mirror of
https://github.com/home-assistant/core.git
synced 2025-07-10 14:57:09 +00:00
Disallow use insecure_example auth provider in configuration.yml (#15504)
* Disallow use insecure_example auth provider in configuration.yml * Add unit test for auth provider config validate
This commit is contained in:
parent
e31dd4404e
commit
2022d39339
@ -20,7 +20,7 @@ from homeassistant.const import (
|
|||||||
CONF_TIME_ZONE, CONF_ELEVATION, CONF_UNIT_SYSTEM_METRIC,
|
CONF_TIME_ZONE, CONF_ELEVATION, CONF_UNIT_SYSTEM_METRIC,
|
||||||
CONF_UNIT_SYSTEM_IMPERIAL, CONF_TEMPERATURE_UNIT, TEMP_CELSIUS,
|
CONF_UNIT_SYSTEM_IMPERIAL, CONF_TEMPERATURE_UNIT, TEMP_CELSIUS,
|
||||||
__version__, CONF_CUSTOMIZE, CONF_CUSTOMIZE_DOMAIN, CONF_CUSTOMIZE_GLOB,
|
__version__, CONF_CUSTOMIZE, CONF_CUSTOMIZE_DOMAIN, CONF_CUSTOMIZE_GLOB,
|
||||||
CONF_WHITELIST_EXTERNAL_DIRS, CONF_AUTH_PROVIDERS)
|
CONF_WHITELIST_EXTERNAL_DIRS, CONF_AUTH_PROVIDERS, CONF_TYPE)
|
||||||
from homeassistant.core import callback, DOMAIN as CONF_CORE
|
from homeassistant.core import callback, DOMAIN as CONF_CORE
|
||||||
from homeassistant.exceptions import HomeAssistantError
|
from homeassistant.exceptions import HomeAssistantError
|
||||||
from homeassistant.loader import get_component, get_platform
|
from homeassistant.loader import get_component, get_platform
|
||||||
@ -160,7 +160,12 @@ CORE_CONFIG_SCHEMA = CUSTOMIZE_CONFIG_SCHEMA.extend({
|
|||||||
vol.All(cv.ensure_list, [vol.IsDir()]),
|
vol.All(cv.ensure_list, [vol.IsDir()]),
|
||||||
vol.Optional(CONF_PACKAGES, default={}): PACKAGES_CONFIG_SCHEMA,
|
vol.Optional(CONF_PACKAGES, default={}): PACKAGES_CONFIG_SCHEMA,
|
||||||
vol.Optional(CONF_AUTH_PROVIDERS):
|
vol.Optional(CONF_AUTH_PROVIDERS):
|
||||||
vol.All(cv.ensure_list, [auth_providers.AUTH_PROVIDER_SCHEMA])
|
vol.All(cv.ensure_list,
|
||||||
|
[auth_providers.AUTH_PROVIDER_SCHEMA.extend({
|
||||||
|
CONF_TYPE: vol.NotIn(['insecure_example'],
|
||||||
|
'The insecure_example auth provider'
|
||||||
|
' is for testing only.')
|
||||||
|
})])
|
||||||
})
|
})
|
||||||
|
|
||||||
|
|
||||||
|
@ -7,7 +7,7 @@ import unittest.mock as mock
|
|||||||
from collections import OrderedDict
|
from collections import OrderedDict
|
||||||
|
|
||||||
import pytest
|
import pytest
|
||||||
from voluptuous import MultipleInvalid
|
from voluptuous import MultipleInvalid, Invalid
|
||||||
|
|
||||||
from homeassistant.core import DOMAIN, HomeAssistantError, Config
|
from homeassistant.core import DOMAIN, HomeAssistantError, Config
|
||||||
import homeassistant.config as config_util
|
import homeassistant.config as config_util
|
||||||
@ -15,7 +15,8 @@ from homeassistant.const import (
|
|||||||
ATTR_FRIENDLY_NAME, ATTR_HIDDEN, ATTR_ASSUMED_STATE,
|
ATTR_FRIENDLY_NAME, ATTR_HIDDEN, ATTR_ASSUMED_STATE,
|
||||||
CONF_LATITUDE, CONF_LONGITUDE, CONF_UNIT_SYSTEM, CONF_NAME,
|
CONF_LATITUDE, CONF_LONGITUDE, CONF_UNIT_SYSTEM, CONF_NAME,
|
||||||
CONF_TIME_ZONE, CONF_ELEVATION, CONF_CUSTOMIZE, __version__,
|
CONF_TIME_ZONE, CONF_ELEVATION, CONF_CUSTOMIZE, __version__,
|
||||||
CONF_UNIT_SYSTEM_METRIC, CONF_UNIT_SYSTEM_IMPERIAL, CONF_TEMPERATURE_UNIT)
|
CONF_UNIT_SYSTEM_METRIC, CONF_UNIT_SYSTEM_IMPERIAL, CONF_TEMPERATURE_UNIT,
|
||||||
|
CONF_AUTH_PROVIDERS)
|
||||||
from homeassistant.util import location as location_util, dt as dt_util
|
from homeassistant.util import location as location_util, dt as dt_util
|
||||||
from homeassistant.util.yaml import SECRET_YAML
|
from homeassistant.util.yaml import SECRET_YAML
|
||||||
from homeassistant.util.async_ import run_coroutine_threadsafe
|
from homeassistant.util.async_ import run_coroutine_threadsafe
|
||||||
@ -790,3 +791,42 @@ def test_merge_customize(hass):
|
|||||||
|
|
||||||
assert hass.data[config_util.DATA_CUSTOMIZE].get('b.b') == \
|
assert hass.data[config_util.DATA_CUSTOMIZE].get('b.b') == \
|
||||||
{'friendly_name': 'BB'}
|
{'friendly_name': 'BB'}
|
||||||
|
|
||||||
|
|
||||||
|
async def test_auth_provider_config(hass):
|
||||||
|
"""Test loading auth provider config onto hass object."""
|
||||||
|
core_config = {
|
||||||
|
'latitude': 60,
|
||||||
|
'longitude': 50,
|
||||||
|
'elevation': 25,
|
||||||
|
'name': 'Huis',
|
||||||
|
CONF_UNIT_SYSTEM: CONF_UNIT_SYSTEM_IMPERIAL,
|
||||||
|
'time_zone': 'GMT',
|
||||||
|
CONF_AUTH_PROVIDERS: [
|
||||||
|
{'type': 'homeassistant'},
|
||||||
|
{'type': 'legacy_api_password'},
|
||||||
|
]
|
||||||
|
}
|
||||||
|
if hasattr(hass, 'auth'):
|
||||||
|
del hass.auth
|
||||||
|
await config_util.async_process_ha_core_config(hass, core_config)
|
||||||
|
|
||||||
|
assert len(hass.auth.auth_providers) == 2
|
||||||
|
assert hass.auth.active is True
|
||||||
|
|
||||||
|
|
||||||
|
async def test_disallowed_auth_provider_config(hass):
|
||||||
|
"""Test loading insecure example auth provider is disallowed."""
|
||||||
|
core_config = {
|
||||||
|
'latitude': 60,
|
||||||
|
'longitude': 50,
|
||||||
|
'elevation': 25,
|
||||||
|
'name': 'Huis',
|
||||||
|
CONF_UNIT_SYSTEM: CONF_UNIT_SYSTEM_IMPERIAL,
|
||||||
|
'time_zone': 'GMT',
|
||||||
|
CONF_AUTH_PROVIDERS: [
|
||||||
|
{'type': 'insecure_example'},
|
||||||
|
]
|
||||||
|
}
|
||||||
|
with pytest.raises(Invalid):
|
||||||
|
await config_util.async_process_ha_core_config(hass, core_config)
|
||||||
|
Loading…
x
Reference in New Issue
Block a user