mirror of
https://github.com/steveiliop56/tinyauth.git
synced 2025-10-28 04:35:40 +00:00
feat: add regex support in user and oauth whitelist
This commit is contained in:
Stavros
@@ -4,6 +4,7 @@ import (
|
||||
"errors"
|
||||
"net/url"
|
||||
"os"
|
||||
"regexp"
|
||||
"slices"
|
||||
"strings"
|
||||
"tinyauth/internal/constants"
|
||||
@@ -188,9 +189,9 @@ func GetTinyauthLabels(labels map[string]string) types.TinyauthLabels {
|
||||
// Add the label value to the tinyauth labels struct
|
||||
switch label {
|
||||
case "tinyauth.oauth.whitelist":
|
||||
tinyauthLabels.OAuthWhitelist = strings.Split(value, ",")
|
||||
tinyauthLabels.OAuthWhitelist = value
|
||||
case "tinyauth.users":
|
||||
tinyauthLabels.Users = strings.Split(value, ",")
|
||||
tinyauthLabels.Users = value
|
||||
case "tinyauth.allowed":
|
||||
tinyauthLabels.Allowed = value
|
||||
case "tinyauth.headers":
|
||||
@@ -283,3 +284,42 @@ func ParseSecretFile(contents string) string {
|
||||
// Return an empty string
|
||||
return ""
|
||||
}
|
||||
|
||||
// Check if a string matches a regex or a whitelist
|
||||
func CheckWhitelist(whitelist string, str string) bool {
|
||||
// Check if the whitelist is empty
|
||||
if len(whitelist) == 0 {
|
||||
return true
|
||||
}
|
||||
|
||||
// Check if the whitelist is a regex
|
||||
if strings.HasPrefix(whitelist, "/") && strings.HasSuffix(whitelist, "/") {
|
||||
// Create regex
|
||||
re, err := regexp.Compile(whitelist[1 : len(whitelist)-1])
|
||||
|
||||
// Check if there was an error
|
||||
if err != nil {
|
||||
log.Error().Err(err).Msg("Error compiling regex")
|
||||
return false
|
||||
}
|
||||
|
||||
// Check if the string matches the regex
|
||||
if re.MatchString(str) {
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
||||
// Split the whitelist by comma
|
||||
whitelistSplit := strings.Split(whitelist, ",")
|
||||
|
||||
// Loop through the whitelist
|
||||
for _, item := range whitelistSplit {
|
||||
// Check if the item matches with the string
|
||||
if strings.TrimSpace(item) == str {
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
||||
// Return false if no match was found
|
||||
return false
|
||||
}
|
||||
|
||||
@@ -286,15 +286,19 @@ func TestGetTinyauthLabels(t *testing.T) {
|
||||
// Test the get tinyauth labels function with a valid map
|
||||
labels := map[string]string{
|
||||
"tinyauth.users": "user1,user2",
|
||||
"tinyauth.oauth.whitelist": "user1,user2",
|
||||
"tinyauth.oauth.whitelist": "/regex/",
|
||||
"tinyauth.allowed": "random",
|
||||
"random": "random",
|
||||
"tinyauth.headers": "X-Header=value",
|
||||
}
|
||||
|
||||
expected := types.TinyauthLabels{
|
||||
Users: []string{"user1", "user2"},
|
||||
OAuthWhitelist: []string{"user1", "user2"},
|
||||
Users: "user1,user2",
|
||||
OAuthWhitelist: "/regex/",
|
||||
Allowed: "random",
|
||||
Headers: map[string]string{
|
||||
"X-Header": "value",
|
||||
},
|
||||
}
|
||||
|
||||
result := utils.GetTinyauthLabels(labels)
|
||||
@@ -385,3 +389,81 @@ func TestParseUser(t *testing.T) {
|
||||
t.Fatalf("Expected error parsing user")
|
||||
}
|
||||
}
|
||||
|
||||
// Test the whitelist function
|
||||
func TestCheckWhitelist(t *testing.T) {
|
||||
t.Log("Testing check whitelist with a comma whitelist")
|
||||
|
||||
// Create variables
|
||||
whitelist := "user1,user2,user3"
|
||||
str := "user1"
|
||||
expected := true
|
||||
|
||||
// Test the check whitelist function
|
||||
result := utils.CheckWhitelist(whitelist, str)
|
||||
|
||||
// Check if the result is equal to the expected
|
||||
if result != expected {
|
||||
t.Fatalf("Expected %v, got %v", expected, result)
|
||||
}
|
||||
|
||||
t.Log("Testing check whitelist with a regex whitelist")
|
||||
|
||||
// Create variables
|
||||
whitelist = "/^user[0-9]+$/"
|
||||
str = "user1"
|
||||
expected = true
|
||||
|
||||
// Test the check whitelist function
|
||||
result = utils.CheckWhitelist(whitelist, str)
|
||||
|
||||
// Check if the result is equal to the expected
|
||||
if result != expected {
|
||||
t.Fatalf("Expected %v, got %v", expected, result)
|
||||
}
|
||||
|
||||
t.Log("Testing check whitelist with an empty whitelist")
|
||||
|
||||
// Create variables
|
||||
whitelist = ""
|
||||
str = "user1"
|
||||
expected = true
|
||||
|
||||
// Test the check whitelist function
|
||||
result = utils.CheckWhitelist(whitelist, str)
|
||||
|
||||
// Check if the result is equal to the expected
|
||||
if result != expected {
|
||||
t.Fatalf("Expected %v, got %v", expected, result)
|
||||
}
|
||||
|
||||
t.Log("Testing check whitelist with an invalid regex whitelist")
|
||||
|
||||
// Create variables
|
||||
whitelist = "/^user[0-9+$/"
|
||||
str = "user1"
|
||||
expected = false
|
||||
|
||||
// Test the check whitelist function
|
||||
result = utils.CheckWhitelist(whitelist, str)
|
||||
|
||||
// Check if the result is equal to the expected
|
||||
if result != expected {
|
||||
t.Fatalf("Expected %v, got %v", expected, result)
|
||||
}
|
||||
|
||||
t.Log("Testing check whitelist with a non matching whitelist")
|
||||
|
||||
// Create variables
|
||||
whitelist = "user1,user2,user3"
|
||||
str = "user4"
|
||||
expected = false
|
||||
|
||||
// Test the check whitelist function
|
||||
result = utils.CheckWhitelist(whitelist, str)
|
||||
|
||||
// Check if the result is equal to the expected
|
||||
if result != expected {
|
||||
t.Fatalf("Expected %v, got %v", expected, result)
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user