Archive-Team
/
docker-mailserver
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Apply suggestions from code review 

Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
This commit is contained in:
Keval Kapdee 2023-12-24 12:17:25 +00:00
parent 43f121d92e
commit fe837a0243
2 changed files with 5 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/content/config/advanced/auth-oauth2.md
View File

@ -40,7 +40,7 @@ The present OAuth2 support provides the capability for 3rd-party applications su
# Specify the OAuth2 client secret # Specify the OAuth2 client secret
OAUTH2_CLIENT_SECRET=<insert client secret here> OAUTH2_CLIENT_SECRET=<insert client secret here>
# empty => https://oauth2.domain.com/userinfo/ # empty => https://oauth2.example.com/userinfo/
# Specify the user info endpoint URL of the oauth2 provider # Specify the user info endpoint URL of the oauth2 provider
OAUTH2_INTROSPECTION_URL=https://authentik.example.com/application/o/userinfo/ OAUTH2_INTROSPECTION_URL=https://authentik.example.com/application/o/userinfo/
``` ```
@ -55,8 +55,8 @@ The present OAuth2 support provides the capability for 3rd-party applications su
$config['oauth_token_uri'] = 'https://authentik.example.com/application/o/token/'; $config['oauth_token_uri'] = 'https://authentik.example.com/application/o/token/';
$config['oauth_identity_uri'] = 'https://authentik.example.com/application/o/userinfo/'; $config['oauth_identity_uri'] = 'https://authentik.example.com/application/o/userinfo/';
// Optional: disable SSL certificate check on HTTP requests to OAuth server // Optional: disable SSL certificate check on HTTP requests to OAuth server. For possible values, see:
// See http://docs.guzzlephp.org/en/stable/request-options.html#verify for possible values // http://docs.guzzlephp.org/en/stable/request-options.html#verify
$config['oauth_verify_peer'] = false; $config['oauth_verify_peer'] = false;
$config['oauth_scope'] = 'email openid profile'; $config['oauth_scope'] = 'email openid profile';

14
test/tests/serial/mail_with_oauth2.bats
View File

@ -9,7 +9,7 @@ function setup_file() {
export DMS_TEST_NETWORK='test-network-oauth2' export DMS_TEST_NETWORK='test-network-oauth2'
export DMS_DOMAIN='example.test' export DMS_DOMAIN='example.test'
export FQDN_MAIL="mail.${DMS_DOMAIN}" export FQDN_MAIL="mail.${DMS_DOMAIN}"
export FQDN_OAUTH2="provider.${DMS_DOMAIN}" export FQDN_OAUTH2="oauth2.${DMS_DOMAIN}"
# Link the test containers to separate network: # Link the test containers to separate network:
# NOTE: If the network already exists, test will fail to start. # NOTE: If the network already exists, test will fail to start.
@ -35,7 +35,7 @@ function setup_file() {
--env ENABLE_OAUTH2=1 --env ENABLE_OAUTH2=1
--env OAUTH2_CLIENT_ID=mailserver --env OAUTH2_CLIENT_ID=mailserver
--env OAUTH2_CLIENT_SECRET=ah_yes___secret --env OAUTH2_CLIENT_SECRET=ah_yes___secret
--env OAUTH2_INTROSPECTION_URL=http://provider.example.test/ --env OAUTH2_INTROSPECTION_URL=http://oauth2.example.test/
) )
local ENV_SUPPORT=( local ENV_SUPPORT=(
@ -64,16 +64,6 @@ function teardown_file() {
docker network rm "${DMS_TEST_NETWORK}" docker network rm "${DMS_TEST_NETWORK}"
} }
# Could optionally call `_default_teardown` in test-cases that have specific containers.
# This will otherwise handle it implicitly which is helpful when the test-case hits a failure,
# As failure will bail early missing teardown, which then prevents network cleanup. This way is safer:
function teardown() {
if [[ ${CONTAINER_NAME} != "${CONTAINER1_NAME}" ]] \
&& [[ ${CONTAINER_NAME} != "${CONTAINER2_NAME}" ]]
then
_default_teardown
fi
}
@test "oauth2: imap connect and authentication works" { @test "oauth2: imap connect and authentication works" {
_run_in_container_bash 'nc -w 1 0.0.0.0 143 < /tmp/docker-mailserver-test/auth/imap-oauth2-auth.txt' _run_in_container_bash 'nc -w 1 0.0.0.0 143 < /tmp/docker-mailserver-test/auth/imap-oauth2-auth.txt'