refactor: const int type stringers (#4588)
parent
de5f42ae4d
commit
728902335b
|
@ -1,15 +1,15 @@
|
||||||
package authentication
|
package authentication
|
||||||
|
|
||||||
// LevelToString returns a string representation of an authentication.Level.
|
// String returns a string representation of an authentication.Level.
|
||||||
func LevelToString(level Level) string {
|
func (l Level) String() string {
|
||||||
switch level {
|
switch l {
|
||||||
case NotAuthenticated:
|
case NotAuthenticated:
|
||||||
return "not_authenticated"
|
return "not_authenticated"
|
||||||
case OneFactor:
|
case OneFactor:
|
||||||
return "one_factor"
|
return "one_factor"
|
||||||
case TwoFactor:
|
case TwoFactor:
|
||||||
return "two_factor"
|
return "two_factor"
|
||||||
}
|
default:
|
||||||
|
|
||||||
return "invalid"
|
return "invalid"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -26,7 +26,7 @@ func NewAccessControlRule(pos int, rule schema.ACLRule, networksMap map[string][
|
||||||
Methods: schemaMethodsToACL(rule.Methods),
|
Methods: schemaMethodsToACL(rule.Methods),
|
||||||
Networks: schemaNetworksToACL(rule.Networks, networksMap, networksCacheMap),
|
Networks: schemaNetworksToACL(rule.Networks, networksMap, networksCacheMap),
|
||||||
Subjects: schemaSubjectsToACL(rule.Subjects),
|
Subjects: schemaSubjectsToACL(rule.Subjects),
|
||||||
Policy: StringToLevel(rule.Policy),
|
Policy: NewLevel(rule.Policy),
|
||||||
}
|
}
|
||||||
|
|
||||||
if len(r.Subjects) != 0 {
|
if len(r.Subjects) != 0 {
|
||||||
|
|
|
@ -19,7 +19,7 @@ type Authorizer struct {
|
||||||
// NewAuthorizer create an instance of authorizer with a given access control config.
|
// NewAuthorizer create an instance of authorizer with a given access control config.
|
||||||
func NewAuthorizer(config *schema.Configuration) (authorizer *Authorizer) {
|
func NewAuthorizer(config *schema.Configuration) (authorizer *Authorizer) {
|
||||||
authorizer = &Authorizer{
|
authorizer = &Authorizer{
|
||||||
defaultPolicy: StringToLevel(config.AccessControl.DefaultPolicy),
|
defaultPolicy: NewLevel(config.AccessControl.DefaultPolicy),
|
||||||
rules: NewAccessControlRules(config.AccessControl),
|
rules: NewAccessControlRules(config.AccessControl),
|
||||||
config: config,
|
config: config,
|
||||||
log: logging.Logger(),
|
log: logging.Logger(),
|
||||||
|
|
|
@ -988,12 +988,12 @@ func (s *AuthorizerSuite) TestShouldMatchResourceWithSubjectRules() {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *AuthorizerSuite) TestPolicyToLevel() {
|
func (s *AuthorizerSuite) TestPolicyToLevel() {
|
||||||
s.Assert().Equal(Bypass, StringToLevel(bypass))
|
s.Assert().Equal(Bypass, NewLevel(bypass))
|
||||||
s.Assert().Equal(OneFactor, StringToLevel(oneFactor))
|
s.Assert().Equal(OneFactor, NewLevel(oneFactor))
|
||||||
s.Assert().Equal(TwoFactor, StringToLevel(twoFactor))
|
s.Assert().Equal(TwoFactor, NewLevel(twoFactor))
|
||||||
s.Assert().Equal(Denied, StringToLevel(deny))
|
s.Assert().Equal(Denied, NewLevel(deny))
|
||||||
|
|
||||||
s.Assert().Equal(Denied, StringToLevel("whatever"))
|
s.Assert().Equal(Denied, NewLevel("whatever"))
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestRunSuite(t *testing.T) {
|
func TestRunSuite(t *testing.T) {
|
||||||
|
|
|
@ -9,8 +9,8 @@ import (
|
||||||
"github.com/authelia/authelia/v4/internal/configuration/schema"
|
"github.com/authelia/authelia/v4/internal/configuration/schema"
|
||||||
)
|
)
|
||||||
|
|
||||||
// StringToLevel converts a string policy to int authorization level.
|
// NewLevel converts a string policy to int authorization level.
|
||||||
func StringToLevel(policy string) Level {
|
func NewLevel(policy string) Level {
|
||||||
switch policy {
|
switch policy {
|
||||||
case bypass:
|
case bypass:
|
||||||
return Bypass
|
return Bypass
|
||||||
|
@ -25,9 +25,9 @@ func StringToLevel(policy string) Level {
|
||||||
return Denied
|
return Denied
|
||||||
}
|
}
|
||||||
|
|
||||||
// LevelToString converts a int authorization level to string policy.
|
// String returns a policy string representation of an authorization.Level.
|
||||||
func LevelToString(level Level) (policy string) {
|
func (l Level) String() string {
|
||||||
switch level {
|
switch l {
|
||||||
case Bypass:
|
case Bypass:
|
||||||
return bypass
|
return bypass
|
||||||
case OneFactor:
|
case OneFactor:
|
||||||
|
@ -36,9 +36,9 @@ func LevelToString(level Level) (policy string) {
|
||||||
return twoFactor
|
return twoFactor
|
||||||
case Denied:
|
case Denied:
|
||||||
return deny
|
return deny
|
||||||
}
|
default:
|
||||||
|
|
||||||
return deny
|
return deny
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func stringSliceToRegexpSlice(strings []string) (regexps []regexp.Regexp, err error) {
|
func stringSliceToRegexpSlice(strings []string) (regexps []regexp.Regexp, err error) {
|
||||||
|
|
|
@ -25,7 +25,7 @@ func TestLevelToString(t *testing.T) {
|
||||||
|
|
||||||
for _, tc := range testCases {
|
for _, tc := range testCases {
|
||||||
t.Run("Expected_"+tc.expected, func(t *testing.T) {
|
t.Run("Expected_"+tc.expected, func(t *testing.T) {
|
||||||
assert.Equal(t, tc.expected, LevelToString(tc.have))
|
assert.Equal(t, tc.expected, tc.have.String())
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -171,11 +171,11 @@ func accessControlCheckWriteOutput(object authorization.Object, subject authoriz
|
||||||
|
|
||||||
switch {
|
switch {
|
||||||
case appliedPos != 0 && (potentialPos == 0 || (potentialPos > appliedPos)):
|
case appliedPos != 0 && (potentialPos == 0 || (potentialPos > appliedPos)):
|
||||||
fmt.Printf("\nThe policy '%s' from rule #%d will be applied to this request.\n\n", authorization.LevelToString(applied.Rule.Policy), appliedPos)
|
fmt.Printf("\nThe policy '%s' from rule #%d will be applied to this request.\n\n", applied.Rule.Policy, appliedPos)
|
||||||
case potentialPos != 0 && appliedPos != 0:
|
case potentialPos != 0 && appliedPos != 0:
|
||||||
fmt.Printf("\nThe policy '%s' from rule #%d will potentially be applied to this request. If not policy '%s' from rule #%d will be.\n\n", authorization.LevelToString(potential.Rule.Policy), potentialPos, authorization.LevelToString(applied.Rule.Policy), appliedPos)
|
fmt.Printf("\nThe policy '%s' from rule #%d will potentially be applied to this request. If not policy '%s' from rule #%d will be.\n\n", potential.Rule.Policy, potentialPos, applied.Rule.Policy, appliedPos)
|
||||||
case potentialPos != 0:
|
case potentialPos != 0:
|
||||||
fmt.Printf("\nThe policy '%s' from rule #%d will potentially be applied to this request. Otherwise the policy '%s' from the default policy will be.\n\n", authorization.LevelToString(potential.Rule.Policy), potentialPos, defaultPolicy)
|
fmt.Printf("\nThe policy '%s' from rule #%d will potentially be applied to this request. Otherwise the policy '%s' from the default policy will be.\n\n", potential.Rule.Policy, potentialPos, defaultPolicy)
|
||||||
default:
|
default:
|
||||||
fmt.Printf("\nThe policy '%s' from the default policy will be applied to this request as no rules matched the request.\n\n", defaultPolicy)
|
fmt.Printf("\nThe policy '%s' from the default policy will be applied to this request as no rules matched the request.\n\n", defaultPolicy)
|
||||||
}
|
}
|
||||||
|
|
|
@ -11,8 +11,6 @@ import (
|
||||||
"github.com/google/uuid"
|
"github.com/google/uuid"
|
||||||
"github.com/ory/fosite"
|
"github.com/ory/fosite"
|
||||||
|
|
||||||
"github.com/authelia/authelia/v4/internal/authentication"
|
|
||||||
"github.com/authelia/authelia/v4/internal/authorization"
|
|
||||||
"github.com/authelia/authelia/v4/internal/middlewares"
|
"github.com/authelia/authelia/v4/internal/middlewares"
|
||||||
"github.com/authelia/authelia/v4/internal/model"
|
"github.com/authelia/authelia/v4/internal/model"
|
||||||
"github.com/authelia/authelia/v4/internal/oidc"
|
"github.com/authelia/authelia/v4/internal/oidc"
|
||||||
|
@ -132,11 +130,11 @@ func handleOIDCAuthorizationConsentRedirect(ctx *middlewares.AutheliaCtx, issuer
|
||||||
|
|
||||||
location.RawQuery = query.Encode()
|
location.RawQuery = query.Encode()
|
||||||
|
|
||||||
ctx.Logger.Debugf(logFmtDbgConsentAuthenticationSufficiency, requester.GetID(), client.GetID(), client.Consent, authentication.LevelToString(userSession.AuthenticationLevel), "sufficient", authorization.LevelToString(client.Policy))
|
ctx.Logger.Debugf(logFmtDbgConsentAuthenticationSufficiency, requester.GetID(), client.GetID(), client.Consent, userSession.AuthenticationLevel.String(), "sufficient", client.Policy)
|
||||||
} else {
|
} else {
|
||||||
location = handleOIDCAuthorizationConsentGetRedirectionURL(issuer, consent, requester)
|
location = handleOIDCAuthorizationConsentGetRedirectionURL(issuer, consent, requester)
|
||||||
|
|
||||||
ctx.Logger.Debugf(logFmtDbgConsentAuthenticationSufficiency, requester.GetID(), client.GetID(), client.Consent, authentication.LevelToString(userSession.AuthenticationLevel), "insufficient", authorization.LevelToString(client.Policy))
|
ctx.Logger.Debugf(logFmtDbgConsentAuthenticationSufficiency, requester.GetID(), client.GetID(), client.Consent, userSession.AuthenticationLevel.String(), "insufficient", client.Policy)
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx.Logger.Debugf(logFmtDbgConsentRedirect, requester.GetID(), client.GetID(), client.Consent, location)
|
ctx.Logger.Debugf(logFmtDbgConsentRedirect, requester.GetID(), client.GetID(), client.Consent, location)
|
||||||
|
|
|
@ -27,7 +27,7 @@ func NewClient(config schema.OpenIDConnectClientConfiguration) (client *Client)
|
||||||
|
|
||||||
UserinfoSigningAlgorithm: config.UserinfoSigningAlgorithm,
|
UserinfoSigningAlgorithm: config.UserinfoSigningAlgorithm,
|
||||||
|
|
||||||
Policy: authorization.StringToLevel(config.Policy),
|
Policy: authorization.NewLevel(config.Policy),
|
||||||
|
|
||||||
Consent: NewClientConsent(config.ConsentMode, config.ConsentPreConfiguredDuration),
|
Consent: NewClientConsent(config.ConsentMode, config.ConsentPreConfiguredDuration),
|
||||||
}
|
}
|
||||||
|
|
|
@ -28,7 +28,7 @@ func NewStore(config *schema.OpenIDConnectConfiguration, provider storage.Provid
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, client := range config.Clients {
|
for _, client := range config.Clients {
|
||||||
policy := authorization.StringToLevel(client.Policy)
|
policy := authorization.NewLevel(client.Policy)
|
||||||
logger.Debugf("Registering client %s with policy %s (%v)", client.ID, client.Policy, policy)
|
logger.Debugf("Registering client %s with policy %s (%v)", client.ID, client.Policy, policy)
|
||||||
|
|
||||||
store.clients[client.ID] = NewClient(client)
|
store.clients[client.ID] = NewClient(client)
|
||||||
|
|
Loading…
Reference in New Issue