-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
- Loading branch information
Showing
25 changed files
with
274 additions
and
99 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 2 additions & 0 deletions
2
devel/ansible/roles/dev/files/w2fm.cfg → devel/ansible/roles/dev/templates/w2fm.cfg
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,5 @@ | ||
FASJSON_URL = "https://fasjson.tinystage.test/fasjson" | ||
DATABASE__SQLALCHEMY__URL = "sqlite:////home/vagrant/w2fm.db" | ||
LOGGING_CONFIG = "/home/vagrant/logging.yaml" | ||
OIDC__PROVIDER_URL = "https://ipsilon.tinystage.test/idp/openidc" | ||
OIDC__CLIENT_ID = "{{ oidc_client_id }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
ipsilon_hostname: ipsilon.tinystage.test | ||
redirect_path: oidc/authorize | ||
redirect_url: https://{{ ansible_fqdn }}/{{ redirect_path }} | ||
dest: /home/vagrant/client_secrets.json | ||
public_client: false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
- name: Install RPM packages | ||
dnf: | ||
name: | ||
- python3-pip | ||
- python3-devel | ||
state: present | ||
|
||
- name: install oidc_register with pip | ||
pip: | ||
name: oidc-register | ||
|
||
# not sure of how to do this another way, but without this, oidc_register fails | ||
- name: Get the content of the CA cert | ||
slurp: | ||
src: /etc/ipa/ca.crt | ||
register: ca_crt | ||
- name: Put tinystage root CA in the list of CA's for httplib2 | ||
blockinfile: | ||
block: "{{ ca_crt.content | b64decode }}" | ||
path: /usr/local/lib/python{{ ansible_local["python"]["py3"]["version"] }}/site-packages/httplib2/cacerts.txt | ||
|
||
- name: register the application with oidc-register | ||
shell: | ||
cmd: oidc-register --debug {% if public_client %}--public-client{% endif %} --output-file {{ dest }} https://{{ ipsilon_hostname }}/idp/openidc/ {{ redirect_url }} | ||
creates: "{{ dest }}" | ||
become: yes | ||
become_user: vagrant |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,14 +1,10 @@ | ||
async def test_service_refresh(client, client_auth, db_service): | ||
async def test_service_refresh(client, authenticated, db_service): | ||
data = {"service_uuid": db_service.uuid} | ||
response = await client.put( | ||
f"/api/v1/services/{db_service.uuid}/regenerate", auth=client_auth, json=data | ||
) | ||
response = await client.put(f"/api/v1/services/{db_service.uuid}/regenerate", json=data) | ||
assert response.status_code == 202 | ||
|
||
|
||
async def test_service_refresh_404(client, client_auth): | ||
async def test_service_refresh_404(client, authenticated): | ||
data = {"service_uuid": "not-existent-uuid"} | ||
response = await client.put( | ||
"/api/v1/services/not-existent-uuid/regenerate", auth=client_auth, json=data | ||
) | ||
response = await client.put("/api/v1/services/not-existent-uuid/regenerate", json=data) | ||
assert response.status_code == 404 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,8 +1,8 @@ | ||
async def test_service_revoke(client, client_auth, db_service): | ||
response = await client.put(f"/api/v1/services/{db_service.uuid}/revoke", auth=client_auth) | ||
async def test_service_revoke(client, authenticated, db_service): | ||
response = await client.put(f"/api/v1/services/{db_service.uuid}/revoke") | ||
assert response.status_code == 202 | ||
|
||
|
||
async def test_service_revoke_404(client, client_auth, db_service): | ||
response = await client.put("/api/v1/services/non-existent-uuid/revoke", auth=client_auth) | ||
async def test_service_revoke_404(client, authenticated, db_service): | ||
response = await client.put("/api/v1/services/non-existent-uuid/revoke") | ||
assert response.status_code == 404 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,25 +1,19 @@ | ||
async def test_service_update(client, client_auth, db_service, db_session): | ||
async def test_service_update(client, authenticated, db_service, db_session): | ||
data = {"name": "new name"} | ||
response = await client.put( | ||
f"/api/v1/services/{db_service.uuid}", auth=client_auth, json={"data": data} | ||
) | ||
response = await client.put(f"/api/v1/services/{db_service.uuid}", json={"data": data}) | ||
assert response.status_code == 202, response.text | ||
assert response.json()["data"]["name"] == "new name" | ||
await db_session.refresh(db_service) | ||
assert db_service.name == "new name" | ||
|
||
|
||
async def test_service_update_404(client, client_auth): | ||
async def test_service_update_404(client, authenticated): | ||
data = {"name": "new name"} | ||
response = await client.put( | ||
"/api/v1/services/non-existent-uuid", auth=client_auth, json={"data": data} | ||
) | ||
response = await client.put("/api/v1/services/non-existent-uuid", json={"data": data}) | ||
assert response.status_code == 404 | ||
|
||
|
||
async def test_service_update_bad_request(client, client_auth, db_service): | ||
async def test_service_update_bad_request(client, authenticated, db_service): | ||
data = {"something-else": "extra attr"} | ||
response = await client.put( | ||
f"/api/v1/services/{db_service.uuid}", auth=client_auth, json={"data": data} | ||
) | ||
response = await client.put(f"/api/v1/services/{db_service.uuid}", json={"data": data}) | ||
assert response.status_code == 422 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.