Skip to content

Commit

Permalink
tests: upgrade oidc-server-mock to run tests on Mac M1
Browse files Browse the repository at this point in the history
  • Loading branch information
AleF83 committed Dec 29, 2022
1 parent d55987a commit 1eb0961
Show file tree
Hide file tree
Showing 16 changed files with 63 additions and 28 deletions.
2 changes: 2 additions & 0 deletions deployments/dev/docker-compose.e2e.yml
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,7 @@ services:
- editor

environment:
- NODE_TLS_REJECT_UNAUTHORIZED=0
- GATEWAY_URL=http://gateway
- EDITOR_URL=http://gateway
- AUTH_DIGEST_CREDENTIALS=user:pwd
Expand All @@ -90,6 +91,7 @@ services:
depends_on:
- gateway
environment:
- NODE_TLS_REJECT_UNAUTHORIZED=0
- GATEWAY_URL=http://gateway
- MINIO_HOST=minio
- MINIO_PORT=9000
Expand Down
10 changes: 8 additions & 2 deletions deployments/dev/docker-compose.override.yml
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,7 @@ services:
- "5859:5858"
- "4005:3000"
environment:
- NODE_TLS_REJECT_UNAUTHORIZED=0
- GIT_USER=git
- GIT_URL=ssh://git@publishing/tweek/repo
- GIT_PUBLIC_KEY_PATH=/run/secrets/tweek_ssh_public_key
Expand Down Expand Up @@ -112,11 +113,16 @@ services:

oidc-server-mock:
container_name: oidc-server-mock
image: soluto/oidc-server-mock:0.1.0
image: ghcr.io/soluto/oidc-server-mock:0.5.2
ports:
- "8082:80"
- "8082:443"
volumes:
- ./https:/https:ro
environment:
ASPNETCORE_ENVIRONMENT: Development
ASPNETCORE_URLS: https://+:443
ASPNETCORE_Kestrel__Certificates__Default__Password: oidc-server-mock-pwd
ASPNETCORE_Kestrel__Certificates__Default__Path: /https/aspnetapp.pfx
CLIENTS_CONFIGURATION_INLINE: |
[
{
Expand Down
6 changes: 3 additions & 3 deletions deployments/dev/gateway/config/gateway.json
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,9 @@
"providers": {
"mock": {
"name": "Mock OpenId Connect server",
"issuer": "http://localhost:8082",
"authority": "http://localhost:8082",
"jwks_uri": "http://oidc-server-mock/.well-known/openid-configuration/jwks",
"issuer": "https://localhost:8082",
"authority": "https://localhost:8082",
"jwks_uri": "https://oidc-server-mock/.well-known/openid-configuration/jwks",
"client_id": "tweek-openid-mock-client",
"login_info": {
"login_type": "oidc",
Expand Down
6 changes: 3 additions & 3 deletions deployments/dev/gateway/config/gateway.local.json
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,9 @@
"providers": {
"mock": {
"name": "Mock OpenId Connect server",
"issuer": "http://localhost:8082",
"authority": "http://localhost:8082",
"jwks_uri": "http://localhost:8082/.well-known/openid-configuration/jwks",
"issuer": "https://localhost:8082",
"authority": "https://localhost:8082",
"jwks_uri": "https://localhost:8082/.well-known/openid-configuration/jwks",
"client_id": "tweek-openid-mock-client",
"login_info": {
"login_type": "oidc",
Expand Down
6 changes: 3 additions & 3 deletions deployments/dev/gateway/config/gateway.test.json
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,9 @@
"providers": {
"mock": {
"name": "Mock OpenId Connect server",
"issuer": "http://oidc-server-mock",
"authority": "http://oidc-server-mock",
"jwks_uri": "http://oidc-server-mock/.well-known/openid-configuration/jwks",
"issuer": "https://oidc-server-mock",
"authority": "https://oidc-server-mock",
"jwks_uri": "https://oidc-server-mock/.well-known/openid-configuration/jwks",
"client_id": "tweek-openid-mock-client",
"login_info": {
"login_type": "oidc",
Expand Down
Binary file added deployments/dev/https/aspnetapp.pfx
Binary file not shown.
13 changes: 8 additions & 5 deletions deployments/dev/tilt.yml
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ services:
depends_on:
- publishing
environment:
NODE_TLS_REJECT_UNAUTHORIZED: '0'
GIT_PRIVATE_KEY_PATH: /run/secrets/tweek_ssh_private_key
GIT_PUBLIC_KEY_PATH: /run/secrets/tweek_ssh_public_key
GIT_URL: ssh://git@publishing/tweek/repo
Expand Down Expand Up @@ -136,10 +137,12 @@ services:
target: 8222
oidc-server-mock:
container_name: oidc-server-mock
image: ghcr.io/soluto/oidc-server-mock:0.5.2
environment:
ASPNETCORE_ENVIRONMENT: Development
OIDC_CLIENT_ID: tweek-openid-mock-client
REDIRECT_URIS: http://localhost:8081/auth-result/oidc
ASPNETCORE_URLS: https://+:443
ASPNETCORE_Kestrel__Certificates__Default__Password: oidc-server-mock-pwd
ASPNETCORE_Kestrel__Certificates__Default__Path: /https/aspnetapp.pfx
CLIENTS_CONFIGURATION_INLINE: |
[
{
Expand Down Expand Up @@ -177,10 +180,10 @@ services:
"Password":"pwd"
}
]
image: soluto/oidc-server-mock:0.1.0
ports:
- published: 8082
target: 80
- 8082:443
volumes:
- ./https:/https:ro
publishing:
build:
args:
Expand Down
2 changes: 1 addition & 1 deletion deployments/kubernetes/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ If using Minikube/Microk8s create port forwarding:

```bash
kubectl port-forward deployment/gateway 8081:80
kubectl port-forward deployment/oidc-server-mock 8082:80
kubectl port-forward deployment/oidc-server-mock 8082:443
```

Finally, open in browser [http://localhost:8081](http://localhost:8081).
6 changes: 3 additions & 3 deletions deployments/kubernetes/infra/gateway-config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,9 +16,9 @@ data:
"providers": {
"mock": {
"name": "Mock OpenId Connect server",
"issuer": "http://localhost:8082",
"authority": "http://localhost:8082",
"jwks_uri": "http://oidc-server-mock:8082/.well-known/openid-configuration/jwks",
"issuer": "https://localhost:8082",
"authority": "https://localhost:8082",
"jwks_uri": "https://oidc-server-mock:8082/.well-known/openid-configuration/jwks",
"client_id": "tweek-openid-mock-client",
"login_info": {
"login_type": "oidc",
Expand Down
4 changes: 2 additions & 2 deletions deployments/kubernetes/infra/oidc-server-mock.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ spec:
spec:
containers:
- name: oidc-mock
image: soluto/oidc-server-mock:0.1.0
image: ghcr.io/soluto/oidc-server-mock:0.5.2
env:
- name: ASPNETCORE_ENVIRONMENT
value: Development
Expand All @@ -34,5 +34,5 @@ spec:
app: oidc-server-mock
ports:
- port: 8082
targetPort: 80
targetPort: 443
---
6 changes: 3 additions & 3 deletions docs/pages/4.security/02.examples.md
Original file line number Diff line number Diff line change
Expand Up @@ -43,9 +43,9 @@ Can be edited via k8s configmap, mounted config file, or using environment varia
},
"oidc": {
"name": "Mock OpenId Connect server",
"issuer": "http://localhost:4011",
"authority": "http://localhost:4011",
"jwks_uri": "http://oidc-server-mock/.well-known/openid-configuration/jwks",
"issuer": "https://localhost:4011",
"authority": "https://localhost:4011",
"jwks_uri": "https://oidc-server-mock/.well-known/openid-configuration/jwks",
"client_id": "tweek-openid-mock-client",
"login_info": {
"login_type": "oidc",
Expand Down
4 changes: 4 additions & 0 deletions services/gateway/appConfig/appConfig.go
Original file line number Diff line number Diff line change
Expand Up @@ -159,3 +159,7 @@ func HandleEnvInlineOrPath(envValue *EnvInlineOrPath) ([]byte, error) {
}
return value, nil
}

func IsProduction() bool {
return configor.ENV() == "production"
}
4 changes: 3 additions & 1 deletion services/gateway/security/jwkCache.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"context"
"fmt"
"time"
"tweek-gateway/utils"

"github.com/lestrrat-go/jwx/jwk"
"github.com/sirupsen/logrus"
Expand Down Expand Up @@ -70,8 +71,9 @@ func loadEndpoint(endpoint string) *jwkRecord {
}

func loadEndpointWithRetry(endpoint string, retryCount uint) *jwkRecord {

rec := &jwkRecord{}
rec.set, rec.err = jwk.Fetch(context.Background(), endpoint)
rec.set, rec.err = jwk.Fetch(context.Background(), endpoint, jwk.WithHTTPClient(utils.GetHttpClient()))
jwkCache[endpoint] = rec

if rec.err != nil {
Expand Down
18 changes: 18 additions & 0 deletions services/gateway/utils/httpClient.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
package utils

import (
"crypto/tls"
"net/http"
"tweek-gateway/appConfig"
)

func GetHttpClient() *http.Client {
// Ignore TLS errors for development
if !appConfig.IsProduction() {
tr := &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
}
return &http.Client{Transport: tr}
}
return http.DefaultClient
}
2 changes: 1 addition & 1 deletion services/gateway/version.go
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
package main

const Version = "1.0.0-rc22"
const Version = "1.0.0-rc23"
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ package rules
default subject = { "user": null, "group": null }

subject = { "user": "admin-app", "group": "externalapps"} {
startswith(input.iss, "http://localhost:")
startswith(input.iss, "https://localhost:")
input.aud = "tweek-openid-mock-client"
input.sub = "user"
} else = { "user": input.sub, "group": "default" } {
Expand Down

0 comments on commit 1eb0961

Please sign in to comment.