Disallow use insecure_example auth provider in configuration.yml (#15504)

* Disallow use insecure_example auth provider in configuration.yml

* Add unit test for auth provider config validate
This commit is contained in:
Jason Hu 2018-07-17 10:36:33 -07:00 committed by Paulus Schoutsen
parent e31dd4404e
commit 2022d39339
2 changed files with 49 additions and 4 deletions

View File

@ -20,7 +20,7 @@ from homeassistant.const import (
CONF_TIME_ZONE, CONF_ELEVATION, CONF_UNIT_SYSTEM_METRIC, CONF_TIME_ZONE, CONF_ELEVATION, CONF_UNIT_SYSTEM_METRIC,
CONF_UNIT_SYSTEM_IMPERIAL, CONF_TEMPERATURE_UNIT, TEMP_CELSIUS, CONF_UNIT_SYSTEM_IMPERIAL, CONF_TEMPERATURE_UNIT, TEMP_CELSIUS,
__version__, CONF_CUSTOMIZE, CONF_CUSTOMIZE_DOMAIN, CONF_CUSTOMIZE_GLOB, __version__, CONF_CUSTOMIZE, CONF_CUSTOMIZE_DOMAIN, CONF_CUSTOMIZE_GLOB,
CONF_WHITELIST_EXTERNAL_DIRS, CONF_AUTH_PROVIDERS) CONF_WHITELIST_EXTERNAL_DIRS, CONF_AUTH_PROVIDERS, CONF_TYPE)
from homeassistant.core import callback, DOMAIN as CONF_CORE from homeassistant.core import callback, DOMAIN as CONF_CORE
from homeassistant.exceptions import HomeAssistantError from homeassistant.exceptions import HomeAssistantError
from homeassistant.loader import get_component, get_platform from homeassistant.loader import get_component, get_platform
@ -160,7 +160,12 @@ CORE_CONFIG_SCHEMA = CUSTOMIZE_CONFIG_SCHEMA.extend({
vol.All(cv.ensure_list, [vol.IsDir()]), vol.All(cv.ensure_list, [vol.IsDir()]),
vol.Optional(CONF_PACKAGES, default={}): PACKAGES_CONFIG_SCHEMA, vol.Optional(CONF_PACKAGES, default={}): PACKAGES_CONFIG_SCHEMA,
vol.Optional(CONF_AUTH_PROVIDERS): vol.Optional(CONF_AUTH_PROVIDERS):
vol.All(cv.ensure_list, [auth_providers.AUTH_PROVIDER_SCHEMA]) vol.All(cv.ensure_list,
[auth_providers.AUTH_PROVIDER_SCHEMA.extend({
CONF_TYPE: vol.NotIn(['insecure_example'],
'The insecure_example auth provider'
' is for testing only.')
})])
}) })

View File

@ -7,7 +7,7 @@ import unittest.mock as mock
from collections import OrderedDict from collections import OrderedDict
import pytest import pytest
from voluptuous import MultipleInvalid from voluptuous import MultipleInvalid, Invalid
from homeassistant.core import DOMAIN, HomeAssistantError, Config from homeassistant.core import DOMAIN, HomeAssistantError, Config
import homeassistant.config as config_util import homeassistant.config as config_util
@ -15,7 +15,8 @@ from homeassistant.const import (
ATTR_FRIENDLY_NAME, ATTR_HIDDEN, ATTR_ASSUMED_STATE, ATTR_FRIENDLY_NAME, ATTR_HIDDEN, ATTR_ASSUMED_STATE,
CONF_LATITUDE, CONF_LONGITUDE, CONF_UNIT_SYSTEM, CONF_NAME, CONF_LATITUDE, CONF_LONGITUDE, CONF_UNIT_SYSTEM, CONF_NAME,
CONF_TIME_ZONE, CONF_ELEVATION, CONF_CUSTOMIZE, __version__, CONF_TIME_ZONE, CONF_ELEVATION, CONF_CUSTOMIZE, __version__,
CONF_UNIT_SYSTEM_METRIC, CONF_UNIT_SYSTEM_IMPERIAL, CONF_TEMPERATURE_UNIT) CONF_UNIT_SYSTEM_METRIC, CONF_UNIT_SYSTEM_IMPERIAL, CONF_TEMPERATURE_UNIT,
CONF_AUTH_PROVIDERS)
from homeassistant.util import location as location_util, dt as dt_util from homeassistant.util import location as location_util, dt as dt_util
from homeassistant.util.yaml import SECRET_YAML from homeassistant.util.yaml import SECRET_YAML
from homeassistant.util.async_ import run_coroutine_threadsafe from homeassistant.util.async_ import run_coroutine_threadsafe
@ -790,3 +791,42 @@ def test_merge_customize(hass):
assert hass.data[config_util.DATA_CUSTOMIZE].get('b.b') == \ assert hass.data[config_util.DATA_CUSTOMIZE].get('b.b') == \
{'friendly_name': 'BB'} {'friendly_name': 'BB'}
async def test_auth_provider_config(hass):
"""Test loading auth provider config onto hass object."""
core_config = {
'latitude': 60,
'longitude': 50,
'elevation': 25,
'name': 'Huis',
CONF_UNIT_SYSTEM: CONF_UNIT_SYSTEM_IMPERIAL,
'time_zone': 'GMT',
CONF_AUTH_PROVIDERS: [
{'type': 'homeassistant'},
{'type': 'legacy_api_password'},
]
}
if hasattr(hass, 'auth'):
del hass.auth
await config_util.async_process_ha_core_config(hass, core_config)
assert len(hass.auth.auth_providers) == 2
assert hass.auth.active is True
async def test_disallowed_auth_provider_config(hass):
"""Test loading insecure example auth provider is disallowed."""
core_config = {
'latitude': 60,
'longitude': 50,
'elevation': 25,
'name': 'Huis',
CONF_UNIT_SYSTEM: CONF_UNIT_SYSTEM_IMPERIAL,
'time_zone': 'GMT',
CONF_AUTH_PROVIDERS: [
{'type': 'insecure_example'},
]
}
with pytest.raises(Invalid):
await config_util.async_process_ha_core_config(hass, core_config)