e2e tests

.gitignore

@@ -339,3 +339,6 @@ ASALocalRun/
 # BeatPulse healthcheck temp database
 healthchecksdb
 src/Properties/launchSettings.json
+
+# E2E sensitive data folder
+src\MultiFactor.Radius.Adapter.EndToEndTests\Assets\SensitiveData

src/MultiFactor.Radius.Adapter.Tests/AdapterConfig/AppConfigConfigurationSourceTests.cs

@@ -13,7 +13,7 @@ public class AppConfigConfigurationSourceTests
     public void Load_ShouldLoadAndTransformNames()
     {
         var path = TestEnvironment.GetAssetPath("root-all-appsettings-items.config");
-        var source = new TestableAppConfigConfigurationSource(path);
+        var source = new TestableAppConfigConfigurationSource(new RadiusConfigurationFile(path));
 
         source.Load();
 
@@ -67,7 +67,7 @@ public void Get_ShouldBindAndAllNestedElementsNotBeNull()
         var path = TestEnvironment.GetAssetPath("root-minimal-multi.config");
 
         var config = new ConfigurationBuilder()
-            .Add(new XmlAppConfigurationSource(path))
+            .Add(new XmlAppConfigurationSource(new RadiusConfigurationFile(path)))
             .Build();
 
         var bound = config.BindRadiusAdapterConfig();
@@ -88,7 +88,7 @@ public void Get_ShouldBindRadiusReplySection()
         var path = TestEnvironment.GetAssetPath(TestAssetLocation.ClientsDirectory, "radius-reply-join.config");
 
         var config = new ConfigurationBuilder()
-            .Add(new XmlAppConfigurationSource(path))
+            .Add(new XmlAppConfigurationSource(new RadiusConfigurationFile(path)))
             .Build();
 
         var bound = config.BindRadiusAdapterConfig();
@@ -119,7 +119,7 @@ public void Get_Single_ShouldBindRadiusReplySection()
         var path = TestEnvironment.GetAssetPath(TestAssetLocation.ClientsDirectory, "radius-reply-single.config");
 
         var config = new ConfigurationBuilder()
-            .Add(new XmlAppConfigurationSource(path))
+            .Add(new XmlAppConfigurationSource(new RadiusConfigurationFile(path)))
             .Build();
 
         var bound = config.BindRadiusAdapterConfig();
@@ -138,7 +138,7 @@ public void Get_ShouldBindUserNameTransformRulesSection()
         var path = TestEnvironment.GetAssetPath(TestAssetLocation.ClientsDirectory, "user-name-transform-rules.config");
 
         var config = new ConfigurationBuilder()
-            .Add(new XmlAppConfigurationSource(path))
+            .Add(new XmlAppConfigurationSource(new RadiusConfigurationFile(path)))
             .Build();
 
         var bound = config.BindRadiusAdapterConfig();
@@ -167,7 +167,7 @@ public void Get_SingleRule_ShouldBindUserNameTransformRulesSection()
         var path = TestEnvironment.GetAssetPath(TestAssetLocation.ClientsDirectory, "user-name-transform-single-rule.config");
 
         var config = new ConfigurationBuilder()
-            .Add(new XmlAppConfigurationSource(path))
+            .Add(new XmlAppConfigurationSource(new RadiusConfigurationFile(path)))
             .Build();
 
         var bound = config.BindRadiusAdapterConfig();
@@ -185,7 +185,7 @@ public void Get_BypassSecondFactorWhenApiUnreachableShouldBeTrueByDefault()
         var path = TestEnvironment.GetAssetPath(TestAssetLocation.ClientsDirectory, "user-name-transform-rules.config");
 
         var config = new ConfigurationBuilder()
-            .Add(new XmlAppConfigurationSource(path))
+            .Add(new XmlAppConfigurationSource(new RadiusConfigurationFile(path)))
             .Build();
 
         var bound = config.BindRadiusAdapterConfig();

src/MultiFactor.Radius.Adapter.Tests/AdapterConfig/RadiusAdapterConfigurationFactoryTests.cs

@@ -1,4 +1,5 @@
 using MultiFactor.Radius.Adapter.Infrastructure.Configuration.ConfigurationLoading;
+using MultiFactor.Radius.Adapter.Infrastructure.Configuration.XmlAppConfiguration;
 using MultiFactor.Radius.Adapter.Tests.Fixtures;
 
 namespace MultiFactor.Radius.Adapter.Tests.AdapterConfig;
@@ -9,7 +10,7 @@ public class RadiusAdapterConfigurationFactoryTests
     public void CreateMinimalRoot_WithNoEnvVar_ShouldCreate()
     {
         var path = TestEnvironment.GetAssetPath("root-minimal-single.config");
-        var config = RadiusAdapterConfigurationFactory.Create(path);
+        var config = RadiusAdapterConfigurationFactory.Create(new RadiusConfigurationFile(path));
 
         Assert.Equal("0.0.0.0:1812", config.AppSettings.AdapterServerEndpoint);
         Assert.Equal("000", config.AppSettings.RadiusSharedSecret);
@@ -34,7 +35,7 @@ public void CreateMinimalRoot_OverrideByEnvVar_ShouldCreate()
             env.SetEnvironmentVariable("rad_appsettings__LoggingLevel", "Info");
 
             var path = TestEnvironment.GetAssetPath("root-minimal-single.config");
-            var config = RadiusAdapterConfigurationFactory.Create(path);
+            var config = RadiusAdapterConfigurationFactory.Create(new RadiusConfigurationFile(path));
 
             Assert.Equal("0.0.0.0:1818", config.AppSettings.AdapterServerEndpoint);
             Assert.Equal("888", config.AppSettings.RadiusSharedSecret);
@@ -51,7 +52,7 @@ public void CreateClient_WithNoEnvVar_ShouldCreate()
     {
         var path = TestEnvironment.GetAssetPath(TestAssetLocation.ClientsDirectory, 
             "client-minimal-for-overriding.config");
-        var config = RadiusAdapterConfigurationFactory.Create(path, "client-minimal-for-overriding");
+        var config = RadiusAdapterConfigurationFactory.Create(new RadiusConfigurationFile(path), "client-minimal-for-overriding");
 
         Assert.Equal("windows", config.AppSettings.RadiusClientNasIdentifier);
         Assert.Equal("000", config.AppSettings.RadiusSharedSecret);
@@ -78,7 +79,7 @@ public void CreateClient_OverrideByEnvVar_ShouldCreate()
 
             var path = TestEnvironment.GetAssetPath(TestAssetLocation.ClientsDirectory, 
                 "client-minimal-for-overriding.config");
-            var config = RadiusAdapterConfigurationFactory.Create(path, "client-minimal-for-overriding");
+            var config = RadiusAdapterConfigurationFactory.Create(new RadiusConfigurationFile(path), "client-minimal-for-overriding");
 
             Assert.Equal("Linux", config.AppSettings.RadiusClientNasIdentifier);
             Assert.Equal("888", config.AppSettings.RadiusSharedSecret);
@@ -98,7 +99,7 @@ public void CreateClientWithSpacedName_OverrideByEnvVar_ShouldCreate()
 
             var path = TestEnvironment.GetAssetPath(TestAssetLocation.ClientsDirectory, 
                 "client-minimal-for-overriding.config");
-            var config = RadiusAdapterConfigurationFactory.Create(path, "client minimal spaced");
+            var config = RadiusAdapterConfigurationFactory.Create(new RadiusConfigurationFile(path), "client minimal spaced");
 
             Assert.Equal("Linux", config.AppSettings.RadiusClientNasIdentifier);
         });
@@ -119,7 +120,7 @@ public void CreateClient_ComplexPathOverrideByEnvVar_ShouldCreate()
 
             var path = TestEnvironment.GetAssetPath(TestAssetLocation.ClientsDirectory, 
                 "client-minimal-for-overriding.config");
-            var config = RadiusAdapterConfigurationFactory.Create(path, "client-minimal-for-overriding");
+            var config = RadiusAdapterConfigurationFactory.Create(new RadiusConfigurationFile(path), "client-minimal-for-overriding");
             var attribute = Assert.Single(config.RadiusReply.Attributes.Elements);
             Assert.NotNull(attribute);
 

src/MultiFactor.Radius.Adapter.Tests/AdapterConfig/RadiusConfigurationFileTests.cs

@@ -26,25 +26,6 @@ public void Create_CorrectPath_ShouldCreateAndStoreValue(string path)
         Assert.Equal(path, file.Path);
     }
 
-    [Theory]
-    [InlineData(null)]
-    [InlineData("")]
-    [InlineData("file")]
-    [InlineData("file.conf")]
-    public void Cast_ToRadConfFileFromIncorrectPathString_ShouldThrow(string path)
-    {
-        Assert.Throws<InvalidCastException>(() => (RadiusConfigurationFile)path);
-    }
-
-    [Theory]
-    [InlineData("file.config")]
-    [InlineData("dir/file.config")]
-    public void Cast_ToRadConfFileFromCorrectPathString_ShouldSuccess(string path)
-    {
-        var file = (RadiusConfigurationFile)path;
-        Assert.Equal(path, file.Path);
-    }
-
     [Fact]
     public void Cast_ToStringFromNullRadConfFile_ShouldThrow()
     {

src/MultiFactor.Radius.Adapter.Tests/Assets/E2E/BaseConfigs/access-request.config

@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="utf-8"?>
+<configuration>
+    <appSettings>
+        <add key="radius-shared-secret" value="000"/>
+        <add key="radius-client-nas-identifier" value="e2e"/>
+        <add key="active-directory-domain" value="domain.md"/>
+        <add key="service-account-user" value="user"/>
+        <add key="service-account-password" value="password/"/>
+        <add key="bypass-second-factor-when-api-unreachable" value="true"/>
+        <add key="first-factor-authentication-source" value="ActiveDirectory"/>
+        <add key="multifactor-nas-identifier" value="nas-identifier"/>
+        <add key="multifactor-shared-secret" value="shared-secret"/>
+    </appSettings>
+</configuration>

src/MultiFactor.Radius.Adapter.Tests/Assets/E2E/BaseConfigs/root-bypass-false-when-api-unreachable.config

@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="utf-8"?>
+<configuration>
+    <appSettings>
+        <add key="adapter-server-endpoint" value="0.0.0.0:1812" />
+        <add key="multifactor-api-url" value="https://api.multifactor.ru" />
+        <add key="logging-level" value="Debug" />
+        <add key="radius-shared-secret" value="000" />
+        <add key="first-factor-authentication-source" value="None" />
+        <add key="multifactor-nas-identifier" value="e2e"/>
+        <add key="multifactor-shared-secret" value="000"/>
+        <add key="bypass-second-factor-when-api-unreachable" value="false"/>
+    </appSettings>
+</configuration>

src/MultiFactor.Radius.Adapter.Tests/Assets/E2E/BaseConfigs/root-bypass-true-when-api-unreachable.config

@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="utf-8"?>
+<configuration>
+    <appSettings>
+        <add key="adapter-server-endpoint" value="0.0.0.0:1812" />
+        <add key="multifactor-api-url" value="https://api.multifactor.ru" />
+        <add key="logging-level" value="Debug" />
+        <add key="radius-shared-secret" value="000" />
+        <add key="first-factor-authentication-source" value="None" />
+        <add key="multifactor-nas-identifier" value="e2e"/>
+        <add key="multifactor-shared-secret" value="000"/>
+        <add key="bypass-second-factor-when-api-unreachable" value="true"/>
+    </appSettings>
+</configuration>

src/MultiFactor.Radius.Adapter.Tests/Assets/E2E/BaseConfigs/root-no-bypass-when-api-unreachable.config

@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="utf-8"?>
+<configuration>
+    <appSettings>
+        <add key="adapter-server-endpoint" value="0.0.0.0:1812" />
+        <add key="multifactor-api-url" value="https://api.multifactor.ru" />
+        <add key="logging-level" value="Debug" />
+        <add key="radius-shared-secret" value="000" />
+        <add key="first-factor-authentication-source" value="None" />
+        <add key="multifactor-nas-identifier" value="e2e"/>
+        <add key="multifactor-shared-secret" value="000"/>
+    </appSettings>
+</configuration>

src/MultiFactor.Radius.Adapter.Tests/Assets/E2E/BaseConfigs/root.config

@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="utf-8"?>
+<configuration>
+    <appSettings>
+        <add key="adapter-server-endpoint" value="0.0.0.0:1812"/>
+        <add key="multifactor-api-url" value="https://api.multifactor.dev"/>
+        <add key="logging-level" value="Debug"/>
+    </appSettings>
+</configuration>

src/MultiFactor.Radius.Adapter.Tests/Assets/E2E/BaseConfigs/status-server.config

@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="utf-8"?>
+<configuration>
+    <appSettings>
+        <add key="adapter-server-endpoint" value="0.0.0.0:1812"/>
+        <add key="radius-shared-secret" value="000"/>
+        <add key="multifactor-api-url" value="https://api.multifactor.dev"/>
+        <add key="first-factor-authentication-source" value="None"/>
+        <add key="multifactor-nas-identifier" value="key"/>
+        <add key="multifactor-shared-secret" value="secret"/>
+        <add key="logging-level" value="Debug"/>
+        <add key="radius-client-nas-identifier" value="e2e"/>
+    </appSettings>
+</configuration>

src/MultiFactor.Radius.Adapter.Tests/Fixtures/ConfigLoading/TestClientConfigsProvider.cs

@@ -8,7 +8,7 @@ namespace MultiFactor.Radius.Adapter.Tests.Fixtures.ConfigLoading;
 
 internal class TestClientConfigsProvider : IClientConfigurationsProvider
 {
-    private Dictionary<RadiusConfigurationFile, RadiusAdapterConfiguration> _dict = new();
+    private Dictionary<RadiusConfigurationSource, RadiusAdapterConfiguration> _dict = new();
     private readonly TestConfigProviderOptions _options;
 
     public TestClientConfigsProvider(IOptions<TestConfigProviderOptions> options)
@@ -23,11 +23,23 @@ public RadiusAdapterConfiguration[] GetClientConfigurations()
         {
             return Array.Empty<RadiusAdapterConfiguration>();
         }
-
-        _dict = clientConfigFiles
-            .Select(x => new RadiusConfigurationFile(x))
-            .ToDictionary(k => k, v => RadiusAdapterConfigurationFactory.Create(v, v.Name));
-
+        var fileSources = clientConfigFiles.Select(x => new RadiusConfigurationFile(x)).ToArray();
+        foreach (var file in fileSources)
+        {
+            var config = RadiusAdapterConfigurationFactory.Create(file, file.Name, _options.EnvironmentVariablePrefix);
+            _dict.Add(file, config);
+        }
+
+        var envVarSources = DefaultClientConfigurationsProvider.GetEnvVarClients()
+            .Select(x => new RadiusConfigurationEnvironmentVariable(x))
+            .ExceptBy(fileSources.Select(x => RadiusConfigurationSource.TransformName(x.Name)), x => x.Name);
+
+        foreach (var envVarClient in envVarSources)
+        {
+            var config = RadiusAdapterConfigurationFactory.Create(envVarClient, _options.EnvironmentVariablePrefix);
+            _dict.Add(envVarClient, config);
+        }
+
         return _dict.Select(x => x.Value).ToArray();
     }
 
@@ -38,7 +50,7 @@ public RadiusConfigurationSource GetSource(RadiusAdapterConfiguration configurat
 
     private IEnumerable<string> GetFiles()
     {
-        if (_options.ClientConfigFilePaths != null && _options.ClientConfigFilePaths.Length != 0)
+        if (_options.ClientConfigFilePaths?.Length > 0)
         {
             foreach (var f in _options.ClientConfigFilePaths)
             {

src/MultiFactor.Radius.Adapter.Tests/Fixtures/ConfigLoading/TestConfigProviderOptions.cs

@@ -4,5 +4,6 @@ internal class TestConfigProviderOptions
 {
     public string? RootConfigFilePath { get; set; }
     public string? ClientConfigsFolderPath { get; set; }
-    public string[] ClientConfigFilePaths { get; set; } = Array.Empty<string>();
+    public string[] ClientConfigFilePaths { get; set; } = [];
+    public string? EnvironmentVariablePrefix { get; set; }
 }

src/MultiFactor.Radius.Adapter.Tests/Fixtures/Radius/EmptyPacket.cs

@@ -5,38 +5,34 @@ namespace MultiFactor.Radius.Adapter.Tests.Fixtures.Radius;
 
 internal static class RadiusPacketFactory
 {
-    public static IRadiusPacket AccessRequest()
+    public static IRadiusPacket? AccessRequest(SharedSecret packetSecret = null)
     {
         var header = RadiusPacketHeader.Create(PacketCode.AccessRequest, 0);
-        var secret = Convert.ToHexString(GenerateSecret()).ToLower();
-        var sharedSecret = new SharedSecret(secret);
+        var sharedSecret = packetSecret ?? new SharedSecret(Convert.ToHexString(GenerateSecret()).ToLower());
         var packet = new RadiusPacket(header, new RadiusAuthenticator(), sharedSecret);
         return packet;
     }
 
-    public static IRadiusPacket AccessChallenge()
+    public static IRadiusPacket? AccessChallenge(SharedSecret packetSecret = null)
     {
         var header = RadiusPacketHeader.Create(PacketCode.AccessChallenge, 0);
-        var secret = Convert.ToHexString(GenerateSecret()).ToLower();
-        var sharedSecret = new SharedSecret(secret);
+        var sharedSecret = packetSecret ?? new SharedSecret(Convert.ToHexString(GenerateSecret()).ToLower());
         var packet = new RadiusPacket(header, new RadiusAuthenticator(), sharedSecret);
         return packet;
     }
 
-    public static IRadiusPacket AccessReject()
+    public static IRadiusPacket? AccessReject(SharedSecret packetSecret = null)
     {
         var header = RadiusPacketHeader.Create(PacketCode.AccessReject, 0);
-        var secret = Convert.ToHexString(GenerateSecret()).ToLower();
-        var sharedSecret = new SharedSecret(secret);
+        var sharedSecret = packetSecret ?? new SharedSecret(Convert.ToHexString(GenerateSecret()).ToLower());
         var packet = new RadiusPacket(header, new RadiusAuthenticator(), sharedSecret);
         return packet;
     }
 
-    public static IRadiusPacket StatusServer()
+    public static IRadiusPacket? StatusServer(SharedSecret packetSecret = null)
     {
         var header = RadiusPacketHeader.Create(PacketCode.StatusServer, 0);
-        var secret = Convert.ToHexString(GenerateSecret()).ToLower();
-        var sharedSecret = new SharedSecret(secret);
+        var sharedSecret = packetSecret ?? new SharedSecret(Convert.ToHexString(GenerateSecret()).ToLower());
         var packet = new RadiusPacket(header, new RadiusAuthenticator(), sharedSecret);
         return packet;
     }

src/MultiFactor.Radius.Adapter.Tests/Fixtures/TestEnvironment.cs

@@ -3,7 +3,9 @@
 internal enum TestAssetLocation
 {
     RootDirectory,
-    ClientsDirectory
+    ClientsDirectory,
+    E2EBaseConfigs,
+    E2ESensitiveData
 }
 
 internal static class TestEnvironment
@@ -22,6 +24,8 @@ public static string GetAssetPath(TestAssetLocation location)
         return location switch
         {
             TestAssetLocation.ClientsDirectory => $"{_assetsFolder}{Path.DirectorySeparatorChar}clients",
+            TestAssetLocation.E2EBaseConfigs => $"{_assetsFolder}{Path.DirectorySeparatorChar}E2E{Path.DirectorySeparatorChar}BaseConfigs",
+            TestAssetLocation.E2ESensitiveData => $"{_assetsFolder}{Path.DirectorySeparatorChar}E2E{Path.DirectorySeparatorChar}SensitiveData",
             _ => _assetsFolder,
         };
     }