diff options
| author | James Elliott <james-d-elliott@users.noreply.github.com> | 2021-06-18 11:38:01 +1000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-06-18 11:38:01 +1000 |
| commit | ef3c2faeb5a8d4ae30fa55fdaed5718e32f11364 (patch) | |
| tree | 982cb547306d93dd54b85eec5552e00f3dbdf751 /internal/handlers/handler_firstfactor_test.go | |
| parent | 438555886ee8cca96191e15bbfb6850361339cd5 (diff) | |
fix(authorization): configuration reports 2fa disabled with 2fa oidc clients (#2089)
This resolves an issue where if you have zero two_factor ACL rules but enabled two_factor OIDC clients, 2FA is reported as disabled.
Diffstat (limited to 'internal/handlers/handler_firstfactor_test.go')
| -rw-r--r-- | internal/handlers/handler_firstfactor_test.go | 34 |
1 files changed, 18 insertions, 16 deletions
diff --git a/internal/handlers/handler_firstfactor_test.go b/internal/handlers/handler_firstfactor_test.go index b78c0de76..0c005e004 100644 --- a/internal/handlers/handler_firstfactor_test.go +++ b/internal/handlers/handler_firstfactor_test.go @@ -288,8 +288,7 @@ func (s *FirstFactorRedirectionSuite) SetupTest() { Policy: "one_factor", }, } - s.mock.Ctx.Providers.Authorizer = authorization.NewAuthorizer( - s.mock.Ctx.Configuration.AccessControl) + s.mock.Ctx.Providers.Authorizer = authorization.NewAuthorizer(&s.mock.Ctx.Configuration) s.mock.UserProviderMock. EXPECT(). @@ -360,8 +359,10 @@ func (s *FirstFactorRedirectionSuite) TestShouldRedirectToDefaultURLWhenURLIsUns // Then: // the user should receive 200 without redirection URL. func (s *FirstFactorRedirectionSuite) TestShouldReply200WhenNoTargetURLProvidedAndTwoFactorEnabled() { - s.mock.Ctx.Providers.Authorizer = authorization.NewAuthorizer(schema.AccessControlConfiguration{ - DefaultPolicy: "two_factor", + s.mock.Ctx.Providers.Authorizer = authorization.NewAuthorizer(&schema.Configuration{ + AccessControl: schema.AccessControlConfiguration{ + DefaultPolicy: "two_factor", + }, }) s.mock.Ctx.Request.SetBodyString(`{ "username": "test", @@ -381,19 +382,20 @@ func (s *FirstFactorRedirectionSuite) TestShouldReply200WhenNoTargetURLProvidedA // Then: // the user should receive 200 without redirection URL. func (s *FirstFactorRedirectionSuite) TestShouldReply200WhenUnsafeTargetURLProvidedAndTwoFactorEnabled() { - s.mock.Ctx.Providers.Authorizer = authorization.NewAuthorizer(schema.AccessControlConfiguration{ - DefaultPolicy: "one_factor", - Rules: []schema.ACLRule{ - { - Domains: []string{"test.example.com"}, - Policy: "one_factor", - }, - { - Domains: []string{"example.com"}, - Policy: "two_factor", + s.mock.Ctx.Providers.Authorizer = authorization.NewAuthorizer(&schema.Configuration{ + AccessControl: schema.AccessControlConfiguration{ + DefaultPolicy: "one_factor", + Rules: []schema.ACLRule{ + { + Domains: []string{"test.example.com"}, + Policy: "one_factor", + }, + { + Domains: []string{"example.com"}, + Policy: "two_factor", + }, }, - }, - }) + }}) s.mock.Ctx.Request.SetBodyString(`{ "username": "test", "password": "hello", |