24857719125

Committed 23 Apr 2026 08:30PM UTC coverage: 26.006% (+0.1%) from 25.859%

Build # 24857719125

Build Type

Pull #47

github

Committed by

matzefriedrich

Commit Message

Updates the changelog

Pull Request Pull Request #47: feature/password auth

Coverage Stats

35 of 112 new or added lines in 8 files covered. (31.25%)

168 of 646 relevant lines covered (26.01%)

0.41 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/internal/configuration/appsettings_validation.go

package configuration

import (
        "errors"
        "golang.org/x/crypto/ssh"
)

type ApplicationConfigurationFunc func(config *ApplicationConfiguration) error

// EnsureUnprivilegedPortOrDefault ensures the application's port is above 1024, assigning a default if the configured port is privileged.
func EnsureUnprivilegedPortOrDefault(defaultPort int) ApplicationConfigurationValidationRule {
        return func(config *ApplicationConfiguration) (ValidationResult, error) {
                result := ValidationResult{}
                if config.Port < 1024 {
                        if defaultPort < 1024 {
                                result.errors = append(result.errors, errors.New(ErrUnprivilegedPortExpected))
                        }
                        config.Port = defaultPort
                }
                return result, nil
        }
}

// EnsurePublicKeyFormat validates that all user public keys in the application configuration are in a proper authorized key format.
func EnsurePublicKeyFormat() ApplicationConfigurationValidationRule {
        return func(config *ApplicationConfiguration) (ValidationResult, error) {
                result := ValidationResult{}
                if config.AuthServer.Users == nil {
                        return result, nil
                }
                for _, profile := range config.AuthServer.Users {
                        for _, formattedPublicKey := range profile.PublicKeys {
                                _, _, _, _, parseErr := ssh.ParseAuthorizedKey([]byte(formattedPublicKey))
                                if parseErr != nil {
                                        result.errors = append(result.errors, errors.New(ErrInvalidPublicKeyFormat))
                                }
                        }
                }
                return result, nil
        }
}

// EnsureUserProfilesNotEmpty validates that the AuthServer.Users section in the configuration is not nil or empty.
func EnsureUserProfilesNotEmpty() ApplicationConfigurationValidationRule {
        return func(config *ApplicationConfiguration) (ValidationResult, error) {
                if len(config.AuthServer.Users) == 0 {
                        return ValidationResult{}, errors.New(ErrNoUsersConfigured)
                }
                return ValidationResult{}, nil
        }
}

type ValidationResult struct {
        errors []error
}

type ApplicationConfigurationValidationRule func(config *ApplicationConfiguration) (ValidationResult, error)

1	package configuration
2
3	import (
4	"errors"
5	"golang.org/x/crypto/ssh"
6	)
7
8	type ApplicationConfigurationFunc func(config *ApplicationConfiguration) error
9
10	// EnsureUnprivilegedPortOrDefault ensures the application's port is above 1024, assigning a default if the configured port is privileged.
11	func EnsureUnprivilegedPortOrDefault(defaultPort int) ApplicationConfigurationValidationRule {	×
12	return func(config *ApplicationConfiguration) (ValidationResult, error) {	×
13	result := ValidationResult{}	×
14	if config.Port < 1024 {	×
15	if defaultPort < 1024 {	×
16	result.errors = append(result.errors, errors.New(ErrUnprivilegedPortExpected))	×
17	}	×
18	config.Port = defaultPort	×
19	}
20	return result, nil	×
21	}
22	}
23
24	// EnsurePublicKeyFormat validates that all user public keys in the application configuration are in a proper authorized key format.
25	func EnsurePublicKeyFormat() ApplicationConfigurationValidationRule {	×
26	return func(config *ApplicationConfiguration) (ValidationResult, error) {	×
27	result := ValidationResult{}	×
28	if config.AuthServer.Users == nil {	×
29	return result, nil	×
30	}	×
31	for _, profile := range config.AuthServer.Users {	×
32	for _, formattedPublicKey := range profile.PublicKeys {	×
33	_, _, _, _, parseErr := ssh.ParseAuthorizedKey([]byte(formattedPublicKey))	×
34	if parseErr != nil {	×
35	result.errors = append(result.errors, errors.New(ErrInvalidPublicKeyFormat))	×
36	}	×
37	}
38	}
39	return result, nil	×
40	}
41	}
42
43	// EnsureUserProfilesNotEmpty validates that the AuthServer.Users section in the configuration is not nil or empty.
44	func EnsureUserProfilesNotEmpty() ApplicationConfigurationValidationRule {	×
45	return func(config *ApplicationConfiguration) (ValidationResult, error) {	×
NEW 46	if len(config.AuthServer.Users) == 0 {	×
47	return ValidationResult{}, errors.New(ErrNoUsersConfigured)	×
48	}	×
49	return ValidationResult{}, nil	×
50	}
51	}
52
53	type ValidationResult struct {
54	errors []error
55	}
56
57	type ApplicationConfigurationValidationRule func(config *ApplicationConfiguration) (ValidationResult, error)

matzefriedrich / containerssh-authserver / 24857719125

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous