harden env handling (#481)
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
Reviewed-on: #481 Co-authored-by: Simon <s.thiessen@local-it.org> Co-committed-by: Simon <s.thiessen@local-it.org>
This commit is contained in:
parent
bac488b47c
commit
c48ac2f432
9 changed files with 207 additions and 55 deletions
|
|
@ -333,9 +333,11 @@ defmodule MvWeb.AuthControllerTest do
|
|||
|
||||
# When OIDC-only is enabled, password sign-in must not succeed (no redirect to sign_in_with_token).
|
||||
case result do
|
||||
{:error, {:redirect, %{to: to}}} ->
|
||||
refute to =~ "sign_in_with_token",
|
||||
"Expected password sign-in to be rejected when OIDC-only, got redirect to: #{to}"
|
||||
{:error, {:redirect, opts}} when is_map(opts) ->
|
||||
to_path = Map.get(opts, :to) || Map.get(opts, "to") || ""
|
||||
|
||||
refute to_path =~ "sign_in_with_token",
|
||||
"Expected password sign-in to be rejected when OIDC-only, got redirect to: #{to_path}"
|
||||
|
||||
_ ->
|
||||
# LiveView re-rendered (e.g. with flash error) instead of redirecting to success
|
||||
|
|
@ -426,6 +428,7 @@ defmodule MvWeb.AuthControllerTest do
|
|||
oidc_client_secret: settings.oidc_client_secret
|
||||
}
|
||||
|
||||
# Set OIDC-only but leave OIDC unconfigured so the plug does not redirect.
|
||||
{:ok, _} =
|
||||
Membership.update_settings(settings, %{
|
||||
oidc_only: true,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue