.Assert().Contains(output, "\tSerial: ")
@ -423,7 +410,7 @@ func (s *CLISuite) TestShouldGenerateCertificateRSAWith4096Bits() {
} }
func (s *CLISuite) TestShouldGenerateCertificateWithCustomizedSubject() { func (s *CLISuite) TestShouldGenerateCertificateWithCustomizedSubject() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "rsa", "generate", "--common-name=example.com", "--sans='*.example.com'", "--country=Australia", "--organization='Acme Co.'", "--organizational-unit=Tech", "--province=QLD", "--street-address='123 Smith St'", "--postcode=4000", "--locality=Internet", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "rsa", "generate", "--common-name=example.com", "--sans='*.example.com'", "--country=Australia", "--organization='Acme Co.'", "--organizational-unit=Tech", "--province=QLD", "--street-address='123 Smith St'", "--postcode=4000", "--locality=Internet", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating Certificate") s.Assert().Contains(output, "Generating Certificate")
s.Assert().Contains(output, "\tSerial: ") s.Assert().Contains(output, "\tSerial: ")
@ -440,7 +427,7 @@ func (s *CLISuite) TestShouldGenerateCertificateWithCustomizedSubject() {
} }
func (s *CLISuite) TestShouldGenerateCertificateCA() { func (s *CLISuite) TestShouldGenerateCertificateCA() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "rsa", "generate", "--common-name='Authelia Standalone Root Certificate Authority'", "--ca", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "rsa", "generate", "--common-name='Authelia Standalone Root Certificate Authority'", "--ca", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating Certificate") s.Assert().Contains(output, "Generating Certificate")
s.Assert().Contains(output, "\tSerial: ") s.Assert().Contains(output, "\tSerial: ")
@ -457,7 +444,7 @@ func (s *CLISuite) TestShouldGenerateCertificateCA() {
} }
func (s *CLISuite) TestShouldGenerateCertificateCAAndSignCertificate() { func (s *CLISuite) TestShouldGenerateCertificateCAAndSignCertificate() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "rsa", "generate", "--common-name='Authelia Standalone Root Certificate Authority'", "--ca", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "rsa", "generate", "--common-name='Authelia Standalone Root Certificate Authority'", "--ca", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating Certificate") s.Assert().Contains(output, "Generating Certificate")
s.Assert().Contains(output, "\tSerial: ") s.Assert().Contains(output, "\tSerial: ")
@ -472,7 +459,7 @@ func (s *CLISuite) TestShouldGenerateCertificateCAAndSignCertificate() {
s.Assert().Contains(output, "\tPrivate Key: /tmp/ca.private.pem") s.Assert().Contains(output, "\tPrivate Key: /tmp/ca.private.pem")
s.Assert().Contains(output, "\tCertificate: /tmp/ca.public.crt") s.Assert().Contains(output, "\tCertificate: /tmp/ca.public.crt")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "rsa", "generate", "--common-name=example.com", "--sans='*.example.com'", "--path.ca", "/tmp/", "--directory=/tmp/"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "rsa", "generate", "--common-name=example.com", "--sans='*.example.com'", "--path.ca", "/tmp/", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating Certificate") s.Assert().Contains(output, "Generating Certificate")
s.Assert().Contains(output, "\tSerial: ") s.Assert().Contains(output, "\tSerial: ")
@ -536,7 +523,7 @@ func (s *CLISuite) TestShouldGenerateCertificateCAAndSignCertificate() {
} }
func (s *CLISuite) TestShouldGenerateCertificateEd25519() { func (s *CLISuite) TestShouldGenerateCertificateEd25519() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "ed25519", "generate", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "ed25519", "generate", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating Certificate") s.Assert().Contains(output, "Generating Certificate")
s.Assert().Contains(output, "\tSerial: ") s.Assert().Contains(output, "\tSerial: ")
@ -553,19 +540,19 @@ func (s *CLISuite) TestShouldGenerateCertificateEd25519() {
} }
func (s *CLISuite) TestShouldFailGenerateCertificateParseNotBefore() { func (s *CLISuite) TestShouldFailGenerateCertificateParseNotBefore() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "ecdsa", "generate", "--not-before=invalid", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "ecdsa", "generate", "--not-before=invalid", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"})
s.Assert().NotNil(err) s.Assert().NotNil(err)
s.Assert().Contains(output, "Error: failed to parse not before: failed to find a suitable time layout for time 'invalid'") s.Assert().Contains(output, "Error: failed to parse not before: failed to find a suitable time layout for time 'invalid'")
} }
func (s *CLISuite) TestShouldFailGenerateCertificateECDSA() { func (s *CLISuite) TestShouldFailGenerateCertificateECDSA() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "ecdsa", "generate", "--curve=invalid", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "ecdsa", "generate", "--curve=invalid", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"})
s.Assert().NotNil(err) s.Assert().NotNil(err)
s.Assert().Contains(output, "Error: invalid curve 'invalid' was specified: curve must be P224, P256, P384, or P521") s.Assert().Contains(output, "Error: invalid curve 'invalid' was specified: curve must be P224, P256, P384, or P521")
} }
func (s *CLISuite) TestShouldGenerateCertificateECDSACurveP224() { func (s *CLISuite) TestShouldGenerateCertificateECDSACurveP224() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "ecdsa", "generate", "--curve=P224", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "ecdsa", "generate", "--curve=P224", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating Certificate") s.Assert().Contains(output, "Generating Certificate")
s.Assert().Contains(output, "\tSerial: ") s.Assert().Contains(output, "\tSerial: ")
@ -582,7 +569,7 @@ func (s *CLISuite) TestShouldGenerateCertificateECDSACurveP224() {
} }
func (s *CLISuite) TestShouldGenerateCertificateECDSACurveP256() { func (s *CLISuite) TestShouldGenerateCertificateECDSACurveP256() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "ecdsa", "generate", "--curve=P256", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "ecdsa", "generate", "--curve=P256", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating Certificate") s.Assert().Contains(output, "Generating Certificate")
s.Assert().Contains(output, "\tSerial: ") s.Assert().Contains(output, "\tSerial: ")
@ -599,7 +586,7 @@ func (s *CLISuite) TestShouldGenerateCertificateECDSACurveP256() {
} }
func (s *CLISuite) TestShouldGenerateCertificateECDSACurveP384() { func (s *CLISuite) TestShouldGenerateCertificateECDSACurveP384() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "ecdsa", "generate", "--curve=P384", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "ecdsa", "generate", "--curve=P384", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating Certificate") s.Assert().Contains(output, "Generating Certificate")
s.Assert().Contains(output, "\tSerial: ") s.Assert().Contains(output, "\tSerial: ")
@ -616,7 +603,7 @@ func (s *CLISuite) TestShouldGenerateCertificateECDSACurveP384() {
} }
func (s *CLISuite) TestShouldGenerateCertificateECDSACurveP521() { func (s *CLISuite) TestShouldGenerateCertificateECDSACurveP521() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "ecdsa", "generate", "--curve=P521", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "ecdsa", "generate", "--curve=P521", "--common-name=example.com", "--sans='*.example.com'", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating Certificate") s.Assert().Contains(output, "Generating Certificate")
s.Assert().Contains(output, "\tSerial: ") s.Assert().Contains(output, "\tSerial: ")
@ -633,7 +620,7 @@ func (s *CLISuite) TestShouldGenerateCertificateECDSACurveP521() {
} }
func (s *CLISuite) TestShouldGenerateRSAKeyPair() { func (s *CLISuite) TestShouldGenerateRSAKeyPair() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "pair", "rsa", "generate", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "pair", "rsa", "generate", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating key pair") s.Assert().Contains(output, "Generating key pair")
@ -645,7 +632,7 @@ func (s *CLISuite) TestShouldGenerateRSAKeyPair() {
} }
func (s *CLISuite) TestShouldGenerateRSAKeyPairWith4069Bits() { func (s *CLISuite) TestShouldGenerateRSAKeyPairWith4069Bits() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "pair", "rsa", "generate", "--bits=4096", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "pair", "rsa", "generate", "--bits=4096", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating key pair") s.Assert().Contains(output, "Generating key pair")
@ -657,7 +644,7 @@ func (s *CLISuite) TestShouldGenerateRSAKeyPairWith4069Bits() {
} }
func (s *CLISuite) TestShouldGenerateECDSAKeyPair() { func (s *CLISuite) TestShouldGenerateECDSAKeyPair() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "pair", "ecdsa", "generate", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "pair", "ecdsa", "generate", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating key pair") s.Assert().Contains(output, "Generating key pair")
@ -669,7 +656,7 @@ func (s *CLISuite) TestShouldGenerateECDSAKeyPair() {
} }
func (s *CLISuite) TestShouldGenerateECDSAKeyPairCurveP224() { func (s *CLISuite) TestShouldGenerateECDSAKeyPairCurveP224() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "pair", "ecdsa", "generate", "--curve=P224", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "pair", "ecdsa", "generate", "--curve=P224", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating key pair") s.Assert().Contains(output, "Generating key pair")
@ -681,7 +668,7 @@ func (s *CLISuite) TestShouldGenerateECDSAKeyPairCurveP224() {
} }
func (s *CLISuite) TestShouldGenerateECDSAKeyPairCurveP256() { func (s *CLISuite) TestShouldGenerateECDSAKeyPairCurveP256() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "pair", "ecdsa", "generate", "--curve=P256", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "pair", "ecdsa", "generate", "--curve=P256", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating key pair") s.Assert().Contains(output, "Generating key pair")
@ -693,7 +680,7 @@ func (s *CLISuite) TestShouldGenerateECDSAKeyPairCurveP256() {
} }
func (s *CLISuite) TestShouldGenerateECDSAKeyPairCurveP384() { func (s *CLISuite) TestShouldGenerateECDSAKeyPairCurveP384() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "pair", "ecdsa", "generate", "--curve=P384", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "pair", "ecdsa", "generate", "--curve=P384", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating key pair") s.Assert().Contains(output, "Generating key pair")
@ -705,7 +692,7 @@ func (s *CLISuite) TestShouldGenerateECDSAKeyPairCurveP384() {
} }
func (s *CLISuite) TestShouldGenerateECDSAKeyPairCurveP521() { func (s *CLISuite) TestShouldGenerateECDSAKeyPairCurveP521() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "pair", "ecdsa", "generate", "--curve=P521", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "pair", "ecdsa", "generate", "--curve=P521", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating key pair") s.Assert().Contains(output, "Generating key pair")
@ -717,7 +704,7 @@ func (s *CLISuite) TestShouldGenerateECDSAKeyPairCurveP521() {
} }
func (s *CLISuite) TestShouldGenerateEd25519KeyPair() { func (s *CLISuite) TestShouldGenerateEd25519KeyPair() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "pair", "ed25519", "generate", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "pair", "ed25519", "generate", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Generating key pair") s.Assert().Contains(output, "Generating key pair")
@ -729,13 +716,13 @@ func (s *CLISuite) TestShouldGenerateEd25519KeyPair() {
} }
func (s *CLISuite) TestShouldNotGenerateECDSAKeyPairCurveInvalid() { func (s *CLISuite) TestShouldNotGenerateECDSAKeyPairCurveInvalid() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "pair", "ecdsa", "generate", "--curve=invalid", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "pair", "ecdsa", "generate", "--curve=invalid", "--directory=/tmp/"})
s.Assert().NotNil(err) s.Assert().NotNil(err)
s.Assert().Contains(output, "Error: invalid curve 'invalid' was specified: curve must be P224, P256, P384, or P521") s.Assert().Contains(output, "Error: invalid curve 'invalid' was specified: curve must be P224, P256, P384, or P521")
} }
func (s *CLISuite) TestShouldNotGenerateRSAWithBadCAPath() { func (s *CLISuite) TestShouldNotGenerateRSAWithBadCAPath() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "rsa", "generate", "--path.ca=/tmp/invalid", "--directory=/tmp/"}) output, err := s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "rsa", "generate", "--path.ca=/tmp/invalid", "--directory=/tmp/"})
s.Assert().NotNil(err) s.Assert().NotNil(err)
s.Assert().Contains(output, "Error: could not read private key file '/tmp/invalid/ca.private.pem': open /tmp/invalid/ca.private.pem: no such file or directory\n") s.Assert().Contains(output, "Error: could not read private key file '/tmp/invalid/ca.private.pem': open /tmp/invalid/ca.private.pem: no such file or directory\n")
} }
@ -746,14 +733,14 @@ func (s *CLISuite) TestShouldNotGenerateRSAWithBadCAFileNames() {
output string output string
) )
_, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "rsa", "generate", "--common-name='Authelia Standalone Root Certificate Authority'", "--ca", "--directory=/tmp/"}) _, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "rsa", "generate", "--common-name='Authelia Standalone Root Certificate Authority'", "--ca", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "rsa", "generate", "--path.ca=/tmp/", "--file.ca-private-key=invalid.pem", "--directory=/tmp/"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "rsa", "generate", "--path.ca=/tmp/", "--file.ca-private-key=invalid.pem", "--directory=/tmp/"})
s.Assert().NotNil(err) s.Assert().NotNil(err)
s.Assert().Contains(output, "Error: could not read private key file '/tmp/invalid.pem': open /tmp/invalid.pem: no such file or directory\n") s.Assert().Contains(output, "Error: could not read private key file '/tmp/invalid.pem': open /tmp/invalid.pem: no such file or directory\n")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "rsa", "generate", "--path.ca=/tmp/", "--file.ca-certificate=invalid.crt", "--directory=/tmp/"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "rsa", "generate", "--path.ca=/tmp/", "--file.ca-certificate=invalid.crt", "--directory=/tmp/"})
s.Assert().NotNil(err) s.Assert().NotNil(err)
s.Assert().Contains(output, "Error: could not read certificate file '/tmp/invalid.crt': open /tmp/invalid.crt: no such file or directory\n") s.Assert().Contains(output, "Error: could not read certificate file '/tmp/invalid.crt': open /tmp/invalid.crt: no such file or directory\n")
} }
@ -764,17 +751,17 @@ func (s *CLISuite) TestShouldNotGenerateRSAWithBadCAFileContent() {
output string output string
) )
_, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "rsa", "generate", "--common-name='Authelia Standalone Root Certificate Authority'", "--ca", "--directory=/tmp/"}) _, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "rsa", "generate", "--common-name='Authelia Standalone Root Certificate Authority'", "--ca", "--directory=/tmp/"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Require().NoError(os.WriteFile("/tmp/ca.private.bad.pem", []byte("INVALID"), 0600)) //nolint:gosec s.Require().NoError(os.WriteFile("/tmp/ca.private.bad.pem", []byte("INVALID"), 0600)) //nolint:gosec
s.Require().NoError(os.WriteFile("/tmp/ca.public.bad.crt", []byte("INVALID"), 0600)) //nolint:gosec s.Require().NoError(os.WriteFile("/tmp/ca.public.bad.crt", []byte("INVALID"), 0600)) //nolint:gosec
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "rsa", "generate", "--path.ca=/tmp/", "--file.ca-private-key=ca.private.bad.pem", "--directory=/tmp/"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "rsa", "generate", "--path.ca=/tmp/", "--file.ca-private-key=ca.private.bad.pem", "--directory=/tmp/"})
s.Assert().NotNil(err) s.Assert().NotNil(err)
s.Assert().Contains(output, "Error: could not parse private key from file '/tmp/ca.private.bad.pem': failed to parse PEM block containing the key\n") s.Assert().Contains(output, "Error: could not parse private key from file '/tmp/ca.private.bad.pem': failed to parse PEM block containing the key\n")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "crypto", "certificate", "rsa", "generate", "--path.ca=/tmp/", "--file.ca-certificate=ca.public.bad.crt", "--directory=/tmp/"}) output, err = s.Exec("authelia-backend", []string{"authelia", "crypto", "certificate", "rsa", "generate", "--path.ca=/tmp/", "--file.ca-certificate=ca.public.bad.crt", "--directory=/tmp/"})
s.Assert().NotNil(err) s.Assert().NotNil(err)
s.Assert().Contains(output, "Error: could not parse certificate from file '/tmp/ca.public.bad.crt': failed to parse PEM block containing the key\n") s.Assert().Contains(output, "Error: could not parse certificate from file '/tmp/ca.public.bad.crt': failed to parse PEM block containing the key\n")
} }
@ -782,7 +769,7 @@ func (s *CLISuite) TestShouldNotGenerateRSAWithBadCAFileContent() {
func (s *CLISuite) TestStorage00ShouldShowCorrectPreInitInformation() { func (s *CLISuite) TestStorage00ShouldShowCorrectPreInitInformation() {
_ = os.Remove("/tmp/db.sqlite3") _ = os.Remove("/tmp/db.sqlite3")
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "schema-info", "--config=/config/configuration.storage.yml"}) output, err := s.Exec("authelia-backend", []string{"authelia", "storage", "schema-info", "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
pattern := regexp.MustCompile(`^Schema Version: N/A\nSchema Upgrade Available: yes - version \d+\nSchema Tables: N/A\nSchema Encryption Key: unsupported \(schema version\)`) pattern := regexp.MustCompile(`^Schema Version: N/A\nSchema Upgrade Available: yes - version \d+\nSchema Tables: N/A\nSchema Encryption Key: unsupported \(schema version\)`)
@ -790,45 +777,45 @@ func (s *CLISuite) TestStorage00ShouldShowCorrectPreInitInformation() {
s.Assert().Regexp(pattern, output) s.Assert().Regexp(pattern, output)
patternOutdated := regexp.MustCompile(`Error: command requires the use of a up to date schema version: storage schema outdated: version \d+ is outdated please migrate to version \d+ in order to use this command or use an older binary`) patternOutdated := regexp.MustCompile(`Error: command requires the use of a up to date schema version: storage schema outdated: version \d+ is outdated please migrate to version \d+ in order to use this command or use an older binary`)
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "totp", "export", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "user", "totp", "export", "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1") s.Assert().EqualError(err, "exit status 1")
s.Assert().Regexp(patternOutdated, output) s.Assert().Regexp(patternOutdated, output)
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "encryption", "change-key", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "encryption", "change-key", "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1") s.Assert().EqualError(err, "exit status 1")
s.Assert().Regexp(patternOutdated, output) s.Assert().Regexp(patternOutdated, output)
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "encryption", "check", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "encryption", "check", "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1") s.Assert().EqualError(err, "exit status 1")
s.Assert().Regexp(regexp.MustCompile(`^Error: command requires the use of a up to date schema version: storage schema outdated: version 0 is outdated please migrate to version \d+ in order to use this command or use an older binary\n`), output) s.Assert().Regexp(regexp.MustCompile(`^Error: command requires the use of a up to date schema version: storage schema outdated: version 0 is outdated please migrate to version \d+ in order to use this command or use an older binary\n`), output)
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "migrate", "down", "--target=0", "--destroy-data", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "migrate", "down", "--target=0", "--destroy-data", "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1") s.Assert().EqualError(err, "exit status 1")
s.Assert().Contains(output, "Error: schema migration target version 0 is the same current version 0") s.Assert().Contains(output, "Error: schema migration target version 0 is the same current version 0")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "migrate", "up", "--target=2147483640", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "migrate", "up", "--target=2147483640", "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1") s.Assert().EqualError(err, "exit status 1")
s.Assert().Contains(output, "Error: schema up migration target version 2147483640 is greater then the latest version ") s.Assert().Contains(output, "Error: schema up migration target version 2147483640 is greater then the latest version ")
s.Assert().Contains(output, " which indicates it doesn't exist") s.Assert().Contains(output, " which indicates it doesn't exist")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "migrate", "history", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "migrate", "history", "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "No migration history is available for schemas that not version 1 or above.\n") s.Assert().Contains(output, "No migration history is available for schemas that not version 1 or above.\n")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "migrate", "list-up", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "migrate", "list-up", "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Storage Schema Migration List (Up)\n\nVersion\t\tDescription\n1\t\tInitial Schema\n") s.Assert().Contains(output, "Storage Schema Migration List (Up)\n\nVersion\t\tDescription\n1\t\tInitial Schema\n")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "migrate", "list-down", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "migrate", "list-down", "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Storage Schema Migration List (Down)\n\nNo Migrations Available\n") s.Assert().Contains(output, "Storage Schema Migration List (Down)\n\nNo Migrations Available\n")
} }
func (s *CLISuite) TestStorage01ShouldMigrateUp() { func (s *CLISuite) TestStorage01ShouldMigrateUp() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "migrate", "up", "--config=/config/configuration.storage.yml"}) output, err := s.Exec("authelia-backend", []string{"authelia", "storage", "migrate", "up", "--config=/config/configuration.storage.yml"})
s.Require().NoError(err) s.Require().NoError(err)
pattern0 := regexp.MustCompile(`"Storage schema migration from \d+ to \d+ is being attempted"`) pattern0 := regexp.MustCompile(`"Storage schema migration from \d+ to \d+ is being attempted"`)
@ -837,23 +824,23 @@ func (s *CLISuite) TestStorage01ShouldMigrateUp() {
s.Regexp(pattern0, output) s.Regexp(pattern0, output)
s.Regexp(pattern1, output) s.Regexp(pattern1, output)
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "migrate", "up", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "migrate", "up", "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1") s.Assert().EqualError(err, "exit status 1")
s.Assert().Contains(output, "Error: schema already up to date\n") s.Assert().Contains(output, "Error: schema already up to date\n")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "migrate", "history", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "migrate", "history", "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Migration History:\n\nID\tDate\t\t\t\tBefore\tAfter\tAuthelia Version\n") s.Assert().Contains(output, "Migration History:\n\nID\tDate\t\t\t\tBefore\tAfter\tAuthelia Version\n")
s.Assert().Contains(output, "0\t1") s.Assert().Contains(output, "0\t1")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "migrate", "list-up", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "migrate", "list-up", "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Storage Schema Migration List (Up)\n\nNo Migrations Available") s.Assert().Contains(output, "Storage Schema Migration List (Up)\n\nNo Migrations Available")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "migrate", "list-down", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "migrate", "list-down", "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Storage Schema Migration List (Down)\n\nVersion\t\tDescription\n") s.Assert().Contains(output, "Storage Schema Migration List (Down)\n\nVersion\t\tDescription\n")
@ -861,7 +848,7 @@ func (s *CLISuite) TestStorage01ShouldMigrateUp() {
} }
func (s *CLISuite) TestStorage02ShouldShowSchemaInfo() { func (s *CLISuite) TestStorage02ShouldShowSchemaInfo() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "schema-info", "--config=/config/configuration.storage.yml"}) output, err := s.Exec("authelia-backend", []string{"authelia", "storage", "schema-info", "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Schema Version: ") s.Assert().Contains(output, "Schema Version: ")
@ -944,7 +931,7 @@ func (s *CLISuite) TestStorage03ShouldExportTOTP() {
for _, testCase := range testCases { for _, testCase := range testCases {
if testCase.png { if testCase.png {
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "totp", "generate", testCase.config.Username, "--period", strconv.Itoa(int(testCase.config.Period)), "--algorithm", testCase.config.Algorithm, "--digits", strconv.Itoa(int(testCase.config.Digits)), "--path", qr, "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "user", "totp", "generate", testCase.config.Username, "--period", strconv.Itoa(int(testCase.config.Period)), "--algorithm", testCase.config.Algorithm, "--digits", strconv.Itoa(int(testCase.config.Digits)), "--path", qr, "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, fmt.Sprintf(" and saved it as a PNG image at the path '%s'", qr)) s.Assert().Contains(output, fmt.Sprintf(" and saved it as a PNG image at the path '%s'", qr))
@ -954,7 +941,7 @@ func (s *CLISuite) TestStorage03ShouldExportTOTP() {
s.Assert().False(fileInfo.IsDir()) s.Assert().False(fileInfo.IsDir())
s.Assert().Greater(fileInfo.Size(), int64(1000)) s.Assert().Greater(fileInfo.Size(), int64(1000))
} else { } else {
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "totp", "generate", testCase.config.Username, "--period", strconv.Itoa(int(testCase.config.Period)), "--algorithm", testCase.config.Algorithm, "--digits", strconv.Itoa(int(testCase.config.Digits)), "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "user", "totp", "generate", testCase.config.Username, "--period", strconv.Itoa(int(testCase.config.Period)), "--algorithm", testCase.config.Algorithm, "--digits", strconv.Itoa(int(testCase.config.Digits)), "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
} }
@ -968,11 +955,11 @@ func (s *CLISuite) TestStorage03ShouldExportTOTP() {
} }
yml := filepath.Join(dir, "authelia.export.totp.yaml") yml := filepath.Join(dir, "authelia.export.totp.yaml")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "totp", "export", "--file", yml, "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "user", "totp", "export", "--file", yml, "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, fmt.Sprintf("Successfully exported %d TOTP configurations as YAML to the '%s' file\n", len(expectedLines), yml)) s.Assert().Contains(output, fmt.Sprintf("Successfully exported %d TOTP configurations as YAML to the '%s' file\n", len(expectedLines), yml))
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "totp", "export", "uri", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "user", "totp", "export", "uri", "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
for _, expectedLine := range expectedLines { for _, expectedLine := range expectedLines {
@ -980,7 +967,7 @@ func (s *CLISuite) TestStorage03ShouldExportTOTP() {
} }
csv := filepath.Join(dir, "authelia.export.totp.csv") csv := filepath.Join(dir, "authelia.export.totp.csv")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "totp", "export", "csv", "--file", csv, "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "user", "totp", "export", "csv", "--file", csv, "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, fmt.Sprintf("Successfully exported %d TOTP configurations as CSV to the '%s' file\n", len(expectedLines), csv)) s.Assert().Contains(output, fmt.Sprintf("Successfully exported %d TOTP configurations as CSV to the '%s' file\n", len(expectedLines), csv))
@ -996,7 +983,7 @@ func (s *CLISuite) TestStorage03ShouldExportTOTP() {
pngs := filepath.Join(dir, "png-qr-codes") pngs := filepath.Join(dir, "png-qr-codes")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "totp", "export", "png", "--directory", pngs, "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "user", "totp", "export", "png", "--directory", pngs, "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, fmt.Sprintf("Successfully exported %d TOTP configuration as QR codes in PNG format to the '%s' directory\n", len(expectedLines), pngs)) s.Assert().Contains(output, fmt.Sprintf("Successfully exported %d TOTP configuration as QR codes in PNG format to the '%s' directory\n", len(expectedLines), pngs))
@ -1010,7 +997,7 @@ func (s *CLISuite) TestStorage03ShouldExportTOTP() {
s.Assert().Greater(fileInfo.Size(), int64(1000)) s.Assert().Greater(fileInfo.Size(), int64(1000))
} }
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "totp", "generate", "test", "--period=30", "--algorithm=SHA1", "--digits=6", "--path", qr, "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "user", "totp", "generate", "test", "--period=30", "--algorithm=SHA1", "--digits=6", "--path", qr, "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1") s.Assert().EqualError(err, "exit status 1")
s.Assert().Contains(output, "Error: image output filepath already exists") s.Assert().Contains(output, "Error: image output filepath already exists")
} }
@ -1018,56 +1005,56 @@ func (s *CLISuite) TestStorage03ShouldExportTOTP() {
func (s *CLISuite) TestStorage04ShouldManageUniqueID() { func (s *CLISuite) TestStorage04ShouldManageUniqueID() {
dir := s.T().TempDir() dir := s.T().TempDir()
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "export", "--file=out.yml", "--config=/config/configuration.storage.yml"}) output, err := s.Exec("authelia-backend", []string{"authelia", "storage", "user", "identifiers", "export", "--file=out.yml", "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1") s.Assert().EqualError(err, "exit status 1")
s.Assert().Contains(output, "Error: no data to export") s.Assert().Contains(output, "Error: no data to export")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "add", "john", "--service=webauthn", "--sector=''", "--identifier=1097c8f8-83f2-4506-8138-5f40e83a1285", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "user", "identifiers", "add", "john", "--service=webauthn", "--sector=''", "--identifier=1097c8f8-83f2-4506-8138-5f40e83a1285", "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1") s.Assert().EqualError(err, "exit status 1")
s.Assert().Contains(output, "Error: the service name 'webauthn' is invalid, the valid values are: 'openid'") s.Assert().Contains(output, "Error: the service name 'webauthn' is invalid, the valid values are: 'openid'")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "add", "john", "--service=openid", "--sector=''", "--identifier=1097c8f8-83f2-4506-8138-5f40e83a1285", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "user", "identifiers", "add", "john", "--service=openid", "--sector=''", "--identifier=1097c8f8-83f2-4506-8138-5f40e83a1285", "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Added User Opaque Identifier:\n\tService: openid\n\tSector: \n\tUsername: john\n\tIdentifier: 1097c8f8-83f2-4506-8138-5f40e83a1285\n\n") s.Assert().Contains(output, "Added User Opaque Identifier:\n\tService: openid\n\tSector: \n\tUsername: john\n\tIdentifier: 1097c8f8-83f2-4506-8138-5f40e83a1285\n\n")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "export", "--file=/a/no/path/fileout.yml", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "user", "identifiers", "export", "--file=/a/no/path/fileout.yml", "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1") s.Assert().EqualError(err, "exit status 1")
s.Assert().Contains(output, "Error: error occurred writing to file '/a/no/path/fileout.yml': open /a/no/path/fileout.yml: no such file or directory") s.Assert().Contains(output, "Error: error occurred writing to file '/a/no/path/fileout.yml': open /a/no/path/fileout.yml: no such file or directory")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "export", "--file=out.yml", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "user", "identifiers", "export", "--file=out.yml", "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1") s.Assert().EqualError(err, "exit status 1")
s.Assert().Contains(output, "Error: error occurred writing to file 'out.yml': open out.yml: permission denied") s.Assert().Contains(output, "Error: error occurred writing to file 'out.yml': open out.yml: permission denied")
out1 := filepath.Join(dir, "1.yml") out1 := filepath.Join(dir, "1.yml")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "export", "--file", out1, "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "user", "identifiers", "export", "--file", out1, "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, fmt.Sprintf("Successfully exported %d User Opaque Identifiers as YAML to the '%s' file\n", 1, out1)) s.Assert().Contains(output, fmt.Sprintf("Successfully exported %d User Opaque Identifiers as YAML to the '%s' file\n", 1, out1))
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "export", "--file", out1, "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "user", "identifiers", "export", "--file", out1, "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1") s.Assert().EqualError(err, "exit status 1")
s.Assert().Contains(output, fmt.Sprintf("Error: must specify a file that doesn't exist but '%s' exists", out1)) s.Assert().Contains(output, fmt.Sprintf("Error: must specify a file that doesn't exist but '%s' exists", out1))
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "add", "john", "--service=openid", "--sector=''", "--identifier=1097c8f8-83f2-4506-8138-5f40e83a1285", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "user", "identifiers", "add", "john", "--service=openid", "--sector=''", "--identifier=1097c8f8-83f2-4506-8138-5f40e83a1285", "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1") s.Assert().EqualError(err, "exit status 1")
s.Assert().Contains(output, "Error: error inserting user opaque id for user 'john' with opaque id '1097c8f8-83f2-4506-8138-5f40e83a1285':") s.Assert().Contains(output, "Error: error inserting user opaque id for user 'john' with opaque id '1097c8f8-83f2-4506-8138-5f40e83a1285':")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "add", "john", "--service=openid", "--sector=''", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "user", "identifiers", "add", "john", "--service=openid", "--sector=''", "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1") s.Assert().EqualError(err, "exit status 1")
s.Assert().Contains(output, "Error: error inserting user opaque id for user 'john' with opaque id") s.Assert().Contains(output, "Error: error inserting user opaque id for user 'john' with opaque id")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "add", "john", "--service=openid", "--sector='openidconnect.com'", "--identifier=1097c8f8-83f2-4506-8138-5f40e83a1285", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "user", "identifiers", "add", "john", "--service=openid", "--sector='openidconnect.com'", "--identifier=1097c8f8-83f2-4506-8138-5f40e83a1285", "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1") s.Assert().EqualError(err, "exit status 1")
s.Assert().Contains(output, "Error: error inserting user opaque id for user 'john' with opaque id '1097c8f8-83f2-4506-8138-5f40e83a1285':") s.Assert().Contains(output, "Error: error inserting user opaque id for user 'john' with opaque id '1097c8f8-83f2-4506-8138-5f40e83a1285':")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "add", "john", "--service=openid", "--sector='openidconnect.net'", "--identifier=b0e17f48-933c-4cba-8509-ee9bfadf8ce5", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "user", "identifiers", "add", "john", "--service=openid", "--sector='openidconnect.net'", "--identifier=b0e17f48-933c-4cba-8509-ee9bfadf8ce5", "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Added User Opaque Identifier:\n\tService: openid\n\tSector: openidconnect.net\n\tUsername: john\n\tIdentifier: b0e17f48-933c-4cba-8509-ee9bfadf8ce5\n\n") s.Assert().Contains(output, "Added User Opaque Identifier:\n\tService: openid\n\tSector: openidconnect.net\n\tUsername: john\n\tIdentifier: b0e17f48-933c-4cba-8509-ee9bfadf8ce5\n\n")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "add", "john", "--service=openid", "--sector='bad-uuid.com'", "--identifier=d49564dc-b7a1-11ec-8429-fcaa147128ea", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "user", "identifiers", "add", "john", "--service=openid", "--sector='bad-uuid.com'", "--identifier=d49564dc-b7a1-11ec-8429-fcaa147128ea", "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1") s.Assert().EqualError(err, "exit status 1")
s.Assert().Contains(output, "Error: the identifier providerd 'd49564dc-b7a1-11ec-8429-fcaa147128ea' is a version 1 UUID but only version 4 UUID's accepted as identifiers") s.Assert().Contains(output, "Error: the identifier providerd 'd49564dc-b7a1-11ec-8429-fcaa147128ea' is a version 1 UUID but only version 4 UUID's accepted as identifiers")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "add", "john", "--service=openid", "--sector='bad-uuid.com'", "--identifier=asdmklasdm", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "user", "identifiers", "add", "john", "--service=openid", "--sector='bad-uuid.com'", "--identifier=asdmklasdm", "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1") s.Assert().EqualError(err, "exit status 1")
s.Assert().Contains(output, "Error: the identifier provided 'asdmklasdm' is invalid as it must be a version 4 UUID but parsing it had an error: invalid UUID length: 10") s.Assert().Contains(output, "Error: the identifier provided 'asdmklasdm' is invalid as it must be a version 4 UUID but parsing it had an error: invalid UUID length: 10")
@ -1086,7 +1073,7 @@ func (s *CLISuite) TestStorage04ShouldManageUniqueID() {
s.Assert().Equal("openid", export.Identifiers[0].Service) s.Assert().Equal("openid", export.Identifiers[0].Service)
out2 := filepath.Join(dir, "2.yml") out2 := filepath.Join(dir, "2.yml")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "export", "--file", out2, "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "user", "identifiers", "export", "--file", out2, "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, fmt.Sprintf("Successfully exported %d User Opaque Identifiers as YAML to the '%s' file\n", 2, out2)) s.Assert().Contains(output, fmt.Sprintf("Successfully exported %d User Opaque Identifiers as YAML to the '%s' file\n", 2, out2))
@ -1111,12 +1098,12 @@ func (s *CLISuite) TestStorage04ShouldManageUniqueID() {
} }
func (s *CLISuite) TestStorage05ShouldChangeEncryptionKey() { func (s *CLISuite) TestStorage05ShouldChangeEncryptionKey() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "encryption", "change-key", "--new-encryption-key=apple-apple-apple-apple", "--config=/config/configuration.storage.yml"}) output, err := s.Exec("authelia-backend", []string{"authelia", "storage", "encryption", "change-key", "--new-encryption-key=apple-apple-apple-apple", "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Completed the encryption key change. Please adjust your configuration to use the new key.\n") s.Assert().Contains(output, "Completed the encryption key change. Please adjust your configuration to use the new key.\n")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "schema-info", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "schema-info", "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Schema Version: ") s.Assert().Contains(output, "Schema Version: ")
@ -1131,12 +1118,12 @@ func (s *CLISuite) TestStorage05ShouldChangeEncryptionKey() {
s.Assert().Contains(output, "totp_configurations") s.Assert().Contains(output, "totp_configurations")
s.Assert().Contains(output, "Schema Encryption Key: invalid") s.Assert().Contains(output, "Schema Encryption Key: invalid")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "encryption", "check", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "encryption", "check", "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Storage Encryption Key Validation: FAILURE\n\n\tCause: the configured encryption key does not appear to be valid for this database which may occur if the encryption key was changed in the configuration without using the cli to change it in the database.\n") s.Assert().Contains(output, "Storage Encryption Key Validation: FAILURE\n\n\tCause: the configured encryption key does not appear to be valid for this database which may occur if the encryption key was changed in the configuration without using the cli to change it in the database.\n")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "encryption", "check", "--verbose", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "encryption", "check", "--verbose", "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Storage Encryption Key Validation: FAILURE\n\n\tCause: the configured encryption key does not appear to be valid for this database which may occur if the encryption key was changed in the configuration without using the cli to change it in the database.\n\nTables:\n\n") s.Assert().Contains(output, "Storage Encryption Key Validation: FAILURE\n\n\tCause: the configured encryption key does not appear to be valid for this database which may occur if the encryption key was changed in the configuration without using the cli to change it in the database.\n\nTables:\n\n")
@ -1148,12 +1135,12 @@ func (s *CLISuite) TestStorage05ShouldChangeEncryptionKey() {
s.Assert().Contains(output, "\n\n\tTable (totp_configurations): FAILURE\n\t\tInvalid Rows: 4\n\t\tTotal Rows: 4\n") s.Assert().Contains(output, "\n\n\tTable (totp_configurations): FAILURE\n\t\tInvalid Rows: 4\n\t\tTotal Rows: 4\n")
s.Assert().Contains(output, "\n\n\tTable (webauthn_devices): N/A\n\t\tInvalid Rows: 0\n\t\tTotal Rows: 0\n") s.Assert().Contains(output, "\n\n\tTable (webauthn_devices): N/A\n\t\tInvalid Rows: 0\n\t\tTotal Rows: 0\n")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "encryption", "check", "--encryption-key=apple-apple-apple-apple", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "encryption", "check", "--encryption-key=apple-apple-apple-apple", "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Storage Encryption Key Validation: SUCCESS\n") s.Assert().Contains(output, "Storage Encryption Key Validation: SUCCESS\n")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "encryption", "check", "--verbose", "--encryption-key=apple-apple-apple-apple", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "encryption", "check", "--verbose", "--encryption-key=apple-apple-apple-apple", "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "Storage Encryption Key Validation: SUCCESS\n\nTables:\n\n") s.Assert().Contains(output, "Storage Encryption Key Validation: SUCCESS\n\nTables:\n\n")
@ -1165,19 +1152,19 @@ func (s *CLISuite) TestStorage05ShouldChangeEncryptionKey() {
s.Assert().Contains(output, "\n\n\tTable (totp_configurations): SUCCESS\n\t\tInvalid Rows: 0\n\t\tTotal Rows: 4\n") s.Assert().Contains(output, "\n\n\tTable (totp_configurations): SUCCESS\n\t\tInvalid Rows: 0\n\t\tTotal Rows: 4\n")
s.Assert().Contains(output, "\n\n\tTable (webauthn_devices): N/A\n\t\tInvalid Rows: 0\n\t\tTotal Rows: 0\n") s.Assert().Contains(output, "\n\n\tTable (webauthn_devices): N/A\n\t\tInvalid Rows: 0\n\t\tTotal Rows: 0\n")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "encryption", "change-key", "--encryption-key=apple-apple-apple-apple", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "encryption", "change-key", "--encryption-key=apple-apple-apple-apple", "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1") s.Assert().EqualError(err, "exit status 1")
s.Assert().Contains(output, "Error: you must either use an interactive terminal or use the --new-encryption-key flag\n") s.Assert().Contains(output, "Error: you must either use an interactive terminal or use the --new-encryption-key flag\n")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "encryption", "change-key", "--encryption-key=apple-apple-apple-apple", "--new-encryption-key=abc", "--config=/config/configuration.storage.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "storage", "encryption", "change-key", "--encryption-key=apple-apple-apple-apple", "--new-encryption-key=abc", "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1") s.Assert().EqualError(err, "exit status 1")
s.Assert().Contains(output, "Error: the new encryption key must be at least 20 characters\n") s.Assert().Contains(output, "Error: the new encryption key must be at least 20 characters\n")
} }
func (s *CLISuite) TestStorage06ShouldMigrateDown() { func (s *CLISuite) TestStorage06ShouldMigrateDown() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "migrate", "down", "--target=0", "--destroy-data", "--config=/config/configuration.storage.yml"}) output, err := s.Exec("authelia-backend", []string{"authelia", "storage", "migrate", "down", "--target=0", "--destroy-data", "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
pattern0 := regexp.MustCompile(`"Storage schema migration from \d+ to \d+ is being attempted"`) pattern0 := regexp.MustCompile(`"Storage schema migration from \d+ to \d+ is being attempted"`)
@ -1188,7 +1175,7 @@ func (s *CLISuite) TestStorage06ShouldMigrateDown() {
} }
func (s *CLISuite) TestACLPolicyCheckVerbose() { func (s *CLISuite) TestACLPolicyCheckVerbose() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "access-control", "check-policy", "--url=https://public.example.com", "--verbose", "--config=/config/configuration.yml"}) output, err := s.Exec("authelia-backend", []string{"authelia", "access-control", "check-policy", "--url=https://public.example.com", "--verbose", "--config=/config/configuration.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
// This is an example of `authelia access-control check-policy --config .\internal\suites\CLI\configuration.yml --url=https://public.example.com --verbose`. // This is an example of `authelia access-control check-policy --config .\internal\suites\CLI\configuration.yml --url=https://public.example.com --verbose`.
@ -1205,7 +1192,7 @@ func (s *CLISuite) TestACLPolicyCheckVerbose() {
s.Contains(output, " 9\tmiss\thit\t\thit\thit\tmay\n") s.Contains(output, " 9\tmiss\thit\t\thit\thit\tmay\n")
s.Contains(output, "The policy 'bypass' from rule #1 will be applied to this request.") s.Contains(output, "The policy 'bypass' from rule #1 will be applied to this request.")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "access-control", "check-policy", "--url=https://admin.example.com", "--method=HEAD", "--username=tom", "--groups=basic,test", "--ip=192.168.2.3", "--verbose", "--config=/config/configuration.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "access-control", "check-policy", "--url=https://admin.example.com", "--method=HEAD", "--username=tom", "--groups=basic,test", "--ip=192.168.2.3", "--verbose", "--config=/config/configuration.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
// This is an example of `authelia access-control check-policy --config .\internal\suites\CLI\configuration.yml --url=https://admin.example.com --method=HEAD --username=tom --groups=basic,test --ip=192.168.2.3 --verbose`. // This is an example of `authelia access-control check-policy --config .\internal\suites\CLI\configuration.yml --url=https://admin.example.com --method=HEAD --username=tom --groups=basic,test --ip=192.168.2.3 --verbose`.
@ -1223,7 +1210,7 @@ func (s *CLISuite) TestACLPolicyCheckVerbose() {
s.Contains(output, " 9\tmiss\thit\t\thit\thit\tmiss\n") s.Contains(output, " 9\tmiss\thit\t\thit\thit\tmiss\n")
s.Contains(output, "The policy 'two_factor' from rule #2 will be applied to this request.") s.Contains(output, "The policy 'two_factor' from rule #2 will be applied to this request.")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "access-control", "check-policy", "--url=https://resources.example.com/resources/test", "--method=POST", "--username=john", "--groups=admin,test", "--ip=192.168.1.3", "--verbose", "--config=/config/configuration.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "access-control", "check-policy", "--url=https://resources.example.com/resources/test", "--method=POST", "--username=john", "--groups=admin,test", "--ip=192.168.1.3", "--verbose", "--config=/config/configuration.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
// This is an example of `authelia access-control check-policy --config .\internal\suites\CLI\configuration.yml --url=https://resources.example.com/resources/test --method=POST --username=john --groups=admin,test --ip=192.168.1.3 --verbose`. // This is an example of `authelia access-control check-policy --config .\internal\suites\CLI\configuration.yml --url=https://resources.example.com/resources/test --method=POST --username=john --groups=admin,test --ip=192.168.1.3 --verbose`.
@ -1240,7 +1227,7 @@ func (s *CLISuite) TestACLPolicyCheckVerbose() {
s.Contains(output, " 9\tmiss\thit\t\thit\thit\thit\n") s.Contains(output, " 9\tmiss\thit\t\thit\thit\thit\n")
s.Contains(output, "The policy 'one_factor' from rule #5 will be applied to this request.") s.Contains(output, "The policy 'one_factor' from rule #5 will be applied to this request.")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "access-control", "check-policy", "--url=https://user.example.com/resources/test", "--method=HEAD", "--username=john", "--groups=admin,test", "--ip=192.168.1.3", "--verbose", "--config=/config/configuration.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "access-control", "check-policy", "--url=https://user.example.com/resources/test", "--method=HEAD", "--username=john", "--groups=admin,test", "--ip=192.168.1.3", "--verbose", "--config=/config/configuration.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
// This is an example of `access-control check-policy --config .\internal\suites\CLI\configuration.yml --url=https://user.example.com --method=HEAD --username=john --groups=admin,test --ip=192.168.1.3 --verbose`. // This is an example of `access-control check-policy --config .\internal\suites\CLI\configuration.yml --url=https://user.example.com --method=HEAD --username=john --groups=admin,test --ip=192.168.1.3 --verbose`.
@ -1257,7 +1244,7 @@ func (s *CLISuite) TestACLPolicyCheckVerbose() {
s.Contains(output, "* 9\thit\thit\t\thit\thit\thit\n") s.Contains(output, "* 9\thit\thit\t\thit\thit\thit\n")
s.Contains(output, "The policy 'one_factor' from rule #9 will be applied to this request.") s.Contains(output, "The policy 'one_factor' from rule #9 will be applied to this request.")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "access-control", "check-policy", "--url=https://user.example.com", "--method=HEAD", "--ip=192.168.1.3", "--verbose", "--config=/config/configuration.yml"}) output, err = s.Exec("authelia-backend", []string{"authelia", "access-control", "check-policy", "--url=https://user.example.com", "--method=HEAD", "--ip=192.168.1.3", "--verbose", "--config=/config/configuration.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
// This is an example of `authelia access-control check-policy --config .\internal\suites\CLI\configuration.yml --url=https://user.example.com --method=HEAD --ip=192.168.1.3 --verbose`. // This is an example of `authelia access-control check-policy --config .\internal\suites\CLI\configuration.yml --url=https://user.example.com --method=HEAD --ip=192.168.1.3 --verbose`.

3
internal/suites/suites.go
View File

@ -31,8 +31,5 @@ type BaseSuite struct {
type CommandSuite struct { type CommandSuite struct {
*BaseSuite *BaseSuite
testArg string //nolint:structcheck // TODO: Remove when bug fixed: https://github.com/golangci/golangci-lint/issues/537.
coverageArg string //nolint:structcheck // TODO: Remove when bug fixed: https://github.com/golangci/golangci-lint/issues/537.
*DockerEnvironment *DockerEnvironment
} }