test: add test for 2329 expand-env (#4870)

This adds a test for https://github.com/authelia/authelia/issues/2329#issuecomment-1414201785

internal/configuration/provider_test.go

@@ -105,6 +105,9 @@ func TestShouldValidateConfigurationWithFilters(t *testing.T) {
 	testSetEnv(t, "JWT_SECRET", "abc")
 	testSetEnv(t, "AUTHENTICATION_BACKEND_LDAP_PASSWORD", "abc")
 
+	t.Setenv("ABC_CLIENT_SECRET", "$plaintext$example-abc")
+	t.Setenv("XYZ_CLIENT_SECRET", "$plaintext$example-xyz")
+	t.Setenv("ANOTHER_CLIENT_SECRET", "$plaintext$example-123")
 	t.Setenv("SERVICES_SERVER", "10.10.10.10")
 	t.Setenv("ROOT_DOMAIN", "example.org")
 
@@ -118,6 +121,11 @@ func TestShouldValidateConfigurationWithFilters(t *testing.T) {
 	assert.Equal(t, "api-123456789.example.org", config.DuoAPI.Hostname)
 	assert.Equal(t, "10.10.10.10", config.Notifier.SMTP.Host)
 	assert.Equal(t, "10.10.10.10", config.Session.Redis.Host)
+
+	require.Len(t, config.IdentityProviders.OIDC.Clients, 3)
+	assert.Equal(t, "$plaintext$example-abc", config.IdentityProviders.OIDC.Clients[0].Secret.String())
+	assert.Equal(t, "$plaintext$example-xyz", config.IdentityProviders.OIDC.Clients[1].Secret.String())
+	assert.Equal(t, "$plaintext$example-123", config.IdentityProviders.OIDC.Clients[2].Secret.String())
 }
 
 func TestShouldNotIgnoreInvalidEnvs(t *testing.T) {

internal/configuration/test_resources/config.filtered.yml

@@ -174,4 +174,21 @@ notifier:
     port: 1025
     sender: 'admin@{{ env "ROOT_DOMAIN" }}'
     disable_require_tls: true
+
+identity_providers:
+  oidc:
+    cors:
+      allowed_origins:
+        - https://google.com
+        - https://example.com
+    clients:
+      - id: abc
+        secret: '${ABC_CLIENT_SECRET}'
+        consent_mode: explicit
+      - id: xyz
+        secret: '$XYZ_CLIENT_SECRET'
+        consent_mode: explicit
+      - id: '123'
+        secret: $ANOTHER_CLIENT_SECRET
+        consent_mode: explicit
 ...