unboundsoftware/auth0mock
6
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases 14 Activity

feat: increase resource limits and improve readiness checks

Browse Source 
Increases memory requests and limits in the Kubernetes deployment 
configuration to ensure better performance under load. Enhances 
the readiness and liveness probes by correcting the path and 
adding a liveness probe to improve service reliability. Updates 
Code by cleaning up session data after a successful token exchange 
and formats OpenID configuration response for better readability. 
Adds `.claude/` to .gitignore to prevent unwanted files from 
being tracked.
This commit is contained in:
Joakim Olsson
2025-12-28 15:25:52 +01:00
parent 17bad3a988
commit 6558d027ca
4 changed files with 158 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app.js
+65 -76
View File
@@ -8,7 +8,7 @@ const Debug = require('debug')
const path = require('path')
const cors = require('cors')
const bodyParser = require('body-parser')
const jose = require('node-jose');
const jose = require('node-jose')
const favicon = require('serve-favicon')
const initialUsers = require('./users')
@@ -128,6 +128,10 @@ app.post('/oauth/token', async (req, res) => {
debug('Signed token for ' + session.email)
// Clean up session and challenge after successful token exchange
delete sessions[code]
delete challenges[code]
res.json({
access_token: accessToken,
id_token: idToken,
@@ -141,22 +145,6 @@ app.post('/oauth/token', async (req, res) => {
}
})
// This route can be used to generate a valid jwt-token.
app.get('/token/:email', (req, res) => {
if (!req.params.email) {
debug('No user was given!')
return res.status(400).send('user is missing')
}
const token = jwt.sign(
{
user_id: 'auth0|' + req.params.email
},
privateKey
)
debug('Signed token for ' + req.params.email)
res.json({ token })
})
app.post('/code', (req, res) => {
if (!req.body.email || !req.body.password || !req.body.codeChallenge) {
debug('Body is invalid!', req.body)
@@ -301,65 +289,66 @@ app.get('/.well-known/openid-configuration', (req, res) => {
debug('Fetching OpenID configuration')
res.contentType('application/json').send(
JSON.stringify({
"issuer":
`${jwksOrigin}`,
"authorization_endpoint":
`${jwksOrigin}authorize`,
"token_endpoint":
`${jwksOrigin}oauth/token`,
"token_endpoint_auth_methods_supported":
["client_secret_basic", "private_key_jwt"],
"token_endpoint_auth_signing_alg_values_supported":
["RS256"],
"userinfo_endpoint":
`${jwksOrigin}userinfo`,
"check_session_iframe":
`${jwksOrigin}check_session`,
"end_session_endpoint":
`${jwksOrigin}end_session`,
"jwks_uri":
`${jwksOrigin}.well-known/jwks.json`,
"registration_endpoint":
`${jwksOrigin}register`,
"scopes_supported":
["openid", "profile", "email", "address",
"phone", "offline_access"],
"response_types_supported":
["code", "code id_token", "id_token", "id_token token"],
"acr_values_supported":
[],
"subject_types_supported":
["public", "pairwise"],
"userinfo_signing_alg_values_supported":
["RS256", "ES256", "HS256"],
"userinfo_encryption_alg_values_supported":
["RSA-OAEP-256", "A128KW"],
"userinfo_encryption_enc_values_supported":
["A128CBC-HS256", "A128GCM"],
"id_token_signing_alg_values_supported":
["RS256", "ES256", "HS256"],
"id_token_encryption_alg_values_supported":
["RSA-OAEP-256", "A128KW"],
"id_token_encryption_enc_values_supported":
["A128CBC-HS256", "A128GCM"],
"request_object_signing_alg_values_supported":
["none", "RS256", "ES256"],
"display_values_supported":
["page", "popup"],
"claim_types_supported":
["normal", "distributed"],
"claims_supported":
["sub", "iss", "auth_time", "acr",
"name", "given_name", "family_name", "nickname",
"profile", "picture", "website",
"email", "email_verified", "locale", "zoneinfo",
"https://unbound.se/email", "https://unbound.se/admin"],
"claims_parameter_supported":
true,
"service_documentation":
"http://auth0/",
"ui_locales_supported":
["en-US"]
issuer: `${jwksOrigin}`,
authorization_endpoint: `${jwksOrigin}authorize`,
token_endpoint: `${jwksOrigin}oauth/token`,
token_endpoint_auth_methods_supported: [
'client_secret_basic',
'private_key_jwt'
],
token_endpoint_auth_signing_alg_values_supported: ['RS256'],
userinfo_endpoint: `${jwksOrigin}userinfo`,
check_session_iframe: `${jwksOrigin}check_session`,
end_session_endpoint: `${jwksOrigin}end_session`,
jwks_uri: `${jwksOrigin}.well-known/jwks.json`,
registration_endpoint: `${jwksOrigin}register`,
scopes_supported: [
'openid',
'profile',
'email',
'address',
'phone',
'offline_access'
],
response_types_supported: [
'code',
'code id_token',
'id_token',
'id_token token'
],
acr_values_supported: [],
subject_types_supported: ['public', 'pairwise'],
userinfo_signing_alg_values_supported: ['RS256', 'ES256', 'HS256'],
userinfo_encryption_alg_values_supported: ['RSA-OAEP-256', 'A128KW'],
userinfo_encryption_enc_values_supported: ['A128CBC-HS256', 'A128GCM'],
id_token_signing_alg_values_supported: ['RS256', 'ES256', 'HS256'],
id_token_encryption_alg_values_supported: ['RSA-OAEP-256', 'A128KW'],
id_token_encryption_enc_values_supported: ['A128CBC-HS256', 'A128GCM'],
request_object_signing_alg_values_supported: ['none', 'RS256', 'ES256'],
display_values_supported: ['page', 'popup'],
claim_types_supported: ['normal', 'distributed'],
claims_supported: [
'sub',
'iss',
'auth_time',
'acr',
'name',
'given_name',
'family_name',
'nickname',
'profile',
'picture',
'website',
'email',
'email_verified',
'locale',
'zoneinfo',
'https://unbound.se/email',
'https://unbound.se/admin'
],
claims_parameter_supported: true,
service_documentation: 'http://auth0/',
ui_locales_supported: ['en-US']
})
)
})