test: add test for 2329 expand-env (#4870)

This adds a test for https://github.com/authelia/authelia/issues/2329#issuecomment-1414201785
pull/4872/head^2
James Elliott 2023-02-03 10:36:38 +11:00 committed by GitHub
parent 11ca8f6c1c
commit a2ce9e0573
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 25 additions and 0 deletions

View File

@ -105,6 +105,9 @@ func TestShouldValidateConfigurationWithFilters(t *testing.T) {
testSetEnv(t, "JWT_SECRET", "abc") testSetEnv(t, "JWT_SECRET", "abc")
testSetEnv(t, "AUTHENTICATION_BACKEND_LDAP_PASSWORD", "abc") testSetEnv(t, "AUTHENTICATION_BACKEND_LDAP_PASSWORD", "abc")
t.Setenv("ABC_CLIENT_SECRET", "$plaintext$example-abc")
t.Setenv("XYZ_CLIENT_SECRET", "$plaintext$example-xyz")
t.Setenv("ANOTHER_CLIENT_SECRET", "$plaintext$example-123")
t.Setenv("SERVICES_SERVER", "10.10.10.10") t.Setenv("SERVICES_SERVER", "10.10.10.10")
t.Setenv("ROOT_DOMAIN", "example.org") t.Setenv("ROOT_DOMAIN", "example.org")
@ -118,6 +121,11 @@ func TestShouldValidateConfigurationWithFilters(t *testing.T) {
assert.Equal(t, "api-123456789.example.org", config.DuoAPI.Hostname) assert.Equal(t, "api-123456789.example.org", config.DuoAPI.Hostname)
assert.Equal(t, "10.10.10.10", config.Notifier.SMTP.Host) assert.Equal(t, "10.10.10.10", config.Notifier.SMTP.Host)
assert.Equal(t, "10.10.10.10", config.Session.Redis.Host) assert.Equal(t, "10.10.10.10", config.Session.Redis.Host)
require.Len(t, config.IdentityProviders.OIDC.Clients, 3)
assert.Equal(t, "$plaintext$example-abc", config.IdentityProviders.OIDC.Clients[0].Secret.String())
assert.Equal(t, "$plaintext$example-xyz", config.IdentityProviders.OIDC.Clients[1].Secret.String())
assert.Equal(t, "$plaintext$example-123", config.IdentityProviders.OIDC.Clients[2].Secret.String())
} }
func TestShouldNotIgnoreInvalidEnvs(t *testing.T) { func TestShouldNotIgnoreInvalidEnvs(t *testing.T) {

View File

@ -174,4 +174,21 @@ notifier:
port: 1025 port: 1025
sender: 'admin@{{ env "ROOT_DOMAIN" }}' sender: 'admin@{{ env "ROOT_DOMAIN" }}'
disable_require_tls: true disable_require_tls: true
identity_providers:
oidc:
cors:
allowed_origins:
- https://google.com
- https://example.com
clients:
- id: abc
secret: '${ABC_CLIENT_SECRET}'
consent_mode: explicit
- id: xyz
secret: '$XYZ_CLIENT_SECRET'
consent_mode: explicit
- id: '123'
secret: $ANOTHER_CLIENT_SECRET
consent_mode: explicit
... ...