diff options
| author | James Elliott <james-d-elliott@users.noreply.github.com> | 2025-02-23 22:10:30 +1100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-02-23 22:10:30 +1100 |
| commit | 5e40d974e9a8ef6ff0fce09873d2c03720e7ca45 (patch) | |
| tree | 12481ce7d722fab08512bae48858f7921e87e346 /internal/handlers/handler_authz_test.go | |
| parent | 3dad392ea455d9a63dd79ad788a9aebfc02fca3e (diff) | |
feat(regulation): ip bans and unbanning (#7230)
This adds several new features to the regulation functionality including IP banning and the ability to unban users.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Diffstat (limited to 'internal/handlers/handler_authz_test.go')
| -rw-r--r-- | internal/handlers/handler_authz_test.go | 399 |
1 files changed, 343 insertions, 56 deletions
diff --git a/internal/handlers/handler_authz_test.go b/internal/handlers/handler_authz_test.go index 253893093..e3161cb90 100644 --- a/internal/handlers/handler_authz_test.go +++ b/internal/handlers/handler_authz_test.go @@ -16,6 +16,7 @@ import ( "github.com/authelia/authelia/v4/internal/middlewares" "github.com/authelia/authelia/v4/internal/mocks" "github.com/authelia/authelia/v4/internal/model" + "github.com/authelia/authelia/v4/internal/regulation" "github.com/authelia/authelia/v4/internal/session" "github.com/authelia/authelia/v4/internal/utils" ) @@ -141,6 +142,8 @@ func (s *AuthzSuite) TestShouldApplyDefaultPolicy() { defer mock.Close() + setUpMockClock(mock) + s.ConfigureMockSessionProviderWithAutomaticAutheliaURLs(mock) targetURI := s.RequireParseRequestURI("https://test.example.com") @@ -149,16 +152,41 @@ func (s *AuthzSuite) TestShouldApplyDefaultPolicy() { mock.Ctx.Request.Header.Set(fasthttp.HeaderProxyAuthorization, "Basic am9objpwYXNzd29yZA==") - mock.UserProviderMock.EXPECT(). - CheckUserPassword(gomock.Eq("john"), gomock.Eq("password")). - Return(true, nil) + switch s.implementation { + case AuthzImplLegacy: + break + default: + mock.StorageMock. + EXPECT(). + LoadBannedIP(gomock.Eq(mock.Ctx), gomock.Eq(model.NewIP(mock.Ctx.RemoteIP()))).Return(nil, nil) + + mock.StorageMock. + EXPECT(). + LoadBannedUser(gomock.Eq(mock.Ctx), gomock.Eq("john")).Return(nil, nil) + + attempt := model.AuthenticationAttempt{ + Time: mock.Ctx.Clock.Now(), + Successful: true, + Banned: false, + Username: "john", + Type: regulation.AuthType1FA, + RemoteIP: model.NewNullIP(mock.Ctx.RemoteIP()), + RequestURI: "https://test.example.com", + RequestMethod: fasthttp.MethodGet, + } - mock.UserProviderMock.EXPECT(). - GetDetails(gomock.Eq("john")). - Return(&authentication.UserDetails{ - Emails: []string{"john@example.com"}, - Groups: []string{"dev", "admins"}, - }, nil) + mock.StorageMock. + EXPECT(). + AppendAuthenticationLog(gomock.Eq(mock.Ctx), gomock.Eq(attempt)).Return(nil) + } + + mock.UserProviderMock. + EXPECT(). + CheckUserPassword(gomock.Eq("john"), gomock.Eq("password")).Return(true, nil) + + mock.UserProviderMock. + EXPECT(). + GetDetails(gomock.Eq("john")).Return(&authentication.UserDetails{Emails: []string{"john@example.com"}, Groups: []string{"dev", "admins"}}, nil) authz.Handler(mock.Ctx) @@ -223,6 +251,8 @@ func (s *AuthzSuite) TestShouldApplyPolicyOfBypassDomain() { defer mock.Close() + setUpMockClock(mock) + s.ConfigureMockSessionProviderWithAutomaticAutheliaURLs(mock) targetURI := s.RequireParseRequestURI("https://bypass.example.com") @@ -231,6 +261,34 @@ func (s *AuthzSuite) TestShouldApplyPolicyOfBypassDomain() { mock.Ctx.Request.Header.Set(fasthttp.HeaderProxyAuthorization, "Basic am9objpwYXNzd29yZA==") + switch s.implementation { + case AuthzImplLegacy: + break + default: + mock.StorageMock. + EXPECT(). + LoadBannedIP(gomock.Eq(mock.Ctx), gomock.Eq(model.NewIP(mock.Ctx.RemoteIP()))).Return(nil, nil) + + mock.StorageMock. + EXPECT(). + LoadBannedUser(gomock.Eq(mock.Ctx), gomock.Eq("john")).Return(nil, nil) + + attempt := model.AuthenticationAttempt{ + Time: mock.Ctx.Clock.Now(), + Successful: true, + Banned: false, + Username: "john", + Type: regulation.AuthType1FA, + RemoteIP: model.NewNullIP(mock.Ctx.RemoteIP()), + RequestURI: "https://bypass.example.com", + RequestMethod: fasthttp.MethodGet, + } + + mock.StorageMock. + EXPECT(). + AppendAuthenticationLog(gomock.Eq(mock.Ctx), gomock.Eq(attempt)).Return(nil) + } + mock.UserProviderMock.EXPECT(). CheckUserPassword(gomock.Eq("john"), gomock.Eq("password")). Return(true, nil) @@ -260,6 +318,8 @@ func (s *AuthzSuite) TestShouldVerifyFailureToGetDetailsUsingBasicScheme() { defer mock.Close() + setUpMockClock(mock) + s.ConfigureMockSessionProviderWithAutomaticAutheliaURLs(mock) targetURI := s.RequireParseRequestURI("https://one-factor.example.com") @@ -268,15 +328,41 @@ func (s *AuthzSuite) TestShouldVerifyFailureToGetDetailsUsingBasicScheme() { mock.Ctx.Request.Header.Set(fasthttp.HeaderProxyAuthorization, "Basic am9objpwYXNzd29yZA==") - gomock.InOrder( - mock.UserProviderMock.EXPECT(). - CheckUserPassword(gomock.Eq("john"), gomock.Eq("password")). - Return(true, nil), + switch s.implementation { + case AuthzImplLegacy: + break + default: + mock.StorageMock. + EXPECT(). + LoadBannedIP(gomock.Eq(mock.Ctx), gomock.Eq(model.NewIP(mock.Ctx.RemoteIP()))).Return(nil, nil) + + mock.StorageMock. + EXPECT(). + LoadBannedUser(gomock.Eq(mock.Ctx), gomock.Eq("john")).Return(nil, nil) + + attempt := model.AuthenticationAttempt{ + Time: mock.Ctx.Clock.Now(), + Successful: true, + Banned: false, + Username: "john", + Type: regulation.AuthType1FA, + RemoteIP: model.NewNullIP(mock.Ctx.RemoteIP()), + RequestURI: "https://one-factor.example.com", + RequestMethod: fasthttp.MethodGet, + } - mock.UserProviderMock.EXPECT(). - GetDetails(gomock.Eq("john")). - Return(nil, fmt.Errorf("generic failure")), - ) + mock.StorageMock. + EXPECT(). + AppendAuthenticationLog(gomock.Eq(mock.Ctx), gomock.Eq(attempt)).Return(nil) + } + + mock.UserProviderMock.EXPECT(). + CheckUserPassword(gomock.Eq("john"), gomock.Eq("password")). + Return(true, nil) + + mock.UserProviderMock.EXPECT(). + GetDetails(gomock.Eq("john")). + Return(nil, fmt.Errorf("generic failure")) authz.Handler(mock.Ctx) @@ -303,6 +389,8 @@ func (s *AuthzSuite) TestShouldVerifyBypassWithErrorToGetDetailsUsingBasicScheme defer mock.Close() + setUpMockClock(mock) + s.ConfigureMockSessionProviderWithAutomaticAutheliaURLs(mock) targetURI := s.RequireParseRequestURI("https://bypass.example.com") @@ -311,6 +399,34 @@ func (s *AuthzSuite) TestShouldVerifyBypassWithErrorToGetDetailsUsingBasicScheme mock.Ctx.Request.Header.Set(fasthttp.HeaderProxyAuthorization, "Basic am9objpwYXNzd29yZA==") + switch s.implementation { + case AuthzImplLegacy: + break + default: + mock.StorageMock. + EXPECT(). + LoadBannedIP(gomock.Eq(mock.Ctx), gomock.Eq(model.NewIP(mock.Ctx.RemoteIP()))).Return(nil, nil) + + mock.StorageMock. + EXPECT(). + LoadBannedUser(gomock.Eq(mock.Ctx), gomock.Eq("john")).Return(nil, nil) + + attempt := model.AuthenticationAttempt{ + Time: mock.Ctx.Clock.Now(), + Successful: true, + Banned: false, + Username: "john", + Type: regulation.AuthType1FA, + RemoteIP: model.NewNullIP(mock.Ctx.RemoteIP()), + RequestURI: "https://bypass.example.com", + RequestMethod: fasthttp.MethodGet, + } + + mock.StorageMock. + EXPECT(). + AppendAuthenticationLog(gomock.Eq(mock.Ctx), gomock.Eq(attempt)).Return(nil) + } + gomock.InOrder( mock.UserProviderMock.EXPECT(). CheckUserPassword(gomock.Eq("john"), gomock.Eq("password")). @@ -441,9 +557,7 @@ func (s *AuthzSuite) TestShouldNotFailOnMissingEmail() { defer mock.Close() - mock.Ctx.Clock = &mock.Clock - - mock.Clock.Set(time.Now()) + setUpMockClock(mock) authz := s.Builder().WithConfig(&mock.Ctx.Configuration).Build() @@ -484,6 +598,8 @@ func (s *AuthzSuite) TestShouldApplyPolicyOfOneFactorDomain() { defer mock.Close() + setUpMockClock(mock) + s.ConfigureMockSessionProviderWithAutomaticAutheliaURLs(mock) targetURI := s.RequireParseRequestURI("https://one-factor.example.com") @@ -492,6 +608,34 @@ func (s *AuthzSuite) TestShouldApplyPolicyOfOneFactorDomain() { mock.Ctx.Request.Header.Set(fasthttp.HeaderProxyAuthorization, "Basic am9objpwYXNzd29yZA==") + switch s.implementation { + case AuthzImplLegacy: + break + default: + mock.StorageMock. + EXPECT(). + LoadBannedIP(gomock.Eq(mock.Ctx), gomock.Eq(model.NewIP(mock.Ctx.RemoteIP()))).Return(nil, nil) + + mock.StorageMock. + EXPECT(). + LoadBannedUser(gomock.Eq(mock.Ctx), gomock.Eq("john")).Return(nil, nil) + + attempt := model.AuthenticationAttempt{ + Time: mock.Ctx.Clock.Now(), + Successful: true, + Banned: false, + Username: "john", + Type: regulation.AuthType1FA, + RemoteIP: model.NewNullIP(mock.Ctx.RemoteIP()), + RequestURI: "https://one-factor.example.com", + RequestMethod: fasthttp.MethodGet, + } + + mock.StorageMock. + EXPECT(). + AppendAuthenticationLog(gomock.Eq(mock.Ctx), gomock.Eq(attempt)).Return(nil) + } + mock.UserProviderMock.EXPECT(). CheckUserPassword(gomock.Eq("john"), gomock.Eq("password")). Return(true, nil) @@ -532,6 +676,10 @@ func (s *AuthzSuite) TestShouldHandleAnyCaseSchemeParameter() { defer mock.Close() + mock.Ctx.Clock = &mock.Clock + + mock.Clock.Set(time.Now()) + s.ConfigureMockSessionProviderWithAutomaticAutheliaURLs(mock) targetURI := s.RequireParseRequestURI("https://one-factor.example.com") @@ -540,6 +688,34 @@ func (s *AuthzSuite) TestShouldHandleAnyCaseSchemeParameter() { mock.Ctx.Request.Header.Set(fasthttp.HeaderProxyAuthorization, fmt.Sprintf("%s am9objpwYXNzd29yZA==", tc.scheme)) + switch s.implementation { + case AuthzImplLegacy: + break + default: + mock.StorageMock. + EXPECT(). + LoadBannedIP(gomock.Eq(mock.Ctx), gomock.Eq(model.NewIP(mock.Ctx.RemoteIP()))).Return(nil, nil) + + mock.StorageMock. + EXPECT(). + LoadBannedUser(gomock.Eq(mock.Ctx), gomock.Eq("john")).Return(nil, nil) + + attempt := model.AuthenticationAttempt{ + Time: mock.Ctx.Clock.Now(), + Successful: true, + Banned: false, + Username: "john", + Type: regulation.AuthType1FA, + RemoteIP: model.NewNullIP(mock.Ctx.RemoteIP()), + RequestURI: "https://one-factor.example.com", + RequestMethod: fasthttp.MethodGet, + } + + mock.StorageMock. + EXPECT(). + AppendAuthenticationLog(gomock.Eq(mock.Ctx), gomock.Eq(attempt)).Return(nil) + } + mock.UserProviderMock.EXPECT(). CheckUserPassword(gomock.Eq("john"), gomock.Eq("password")). Return(true, nil) @@ -571,6 +747,8 @@ func (s *AuthzSuite) TestShouldApplyPolicyOfTwoFactorDomain() { defer mock.Close() + setUpMockClock(mock) + s.ConfigureMockSessionProviderWithAutomaticAutheliaURLs(mock) targetURI := s.RequireParseRequestURI("https://two-factor.example.com") @@ -579,6 +757,34 @@ func (s *AuthzSuite) TestShouldApplyPolicyOfTwoFactorDomain() { mock.Ctx.Request.Header.Set(fasthttp.HeaderProxyAuthorization, "Basic am9objpwYXNzd29yZA==") + switch s.implementation { + case AuthzImplLegacy: + break + default: + mock.StorageMock. + EXPECT(). + LoadBannedIP(gomock.Eq(mock.Ctx), gomock.Eq(model.NewIP(mock.Ctx.RemoteIP()))).Return(nil, nil) + + mock.StorageMock. + EXPECT(). + LoadBannedUser(gomock.Eq(mock.Ctx), gomock.Eq("john")).Return(nil, nil) + + attempt := model.AuthenticationAttempt{ + Time: mock.Ctx.Clock.Now(), + Successful: true, + Banned: false, + Username: "john", + Type: regulation.AuthType1FA, + RemoteIP: model.NewNullIP(mock.Ctx.RemoteIP()), + RequestURI: "https://two-factor.example.com", + RequestMethod: fasthttp.MethodGet, + } + + mock.StorageMock. + EXPECT(). + AppendAuthenticationLog(gomock.Eq(mock.Ctx), gomock.Eq(attempt)).Return(nil) + } + mock.UserProviderMock.EXPECT(). CheckUserPassword(gomock.Eq("john"), gomock.Eq("password")). Return(true, nil) @@ -615,6 +821,8 @@ func (s *AuthzSuite) TestShouldApplyPolicyOfDenyDomain() { defer mock.Close() + setUpMockClock(mock) + s.ConfigureMockSessionProviderWithAutomaticAutheliaURLs(mock) targetURI := s.RequireParseRequestURI("https://deny.example.com") @@ -623,6 +831,34 @@ func (s *AuthzSuite) TestShouldApplyPolicyOfDenyDomain() { mock.Ctx.Request.Header.Set(fasthttp.HeaderProxyAuthorization, "Basic am9objpwYXNzd29yZA==") + switch s.implementation { + case AuthzImplLegacy: + break + default: + mock.StorageMock. + EXPECT(). + LoadBannedIP(gomock.Eq(mock.Ctx), gomock.Eq(model.NewIP(mock.Ctx.RemoteIP()))).Return(nil, nil) + + mock.StorageMock. + EXPECT(). + LoadBannedUser(gomock.Eq(mock.Ctx), gomock.Eq("john")).Return(nil, nil) + + attempt := model.AuthenticationAttempt{ + Time: mock.Ctx.Clock.Now(), + Successful: true, + Banned: false, + Username: "john", + Type: regulation.AuthType1FA, + RemoteIP: model.NewNullIP(mock.Ctx.RemoteIP()), + RequestURI: "https://deny.example.com", + RequestMethod: fasthttp.MethodGet, + } + + mock.StorageMock. + EXPECT(). + AppendAuthenticationLog(gomock.Eq(mock.Ctx), gomock.Eq(attempt)).Return(nil) + } + mock.UserProviderMock.EXPECT(). CheckUserPassword(gomock.Eq("john"), gomock.Eq("password")). Return(true, nil) @@ -642,12 +878,10 @@ func (s *AuthzSuite) TestShouldApplyPolicyOfDenyDomain() { } func (s *AuthzSuite) TestShouldApplyPolicyOfOneFactorDomainWithAuthorizationHeader() { - if s.setRequest == nil { + if s.setRequest == nil || s.implementation == AuthzImplLegacy { s.T().Skip() } - // Equivalent of TestShouldVerifyAuthBasicArgOk. - builder := NewAuthzBuilder().WithImplementationLegacy() builder = builder.WithStrategies( @@ -662,6 +896,8 @@ func (s *AuthzSuite) TestShouldApplyPolicyOfOneFactorDomainWithAuthorizationHead defer mock.Close() + setUpMockClock(mock) + s.ConfigureMockSessionProviderWithAutomaticAutheliaURLs(mock) targetURI := s.RequireParseRequestURI("https://one-factor.example.com") @@ -670,6 +906,39 @@ func (s *AuthzSuite) TestShouldApplyPolicyOfOneFactorDomainWithAuthorizationHead mock.Ctx.Request.Header.Set(fasthttp.HeaderAuthorization, "Basic am9objpwYXNzd29yZA==") + switch s.implementation { + case AuthzImplLegacy: + break + default: + mock.StorageMock. + EXPECT(). + LoadBannedIP(gomock.Eq(mock.Ctx), gomock.Eq(model.NewIP(mock.Ctx.RemoteIP()))).Return(nil, nil) + + mock.StorageMock. + EXPECT(). + LoadBannedUser(gomock.Eq(mock.Ctx), gomock.Eq("john")).Return(nil, nil) + + attempt := model.AuthenticationAttempt{ + Time: mock.Ctx.Clock.Now(), + Successful: true, + Banned: false, + Username: "john", + Type: regulation.AuthType1FA, + RemoteIP: model.NewNullIP(mock.Ctx.RemoteIP()), + RequestURI: "https://one-factor.example.com", + RequestMethod: fasthttp.MethodGet, + } + + switch s.implementation { + case AuthzImplExtAuthz, AuthzImplForwardAuth: + attempt.RequestURI += "/" + } + + mock.StorageMock. + EXPECT(). + AppendAuthenticationLog(gomock.Eq(mock.Ctx), gomock.Eq(attempt)).Return(nil) + } + mock.UserProviderMock.EXPECT(). CheckUserPassword(gomock.Eq("john"), gomock.Eq("password")). Return(true, nil) @@ -757,12 +1026,10 @@ func (s *AuthzSuite) TestShouldHandleAuthzWithEmptyAuthorizationHeader() { } func (s *AuthzSuite) TestShouldHandleAuthzWithAuthorizationHeaderInvalidPassword() { - if s.setRequest == nil { + if s.setRequest == nil || s.implementation == AuthzImplLegacy { s.T().Skip() } - // Equivalent of TestShouldVerifyAuthBasicArgFailingWrongPassword. - builder := NewAuthzBuilder().WithImplementationLegacy() builder = builder.WithStrategies( @@ -776,6 +1043,8 @@ func (s *AuthzSuite) TestShouldHandleAuthzWithAuthorizationHeaderInvalidPassword defer mock.Close() + setUpMockClock(mock) + s.ConfigureMockSessionProviderWithAutomaticAutheliaURLs(mock) targetURI := s.RequireParseRequestURI("https://one-factor.example.com") @@ -784,6 +1053,39 @@ func (s *AuthzSuite) TestShouldHandleAuthzWithAuthorizationHeaderInvalidPassword mock.Ctx.Request.Header.Set(fasthttp.HeaderAuthorization, "Basic am9objpwYXNzd29yZA==") + switch s.implementation { + case AuthzImplLegacy: + break + default: + mock.StorageMock. + EXPECT(). + LoadBannedIP(gomock.Eq(mock.Ctx), gomock.Eq(model.NewIP(mock.Ctx.RemoteIP()))).Return(nil, nil) + + mock.StorageMock. + EXPECT(). + LoadBannedUser(gomock.Eq(mock.Ctx), gomock.Eq("john")).Return(nil, nil) + + attempt := model.AuthenticationAttempt{ + Time: mock.Ctx.Clock.Now(), + Successful: false, + Banned: false, + Username: "john", + Type: regulation.AuthType1FA, + RemoteIP: model.NewNullIP(mock.Ctx.RemoteIP()), + RequestURI: "https://one-factor.example.com", + RequestMethod: fasthttp.MethodGet, + } + + switch s.implementation { + case AuthzImplExtAuthz, AuthzImplForwardAuth: + attempt.RequestURI += "/" + } + + mock.StorageMock. + EXPECT(). + AppendAuthenticationLog(gomock.Eq(mock.Ctx), gomock.Eq(attempt)).Return(nil) + } + mock.UserProviderMock.EXPECT(). CheckUserPassword(gomock.Eq("john"), gomock.Eq("password")). Return(false, nil) @@ -844,9 +1146,7 @@ func (s *AuthzSuite) TestShouldDestroySessionWhenInactiveForTooLong() { defer mock.Close() - mock.Ctx.Clock = &mock.Clock - - mock.Clock.Set(time.Now()) + setUpMockClock(mock) past := mock.Clock.Now().Add(-1 * time.Hour) @@ -895,9 +1195,7 @@ func (s *AuthzSuite) TestShouldNotDestroySessionWhenInactiveForTooLongRememberMe defer mock.Close() - mock.Ctx.Clock = &mock.Clock - - mock.Clock.Set(time.Now()) + setUpMockClock(mock) mock.Ctx.Configuration.Session.Cookies[0].Inactivity = testInactivity @@ -946,9 +1244,7 @@ func (s *AuthzSuite) TestShouldNotDestroySessionWhenNotInactiveForTooLong() { defer mock.Close() - mock.Ctx.Clock = &mock.Clock - - mock.Clock.Set(time.Now()) + setUpMockClock(mock) mock.Ctx.Configuration.Session.Cookies[0].Inactivity = testInactivity @@ -998,9 +1294,7 @@ func (s *AuthzSuite) TestShouldUpdateInactivityTimestampEvenWhenHittingForbidden defer mock.Close() - mock.Ctx.Clock = &mock.Clock - - mock.Clock.Set(time.Now()) + setUpMockClock(mock) mock.Ctx.Configuration.Session.Cookies[0].Inactivity = testInactivity @@ -1144,9 +1438,7 @@ func (s *AuthzSuite) TestShouldDestroySessionWhenUserDoesNotExist() { defer mock.Close() - mock.Ctx.Clock = &mock.Clock - - mock.Clock.Set(time.Now()) + setUpMockClock(mock) mock.Ctx.Configuration.Session.Cookies[0].Inactivity = testInactivity @@ -1233,9 +1525,7 @@ func (s *AuthzSuite) TestShouldUpdateRemovedUserGroupsFromBackendAndDeny() { defer mock.Close() - mock.Ctx.Clock = &mock.Clock - - mock.Clock.Set(time.Now()) + setUpMockClock(mock) mock.Ctx.Configuration.Session.Cookies[0].Inactivity = testInactivity @@ -1320,9 +1610,7 @@ func (s *AuthzSuite) TestShouldUpdateAddedUserGroupsFromBackendAndDeny() { defer mock.Close() - mock.Ctx.Clock = &mock.Clock - - mock.Clock.Set(time.Now()) + setUpMockClock(mock) mock.Ctx.Configuration.Session.Cookies[0].Inactivity = testInactivity @@ -1406,9 +1694,7 @@ func (s *AuthzSuite) TestShouldCheckValidSessionUsernameHeaderAndReturn200() { defer mock.Close() - mock.Ctx.Clock = &mock.Clock - - mock.Clock.Set(time.Now()) + setUpMockClock(mock) mock.Ctx.Configuration.Session.Cookies[0].Inactivity = testInactivity @@ -1459,9 +1745,7 @@ func (s *AuthzSuite) TestShouldCheckInvalidSessionUsernameHeaderAndReturn401AndD defer mock.Close() - mock.Ctx.Clock = &mock.Clock - - mock.Clock.Set(time.Now()) + setUpMockClock(mock) mock.Ctx.Configuration.Session.Cookies[0].Inactivity = testInactivity @@ -1530,9 +1814,7 @@ func (s *AuthzSuite) TestShouldNotRedirectRequestsForBypassACLWhenInactiveForToo defer mock.Close() - mock.Ctx.Clock = &mock.Clock - - mock.Clock.Set(time.Now()) + setUpMockClock(mock) past := mock.Clock.Now().Add(-24 * time.Hour) @@ -1652,3 +1934,8 @@ type urlpair struct { TargetURI *url.URL AutheliaURI *url.URL } + +func setUpMockClock(mock *mocks.MockAutheliaCtx) { + mock.Ctx.Clock = &mock.Clock + mock.Clock.Set(time.Now()) +} |