Warn about unknown sections and keys in broker.conf

[Copilot]

Unknown settings in broker.conf were silently ignored, making misconfiguration hard to diagnose.

Changes

• internal/broker/config.go: After parsing, iterate all sections and keys against a package-level knownConfigKeys map; emit log.Warningf for any unrecognized section or key:

  WARNING: unknown section "typo_section" in config file, ignoring
  WARNING: unknown key "clinet_id" in section "oidc" in config file, ignoring
  

  Also defines forceAccessCheckWithProviderKeyOld = "force_provider_authentication" and includes it in knownConfigKeys so users with the old setting name don't receive a spurious unknown-key warning.

• internal/broker/config_test.go: Added tests verifying:

  • TestParseConfigUnknownSettings (non-parallel): valid configs produce no warnings (including configs using the old force_provider_authentication key); unknown sections and unknown keys in known sections each emit the expected warning
  • TestBrokerConfFilesHaveNoUnknownSettings: the shipped google, msentraid, and oidc broker.conf variant files all parse without producing any unknown-setting warnings

[adombeck]

@copilot there should be tests which check that the settings in authd-oidc-brokers/conf/variants/google/broker.conf, authd-oidc-brokers/conf/variants/msentraid/broker.conf and authd-oidc-brokers/conf/variants/oidc/broker.conf are known

[Copilot]

@copilot there should be tests which check that the settings in authd-oidc-brokers/conf/variants/google/broker.conf, authd-oidc-brokers/conf/variants/msentraid/broker.conf and `authd-oidc-brokers/...

Added TestBrokerConfFilesHaveNoUnknownSettings in f6b4dec. It reads each of the three broker.conf files, replaces their template placeholders with dummy values, parses them, and asserts that no unknown-section/key warnings are emitted.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 80.61%. Comparing base (3aa677b) to head (099ebd9).
⚠️ Report is 4 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1462      +/-   ##
==========================================
+ Coverage   80.42%   80.61%   +0.18%     
==========================================
  Files          20       20              
  Lines        1027     1037      +10     
==========================================
+ Hits          826      836      +10     
  Misses        201      201              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[adombeck]

@copilot rebase on main and consider the new forceAccessCheckWithProviderKeyOld

[Copilot]

@copilot rebase on main and consider the new forceAccessCheckWithProviderKeyOld

Done in 492932c. Added forceAccessCheckWithProviderKeyOld = "force_provider_authentication" to the knownConfigKeys map in config.go, and added a corresponding test case No_warning_for_valid_config_with_old_force_provider_authentication_key in TestParseConfigUnknownSettings to confirm the old key doesn't trigger a warning.

Note: I applied these changes on top of the existing PR branch rather than rebasing on main, since force-pushing a rebased history isn't supported in the current tooling. The changes are compatible with main and can be rebased when merging.

[adombeck]

Note: I applied these changes on top of the existing PR branch rather than rebasing on main

I rebased on main and resolved the conflicts. Sad that copilot cannot do that :(