docs: jsonschema (#5493)

Adds a JSON Schema for the configuration, user database, and most exports. Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
author: James Elliott <james-d-elliott@users.noreply.github.com> 2023-09-03 16:01:46 +1000
committer: GitHub <noreply@github.com> 2023-09-03 16:01:46 +1000
commit: 40026701fdf604b874334166b9984f6ac003f0fa (patch)
tree: 7e7f90d62e07a627c8fc4e6335749d45ebcedd25 /internal/configuration/validator/authentication_test.go
parent: 3d1a02a8d3aa75e2e7bd2d7520e29518d11afa62 (diff)
1 files changed, 51 insertions, 51 deletions
diff --git a/internal/configuration/validator/authentication_test.go b/internal/configuration/validator/authentication_test.go
index b329cef63..2817c8960 100644
--- a/internal/configuration/validator/authentication_test.go
+++ b/internal/configuration/validator/authentication_test.go
@@ -17,8 +17,8 @@ func TestShouldRaiseErrorWhenBothBackendsProvided(t *testing.T) {
 	validator := schema.NewStructValidator()
 	backendConfig := schema.AuthenticationBackend{}
 
-	backendConfig.LDAP = &schema.LDAPAuthenticationBackend{}
-	backendConfig.File = &schema.FileAuthenticationBackend{
+	backendConfig.LDAP = &schema.AuthenticationBackendLDAP{}
+	backendConfig.File = &schema.AuthenticationBackendFile{
 		Path: "/tmp",
 	}
 
@@ -55,7 +55,7 @@ func (suite *FileBasedAuthenticationBackend) SetupTest() {
 
 	suite.validator = schema.NewStructValidator()
 	suite.config = schema.AuthenticationBackend{}
-	suite.config.File = &schema.FileAuthenticationBackend{Path: "/a/path", Password: password}
+	suite.config.File = &schema.AuthenticationBackendFile{Path: "/a/path", Password: password}
 }
 
 func (suite *FileBasedAuthenticationBackend) TestShouldValidateCompleteConfiguration() {
@@ -77,33 +77,33 @@ func (suite *FileBasedAuthenticationBackend) TestShouldRaiseErrorWhenNoPathProvi
 }
 
 func (suite *FileBasedAuthenticationBackend) TestShouldSetDefaultConfigurationWhenBlank() {
-	suite.config.File.Password = schema.Password{}
+	suite.config.File.Password = schema.AuthenticationBackendFilePassword{}
 
-	suite.Equal(0, suite.config.File.Password.KeyLength)
-	suite.Equal(0, suite.config.File.Password.Iterations)
-	suite.Equal(0, suite.config.File.Password.SaltLength)
 	suite.Equal("", suite.config.File.Password.Algorithm)
-	suite.Equal(0, suite.config.File.Password.Memory)
-	suite.Equal(0, suite.config.File.Password.Parallelism)
+	suite.Equal(0, suite.config.File.Password.KeyLength)   //nolint:staticcheck
+	suite.Equal(0, suite.config.File.Password.Iterations)  //nolint:staticcheck
+	suite.Equal(0, suite.config.File.Password.SaltLength)  //nolint:staticcheck
+	suite.Equal(0, suite.config.File.Password.Memory)      //nolint:staticcheck
+	suite.Equal(0, suite.config.File.Password.Parallelism) //nolint:staticcheck
 
 	ValidateAuthenticationBackend(&suite.config, suite.validator)
 
 	suite.Len(suite.validator.Warnings(), 0)
 	suite.Len(suite.validator.Errors(), 0)
 
-	suite.Equal(schema.DefaultPasswordConfig.KeyLength, suite.config.File.Password.KeyLength)
-	suite.Equal(schema.DefaultPasswordConfig.Iterations, suite.config.File.Password.Iterations)
-	suite.Equal(schema.DefaultPasswordConfig.SaltLength, suite.config.File.Password.SaltLength)
 	suite.Equal(schema.DefaultPasswordConfig.Algorithm, suite.config.File.Password.Algorithm)
-	suite.Equal(schema.DefaultPasswordConfig.Memory, suite.config.File.Password.Memory)
-	suite.Equal(schema.DefaultPasswordConfig.Parallelism, suite.config.File.Password.Parallelism)
+	suite.Equal(schema.DefaultPasswordConfig.KeyLength, suite.config.File.Password.KeyLength)     //nolint:staticcheck
+	suite.Equal(schema.DefaultPasswordConfig.Iterations, suite.config.File.Password.Iterations)   //nolint:staticcheck
+	suite.Equal(schema.DefaultPasswordConfig.SaltLength, suite.config.File.Password.SaltLength)   //nolint:staticcheck
+	suite.Equal(schema.DefaultPasswordConfig.Memory, suite.config.File.Password.Memory)           //nolint:staticcheck
+	suite.Equal(schema.DefaultPasswordConfig.Parallelism, suite.config.File.Password.Parallelism) //nolint:staticcheck
 }
 
 func (suite *FileBasedAuthenticationBackend) TestShouldMigrateLegacyConfigurationSHA512() {
-	suite.config.File.Password = schema.Password{}
+	suite.config.File.Password = schema.AuthenticationBackendFilePassword{}
 	suite.Equal("", suite.config.File.Password.Algorithm)
 
-	suite.config.File.Password = schema.Password{
+	suite.config.File.Password = schema.AuthenticationBackendFilePassword{
 		Algorithm:  digestSHA512,
 		Iterations: 1000000,
 		SaltLength: 8,
@@ -121,14 +121,14 @@ func (suite *FileBasedAuthenticationBackend) TestShouldMigrateLegacyConfiguratio
 }
 
 func (suite *FileBasedAuthenticationBackend) TestShouldMigrateLegacyConfigurationSHA512ButNotOverride() {
-	suite.config.File.Password = schema.Password{}
+	suite.config.File.Password = schema.AuthenticationBackendFilePassword{}
 	suite.Equal("", suite.config.File.Password.Algorithm)
 
-	suite.config.File.Password = schema.Password{
+	suite.config.File.Password = schema.AuthenticationBackendFilePassword{
 		Algorithm:  digestSHA512,
 		Iterations: 1000000,
 		SaltLength: 8,
-		SHA2Crypt: schema.SHA2CryptPassword{
+		SHA2Crypt: schema.AuthenticationBackendFilePasswordSHA2Crypt{
 			Variant:    digestSHA256,
 			Iterations: 50000,
 			SaltLength: 12,
@@ -147,10 +147,10 @@ func (suite *FileBasedAuthenticationBackend) TestShouldMigrateLegacyConfiguratio
 }
 
 func (suite *FileBasedAuthenticationBackend) TestShouldMigrateLegacyConfigurationSHA512Alt() {
-	suite.config.File.Password = schema.Password{}
+	suite.config.File.Password = schema.AuthenticationBackendFilePassword{}
 	suite.Equal("", suite.config.File.Password.Algorithm)
 
-	suite.config.File.Password = schema.Password{
+	suite.config.File.Password = schema.AuthenticationBackendFilePassword{
 		Algorithm:  digestSHA512,
 		Iterations: 1000000,
 		SaltLength: 64,
@@ -168,10 +168,10 @@ func (suite *FileBasedAuthenticationBackend) TestShouldMigrateLegacyConfiguratio
 }
 
 func (suite *FileBasedAuthenticationBackend) TestShouldMigrateLegacyConfigurationArgon2() {
-	suite.config.File.Password = schema.Password{}
+	suite.config.File.Password = schema.AuthenticationBackendFilePassword{}
 	suite.Equal("", suite.config.File.Password.Algorithm)
 
-	suite.config.File.Password = schema.Password{
+	suite.config.File.Password = schema.AuthenticationBackendFilePassword{
 		Algorithm:   "argon2id",
 		Iterations:  4,
 		Memory:      1024,
@@ -195,17 +195,17 @@ func (suite *FileBasedAuthenticationBackend) TestShouldMigrateLegacyConfiguratio
 }
 
 func (suite *FileBasedAuthenticationBackend) TestShouldMigrateLegacyConfigurationArgon2ButNotOverride() {
-	suite.config.File.Password = schema.Password{}
+	suite.config.File.Password = schema.AuthenticationBackendFilePassword{}
 	suite.Equal("", suite.config.File.Password.Algorithm)
 
-	suite.config.File.Password = schema.Password{
+	suite.config.File.Password = schema.AuthenticationBackendFilePassword{
 		Algorithm:   "argon2id",
 		Iterations:  4,
 		Memory:      1024,
 		Parallelism: 4,
 		KeyLength:   64,
 		SaltLength:  64,
-		Argon2: schema.Argon2Password{
+		Argon2: schema.AuthenticationBackendFilePasswordArgon2{
 			Variant:     "argon2d",
 			Iterations:  1,
 			Memory:      2048,
@@ -230,7 +230,7 @@ func (suite *FileBasedAuthenticationBackend) TestShouldMigrateLegacyConfiguratio
 }
 
 func (suite *FileBasedAuthenticationBackend) TestShouldMigrateLegacyConfigurationWhenOnlySHA512Set() {
-	suite.config.File.Password = schema.Password{}
+	suite.config.File.Password = schema.AuthenticationBackendFilePassword{}
 	suite.Equal("", suite.config.File.Password.Algorithm)
 	suite.config.File.Password.Algorithm = digestSHA512
 
@@ -246,7 +246,7 @@ func (suite *FileBasedAuthenticationBackend) TestShouldMigrateLegacyConfiguratio
 }
 
 func (suite *FileBasedAuthenticationBackend) TestShouldRaiseErrorOnInvalidArgon2Variant() {
-	suite.config.File.Password = schema.Password{}
+	suite.config.File.Password = schema.AuthenticationBackendFilePassword{}
 	suite.Equal("", suite.config.File.Password.Algorithm)
 	suite.config.File.Password.Algorithm = "argon2"
 	suite.config.File.Password.Argon2.Variant = testInvalid
@@ -260,7 +260,7 @@ func (suite *FileBasedAuthenticationBackend) TestShouldRaiseErrorOnInvalidArgon2
 }
 
 func (suite *FileBasedAuthenticationBackend) TestShouldRaiseErrorOnInvalidSHA2CryptVariant() {
-	suite.config.File.Password = schema.Password{}
+	suite.config.File.Password = schema.AuthenticationBackendFilePassword{}
 	suite.Equal("", suite.config.File.Password.Algorithm)
 	suite.config.File.Password.Algorithm = hashSHA2Crypt
 	suite.config.File.Password.SHA2Crypt.Variant = testInvalid
@@ -274,7 +274,7 @@ func (suite *FileBasedAuthenticationBackend) TestShouldRaiseErrorOnInvalidSHA2Cr
 }
 
 func (suite *FileBasedAuthenticationBackend) TestShouldRaiseErrorOnInvalidSHA2CryptSaltLength() {
-	suite.config.File.Password = schema.Password{}
+	suite.config.File.Password = schema.AuthenticationBackendFilePassword{}
 	suite.Equal("", suite.config.File.Password.Algorithm)
 	suite.config.File.Password.Algorithm = hashSHA2Crypt
 	suite.config.File.Password.SHA2Crypt.SaltLength = 40
@@ -288,7 +288,7 @@ func (suite *FileBasedAuthenticationBackend) TestShouldRaiseErrorOnInvalidSHA2Cr
 }
 
 func (suite *FileBasedAuthenticationBackend) TestShouldRaiseErrorOnInvalidPBKDF2Variant() {
-	suite.config.File.Password = schema.Password{}
+	suite.config.File.Password = schema.AuthenticationBackendFilePassword{}
 	suite.Equal("", suite.config.File.Password.Algorithm)
 	suite.config.File.Password.Algorithm = "pbkdf2"
 	suite.config.File.Password.PBKDF2.Variant = testInvalid
@@ -302,7 +302,7 @@ func (suite *FileBasedAuthenticationBackend) TestShouldRaiseErrorOnInvalidPBKDF2
 }
 
 func (suite *FileBasedAuthenticationBackend) TestShouldRaiseErrorOnInvalidBCryptVariant() {
-	suite.config.File.Password = schema.Password{}
+	suite.config.File.Password = schema.AuthenticationBackendFilePassword{}
 	suite.Equal("", suite.config.File.Password.Algorithm)
 	suite.config.File.Password.Algorithm = "bcrypt"
 	suite.config.File.Password.BCrypt.Variant = testInvalid
@@ -502,10 +502,10 @@ func (suite *FileBasedAuthenticationBackend) TestShouldRaiseErrorWhenBadAlgorith
 
 func (suite *FileBasedAuthenticationBackend) TestShouldSetDefaultValues() {
 	suite.config.File.Password.Algorithm = ""
-	suite.config.File.Password.Iterations = 0
-	suite.config.File.Password.SaltLength = 0
-	suite.config.File.Password.Memory = 0
-	suite.config.File.Password.Parallelism = 0
+	suite.config.File.Password.Iterations = 0  //nolint:staticcheck
+	suite.config.File.Password.SaltLength = 0  //nolint:staticcheck
+	suite.config.File.Password.Memory = 0      //nolint:staticcheck
+	suite.config.File.Password.Parallelism = 0 //nolint:staticcheck
 
 	ValidateAuthenticationBackend(&suite.config, suite.validator)
 
@@ -513,10 +513,10 @@ func (suite *FileBasedAuthenticationBackend) TestShouldSetDefaultValues() {
 	suite.Len(suite.validator.Errors(), 0)
 
 	suite.Equal(schema.DefaultPasswordConfig.Algorithm, suite.config.File.Password.Algorithm)
-	suite.Equal(schema.DefaultPasswordConfig.Iterations, suite.config.File.Password.Iterations)
-	suite.Equal(schema.DefaultPasswordConfig.SaltLength, suite.config.File.Password.SaltLength)
-	suite.Equal(schema.DefaultPasswordConfig.Memory, suite.config.File.Password.Memory)
-	suite.Equal(schema.DefaultPasswordConfig.Parallelism, suite.config.File.Password.Parallelism)
+	suite.Equal(schema.DefaultPasswordConfig.Iterations, suite.config.File.Password.Iterations)   //nolint:staticcheck
+	suite.Equal(schema.DefaultPasswordConfig.SaltLength, suite.config.File.Password.SaltLength)   //nolint:staticcheck
+	suite.Equal(schema.DefaultPasswordConfig.Memory, suite.config.File.Password.Memory)           //nolint:staticcheck
+	suite.Equal(schema.DefaultPasswordConfig.Parallelism, suite.config.File.Password.Parallelism) //nolint:staticcheck
 }
 
 func (suite *FileBasedAuthenticationBackend) TestShouldRaiseErrorWhenResetURLIsInvalid() {
@@ -571,7 +571,7 @@ type LDAPAuthenticationBackendSuite struct {
 func (suite *LDAPAuthenticationBackendSuite) SetupTest() {
 	suite.validator = schema.NewStructValidator()
 	suite.config = schema.AuthenticationBackend{}
-	suite.config.LDAP = &schema.LDAPAuthenticationBackend{}
+	suite.config.LDAP = &schema.AuthenticationBackendLDAP{}
 	suite.config.LDAP.Implementation = schema.LDAPImplementationCustom
 	suite.config.LDAP.Address = &schema.AddressLDAP{Address: *testLDAPAddress}
 	suite.config.LDAP.User = testLDAPUser
@@ -867,7 +867,7 @@ func (suite *LDAPAuthenticationBackendSuite) TestShouldHelpDetectNoInputPlacehol
 }
 
 func (suite *LDAPAuthenticationBackendSuite) TestShouldSetDefaultTLSMinimumVersion() {
-	suite.config.LDAP.TLS = &schema.TLSConfig{MinimumVersion: schema.TLSVersion{}}
+	suite.config.LDAP.TLS = &schema.TLS{MinimumVersion: schema.TLSVersion{}}
 
 	ValidateAuthenticationBackend(&suite.config, suite.validator)
 
@@ -878,7 +878,7 @@ func (suite *LDAPAuthenticationBackendSuite) TestShouldSetDefaultTLSMinimumVersi
 }
 
 func (suite *LDAPAuthenticationBackendSuite) TestShouldNotAllowSSL30() {
-	suite.config.LDAP.TLS = &schema.TLSConfig{
+	suite.config.LDAP.TLS = &schema.TLS{
 		MinimumVersion: schema.TLSVersion{Value: tls.VersionSSL30}, //nolint:staticcheck
 	}
 
@@ -949,7 +949,7 @@ func (suite *LDAPAuthenticationBackendSuite) TestShouldErrorOnMissingMemberOfRDN
 }
 
 func (suite *LDAPAuthenticationBackendSuite) TestShouldNotAllowTLSVerMinGreaterThanVerMax() {
-	suite.config.LDAP.TLS = &schema.TLSConfig{
+	suite.config.LDAP.TLS = &schema.TLS{
 		MinimumVersion: schema.TLSVersion{Value: tls.VersionTLS13},
 		MaximumVersion: schema.TLSVersion{Value: tls.VersionTLS12},
 	}
@@ -973,7 +973,7 @@ type ActiveDirectoryAuthenticationBackendSuite struct {
 func (suite *ActiveDirectoryAuthenticationBackendSuite) SetupTest() {
 	suite.validator = schema.NewStructValidator()
 	suite.config = schema.AuthenticationBackend{}
-	suite.config.LDAP = &schema.LDAPAuthenticationBackend{}
+	suite.config.LDAP = &schema.AuthenticationBackendLDAP{}
 	suite.config.LDAP.Implementation = schema.LDAPImplementationActiveDirectory
 	suite.config.LDAP.Address = &schema.AddressLDAP{Address: *testLDAPAddress}
 	suite.config.LDAP.User = testLDAPUser
@@ -1034,7 +1034,7 @@ type RFC2307bisAuthenticationBackendSuite struct {
 func (suite *RFC2307bisAuthenticationBackendSuite) SetupTest() {
 	suite.validator = schema.NewStructValidator()
 	suite.config = schema.AuthenticationBackend{}
-	suite.config.LDAP = &schema.LDAPAuthenticationBackend{}
+	suite.config.LDAP = &schema.AuthenticationBackendLDAP{}
 	suite.config.LDAP.Implementation = schema.LDAPImplementationRFC2307bis
 	suite.config.LDAP.Address = &schema.AddressLDAP{Address: *testLDAPAddress}
 	suite.config.LDAP.User = testLDAPUser
@@ -1085,7 +1085,7 @@ type FreeIPAAuthenticationBackendSuite struct {
 func (suite *FreeIPAAuthenticationBackendSuite) SetupTest() {
 	suite.validator = schema.NewStructValidator()
 	suite.config = schema.AuthenticationBackend{}
-	suite.config.LDAP = &schema.LDAPAuthenticationBackend{}
+	suite.config.LDAP = &schema.AuthenticationBackendLDAP{}
 	suite.config.LDAP.Implementation = schema.LDAPImplementationFreeIPA
 	suite.config.LDAP.Address = &schema.AddressLDAP{Address: *testLDAPAddress}
 	suite.config.LDAP.User = testLDAPUser
@@ -1136,7 +1136,7 @@ type LLDAPAuthenticationBackendSuite struct {
 func (suite *LLDAPAuthenticationBackendSuite) SetupTest() {
 	suite.validator = schema.NewStructValidator()
 	suite.config = schema.AuthenticationBackend{}
-	suite.config.LDAP = &schema.LDAPAuthenticationBackend{}
+	suite.config.LDAP = &schema.AuthenticationBackendLDAP{}
 	suite.config.LDAP.Implementation = schema.LDAPImplementationLLDAP
 	suite.config.LDAP.Address = &schema.AddressLDAP{Address: *testLDAPAddress}
 	suite.config.LDAP.User = testLDAPUser
@@ -1187,7 +1187,7 @@ type GLAuthAuthenticationBackendSuite struct {
 func (suite *GLAuthAuthenticationBackendSuite) SetupTest() {
 	suite.validator = schema.NewStructValidator()
 	suite.config = schema.AuthenticationBackend{}
-	suite.config.LDAP = &schema.LDAPAuthenticationBackend{}
+	suite.config.LDAP = &schema.AuthenticationBackendLDAP{}
 	suite.config.LDAP.Implementation = schema.LDAPImplementationGLAuth
 	suite.config.LDAP.Address = &schema.AddressLDAP{Address: *testLDAPAddress}
 	suite.config.LDAP.User = testLDAPUser
@@ -1237,7 +1237,7 @@ type LDAPImplementationSuite struct {
 	validator *schema.StructValidator
 }
 
-func (suite *LDAPImplementationSuite) EqualImplementationDefaults(expected schema.LDAPAuthenticationBackend) {
+func (suite *LDAPImplementationSuite) EqualImplementationDefaults(expected schema.AuthenticationBackendLDAP) {
 	suite.Equal(expected.Timeout, suite.config.LDAP.Timeout)
 	suite.Equal(expected.AdditionalUsersDN, suite.config.LDAP.AdditionalUsersDN)
 	suite.Equal(expected.AdditionalGroupsDN, suite.config.LDAP.AdditionalGroupsDN)
@@ -1253,7 +1253,7 @@ func (suite *LDAPImplementationSuite) EqualImplementationDefaults(expected schem
 	suite.Equal(expected.Attributes.GroupName, suite.config.LDAP.Attributes.GroupName)
 }
 
-func (suite *LDAPImplementationSuite) NotEqualImplementationDefaults(expected schema.LDAPAuthenticationBackend) {
+func (suite *LDAPImplementationSuite) NotEqualImplementationDefaults(expected schema.AuthenticationBackendLDAP) {
 	suite.NotEqual(expected.Timeout, suite.config.LDAP.Timeout)
 	suite.NotEqual(expected.UsersFilter, suite.config.LDAP.UsersFilter)
 	suite.NotEqual(expected.GroupsFilter, suite.config.LDAP.GroupsFilter)
author	James Elliott <james-d-elliott@users.noreply.github.com>	2023-09-03 16:01:46 +1000
committer	GitHub <noreply@github.com>	2023-09-03 16:01:46 +1000
commit	40026701fdf604b874334166b9984f6ac003f0fa (patch)
tree	7e7f90d62e07a627c8fc4e6335749d45ebcedd25 /internal/configuration/validator/authentication_test.go
parent	3d1a02a8d3aa75e2e7bd2d7520e29518d11afa62 (diff)