diff options
| author | James Elliott <james-d-elliott@users.noreply.github.com> | 2025-02-24 18:49:15 +1100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-02-24 18:49:15 +1100 |
| commit | 05fa254f27e6a1eee89abe8c5512d27de77cd7e7 (patch) | |
| tree | 8f56e80b855f611000fe142303026f0ed71ef7ed /internal/configuration/validator/server_test.go | |
| parent | 194dd221ab7a5f2c9667b967532152df4914226a (diff) | |
feat(handlers): basic authz caching (#8320)
This adds the ability to cache successful basic authz attempts. This is done via a memory store that uses the HMAC-SHA256 algorithm to perform irreversible comparison of input parameters and has a maximum lifetime.
Closes #5006
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Diffstat (limited to 'internal/configuration/validator/server_test.go')
| -rw-r--r-- | internal/configuration/validator/server_test.go | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/internal/configuration/validator/server_test.go b/internal/configuration/validator/server_test.go index c4e7b6e62..24c080baa 100644 --- a/internal/configuration/validator/server_test.go +++ b/internal/configuration/validator/server_test.go @@ -430,6 +430,15 @@ func TestServerAuthzEndpointErrors(t *testing.T) { }, }, { + "ShouldErrorOnInvalidSchemeOption", + map[string]schema.ServerEndpointsAuthz{ + "example": {Implementation: "ForwardAuth", AuthnStrategies: []schema.ServerEndpointsAuthzAuthnStrategy{{Name: "HeaderAuthorization", SchemeBasicCacheLifespan: time.Minute, Schemes: []string{"bearer"}}}}, + }, + []string{ + "server: endpoints: authz: example: authn_strategies: strategy #1: option 'scheme_basic_cache_lifespan' can't be configured unless the 'basic' scheme is configured but only the 'bearer' schemes are configured", + }, + }, + { "ShouldErrorOnInvalidChars", map[string]schema.ServerEndpointsAuthz{ "/abc": {Implementation: "ForwardAuth"}, |