unboundsoftware/auth0mock
6
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases 14 Activity

chore: cleanup and remove acctest triggering

Browse Source
This commit is contained in:
Joakim Olsson
2022-04-19 13:23:52 +02:00
parent 93da334fd4
commit 5695fc816b
2 changed files with 91 additions and 105 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitlab-ci.yml
-14
View File
@@ -3,7 +3,6 @@ include:
stages: stages:
- build - build
- acctest
variables: variables:
DOCKER_HOST: tcp://docker:2376 DOCKER_HOST: tcp://docker:2376
@@ -21,16 +20,3 @@ build:
script: script:
- build - build
- push - push
artifacts:
paths:
- k8s
acceptance-test:
stage: acctest
variables:
AUTH0MOCK_COMMIT: ${CI_COMMIT_SHA}
AUTH0MOCK_PIPELINE: ${CI_PIPELINE_ID}
TRIGGERED_BY: registry.gitlab.com/unboundsoftware/shiny/auth0mock
trigger:
project: unboundsoftware/shiny/acctest
strategy: depend
app.js
+91 -91
View File
@@ -1,23 +1,23 @@
process.env.DEBUG = 'app*'; process.env.DEBUG = 'app*'
const express = require('express'); const express = require('express')
const cookieParser = require('cookie-parser') const cookieParser = require('cookie-parser')
const app = express(); const app = express()
const jwt = require('jsonwebtoken'); const jwt = require('jsonwebtoken')
const Debug = require('debug'); const Debug = require('debug')
const path = require('path'); const path = require('path')
const cors = require('cors'); const cors = require('cors')
const bodyParser = require('body-parser'); const bodyParser = require('body-parser')
const favicon = require('serve-favicon'); const favicon = require('serve-favicon')
const cert = require('./cert'); const cert = require('./cert')
let issuer = 'localhost:3333'; let issuer = 'localhost:3333'
let jwksOrigin = `https://${issuer}/`; let jwksOrigin = `https://${issuer}/`
const audience = process.env.AUDIENCE || 'https://generic-audience'; const audience = process.env.AUDIENCE || 'https://generic-audience'
const debug = Debug('app'); const debug = Debug('app')
let { privateKey, certDer, thumbprint, exponent, modulus } = cert(jwksOrigin); let { privateKey, certDer, thumbprint, exponent, modulus } = cert(jwksOrigin)
const sessions = {} const sessions = {}
const challenges = {} const challenges = {}
@@ -33,25 +33,25 @@ app.options('*', cors(corsOpts))
.use(bodyParser.urlencoded({ extended: true })) .use(bodyParser.urlencoded({ extended: true }))
.use(cookieParser()) .use(cookieParser())
.use(express.static(`${__dirname}/public`)) .use(express.static(`${__dirname}/public`))
.use(favicon(path.join(__dirname, 'public', 'favicon.ico'))); .use(favicon(path.join(__dirname, 'public', 'favicon.ico')))
// This route can be used to generate a valid jwt-token. // This route can be used to generate a valid jwt-token.
app.post('/oauth/token', (req, res) => { app.post('/oauth/token', (req, res) => {
const code = req.body.code const code = req.body.code
const session = sessions[code] const session = sessions[code]
let date = Math.floor(Date.now() / 1000); let date = Math.floor(Date.now() / 1000)
let accessToken = jwt.sign(Buffer.from(JSON.stringify({ let accessToken = jwt.sign(Buffer.from(JSON.stringify({
iss: jwksOrigin, iss: jwksOrigin,
aud: [audience], aud: [audience],
sub: 'auth0|' + session.email, sub: 'auth0|' + session.email,
iat: date, iat: date,
exp: date + 7200, exp: date + 7200,
azp: session.clientId, azp: session.clientId
})), privateKey, { })), privateKey, {
algorithm: 'RS256', algorithm: 'RS256',
keyid: thumbprint keyid: thumbprint
}); })
let idToken = jwt.sign(Buffer.from(JSON.stringify({ let idToken = jwt.sign(Buffer.from(JSON.stringify({
iss: jwksOrigin, iss: jwksOrigin,
@@ -67,9 +67,9 @@ app.post('/oauth/token', (req, res) => {
})), privateKey, { })), privateKey, {
algorithm: 'RS256', algorithm: 'RS256',
keyid: thumbprint keyid: thumbprint
}); })
debug('Signed token for ' + session.email); debug('Signed token for ' + session.email)
// res.json({ token }); // res.json({ token });
res.json({ res.json({
@@ -79,25 +79,25 @@ app.post('/oauth/token', (req, res) => {
expires_in: 7200, expires_in: 7200,
token_type: 'Bearer' token_type: 'Bearer'
}) })
}); })
// This route can be used to generate a valid jwt-token. // This route can be used to generate a valid jwt-token.
app.get('/token/:email', (req, res) => { app.get('/token/:email', (req, res) => {
if (!req.params.email) { if (!req.params.email) {
debug('No user was given!'); debug('No user was given!')
return res.status(400).send('user is missing'); return res.status(400).send('user is missing')
} }
const token = jwt.sign({ const token = jwt.sign({
user_id: 'auth0|' + req.params.email, user_id: 'auth0|' + req.params.email
}, privateKey); }, privateKey)
debug('Signed token for ' + req.params.email); debug('Signed token for ' + req.params.email)
res.json({ token }); res.json({ token })
}); })
app.post('/code', (req, res) => { app.post('/code', (req, res) => {
if (!req.body.email || !req.body.password || !req.body.codeChallenge) { if (!req.body.email || !req.body.password || !req.body.codeChallenge) {
debug('Body is invalid!', req.body); debug('Body is invalid!', req.body)
return res.status(400).send('Email or password is missing!'); return res.status(400).send('Email or password is missing!')
} }
const code = req.body.codeChallenge const code = req.body.codeChallenge
@@ -120,13 +120,13 @@ app.post('/code', (req, res) => {
}) })
app.get('/authorize', (req, res) => { app.get('/authorize', (req, res) => {
const redirect = req.query.redirect_uri; const redirect = req.query.redirect_uri
const state = req.query.state; const state = req.query.state
const nonce = req.query.nonce; const nonce = req.query.nonce
const clientId = req.query.client_id; const clientId = req.query.client_id
const codeChallenge = req.query.code_challenge; const codeChallenge = req.query.code_challenge
const prompt = req.query.prompt; const prompt = req.query.prompt
const responseMode = req.query.response_mode; const responseMode = req.query.response_mode
if (prompt === 'none' && responseMode === 'web_message') { if (prompt === 'none' && responseMode === 'web_message') {
const code = req.cookies['auth0'] const code = req.cookies['auth0']
const session = sessions[code] const session = sessions[code]
@@ -158,39 +158,39 @@ app.get('/authorize', (req, res) => {
httpOnly: true httpOnly: true
}) })
res.send(` res.send(`
<html lang="en"> <html lang='en'>
<head> <head>
<meta charset="utf-8"> <meta charset='utf-8'>
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <meta name='viewport' content='width=device-width, initial-scale=1, shrink-to-fit=no'>
<title>Auth</title> <title>Auth</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css" integrity="sha384-Vkoo8x4CGsO3+Hhxv8T/Q5PaXtkKtu6ug5TOeNV6gBiFeWPGFN9MuhOf23Q9Ifjh" crossorigin="anonymous"> <link rel='stylesheet' href='https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css' integrity='sha384-Vkoo8x4CGsO3+Hhxv8T/Q5PaXtkKtu6ug5TOeNV6gBiFeWPGFN9MuhOf23Q9Ifjh' crossorigin='anonymous'>
</head> </head>
<body> <body>
<div class="container"> <div class='container'>
<form method="post" action="/code"> <form method='post' action='/code'>
<div class="card" style="width: 18rem;"> <div class='card' style='width: 18rem;'>
<div class="card-body"> <div class='card-body'>
<h5 class="card-title">Login</h5> <h5 class='card-title'>Login</h5>
<div class="form-group"> <div class='form-group'>
<label for="email">Email</label> <label for='email'>Email</label>
<input type="text" name="email" id="email" class="form-control"> <input type='text' name='email' id='email' class='form-control'>
</div> </div>
<div class="form-group"> <div class='form-group'>
<label for="password">Password</label> <label for='password'>Password</label>
<input type="password" name="password" id="password" class="form-control"> <input type='password' name='password' id='password' class='form-control'>
</div> </div>
<div class="form-check"> <div class='form-check'>
<input class="form-check-input" type="checkbox" name="admin" value="true" id="admin"> <input class='form-check-input' type='checkbox' name='admin' value='true' id='admin'>
<label class="form-check-label" for="admin"> <label class='form-check-label' for='admin'>
Admin Admin
</label> </label>
</div> </div>
<button type="submit" class="btn btn-primary">Login</button> <button type='submit' class='btn btn-primary'>Login</button>
<input type="hidden" value="${redirect}" name="redirect"> <input type='hidden' value='${redirect}' name='redirect'>
<input type="hidden" value="${state}" name="state"> <input type='hidden' value='${state}' name='state'>
<input type="hidden" value="${nonce}" name="nonce"> <input type='hidden' value='${nonce}' name='nonce'>
<input type="hidden" value="${clientId}" name="clientId"> <input type='hidden' value='${clientId}' name='clientId'>
<input type="hidden" value="${codeChallenge}" name="codeChallenge"> <input type='hidden' value='${codeChallenge}' name='codeChallenge'>
</div> </div>
</div> </div>
</form> </form>
@@ -199,11 +199,11 @@ app.get('/authorize', (req, res) => {
</html> </html>
`) `)
} }
}); })
app.get('/userinfo', (req, res) => { app.get('/userinfo', (req, res) => {
res.contentType('application/json').send(JSON.stringify({ picture: 'https://cdn.playbuzz.com/cdn/5458360f-32ea-460e-a707-1a2d26760558/70bda687-cb84-4756-8a44-8cf735ed87b3.jpg' })) res.contentType('application/json').send(JSON.stringify({ picture: 'https://cdn.playbuzz.com/cdn/5458360f-32ea-460e-a707-1a2d26760558/70bda687-cb84-4756-8a44-8cf735ed87b3.jpg' }))
}); })
app.get('/v2/logout', (req, res) => { app.get('/v2/logout', (req, res) => {
res.redirect(`${req.query.returnTo}?domain=${issuer}`) res.redirect(`${req.query.returnTo}?domain=${issuer}`)
@@ -223,46 +223,46 @@ app.get('/.well-known/jwks.json', (req, res) => {
n: modulus, n: modulus,
use: 'sig', use: 'sig',
x5c: [certDer], x5c: [certDer],
x5t: thumbprint, x5t: thumbprint
}, }
], ]
})); }))
}); })
// This route returns the inside of a jwt-token. Your main application // This route returns the inside of a jwt-token. Your main application
// should use this route to keep the auth0-flow // should use this route to keep the auth0-flow
app.post('/tokeninfo', (req, res) => { app.post('/tokeninfo', (req, res) => {
if (!req.body.id_token) { if (!req.body.id_token) {
debug('No token given in the body!'); debug('No token given in the body!')
return res.status(401).send('missing id_token'); return res.status(401).send('missing id_token')
} }
const data = jwt.decode(req.body.id_token); const data = jwt.decode(req.body.id_token)
if (data) { if (data) {
debug('Return token data from ' + data.user_id); debug('Return token data from ' + data.user_id)
res.json(data); res.json(data)
} else { } else {
debug('The token was invalid and could not be decoded!'); debug('The token was invalid and could not be decoded!')
res.status(401).send('invalid id_token'); res.status(401).send('invalid id_token')
} }
}); })
app.post('/issuer', (req, res) => { app.post('/issuer', (req, res) => {
if (!req.body.issuer) { if (!req.body.issuer) {
debug('No issuer given in the body!'); debug('No issuer given in the body!')
return res.status(401).send('missing issuer'); return res.status(401).send('missing issuer')
} }
issuer = req.body.issuer; issuer = req.body.issuer
jwksOrigin = `https://${issuer}/`; jwksOrigin = `https://${issuer}/`
const { privateKey: key, certDer: der, thumbPrint: thumb, exponent: exp, modulus: mod } = cert(jwksOrigin); const { privateKey: key, certDer: der, thumbPrint: thumb, exponent: exp, modulus: mod } = cert(jwksOrigin)
privateKey = key; privateKey = key
certDer = der; certDer = der
thumbprint = thumb; thumbprint = thumb
exponent = exp; exponent = exp
modulus = mod; modulus = mod
debug('Issuer set to ' + req.body.issuer); debug('Issuer set to ' + req.body.issuer)
res.send('ok') res.send('ok')
}); })
app.listen(3333, () => { app.listen(3333, () => {
debug('Auth0-Mock-Server listening on port 3333!'); debug('Auth0-Mock-Server listening on port 3333!')
}); })