From 1ef22552af5c7ad189430b3c75ec35b289c4e0da Mon Sep 17 00:00:00 2001 From: avallete Date: Fri, 29 Nov 2024 13:37:42 +0100 Subject: [PATCH] fix(config): syncing for postgres hook without secrets --- internal/start/start.go | 11 ++-- pkg/config/auth.go | 61 +++++++++++-------- pkg/config/auth_test.go | 60 +++++++++++++----- pkg/config/config.go | 12 +++- pkg/config/config_test.go | 15 ++++- .../local_disabled_remote_enabled.diff | 4 +- .../local_enabled_remote_disabled.diff | 2 +- .../local_enabled_and_disabled.diff | 4 +- .../local_enabled_and_disabled.diff | 13 ++-- .../local_enabled_and_disabled.diff | 4 +- .../enable_sign_up_without_provider.diff | 2 +- .../local_disabled_remote_enabled.diff | 4 +- .../local_enabled_remote_disabled.diff | 6 +- 13 files changed, 130 insertions(+), 68 deletions(-) diff --git a/internal/start/start.go b/internal/start/start.go index 5521161f8..cfcca91ed 100644 --- a/internal/start/start.go +++ b/internal/start/start.go @@ -30,6 +30,7 @@ import ( "github.com/supabase/cli/internal/status" "github.com/supabase/cli/internal/utils" "github.com/supabase/cli/internal/utils/flags" + "github.com/supabase/cli/pkg/cast" "github.com/supabase/cli/pkg/config" "golang.org/x/mod/semver" ) @@ -609,7 +610,7 @@ EOF env, "GOTRUE_HOOK_MFA_VERIFICATION_ATTEMPT_ENABLED=true", "GOTRUE_HOOK_MFA_VERIFICATION_ATTEMPT_URI="+utils.Config.Auth.Hook.MFAVerificationAttempt.URI, - "GOTRUE_HOOK_MFA_VERIFICATION_ATTEMPT_SECRETS="+utils.Config.Auth.Hook.MFAVerificationAttempt.Secrets, + "GOTRUE_HOOK_MFA_VERIFICATION_ATTEMPT_SECRETS="+cast.Val(utils.Config.Auth.Hook.MFAVerificationAttempt.Secrets, ""), ) } if utils.Config.Auth.Hook.PasswordVerificationAttempt.Enabled { @@ -617,7 +618,7 @@ EOF env, "GOTRUE_HOOK_PASSWORD_VERIFICATION_ATTEMPT_ENABLED=true", "GOTRUE_HOOK_PASSWORD_VERIFICATION_ATTEMPT_URI="+utils.Config.Auth.Hook.PasswordVerificationAttempt.URI, - "GOTRUE_HOOK_PASSWORD_VERIFICATION_ATTEMPT_SECRETS="+utils.Config.Auth.Hook.PasswordVerificationAttempt.Secrets, + "GOTRUE_HOOK_PASSWORD_VERIFICATION_ATTEMPT_SECRETS="+cast.Val(utils.Config.Auth.Hook.PasswordVerificationAttempt.Secrets, ""), ) } if utils.Config.Auth.Hook.CustomAccessToken.Enabled { @@ -625,7 +626,7 @@ EOF env, "GOTRUE_HOOK_CUSTOM_ACCESS_TOKEN_ENABLED=true", "GOTRUE_HOOK_CUSTOM_ACCESS_TOKEN_URI="+utils.Config.Auth.Hook.CustomAccessToken.URI, - "GOTRUE_HOOK_CUSTOM_ACCESS_TOKEN_SECRETS="+utils.Config.Auth.Hook.CustomAccessToken.Secrets, + "GOTRUE_HOOK_CUSTOM_ACCESS_TOKEN_SECRETS="+cast.Val(utils.Config.Auth.Hook.CustomAccessToken.Secrets, ""), ) } if utils.Config.Auth.Hook.SendSMS.Enabled { @@ -633,7 +634,7 @@ EOF env, "GOTRUE_HOOK_SEND_SMS_ENABLED=true", "GOTRUE_HOOK_SEND_SMS_URI="+utils.Config.Auth.Hook.SendSMS.URI, - "GOTRUE_HOOK_SEND_SMS_SECRETS="+utils.Config.Auth.Hook.SendSMS.Secrets, + "GOTRUE_HOOK_SEND_SMS_SECRETS="+cast.Val(utils.Config.Auth.Hook.SendSMS.Secrets, ""), ) } if utils.Config.Auth.Hook.SendEmail.Enabled { @@ -641,7 +642,7 @@ EOF env, "GOTRUE_HOOK_SEND_EMAIL_ENABLED=true", "GOTRUE_HOOK_SEND_EMAIL_URI="+utils.Config.Auth.Hook.SendEmail.URI, - "GOTRUE_HOOK_SEND_EMAIL_SECRETS="+utils.Config.Auth.Hook.SendEmail.Secrets, + "GOTRUE_HOOK_SEND_EMAIL_SECRETS="+cast.Val(utils.Config.Auth.Hook.SendEmail.Secrets, ""), ) } diff --git a/pkg/config/auth.go b/pkg/config/auth.go index 572b88950..7a075fe74 100644 --- a/pkg/config/auth.go +++ b/pkg/config/auth.go @@ -171,9 +171,9 @@ type ( } hookConfig struct { - Enabled bool `toml:"enabled"` - URI string `toml:"uri"` - Secrets string `toml:"secrets"` + Enabled bool `toml:"enabled"` + URI string `toml:"uri"` + Secrets *string `toml:"secrets"` } sessions struct { @@ -262,53 +262,66 @@ func (a *auth) FromRemoteAuthConfig(remoteConfig v1API.AuthConfigResponse) { func (h hook) toAuthConfigBody(body *v1API.UpdateAuthConfigBody) { if body.HookCustomAccessTokenEnabled = &h.CustomAccessToken.Enabled; *body.HookCustomAccessTokenEnabled { body.HookCustomAccessTokenUri = &h.CustomAccessToken.URI - body.HookCustomAccessTokenSecrets = &h.CustomAccessToken.Secrets + body.HookCustomAccessTokenSecrets = h.CustomAccessToken.Secrets } if body.HookSendEmailEnabled = &h.SendEmail.Enabled; *body.HookSendEmailEnabled { body.HookSendEmailUri = &h.SendEmail.URI - body.HookSendEmailSecrets = &h.SendEmail.Secrets + body.HookSendEmailSecrets = h.SendEmail.Secrets } if body.HookSendSmsEnabled = &h.SendSMS.Enabled; *body.HookSendSmsEnabled { body.HookSendSmsUri = &h.SendSMS.URI - body.HookSendSmsSecrets = &h.SendSMS.Secrets + body.HookSendSmsSecrets = h.SendSMS.Secrets } // Enterprise and team only features if body.HookMfaVerificationAttemptEnabled = &h.MFAVerificationAttempt.Enabled; *body.HookMfaVerificationAttemptEnabled { body.HookMfaVerificationAttemptUri = &h.MFAVerificationAttempt.URI - body.HookMfaVerificationAttemptSecrets = &h.MFAVerificationAttempt.Secrets + body.HookMfaVerificationAttemptSecrets = h.MFAVerificationAttempt.Secrets } if body.HookPasswordVerificationAttemptEnabled = &h.PasswordVerificationAttempt.Enabled; *body.HookPasswordVerificationAttemptEnabled { body.HookPasswordVerificationAttemptUri = &h.PasswordVerificationAttempt.URI - body.HookPasswordVerificationAttemptSecrets = &h.PasswordVerificationAttempt.Secrets + body.HookPasswordVerificationAttemptSecrets = h.PasswordVerificationAttempt.Secrets } } - func (h *hook) fromAuthConfig(remoteConfig v1API.AuthConfigResponse) { // Ignore disabled hooks because their envs are not loaded if h.CustomAccessToken.Enabled { h.CustomAccessToken.URI = cast.Val(remoteConfig.HookCustomAccessTokenUri, "") - h.CustomAccessToken.Secrets = hashPrefix + cast.Val(remoteConfig.HookCustomAccessTokenSecrets, "") + if remoteConfig.HookCustomAccessTokenSecrets != nil { + h.CustomAccessToken.Secrets = cast.Ptr(hashPrefix + *remoteConfig.HookCustomAccessTokenSecrets) + } } h.CustomAccessToken.Enabled = cast.Val(remoteConfig.HookCustomAccessTokenEnabled, false) + if h.SendEmail.Enabled { h.SendEmail.URI = cast.Val(remoteConfig.HookSendEmailUri, "") - h.SendEmail.Secrets = hashPrefix + cast.Val(remoteConfig.HookSendEmailSecrets, "") + if remoteConfig.HookSendEmailSecrets != nil { + h.SendEmail.Secrets = cast.Ptr(hashPrefix + *remoteConfig.HookSendEmailSecrets) + } } h.SendEmail.Enabled = cast.Val(remoteConfig.HookSendEmailEnabled, false) + if h.SendSMS.Enabled { h.SendSMS.URI = cast.Val(remoteConfig.HookSendSmsUri, "") - h.SendSMS.Secrets = hashPrefix + cast.Val(remoteConfig.HookSendSmsSecrets, "") + if remoteConfig.HookSendSmsSecrets != nil { + h.SendSMS.Secrets = cast.Ptr(hashPrefix + *remoteConfig.HookSendSmsSecrets) + } } h.SendSMS.Enabled = cast.Val(remoteConfig.HookSendSmsEnabled, false) + // Enterprise and team only features if h.MFAVerificationAttempt.Enabled { h.MFAVerificationAttempt.URI = cast.Val(remoteConfig.HookMfaVerificationAttemptUri, "") - h.MFAVerificationAttempt.Secrets = hashPrefix + cast.Val(remoteConfig.HookMfaVerificationAttemptSecrets, "") + if remoteConfig.HookMfaVerificationAttemptSecrets != nil { + h.MFAVerificationAttempt.Secrets = cast.Ptr(hashPrefix + *remoteConfig.HookMfaVerificationAttemptSecrets) + } } h.MFAVerificationAttempt.Enabled = cast.Val(remoteConfig.HookMfaVerificationAttemptEnabled, false) + if h.PasswordVerificationAttempt.Enabled { h.PasswordVerificationAttempt.URI = cast.Val(remoteConfig.HookPasswordVerificationAttemptUri, "") - h.PasswordVerificationAttempt.Secrets = hashPrefix + cast.Val(remoteConfig.HookPasswordVerificationAttemptSecrets, "") + if remoteConfig.HookPasswordVerificationAttemptSecrets != nil { + h.PasswordVerificationAttempt.Secrets = cast.Ptr(hashPrefix + *remoteConfig.HookPasswordVerificationAttemptSecrets) + } } h.PasswordVerificationAttempt.Enabled = cast.Val(remoteConfig.HookPasswordVerificationAttemptEnabled, false) } @@ -851,20 +864,20 @@ func (a *auth) HashSecrets(key string) { case a.Sms.Vonage.Enabled: a.Sms.Vonage.ApiSecret = hash(a.Sms.Vonage.ApiSecret) } - if a.Hook.MFAVerificationAttempt.Enabled { - a.Hook.MFAVerificationAttempt.Secrets = hash(a.Hook.MFAVerificationAttempt.Secrets) + if a.Hook.MFAVerificationAttempt.Enabled && a.Hook.MFAVerificationAttempt.Secrets != nil { + a.Hook.MFAVerificationAttempt.Secrets = cast.Ptr(hash(*a.Hook.MFAVerificationAttempt.Secrets)) } - if a.Hook.PasswordVerificationAttempt.Enabled { - a.Hook.PasswordVerificationAttempt.Secrets = hash(a.Hook.PasswordVerificationAttempt.Secrets) + if a.Hook.PasswordVerificationAttempt.Enabled && a.Hook.PasswordVerificationAttempt.Secrets != nil { + a.Hook.PasswordVerificationAttempt.Secrets = cast.Ptr(hash(*a.Hook.PasswordVerificationAttempt.Secrets)) } - if a.Hook.CustomAccessToken.Enabled { - a.Hook.CustomAccessToken.Secrets = hash(a.Hook.CustomAccessToken.Secrets) + if a.Hook.CustomAccessToken.Enabled && a.Hook.CustomAccessToken.Secrets != nil { + a.Hook.CustomAccessToken.Secrets = cast.Ptr(hash(*a.Hook.CustomAccessToken.Secrets)) } - if a.Hook.SendSMS.Enabled { - a.Hook.SendSMS.Secrets = hash(a.Hook.SendSMS.Secrets) + if a.Hook.SendSMS.Enabled && a.Hook.SendSMS.Secrets != nil { + a.Hook.SendSMS.Secrets = cast.Ptr(hash(*a.Hook.SendSMS.Secrets)) } - if a.Hook.SendEmail.Enabled { - a.Hook.SendEmail.Secrets = hash(a.Hook.SendEmail.Secrets) + if a.Hook.SendEmail.Enabled && a.Hook.SendEmail.Secrets != nil { + a.Hook.SendEmail.Secrets = cast.Ptr(hash(*a.Hook.SendEmail.Secrets)) } for name, provider := range a.External { if provider.Enabled { diff --git a/pkg/config/auth_test.go b/pkg/config/auth_test.go index cba5cd9a1..33fef6c9d 100644 --- a/pkg/config/auth_test.go +++ b/pkg/config/auth_test.go @@ -24,6 +24,21 @@ func newWithDefaults() auth { } } +func defaultHttpHookConfig() hookConfig { + return hookConfig{ + Enabled: true, + URI: "http://example.com", + Secrets: cast.Ptr("test-secret"), + } +} + +func defaultPostgresHookConfig() hookConfig { + return hookConfig{ + Enabled: true, + URI: "pg-functions://functionName", + } +} + func assertSnapshotEqual(t *testing.T, actual []byte) { snapshot := filepath.Join("testdata", filepath.FromSlash(t.Name())) + ".diff" expected, err := os.ReadFile(snapshot) @@ -121,29 +136,44 @@ func TestHookDiff(t *testing.T) { t.Run("local and remote enabled", func(t *testing.T) { c := newWithDefaults() c.Hook = hook{ - CustomAccessToken: hookConfig{Enabled: true}, - SendSMS: hookConfig{Enabled: true}, - SendEmail: hookConfig{Enabled: true}, - MFAVerificationAttempt: hookConfig{Enabled: true}, - PasswordVerificationAttempt: hookConfig{Enabled: true}, + CustomAccessToken: defaultHttpHookConfig(), + SendSMS: defaultHttpHookConfig(), + SendEmail: defaultHttpHookConfig(), + MFAVerificationAttempt: defaultHttpHookConfig(), + PasswordVerificationAttempt: defaultPostgresHookConfig(), } // Run test diff, err := c.DiffWithRemote("", v1API.AuthConfigResponse{ HookCustomAccessTokenEnabled: cast.Ptr(true), - HookCustomAccessTokenUri: cast.Ptr(""), - HookCustomAccessTokenSecrets: cast.Ptr("b613679a0814d9ec772f95d778c35fc5ff1697c493715653c6c712144292c5ad"), + HookCustomAccessTokenUri: cast.Ptr("http://example.com"), + HookCustomAccessTokenSecrets: cast.Ptr("ce62bb9bcced294fd4afe668f8ab3b50a89cf433093c526fffa3d0e46bf55252"), HookSendEmailEnabled: cast.Ptr(true), - HookSendEmailUri: cast.Ptr(""), - HookSendEmailSecrets: cast.Ptr("b613679a0814d9ec772f95d778c35fc5ff1697c493715653c6c712144292c5ad"), + HookSendEmailUri: cast.Ptr("http://example.com"), + HookSendEmailSecrets: cast.Ptr("ce62bb9bcced294fd4afe668f8ab3b50a89cf433093c526fffa3d0e46bf55252"), HookSendSmsEnabled: cast.Ptr(true), - HookSendSmsUri: cast.Ptr(""), - HookSendSmsSecrets: cast.Ptr("b613679a0814d9ec772f95d778c35fc5ff1697c493715653c6c712144292c5ad"), + HookSendSmsUri: cast.Ptr("http://example.com"), + HookSendSmsSecrets: cast.Ptr("ce62bb9bcced294fd4afe668f8ab3b50a89cf433093c526fffa3d0e46bf55252"), HookMfaVerificationAttemptEnabled: cast.Ptr(true), - HookMfaVerificationAttemptUri: cast.Ptr(""), - HookMfaVerificationAttemptSecrets: cast.Ptr("b613679a0814d9ec772f95d778c35fc5ff1697c493715653c6c712144292c5ad"), + HookMfaVerificationAttemptUri: cast.Ptr("http://example.com"), + HookMfaVerificationAttemptSecrets: cast.Ptr("ce62bb9bcced294fd4afe668f8ab3b50a89cf433093c526fffa3d0e46bf55252"), HookPasswordVerificationAttemptEnabled: cast.Ptr(true), - HookPasswordVerificationAttemptUri: cast.Ptr(""), - HookPasswordVerificationAttemptSecrets: cast.Ptr("b613679a0814d9ec772f95d778c35fc5ff1697c493715653c6c712144292c5ad"), + HookPasswordVerificationAttemptUri: cast.Ptr("pg-functions://functionName"), + HookPasswordVerificationAttemptSecrets: nil, + }) + // Check error + assert.NoError(t, err) + assert.Empty(t, string(diff)) + }) + t.Run("local and remote enabled pg-function custom hook", func(t *testing.T) { + c := newWithDefaults() + c.Hook = hook{ + CustomAccessToken: defaultPostgresHookConfig(), + } + // Run test + diff, err := c.DiffWithRemote("", v1API.AuthConfigResponse{ + HookCustomAccessTokenEnabled: cast.Ptr(true), + HookCustomAccessTokenUri: cast.Ptr("pg-functions://functionName"), + HookCustomAccessTokenSecrets: nil, }) // Check error assert.NoError(t, err) diff --git a/pkg/config/config.go b/pkg/config/config.go index 8d809c595..f8cd171e2 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -997,10 +997,16 @@ func (h *hookConfig) validate(hookType string) (err error) { } else if parsed, err := url.Parse(h.URI); err != nil { return errors.Errorf("failed to parse template url: %w", err) } else if !(parsed.Scheme == "http" || parsed.Scheme == "https" || parsed.Scheme == "pg-functions") { - return errors.Errorf("Invalid HTTP hook config: auth.hook.%v should be a Postgres function URI, or a HTTP or HTTPS URL", hookType) + return errors.Errorf("Invalid auth hook config: auth.hook.%v should be a Postgres function URI, or a HTTP or HTTPS URL", hookType) + } else if (parsed.Scheme == "http" || parsed.Scheme == "https") && h.Secrets == nil { + return errors.Errorf("Invalid HTTP config: auth.hook.%v missing required secret value for the http hook endpoint.", hookType) } - if h.Secrets, err = maybeLoadEnv(h.Secrets); err != nil { - return errors.Errorf("missing required field in config: auth.hook.%s.secrets", hookType) + if h.Secrets != nil { + if envLoadedSecret, err := maybeLoadEnv(*h.Secrets); err != nil { + return errors.Errorf("missing field in config: auth.hook.%s.secrets", hookType) + } else { + h.Secrets = cast.Ptr(envLoadedSecret) + } } return nil } diff --git a/pkg/config/config_test.go b/pkg/config/config_test.go index 8f1169d5e..6c1c3b970 100644 --- a/pkg/config/config_test.go +++ b/pkg/config/config_test.go @@ -11,6 +11,7 @@ import ( "github.com/BurntSushi/toml" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + "github.com/supabase/cli/pkg/cast" ) //go:embed testdata/config.toml @@ -234,7 +235,7 @@ func TestValidateHookURI(t *testing.T) { uri: "ftp://example.com", hookName: "malformedHook", shouldErr: true, - errorMsg: "Invalid HTTP hook config: auth.hook.malformedHook should be a Postgres function URI, or a HTTP or HTTPS URL", + errorMsg: "Invalid auth hook config: auth.hook.malformedHook should be a Postgres function URI, or a HTTP or HTTPS URL", }, { name: "invalid URI with parsing error", @@ -250,7 +251,7 @@ func TestValidateHookURI(t *testing.T) { h := hookConfig{ Enabled: true, URI: tt.uri, - Secrets: "test-secret", + Secrets: cast.Ptr("test-secret"), } err := h.validate(tt.hookName) if tt.shouldErr { @@ -261,6 +262,16 @@ func TestValidateHookURI(t *testing.T) { } }) } + t.Run("Valid http hook with missing secret", func(t *testing.T) { + h := hookConfig{ + Enabled: true, + URI: "http://example.com", + Secrets: nil, + } + err := h.validate("testHook") + assert.Error(t, err) + assert.EqualError(t, err, "Invalid HTTP config: auth.hook.testHook missing required secret value for the http hook endpoint.") + }) } func TestLoadSeedPaths(t *testing.T) { diff --git a/pkg/config/testdata/TestEmailDiff/local_disabled_remote_enabled.diff b/pkg/config/testdata/TestEmailDiff/local_disabled_remote_enabled.diff index 3123336fa..be02a28be 100644 --- a/pkg/config/testdata/TestEmailDiff/local_disabled_remote_enabled.diff +++ b/pkg/config/testdata/TestEmailDiff/local_disabled_remote_enabled.diff @@ -1,7 +1,7 @@ diff remote[auth] local[auth] --- remote[auth] +++ local[auth] -@@ -51,13 +51,13 @@ +@@ -46,13 +46,13 @@ inactivity_timeout = "0s" [email] @@ -22,7 +22,7 @@ diff remote[auth] local[auth] [email.template] [email.template.confirmation] content_path = "" -@@ -71,13 +71,6 @@ +@@ -66,13 +66,6 @@ content_path = "" [email.template.recovery] content_path = "" diff --git a/pkg/config/testdata/TestEmailDiff/local_enabled_remote_disabled.diff b/pkg/config/testdata/TestEmailDiff/local_enabled_remote_disabled.diff index 24386ae91..ced157056 100644 --- a/pkg/config/testdata/TestEmailDiff/local_enabled_remote_disabled.diff +++ b/pkg/config/testdata/TestEmailDiff/local_enabled_remote_disabled.diff @@ -1,7 +1,7 @@ diff remote[auth] local[auth] --- remote[auth] +++ local[auth] -@@ -51,28 +51,43 @@ +@@ -46,28 +46,43 @@ inactivity_timeout = "0s" [email] diff --git a/pkg/config/testdata/TestExternalDiff/local_enabled_and_disabled.diff b/pkg/config/testdata/TestExternalDiff/local_enabled_and_disabled.diff index 234e422f4..257405537 100644 --- a/pkg/config/testdata/TestExternalDiff/local_enabled_and_disabled.diff +++ b/pkg/config/testdata/TestExternalDiff/local_enabled_and_disabled.diff @@ -1,7 +1,7 @@ diff remote[auth] local[auth] --- remote[auth] +++ local[auth] -@@ -91,7 +91,7 @@ +@@ -86,7 +86,7 @@ [external] [external.apple] @@ -10,7 +10,7 @@ diff remote[auth] local[auth] client_id = "test-client-1,test-client-2" secret = "hash:ce62bb9bcced294fd4afe668f8ab3b50a89cf433093c526fffa3d0e46bf55252" url = "" -@@ -147,7 +147,7 @@ +@@ -142,7 +142,7 @@ redirect_uri = "" skip_nonce_check = false [external.google] diff --git a/pkg/config/testdata/TestHookDiff/local_enabled_and_disabled.diff b/pkg/config/testdata/TestHookDiff/local_enabled_and_disabled.diff index b21cd4073..aeab3cc68 100644 --- a/pkg/config/testdata/TestHookDiff/local_enabled_and_disabled.diff +++ b/pkg/config/testdata/TestHookDiff/local_enabled_and_disabled.diff @@ -1,21 +1,22 @@ diff remote[auth] local[auth] --- remote[auth] +++ local[auth] -@@ -11,7 +11,7 @@ +@@ -11,15 +11,14 @@ [hook] [hook.mfa_verification_attempt] -enabled = true +enabled = false uri = "" - secrets = "" [hook.password_verification_attempt] -@@ -19,7 +19,7 @@ + enabled = false uri = "" - secrets = "" [hook.custom_access_token] -enabled = false +-uri = "" +-secrets = "hash:b613679a0814d9ec772f95d778c35fc5ff1697c493715653c6c712144292c5ad" +enabled = true - uri = "" - secrets = "hash:b613679a0814d9ec772f95d778c35fc5ff1697c493715653c6c712144292c5ad" ++uri = "" [hook.send_sms] + enabled = false + uri = "" diff --git a/pkg/config/testdata/TestMfaDiff/local_enabled_and_disabled.diff b/pkg/config/testdata/TestMfaDiff/local_enabled_and_disabled.diff index 866ce8fae..d3c1cc9e4 100644 --- a/pkg/config/testdata/TestMfaDiff/local_enabled_and_disabled.diff +++ b/pkg/config/testdata/TestMfaDiff/local_enabled_and_disabled.diff @@ -1,8 +1,8 @@ diff remote[auth] local[auth] --- remote[auth] +++ local[auth] -@@ -32,16 +32,16 @@ - secrets = "" +@@ -27,16 +27,16 @@ + uri = "" [mfa] -max_enrolled_factors = 10 diff --git a/pkg/config/testdata/TestSmsDiff/enable_sign_up_without_provider.diff b/pkg/config/testdata/TestSmsDiff/enable_sign_up_without_provider.diff index 637a0206e..1dd0d8bd8 100644 --- a/pkg/config/testdata/TestSmsDiff/enable_sign_up_without_provider.diff +++ b/pkg/config/testdata/TestSmsDiff/enable_sign_up_without_provider.diff @@ -1,7 +1,7 @@ diff remote[auth] local[auth] --- remote[auth] +++ local[auth] -@@ -60,7 +60,7 @@ +@@ -55,7 +55,7 @@ otp_expiry = 0 [sms] diff --git a/pkg/config/testdata/TestSmsDiff/local_disabled_remote_enabled.diff b/pkg/config/testdata/TestSmsDiff/local_disabled_remote_enabled.diff index 4348c80ba..48fe5c32e 100644 --- a/pkg/config/testdata/TestSmsDiff/local_disabled_remote_enabled.diff +++ b/pkg/config/testdata/TestSmsDiff/local_disabled_remote_enabled.diff @@ -1,7 +1,7 @@ diff remote[auth] local[auth] --- remote[auth] +++ local[auth] -@@ -60,12 +60,12 @@ +@@ -55,12 +55,12 @@ otp_expiry = 0 [sms] @@ -19,7 +19,7 @@ diff remote[auth] local[auth] account_sid = "" message_service_sid = "" auth_token = "" -@@ -88,8 +88,6 @@ +@@ -83,8 +83,6 @@ api_key = "" api_secret = "" [sms.test_otp] diff --git a/pkg/config/testdata/TestSmsDiff/local_enabled_remote_disabled.diff b/pkg/config/testdata/TestSmsDiff/local_enabled_remote_disabled.diff index e29c287ed..194e37b8a 100644 --- a/pkg/config/testdata/TestSmsDiff/local_enabled_remote_disabled.diff +++ b/pkg/config/testdata/TestSmsDiff/local_enabled_remote_disabled.diff @@ -1,7 +1,7 @@ diff remote[auth] local[auth] --- remote[auth] +++ local[auth] -@@ -60,12 +60,12 @@ +@@ -55,12 +55,12 @@ otp_expiry = 0 [sms] @@ -19,7 +19,7 @@ diff remote[auth] local[auth] account_sid = "" message_service_sid = "" auth_token = "" -@@ -75,9 +75,9 @@ +@@ -70,9 +70,9 @@ message_service_sid = "" auth_token = "" [sms.messagebird] @@ -32,7 +32,7 @@ diff remote[auth] local[auth] [sms.textlocal] enabled = false sender = "" -@@ -88,6 +88,7 @@ +@@ -83,6 +83,7 @@ api_key = "" api_secret = "" [sms.test_otp]