fix: redis sentinel secret missing (#1839)

* fix: redis sentinel secret missing

* refactor: use consts for authentication_backend.file.password errs

* fix: unit test for new default port

* test: cover additional misses

* test: fix windows/linux specific test error

* test: more windows specific tests

* test: remove superfluous url.IsAbs

* test: validator 100% coverage

1 files changed, 29 insertions, 9 deletions

diff --git a/internal/configuration/validator/secrets.go b/internal/configuration/validator/secrets.go
index cd6305808..244022aef 100644
--- a/internal/configuration/validator/secrets.go
+++ b/internal/configuration/validator/secrets.go
@@ -10,39 +10,59 @@ import (
 	"github.com/authelia/authelia/internal/configuration/schema"
 )
 
+// SecretNameToEnvName converts a secret name into the env name.
+func SecretNameToEnvName(secretName string) (envName string) {
+	return "authelia." + secretName + ".file"
+}
+
+func isSecretKey(value string) (isSecretKey bool) {
+	for _, secretKey := range SecretNames {
+		if value == secretKey || value == SecretNameToEnvName(secretKey) {
+			return true
+		}
+	}
+
+	return false
+}
+
 // ValidateSecrets checks that secrets are either specified by config file/env or by file references.
 func ValidateSecrets(configuration *schema.Configuration, validator *schema.StructValidator, viper *viper.Viper) {
-	configuration.JWTSecret = getSecretValue("jwt_secret", validator, viper)
-	configuration.Session.Secret = getSecretValue("session.secret", validator, viper)
+	configuration.JWTSecret = getSecretValue(SecretNames["JWTSecret"], validator, viper)
+	configuration.Session.Secret = getSecretValue(SecretNames["SessionSecret"], validator, viper)
 
 	if configuration.DuoAPI != nil {
-		configuration.DuoAPI.SecretKey = getSecretValue("duo_api.secret_key", validator, viper)
+		configuration.DuoAPI.SecretKey = getSecretValue(SecretNames["DUOSecretKey"], validator, viper)
 	}
 
 	if configuration.Session.Redis != nil {
-		configuration.Session.Redis.Password = getSecretValue("session.redis.password", validator, viper)
+		configuration.Session.Redis.Password = getSecretValue(SecretNames["RedisPassword"], validator, viper)
+
+		if configuration.Session.Redis.HighAvailability != nil {
+			configuration.Session.Redis.HighAvailability.SentinelPassword =
+				getSecretValue(SecretNames["RedisSentinelPassword"], validator, viper)
+		}
 	}
 
 	if configuration.AuthenticationBackend.Ldap != nil {
-		configuration.AuthenticationBackend.Ldap.Password = getSecretValue("authentication_backend.ldap.password", validator, viper)
+		configuration.AuthenticationBackend.Ldap.Password = getSecretValue(SecretNames["LDAPPassword"], validator, viper)
 	}
 
 	if configuration.Notifier != nil && configuration.Notifier.SMTP != nil {
-		configuration.Notifier.SMTP.Password = getSecretValue("notifier.smtp.password", validator, viper)
+		configuration.Notifier.SMTP.Password = getSecretValue(SecretNames["SMTPPassword"], validator, viper)
 	}
 
 	if configuration.Storage.MySQL != nil {
-		configuration.Storage.MySQL.Password = getSecretValue("storage.mysql.password", validator, viper)
+		configuration.Storage.MySQL.Password = getSecretValue(SecretNames["MySQLPassword"], validator, viper)
 	}
 
 	if configuration.Storage.PostgreSQL != nil {
-		configuration.Storage.PostgreSQL.Password = getSecretValue("storage.postgres.password", validator, viper)
+		configuration.Storage.PostgreSQL.Password = getSecretValue(SecretNames["PostgreSQLPassword"], validator, viper)
 	}
 }
 
 func getSecretValue(name string, validator *schema.StructValidator, viper *viper.Viper) string {
 	configValue := viper.GetString(name)
-	fileEnvValue := viper.GetString("authelia." + name + ".file")
+	fileEnvValue := viper.GetString(SecretNameToEnvName(name))
 
 	// Error Checking.
 	if fileEnvValue != "" && configValue != "" {