diff options
| author | James Elliott <james-d-elliott@users.noreply.github.com> | 2021-03-05 15:18:31 +1100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-03-05 15:18:31 +1100 |
| commit | 4dce8f94962d3bd0099bbb202f76696a551d099b (patch) | |
| tree | fdc3bba51d8f23b6866ddbbbd9e9feb50e9fb293 /internal/handlers/handler_firstfactor_test.go | |
| parent | 455b8590477f0ec7841e6766294937cecb94640f (diff) | |
perf(authorizer): preload access control lists (#1640)
* adjust session refresh to always occur (for disabled users)
* feat: adds filtering option for Request Method in ACL's
* simplify flow of internal/authorization/authorizer.go's methods
* implement query string checking
* utilize authorizer.Object fully
* make matchers uniform
* add tests
* add missing request methods
* add frontend enhancements to handle request method
* add request method to 1FA Handler Suite
* add internal ACL representations (preparsing)
* expand on access_control next
* add docs
* remove unnecessary slice for network names and instead just use a plain string
* add warning for ineffectual bypass policy (due to subjects)
* add user/group wildcard support
* fix(authorization): allow subject rules to match anonymous users
* feat(api): add new params
* docs(api): wording adjustments
* test: add request method into testing and proxy docs
* test: add several checks and refactor schema validation for ACL
* test: add integration test for methods acl
* refactor: apply suggestions from code review
* docs(authorization): update description
Diffstat (limited to 'internal/handlers/handler_firstfactor_test.go')
| -rw-r--r-- | internal/handlers/handler_firstfactor_test.go | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/internal/handlers/handler_firstfactor_test.go b/internal/handlers/handler_firstfactor_test.go index 4e10b4a64..b78c0de76 100644 --- a/internal/handlers/handler_firstfactor_test.go +++ b/internal/handlers/handler_firstfactor_test.go @@ -210,6 +210,7 @@ func (s *FirstFactorSuite) TestShouldAuthenticateUserWithRememberMeUnchecked() { s.mock.Ctx.Request.SetBodyString(`{ "username": "test", "password": "hello", + "requestMethod": "GET", "keepMeLoggedIn": false }`) FirstFactorPost(0, false)(s.mock.Ctx) @@ -253,6 +254,7 @@ func (s *FirstFactorSuite) TestShouldSaveUsernameFromAuthenticationBackendInSess s.mock.Ctx.Request.SetBodyString(`{ "username": "test", "password": "hello", + "requestMethod": "GET", "keepMeLoggedIn": true }`) FirstFactorPost(0, false)(s.mock.Ctx) @@ -323,6 +325,7 @@ func (s *FirstFactorRedirectionSuite) TestShouldRedirectToDefaultURLWhenNoTarget s.mock.Ctx.Request.SetBodyString(`{ "username": "test", "password": "hello", + "requestMethod": "GET", "keepMeLoggedIn": false }`) FirstFactorPost(0, false)(s.mock.Ctx) @@ -341,6 +344,7 @@ func (s *FirstFactorRedirectionSuite) TestShouldRedirectToDefaultURLWhenURLIsUns s.mock.Ctx.Request.SetBodyString(`{ "username": "test", "password": "hello", + "requestMethod": "GET", "keepMeLoggedIn": false, "targetURL": "http://notsafe.local" }`) @@ -362,6 +366,7 @@ func (s *FirstFactorRedirectionSuite) TestShouldReply200WhenNoTargetURLProvidedA s.mock.Ctx.Request.SetBodyString(`{ "username": "test", "password": "hello", + "requestMethod": "GET", "keepMeLoggedIn": false }`) @@ -392,6 +397,7 @@ func (s *FirstFactorRedirectionSuite) TestShouldReply200WhenUnsafeTargetURLProvi s.mock.Ctx.Request.SetBodyString(`{ "username": "test", "password": "hello", + "requestMethod": "GET", "keepMeLoggedIn": false }`) |