Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in
Toggle navigation
D
dex
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
go
dex
Commits
e2ddefff
Unverified
Commit
e2ddefff
authored
Jul 30, 2019
by
Joel Speed
Committed by
GitHub
Jul 30, 2019
Browse files
Options
Browse Files
Download
Plain Diff
Merge pull request #1439 from sks/feature/fail_on_invalid_config
Return config validation errors in one go
parents
72f55966
6769a3b1
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
76 additions
and
22 deletions
+76
-22
config.go
cmd/dex/config.go
+33
-0
config_test.go
cmd/dex/config_test.go
+41
-0
serve.go
cmd/dex/serve.go
+2
-22
No files found.
cmd/dex/config.go
View file @
e2ddefff
...
...
@@ -5,6 +5,7 @@ import (
"encoding/json"
"fmt"
"os"
"strings"
"golang.org/x/crypto/bcrypt"
...
...
@@ -48,6 +49,38 @@ type Config struct {
StaticPasswords
[]
password
`json:"staticPasswords"`
}
//Validate the configuration
func
(
c
Config
)
Validate
()
error
{
// Fast checks. Perform these first for a more responsive CLI.
checks
:=
[]
struct
{
bad
bool
errMsg
string
}{
{
c
.
Issuer
==
""
,
"no issuer specified in config file"
},
{
!
c
.
EnablePasswordDB
&&
len
(
c
.
StaticPasswords
)
!=
0
,
"cannot specify static passwords without enabling password db"
},
{
c
.
Storage
.
Config
==
nil
,
"no storage supplied in config file"
},
{
c
.
Web
.
HTTP
==
""
&&
c
.
Web
.
HTTPS
==
""
,
"must supply a HTTP/HTTPS address to listen on"
},
{
c
.
Web
.
HTTPS
!=
""
&&
c
.
Web
.
TLSCert
==
""
,
"no cert specified for HTTPS"
},
{
c
.
Web
.
HTTPS
!=
""
&&
c
.
Web
.
TLSKey
==
""
,
"no private key specified for HTTPS"
},
{
c
.
GRPC
.
TLSCert
!=
""
&&
c
.
GRPC
.
Addr
==
""
,
"no address specified for gRPC"
},
{
c
.
GRPC
.
TLSKey
!=
""
&&
c
.
GRPC
.
Addr
==
""
,
"no address specified for gRPC"
},
{(
c
.
GRPC
.
TLSCert
==
""
)
!=
(
c
.
GRPC
.
TLSKey
==
""
),
"must specific both a gRPC TLS cert and key"
},
{
c
.
GRPC
.
TLSCert
==
""
&&
c
.
GRPC
.
TLSClientCA
!=
""
,
"cannot specify gRPC TLS client CA without a gRPC TLS cert"
},
}
var
checkErrors
[]
string
for
_
,
check
:=
range
checks
{
if
check
.
bad
{
checkErrors
=
append
(
checkErrors
,
check
.
errMsg
)
}
}
if
len
(
checkErrors
)
!=
0
{
return
fmt
.
Errorf
(
"invalid Config:
\n\t
-
\t
%s"
,
strings
.
Join
(
checkErrors
,
"
\n\t
-
\t
"
))
}
return
nil
}
type
password
storage
.
Password
func
(
p
*
password
)
UnmarshalJSON
(
b
[]
byte
)
error
{
...
...
cmd/dex/config_test.go
View file @
e2ddefff
...
...
@@ -14,6 +14,47 @@ import (
var
_
=
yaml
.
YAMLToJSON
func
TestValidConfiguration
(
t
*
testing
.
T
)
{
configuration
:=
Config
{
Issuer
:
"http://127.0.0.1:5556/dex"
,
Storage
:
Storage
{
Type
:
"sqlite3"
,
Config
:
&
sql
.
SQLite3
{
File
:
"examples/dex.db"
,
},
},
Web
:
Web
{
HTTP
:
"127.0.0.1:5556"
,
},
StaticConnectors
:
[]
Connector
{
{
Type
:
"mockCallback"
,
ID
:
"mock"
,
Name
:
"Example"
,
Config
:
&
mock
.
CallbackConfig
{},
},
},
}
if
err
:=
configuration
.
Validate
();
err
!=
nil
{
t
.
Fatalf
(
"this configuration should have been valid: %v"
,
err
)
}
}
func
TestInvalidConfiguration
(
t
*
testing
.
T
)
{
configuration
:=
Config
{}
err
:=
configuration
.
Validate
()
if
err
==
nil
{
t
.
Fatal
(
"this configuration should be invalid"
)
}
got
:=
err
.
Error
()
wanted
:=
`invalid Config:
- no issuer specified in config file
- no storage supplied in config file
- must supply a HTTP/HTTPS address to listen on`
if
got
!=
wanted
{
t
.
Fatalf
(
"Expected error message to be %q, got %q"
,
wanted
,
got
)
}
}
func
TestUnmarshalConfig
(
t
*
testing
.
T
)
{
rawConfig
:=
[]
byte
(
`
issuer: http://127.0.0.1:5556/dex
...
...
cmd/dex/serve.go
View file @
e2ddefff
...
...
@@ -71,28 +71,8 @@ func serve(cmd *cobra.Command, args []string) error {
if
c
.
Logger
.
Level
!=
""
{
logger
.
Infof
(
"config using log level: %s"
,
c
.
Logger
.
Level
)
}
// Fast checks. Perform these first for a more responsive CLI.
checks
:=
[]
struct
{
bad
bool
errMsg
string
}{
{
c
.
Issuer
==
""
,
"no issuer specified in config file"
},
{
!
c
.
EnablePasswordDB
&&
len
(
c
.
StaticPasswords
)
!=
0
,
"cannot specify static passwords without enabling password db"
},
{
c
.
Storage
.
Config
==
nil
,
"no storage supplied in config file"
},
{
c
.
Web
.
HTTP
==
""
&&
c
.
Web
.
HTTPS
==
""
,
"must supply a HTTP/HTTPS address to listen on"
},
{
c
.
Web
.
HTTPS
!=
""
&&
c
.
Web
.
TLSCert
==
""
,
"no cert specified for HTTPS"
},
{
c
.
Web
.
HTTPS
!=
""
&&
c
.
Web
.
TLSKey
==
""
,
"no private key specified for HTTPS"
},
{
c
.
GRPC
.
TLSCert
!=
""
&&
c
.
GRPC
.
Addr
==
""
,
"no address specified for gRPC"
},
{
c
.
GRPC
.
TLSKey
!=
""
&&
c
.
GRPC
.
Addr
==
""
,
"no address specified for gRPC"
},
{(
c
.
GRPC
.
TLSCert
==
""
)
!=
(
c
.
GRPC
.
TLSKey
==
""
),
"must specific both a gRPC TLS cert and key"
},
{
c
.
GRPC
.
TLSCert
==
""
&&
c
.
GRPC
.
TLSClientCA
!=
""
,
"cannot specify gRPC TLS client CA without a gRPC TLS cert"
},
}
for
_
,
check
:=
range
checks
{
if
check
.
bad
{
return
fmt
.
Errorf
(
"invalid config: %s"
,
check
.
errMsg
)
}
if
err
:=
c
.
Validate
();
err
!=
nil
{
return
err
}
logger
.
Infof
(
"config issuer: %s"
,
c
.
Issuer
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment