diff options
| author | James Elliott <james-d-elliott@users.noreply.github.com> | 2020-05-05 05:39:25 +1000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-05-04 21:39:25 +0200 |
| commit | 3f374534abb33b5d03dd0fa4e5a01b3e08475c46 (patch) | |
| tree | f268ac26ba7615d72723963e479557bd2cc2a213 /internal/configuration/validator/authentication_test.go | |
| parent | 99bb782708b3da01f625f1f12a43ac58b8d0fd0f (diff) | |
[FEATURE] Automatic Profile Refresh - LDAP (#912)
* [FIX] LDAP Not Checking for Updated Groups
* refactor handlers verifyFromSessionCookie
* refactor authorizer selectMatchingObjectRules
* refactor authorizer isDomainMatching
* add authorizer URLHasGroupSubjects method
* add user provider ProviderType method
* update tests
* check for new LDAP groups and update session when:
* user provider type is LDAP
* authorization is forbidden
* URL has rule with group subjects
* Implement Refresh Interval
* add default values for LDAP user provider
* add default for refresh interval
* add schema validator for refresh interval
* add various tests
* rename hasUserBeenInactiveLongEnough to hasUserBeenInactiveTooLong
* use Authelia ctx clock
* add check to determine if user is deleted, if so destroy the
* make ldap user not found error a const
* implement GetRefreshSettings in mock
* Use user not found const with FileProvider
* comment exports
* use ctx.Clock instead of time pkg
* add debug logging
* use ptr to reference userSession so we don't have to retrieve it again
* add documenation
* add check for 0 refresh interval to reduce CPU cost
* remove badly copied debug msg
* add group change delta message
* add SliceStringDelta
* refactor ldap refresh to use the new func
* improve delta add/remove log message
* fix incorrect logic in SliceStringDelta
* add tests to SliceStringDelta
* add always config option
* add tests for always config option
* update docs
* apply suggestions from code review
Co-Authored-By: Amir Zarrinkafsh <nightah@me.com>
* complete mocks and fix an old one
* show warning when LDAP details failed to update for an unknown reason
* golint fix
* actually fix existing mocks
* use mocks for LDAP refresh testing
* use mocks for LDAP refresh testing for both added and removed groups
* use test mock to verify disabled refresh behaviour
* add information to threat model
* add time const for default Unix() value
* misc adjustments to mocks
* Suggestions from code review
* requested changes
* update emails
* docs updates
* test updates
* misc
* golint fix
* set debug for dev testing
* misc docs and logging updates
* misc grammar/spelling
* use built function for VerifyGet
* fix reviewdog suggestions
* requested changes
* Apply suggestions from code review
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
Diffstat (limited to 'internal/configuration/validator/authentication_test.go')
| -rw-r--r-- | internal/configuration/validator/authentication_test.go | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/internal/configuration/validator/authentication_test.go b/internal/configuration/validator/authentication_test.go index 3181bb955..8669dfe4a 100644 --- a/internal/configuration/validator/authentication_test.go +++ b/internal/configuration/validator/authentication_test.go @@ -229,6 +229,13 @@ func (suite *LdapAuthenticationBackendSuite) TestShouldRaiseOnEmptyUsernameAttri assert.EqualError(suite.T(), suite.validator.Errors()[0], "Please provide a username attribute with `username_attribute`") } +func (suite *LdapAuthenticationBackendSuite) TestShouldRaiseOnBadRefreshInterval() { + suite.configuration.RefreshInterval = "blah" + ValidateAuthenticationBackend(&suite.configuration, suite.validator) + require.Len(suite.T(), suite.validator.Errors(), 1) + assert.EqualError(suite.T(), suite.validator.Errors()[0], "Auth Backend `refresh_interval` is configured to 'blah' but it must be either a duration notation or one of 'disable', or 'always'. Error from parser: Could not convert the input string of blah into a duration") +} + func (suite *LdapAuthenticationBackendSuite) TestShouldSetDefaultGroupNameAttribute() { ValidateAuthenticationBackend(&suite.configuration, suite.validator) assert.Len(suite.T(), suite.validator.Errors(), 0) @@ -241,6 +248,12 @@ func (suite *LdapAuthenticationBackendSuite) TestShouldSetDefaultMailAttribute() assert.Equal(suite.T(), "mail", suite.configuration.Ldap.MailAttribute) } +func (suite *LdapAuthenticationBackendSuite) TestShouldSetDefaultRefreshInterval() { + ValidateAuthenticationBackend(&suite.configuration, suite.validator) + assert.Len(suite.T(), suite.validator.Errors(), 0) + assert.Equal(suite.T(), "5m", suite.configuration.RefreshInterval) +} + func (suite *LdapAuthenticationBackendSuite) TestShouldRaiseWhenUsersFilterDoesNotContainEnclosingParenthesis() { suite.configuration.Ldap.UsersFilter = "uid={input}" ValidateAuthenticationBackend(&suite.configuration, suite.validator) |