RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Adapt authentication methods configuration to be backward compatible 

Prior version of configuration file can be used, the authentication methods
will be set to default values (two_factor as default method).
pull/131/head
Clement Michaud 2017-10-09 23:13:57 +02:00
parent bc8fe623df
commit 9624aa6311
5 changed files with 103 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
server/src/lib/configuration/ConfigurationAdapter.ts
View File

@ -4,10 +4,11 @@ import {
AppConfiguration, UserConfiguration, NotifierConfiguration, AppConfiguration, UserConfiguration, NotifierConfiguration,
ACLConfiguration, LdapConfiguration, SessionRedisOptions, ACLConfiguration, LdapConfiguration, SessionRedisOptions,
MongoStorageConfiguration, LocalStorageConfiguration, MongoStorageConfiguration, LocalStorageConfiguration,
UserLdapConfiguration, AuthenticationMethodsConfiguration UserLdapConfiguration
} from "./Configuration"; } from "./Configuration";
import Util = require("util"); import Util = require("util");
import { ACLAdapter } from "./adapters/ACLAdapter"; import { ACLAdapter } from "./adapters/ACLAdapter";
import { AuthenticationMethodsAdapter } from "./adapters/AuthenticationMethodsAdapter";
const LDAP_URL_ENV_VARIABLE = "LDAP_URL"; const LDAP_URL_ENV_VARIABLE = "LDAP_URL";
@ -55,25 +56,16 @@ function adaptLdapConfiguration(userConfig: UserLdapConfiguration): LdapConfigur
}; };
} }
function adaptAuthenticationMethods(authentication_methods: AuthenticationMethodsConfiguration) function adaptFromUserConfiguration(userConfiguration: UserConfiguration)
: AuthenticationMethodsConfiguration { : AppConfiguration {
if (!authentication_methods) {
return {
default_method: "two_factor",
per_subdomain_methods: {}
};
}
return authentication_methods;
}
function adaptFromUserConfiguration(userConfiguration: UserConfiguration): AppConfiguration {
ensure_key_existence(userConfiguration, "ldap"); ensure_key_existence(userConfiguration, "ldap");
ensure_key_existence(userConfiguration, "session.secret"); ensure_key_existence(userConfiguration, "session.secret");
ensure_key_existence(userConfiguration, "regulation"); ensure_key_existence(userConfiguration, "regulation");
const port = userConfiguration.port || 8080; const port = userConfiguration.port || 8080;
const ldapConfiguration = adaptLdapConfiguration(userConfiguration.ldap); const ldapConfiguration = adaptLdapConfiguration(userConfiguration.ldap);
const authenticationMethods = adaptAuthenticationMethods(userConfiguration.authentication_methods); const authenticationMethods = AuthenticationMethodsAdapter
.adapt(userConfiguration.authentication_methods);
return { return {
port: port, port: port,

7
server/src/lib/configuration/adapters/ACLAdapter.ts
View File

@ -1,8 +1,5 @@
import { ACLConfiguration } from "../Configuration"; import { ACLConfiguration } from "../Configuration";
import { ObjectCloner } from "../../utils/ObjectCloner";
function clone(obj: any): any {
return JSON.parse(JSON.stringify(obj));
}
const DEFAULT_POLICY = "deny"; const DEFAULT_POLICY = "deny";
@ -32,7 +29,7 @@ export class ACLAdapter {
static adapt(configuration: ACLConfiguration): ACLConfiguration { static adapt(configuration: ACLConfiguration): ACLConfiguration {
if (!configuration) return; if (!configuration) return;
const newConfiguration: ACLConfiguration = clone(configuration); const newConfiguration: ACLConfiguration = ObjectCloner.clone(configuration);
adaptDefaultPolicy(newConfiguration); adaptDefaultPolicy(newConfiguration);
adaptAny(newConfiguration); adaptAny(newConfiguration);
adaptGroups(newConfiguration); adaptGroups(newConfiguration);

30
server/src/lib/configuration/adapters/AuthenticationMethodsAdapter.ts 100644
View File

@ -0,0 +1,30 @@
import { AuthenticationMethodsConfiguration } from "../Configuration";
import { ObjectCloner } from "../../utils/ObjectCloner";
function clone(obj: any): any {
return JSON.parse(JSON.stringify(obj));
}
export class AuthenticationMethodsAdapter {
static adapt(authentication_methods: AuthenticationMethodsConfiguration)
: AuthenticationMethodsConfiguration {
if (!authentication_methods) {
return {
default_method: "two_factor",
per_subdomain_methods: {}
};
}
const newAuthMethods: AuthenticationMethodsConfiguration
= ObjectCloner.clone(authentication_methods);
if (!newAuthMethods.default_method)
newAuthMethods.default_method = "two_factor";
if (!newAuthMethods.per_subdomain_methods ||
newAuthMethods.per_subdomain_methods.constructor !== Object)
newAuthMethods.per_subdomain_methods = {};
return newAuthMethods;
}
}

6
server/src/lib/utils/ObjectCloner.ts 100644
View File

@ -0,0 +1,6 @@
export class ObjectCloner {
static clone(obj: any): any {
return JSON.parse(JSON.stringify(obj));
}
}

59
server/test/configuration/adapters/AuthenticationMethodsAdapter.test.ts 100644
View File

@ -0,0 +1,59 @@
import { AuthenticationMethodsAdapter } from "../../../src/lib/configuration/adapters/AuthenticationMethodsAdapter";
import Assert = require("assert");
describe("test authentication methods configuration adapter", function () {
describe("no authentication methods defined", function () {
it("should adapt a configuration when no authentication methods config is defined", function () {
const userConfiguration: any = undefined;
const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
Assert.deepStrictEqual(appConfiguration, {
default_method: "two_factor",
per_subdomain_methods: {}
});
});
});
describe("partial authentication methods config", function() {
it("should adapt a configuration when default_method is not defined", function () {
const userConfiguration: any = {
per_subdomain_methods: {
"example.com": "basic_auth"
}
};
const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
Assert.deepStrictEqual(appConfiguration, {
default_method: "two_factor",
per_subdomain_methods: {
"example.com": "basic_auth"
}
});
});
it("should adapt a configuration when per_subdomain_methods is not defined", function () {
const userConfiguration: any = {
default_method: "basic_auth"
};
const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
Assert.deepStrictEqual(appConfiguration, {
default_method: "basic_auth",
per_subdomain_methods: {}
});
});
it("should adapt a configuration when per_subdomain_methods has wrong type", function () {
const userConfiguration: any = {
default_method: "basic_auth",
per_subdomain_methods: []
};
const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
Assert.deepStrictEqual(appConfiguration, {
default_method: "basic_auth",
per_subdomain_methods: {}
});
});
});
});