RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: misc 

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
pull/5053/head
James Elliott 2023-04-15 11:16:13 +10:00
parent 23e812806c
commit 716b80e4cf
No known key found for this signature in database
GPG Key ID: 0F1C4A096E857E49
2 changed files with 27 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
internal/configuration/validator/totp.go
View File

@ -18,29 +18,47 @@ func ValidateTOTP(config *schema.Configuration, validator *schema.StructValidato
config.TOTP.Issuer = schema.DefaultTOTPConfiguration.Issuer config.TOTP.Issuer = schema.DefaultTOTPConfiguration.Issuer
} }
validateTOTPValueSetAlgorithm(config, validator)
validateTOTPValueSetPeriod(config, validator)
validateTOTPValueSetDigits(config, validator)
if config.TOTP.Skew == nil {
config.TOTP.Skew = schema.DefaultTOTPConfiguration.Skew
}
if config.TOTP.SecretSize == 0 {
config.TOTP.SecretSize = schema.DefaultTOTPConfiguration.SecretSize
} else if config.TOTP.SecretSize < schema.TOTPSecretSizeMinimum {
validator.Push(fmt.Errorf(errFmtTOTPInvalidSecretSize, schema.TOTPSecretSizeMinimum, config.TOTP.SecretSize))
}
}
func validateTOTPValueSetAlgorithm(config *schema.Configuration, validator *schema.StructValidator) {
if config.TOTP.DefaultAlgorithm == "" { if config.TOTP.DefaultAlgorithm == "" {
config.TOTP.DefaultAlgorithm = schema.DefaultTOTPConfiguration.DefaultAlgorithm config.TOTP.DefaultAlgorithm = schema.DefaultTOTPConfiguration.DefaultAlgorithm
} else { } else {
config.TOTP.DefaultAlgorithm = strings.ToUpper(config.TOTP.DefaultAlgorithm) config.TOTP.DefaultAlgorithm = strings.ToUpper(config.TOTP.DefaultAlgorithm)
if !utils.IsStringInSlice(config.TOTP.DefaultAlgorithm, schema.TOTPPossibleAlgorithms) { if !utils.IsStringInSlice(config.TOTP.DefaultAlgorithm, schema.TOTPPossibleAlgorithms) {
validator.Push(fmt.Errorf(errFmtTOTPInvalidAlgorithm, strings.Join(schema.TOTPPossibleAlgorithms, "', '"), config.TOTP.DefaultAlgorithm)) validator.Push(fmt.Errorf(errFmtTOTPInvalidAlgorithm, strJoinOr(schema.TOTPPossibleAlgorithms), config.TOTP.DefaultAlgorithm))
} }
} }
for i, algorithm := range config.TOTP.AllowedAlgorithms { for i, algorithm := range config.TOTP.AllowedAlgorithms {
config.TOTP.AllowedAlgorithms[i] = strings.ToUpper(algorithm) config.TOTP.AllowedAlgorithms[i] = strings.ToUpper(algorithm)
// TODO: Customize this error. // TODO: Customize this error and test this loop.
if !utils.IsStringInSlice(config.TOTP.AllowedAlgorithms[i], schema.TOTPPossibleAlgorithms) { if !utils.IsStringInSlice(config.TOTP.AllowedAlgorithms[i], schema.TOTPPossibleAlgorithms) {
validator.Push(fmt.Errorf(errFmtTOTPInvalidAlgorithm, strings.Join(schema.TOTPPossibleAlgorithms, "', '"), config.TOTP.AllowedAlgorithms[i])) validator.Push(fmt.Errorf(errFmtTOTPInvalidAlgorithm, strJoinOr(schema.TOTPPossibleAlgorithms), config.TOTP.AllowedAlgorithms[i]))
} }
} }
if !utils.IsStringInSlice(config.TOTP.DefaultAlgorithm, config.TOTP.AllowedAlgorithms) { if !utils.IsStringInSlice(config.TOTP.DefaultAlgorithm, config.TOTP.AllowedAlgorithms) {
config.TOTP.AllowedAlgorithms = append(config.TOTP.AllowedAlgorithms, config.TOTP.DefaultAlgorithm) config.TOTP.AllowedAlgorithms = append(config.TOTP.AllowedAlgorithms, config.TOTP.DefaultAlgorithm)
} }
}
func validateTOTPValueSetPeriod(config *schema.Configuration, validator *schema.StructValidator) {
if config.TOTP.DefaultPeriod == 0 { if config.TOTP.DefaultPeriod == 0 {
config.TOTP.DefaultPeriod = schema.DefaultTOTPConfiguration.DefaultPeriod config.TOTP.DefaultPeriod = schema.DefaultTOTPConfiguration.DefaultPeriod
} else if config.TOTP.DefaultPeriod < 15 { } else if config.TOTP.DefaultPeriod < 15 {
@ -50,7 +68,7 @@ func ValidateTOTP(config *schema.Configuration, validator *schema.StructValidato
var hasDefaultPeriod bool var hasDefaultPeriod bool
for _, period := range config.TOTP.AllowedPeriods { for _, period := range config.TOTP.AllowedPeriods {
// TODO: Customize this error. // TODO: Customize this error and test this loop.
if period < 15 { if period < 15 {
validator.Push(fmt.Errorf(errFmtTOTPInvalidPeriod, period)) validator.Push(fmt.Errorf(errFmtTOTPInvalidPeriod, period))
} }
@ -63,7 +81,9 @@ func ValidateTOTP(config *schema.Configuration, validator *schema.StructValidato
if !hasDefaultPeriod { if !hasDefaultPeriod {
config.TOTP.AllowedPeriods = append(config.TOTP.AllowedPeriods, config.TOTP.DefaultPeriod) config.TOTP.AllowedPeriods = append(config.TOTP.AllowedPeriods, config.TOTP.DefaultPeriod)
} }
}
func validateTOTPValueSetDigits(config *schema.Configuration, validator *schema.StructValidator) {
if config.TOTP.DefaultDigits == 0 { if config.TOTP.DefaultDigits == 0 {
config.TOTP.DefaultDigits = schema.DefaultTOTPConfiguration.DefaultDigits config.TOTP.DefaultDigits = schema.DefaultTOTPConfiguration.DefaultDigits
} else if config.TOTP.DefaultDigits != 6 && config.TOTP.DefaultDigits != 8 { } else if config.TOTP.DefaultDigits != 6 && config.TOTP.DefaultDigits != 8 {
@ -73,7 +93,7 @@ func ValidateTOTP(config *schema.Configuration, validator *schema.StructValidato
var hasDefaultDigits bool var hasDefaultDigits bool
for _, digits := range config.TOTP.AllowedDigits { for _, digits := range config.TOTP.AllowedDigits {
// TODO: Customize this error. // TODO: Customize this error and test this loop.
if digits != 6 && digits != 8 { if digits != 6 && digits != 8 {
validator.Push(fmt.Errorf(errFmtTOTPInvalidDigits, config.TOTP.DefaultDigits)) validator.Push(fmt.Errorf(errFmtTOTPInvalidDigits, config.TOTP.DefaultDigits))
} }
@ -86,14 +106,4 @@ func ValidateTOTP(config *schema.Configuration, validator *schema.StructValidato
if !hasDefaultDigits { if !hasDefaultDigits {
config.TOTP.AllowedDigits = append(config.TOTP.AllowedDigits, config.TOTP.DefaultDigits) config.TOTP.AllowedDigits = append(config.TOTP.AllowedDigits, config.TOTP.DefaultDigits)
} }
if config.TOTP.Skew == nil {
config.TOTP.Skew = schema.DefaultTOTPConfiguration.Skew
}
if config.TOTP.SecretSize == 0 {
config.TOTP.SecretSize = schema.DefaultTOTPConfiguration.SecretSize
} else if config.TOTP.SecretSize < schema.TOTPSecretSizeMinimum {
validator.Push(fmt.Errorf(errFmtTOTPInvalidSecretSize, schema.TOTPSecretSizeMinimum, config.TOTP.SecretSize))
}
} }

4
internal/model/totp_configuration.go
View File

@ -46,8 +46,8 @@ type TOTPConfigurationJSON struct {
Period int `json:"period"` Period int `json:"period"`
} }
// MarshalJSON returns the WebauthnDevice in a JSON friendly manner. // MarshalJSON returns the TOTPConfiguration in a JSON friendly manner.
func (c TOTPConfiguration) MarshalJSON() (data []byte, err error) { func (c *TOTPConfiguration) MarshalJSON() (data []byte, err error) {
o := TOTPConfigurationJSON{ o := TOTPConfigurationJSON{
CreatedAt: c.CreatedAt, CreatedAt: c.CreatedAt,
Issuer: c.Issuer, Issuer: c.Issuer,