From 578abd8feb99ef14f8e742106dc35514a602b58f Mon Sep 17 00:00:00 2001
From: Fabio Roberto Vitello <fabio.vitello@inaf.it>
Date: Wed, 22 Apr 2020 11:23:04 +0200
Subject: [PATCH] created a copy of docker-test-oidc
---
.../docker/tmss-nginxenv/docker-compose.yml | 2 +-
.../.circleci/config.yml | 100 ++++++++++++
.../HISTORY.md | 35 ++++
.../docker-test-mozilla-django-oidc/Makefile | 33 ++++
.../docker-test-mozilla-django-oidc/README.md | 98 +++++++++++
.../docker-compose.yml | 6 +
.../dockerfiles/oidc_e2e_setup_py2 | 29 ++++
.../dockerfiles/oidc_e2e_setup_py3 | 29 ++++
.../dockerfiles/oidc_testprovider | 10 ++
.../dockerfiles/oidc_testrp_py2 | 7 +
.../dockerfiles/oidc_testrp_py3 | 7 +
.../dockerfiles/oidc_testrunner | 18 +++
.../testprovider/bin/run.sh | 8 +
.../testprovider/fixtures.json | 140 ++++++++++++++++
.../testprovider/manage.py | 22 +++
.../testprovider/oidcprovider/__init__.py | 0
.../oidcprovider/management/__init__.py | 0
.../management/commands/__init__.py | 0
.../management/commands/createuser.py | 36 +++++
.../testprovider/oidcprovider/settings.py | 149 +++++++++++++++++
.../oidcprovider/templates/home.html | 14 ++
.../oidcprovider/templates/site_base.html | 28 ++++
.../testprovider/oidcprovider/urls.py | 12 ++
.../testprovider/oidcprovider/views.py | 6 +
.../testprovider/oidcprovider/wsgi.py | 16 ++
.../testprovider/requirements.txt | 4 +
.../testrp/bin/run.sh | 6 +
.../testrp/bin/run_hs.sh | 6 +
.../testrp/bin/run_rs.sh | 8 +
.../testrp/manage.py | 22 +++
.../testrp/provider_rsa.key | 6 +
.../testrp/requirements.txt | 6 +
.../testrp/testrp/__init__.py | 0
.../testrp/testrp/settings.py | 153 ++++++++++++++++++
.../testrp/testrp/templates/home.html | 22 +++
.../testrp/testrp/urls.py | 10 ++
.../testrp/testrp/views.py | 17 ++
.../testrp/testrp/wsgi.py | 16 ++
SAS/TMSS/docker/tmss-nginxenv/nginx.conf | 85 +++++++---
39 files changed, 1141 insertions(+), 25 deletions(-)
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/.circleci/config.yml
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/HISTORY.md
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/Makefile
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/README.md
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/docker-compose.yml
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_e2e_setup_py2
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_e2e_setup_py3
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_testprovider
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_testrp_py2
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_testrp_py3
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_testrunner
create mode 100755 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/bin/run.sh
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/fixtures.json
create mode 100755 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/manage.py
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/__init__.py
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/management/__init__.py
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/management/commands/__init__.py
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/management/commands/createuser.py
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/settings.py
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/templates/home.html
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/templates/site_base.html
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/urls.py
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/views.py
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/wsgi.py
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/requirements.txt
create mode 100755 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/bin/run.sh
create mode 100755 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/bin/run_hs.sh
create mode 100755 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/bin/run_rs.sh
create mode 100755 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/manage.py
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/provider_rsa.key
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/requirements.txt
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/__init__.py
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/settings.py
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/templates/home.html
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/urls.py
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/views.py
create mode 100644 SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/wsgi.py
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-compose.yml b/SAS/TMSS/docker/tmss-nginxenv/docker-compose.yml
index 3d658abd6f2..5f414b8ebc8 100644
--- a/SAS/TMSS/docker/tmss-nginxenv/docker-compose.yml
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-compose.yml
@@ -28,7 +28,7 @@ services:
- static_volume:/staticfiles
tmss_test_oidc:
build:
- context: ../../test/oidc/docker-test-mozilla-django-oidc/
+ context: ./docker-test-mozilla-django-oidc/
dockerfile: dockerfiles/oidc_testprovider
container_name: tmss_test_oidc
ports:
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/.circleci/config.yml b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/.circleci/config.yml
new file mode 100644
index 00000000000..7c2b7c3c559
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/.circleci/config.yml
@@ -0,0 +1,100 @@
+# Python CircleCI 2.0 configuration file
+#
+# Check https://circleci.com/docs/2.0/language-python/ for more details
+#
+version: 2
+jobs:
+ build:
+ docker:
+ - image: mozilla/cidockerbases:docker-latest
+ working_directory: /
+
+ steps:
+ - run:
+ name: Get info
+ command: uname -v
+
+ - setup_remote_docker
+
+ - run:
+ name: Get info
+ command: docker info
+
+ - run:
+ name: Install essential packages
+ command: apt-get install make
+
+ - checkout:
+ path: /oidc_testprovider
+
+ - run:
+ name: Build Docker images
+ working_directory: /oidc_testprovider
+ command: |
+ make build
+
+ - run:
+ name: Push to Dockerhub on tag
+ working_directory: /oidc_testprovider
+ command: |
+ function retry {
+ set +e
+ local n=0
+ local max=3
+ while true; do
+ "$@" && break || {
+ if [[ $n -lt $max ]]; then
+ ((n++))
+ echo "Command failed. Attempt $n/$max:"
+ else
+ echo "Failed after $n attempts."
+ exit 1
+ fi
+ }
+ done
+ set -e
+ }
+
+ # Namespace on dockerhub to push:
+ # https://hub.docker.com/u/mozilla/oidc-testprovider
+ export DOCKER_NAMESPACE=mozilla/oidc-testprovider
+ export IMAGES=(oidc_e2e_setup_py2 oidc_e2e_setup_py3 oidc_testprovider oidc_testrp_py2 oidc_testrp_py3 oidc_testrunner)
+
+ # If a tag was pushed to github, push tagged images and latest
+ # images to Dockerhub
+ if [ -n "${CIRCLE_TAG}" ]; then
+ # Log into Dockerhub
+ echo "${DOCKER_PASS}" | docker login -u="${DOCKER_USER}" --password-stdin
+
+ for IMAGE in "${IMAGES[@]}"
+ do
+ echo ""
+ echo ">>> WORKING ON ${IMAGE}..."
+ echo ""
+ # Tag and push tagged image.
+ retry docker tag "${IMAGE}:latest" "${DOCKER_NAMESPACE}:${IMAGE}-${CIRCLE_TAG}"
+ retry docker push "${DOCKER_NAMESPACE}:${IMAGE}-${CIRCLE_TAG}"
+
+ # Tag and push latest image.
+ retry docker tag "${IMAGE}:latest" "${DOCKER_NAMESPACE}:${IMAGE}-latest"
+ retry docker push "${DOCKER_NAMESPACE}:${IMAGE}-latest"
+ done
+ fi
+
+workflows:
+ version: 2
+
+ # workflow jobs are _not_ run in tag builds by default
+ # we use filters to whitelist jobs that should be run for tags
+
+ # workflow jobs are run in _all_ branch builds by default
+ # we use filters to blacklist jobs that shouldn't be run for a branch
+
+ # see: https://circleci.com/docs/2.0/workflows/#git-tag-job-execution
+
+ build-test-push:
+ jobs:
+ - build:
+ filters:
+ tags:
+ only: /.*/
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/HISTORY.md b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/HISTORY.md
new file mode 100644
index 00000000000..4d8d6242248
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/HISTORY.md
@@ -0,0 +1,35 @@
+HISTORY
+=======
+
+v0.9.3 (October 23rd, 2019)
+---------------------------
+
+Bugs:
+
+* fix docker push code
+
+
+v0.9.2 (October 22nd, 2019)
+---------------------------
+
+No substantive changes. Doing a new tag so as to push images to dockerhub.
+
+
+v0.9.1 (October 22nd, 2019)
+---------------------------
+
+Bugs:
+
+* fix `build` and `pull` rules in Makefile to use the correct tags
+
+
+v0.9.0 (October 22nd, 2019)
+---------------------------
+
+First tagged release.
+
+Features:
+
+* new `createuser` command in `oidc_testprovider` image
+* redid how images are tagged and we're now pushing them to dockerhub
+ in the `mozilla` user
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/Makefile b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/Makefile
new file mode 100644
index 00000000000..091744b7953
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/Makefile
@@ -0,0 +1,33 @@
+DEFAULT_GOAL := help
+
+NS ?= mozilla/oidc-testprovider
+IMAGES := oidc_testprovider oidc_testrunner oidc_testrp_py2 oidc_testrp_py3 oidc_e2e_setup_py2 oidc_e2e_setup_py3
+BUILD := $(addprefix build-,${IMAGES})
+PULL := $(addprefix pull-,$(IMAGES))
+CLEAN := $(addprefix clean-,$(IMAGES))
+
+.PHONY: help
+help:
+ @fgrep -h "##" Makefile | fgrep -v fgrep | sed 's/\(.*\):.*##/\1:/'
+
+.PHONY: build
+build: ${BUILD} ## Build all images
+
+.PHONY: pull
+pull: ${PULL} ## Pull all -latest images
+
+.PHONY: clean
+clean: ${CLEAN} ## Clean images and other artifacts
+
+.PHONY: ${BUILD}
+${BUILD}: build-%:
+ docker build -t $* -f dockerfiles/$* .
+
+.PHONY: ${PULL}
+${PULL}: pull-%:
+ docker pull ${NS}:$*-latest
+
+.PHONY: ${CLEAN}
+${CLEAN}: clean-%:
+ docker rmi ${NS}/$(subst _py,:py,$(*))
+ docker rmi $(subst _py,:py,$(*))
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/README.md b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/README.md
new file mode 100644
index 00000000000..9037b454463
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/README.md
@@ -0,0 +1,98 @@
+# docker-test-mozilla-django-oidc
+
+The purpose of these docker images is to setup a local environment to develop and test
+`mozilla-django-oidc`.
+
+
+## oidc-testprovider
+
+https://hub.docker.com/r/mozilla/oidc-testprovider/tags?name=testprovider
+
+* Provides a docker image for an OIDC OP with preconfigured OIDC client IDs and secrets
+* OIDC provider endpoint is exposed in port `8080`
+* Provides a Django management command for creating users
+* Uses `django-oidc-provider`
+
+
+### Usage
+
+In order for this setup to work `testprovider`, `testrp` hostnames should resolve to the
+IP of the docker image (for local development it's `127.0.0.1`).
+
+You can add the resolution to your `/etc/hosts` file.
+
+You can also use [nip.io](http://nip.io/). For example, if you name the service
+"oidcprovider", then you could have these three variables:
+
+```
+OIDC_OP_AUTHORIZATION_ENDPOINT=http://oidcprovider.127.0.0.1.nip.io:8080/openid/authorize
+OIDC_OP_TOKEN_ENDPOINT=http://oidcprovider.127.0.0.1.nip.io:8080/openid/token
+OIDC_OP_USER_ENDPOINT=http://oidcprovider.127.0.0.1.nip.io:8080/openid/userinfo
+```
+
+### Example setup
+
+`docker-compose.yml`
+
+```
+version: '3'
+services:
+ testprovider:
+ image: mozilla/oidc-testprovider:oidc_testprovider-v0.9.3
+ ports:
+ - "8080:8080"
+```
+
+
+### Creating users in the container
+
+The `testprovider` image has a Django management command for creating users in
+the OIDC provider. This lets you create users on the command line.
+
+With an already running `testprovider` container run:
+
+```
+docker-compose exec testprovider manage.py createuser USERNAME PASSWORD EMAIL
+```
+
+
+## Other images
+
+All images are pushed to: https://hub.docker.com/r/mozilla/oidc-testprovider
+
+* `oidc_testprovider` (See above)
+* `oidc_testrunner`
+* `oidc_testrp_py{2,3}`
+ * Test django project preconfigured to work with `testprovider`
+ * Uses `mozilla-django-oidc` as an authentication backend
+ * Test RP is exposed in port `8081`
+ * Builds based in both python 2/3
+ * Environment variables
+ * `TEST_OIDC_ALGO={hs,rs}`
+* `oidc_e2e_setup_py{2,3}`
+ * Dockerized setup for e2e testing of mozilla-django-oidc
+
+
+### Example setup for oidc_testrp
+
+`docker-compose.yml`
+
+```
+version: '3'
+services:
+ testrp:
+ image: mozilla/oidc-testprovider:oidc_testrp_py3-v0.9.3
+ ports:
+ - "8081:8081"
+ environment:
+ - TEST_OIDC_ALGO=hs
+```
+
+## Development
+
+We use `make` to automate the docker image workflow.
+
+For more info run `make help`.
+
+Pushing a tag to GitHub will trigger building images and uploading them
+to Dockerhub.
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/docker-compose.yml b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/docker-compose.yml
new file mode 100644
index 00000000000..a1022994588
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/docker-compose.yml
@@ -0,0 +1,6 @@
+version: '3'
+services:
+ testprovider:
+ image: mozilla/oidc-testprovider:oidc_testprovider-v0.9.3
+ ports:
+ - "8080:8080"
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_e2e_setup_py2 b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_e2e_setup_py2
new file mode 100644
index 00000000000..ac0e6a7bf38
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_e2e_setup_py2
@@ -0,0 +1,29 @@
+FROM python:2-stretch
+
+EXPOSE 8080 8081
+
+RUN pip install virtualenv
+RUN virtualenv /testrp_env
+RUN virtualenv /testprovider_env
+
+COPY testprovider /testprovider/
+COPY testrp /testrp/
+
+RUN . /testprovider_env/bin/activate && pip install -r /testprovider/requirements.txt
+RUN . /testrp_env/bin/activate && pip install -r /testrp/requirements.txt
+
+# Install python and python dependencies
+RUN apt-get update && \
+ apt-get install -y wait-for-it
+
+# Install firefox
+RUN apt-get install -y --no-install-recommends firefox-esr && \
+ wget "https://download.mozilla.org/?product=firefox-latest&os=linux64&lang=en-US" -O /tmp/firefox.tar.bz2 && \
+ tar xvf /tmp/firefox.tar.bz2 -C /opt && \
+ rm /usr/bin/firefox && \
+ ln -s /opt/firefox/firefox /usr/bin/firefox
+
+# Install geckodriver
+RUN wget "https://github.com/mozilla/geckodriver/releases/download/v0.23.0/geckodriver-v0.23.0-linux32.tar.gz" -O /tmp/geckodriver.tar.gz && \
+ tar xvf /tmp/geckodriver.tar.gz -C /opt && \
+ ln -s /opt/geckodriver /usr/bin/geckodriver
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_e2e_setup_py3 b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_e2e_setup_py3
new file mode 100644
index 00000000000..9ed6e566c6b
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_e2e_setup_py3
@@ -0,0 +1,29 @@
+FROM python:3.6-stretch
+
+EXPOSE 8080 8081
+
+RUN pip install virtualenv
+RUN virtualenv /testrp_env
+RUN virtualenv /testprovider_env
+
+COPY testprovider /testprovider/
+COPY testrp /testrp/
+
+RUN . /testprovider_env/bin/activate && pip install -r /testprovider/requirements.txt
+RUN . /testrp_env/bin/activate && pip install -r /testrp/requirements.txt
+
+# Install python and python dependencies
+RUN apt-get update && \
+ apt-get install -y wait-for-it
+
+# Install firefox
+RUN apt-get install -y --no-install-recommends firefox-esr && \
+ wget "https://download.mozilla.org/?product=firefox-latest&os=linux64&lang=en-US" -O /tmp/firefox.tar.bz2 && \
+ tar xvf /tmp/firefox.tar.bz2 -C /opt && \
+ rm /usr/bin/firefox && \
+ ln -s /opt/firefox/firefox /usr/bin/firefox
+
+# Install geckodriver
+RUN wget "https://github.com/mozilla/geckodriver/releases/download/v0.23.0/geckodriver-v0.23.0-linux32.tar.gz" -O /tmp/geckodriver.tar.gz && \
+ tar xvf /tmp/geckodriver.tar.gz -C /opt && \
+ ln -s /opt/geckodriver /usr/bin/geckodriver
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_testprovider b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_testprovider
new file mode 100644
index 00000000000..e93084d98a1
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_testprovider
@@ -0,0 +1,10 @@
+FROM python:3.6
+EXPOSE 8088
+WORKDIR /code
+
+COPY testprovider/requirements.txt /code/
+RUN pip install -r requirements.txt
+
+COPY testprovider /code/
+
+CMD ./bin/run.sh
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_testrp_py2 b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_testrp_py2
new file mode 100644
index 00000000000..369b2742d7c
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_testrp_py2
@@ -0,0 +1,7 @@
+FROM python:2-stretch
+EXPOSE 8081
+COPY testrp /code/
+WORKDIR /code
+
+RUN pip install -r requirements.txt
+CMD ./bin/run.sh
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_testrp_py3 b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_testrp_py3
new file mode 100644
index 00000000000..f4d52e4dfe6
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_testrp_py3
@@ -0,0 +1,7 @@
+FROM python:3-stretch
+EXPOSE 8081
+COPY testrp /code/
+WORKDIR /code
+
+RUN pip install -r requirements.txt
+CMD ./bin/run.sh
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_testrunner b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_testrunner
new file mode 100644
index 00000000000..422da4a0322
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/dockerfiles/oidc_testrunner
@@ -0,0 +1,18 @@
+FROM python:3-stretch
+
+# Install python and python dependencies
+RUN apt-get update && \
+ apt-get install -y wait-for-it && \
+ pip install six splinter
+
+# Install firefox
+RUN apt-get install -y --no-install-recommends firefox-esr && \
+ wget "https://download.mozilla.org/?product=firefox-latest&os=linux64&lang=en-US" -O /tmp/firefox.tar.bz2 && \
+ tar xvf /tmp/firefox.tar.bz2 -C /opt && \
+ rm /usr/bin/firefox && \
+ ln -s /opt/firefox/firefox /usr/bin/firefox
+
+# Install geckodriver
+RUN wget "https://github.com/mozilla/geckodriver/releases/download/v0.23.0/geckodriver-v0.23.0-linux32.tar.gz" -O /tmp/geckodriver.tar.gz && \
+ tar xvf /tmp/geckodriver.tar.gz -C /opt && \
+ ln -s /opt/geckodriver /usr/bin/geckodriver
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/bin/run.sh b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/bin/run.sh
new file mode 100755
index 00000000000..faf5bf5ed8e
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/bin/run.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+if [ -n "$OIDC_OP_CALLBACK_ENDPOINT" ]; then sed -i "s|http://localhost:8000/oidc/callback/|$OIDC_OP_CALLBACK_ENDPOINT|" fixtures.json; fi
+
+python manage.py migrate --noinput
+python manage.py loaddata fixtures.json
+python ./manage.py createuser paulus pauluspass paulus@localhost
+python manage.py runserver 0.0.0.0:8088
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/fixtures.json b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/fixtures.json
new file mode 100644
index 00000000000..43edad324d9
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/fixtures.json
@@ -0,0 +1,140 @@
+[
+ {
+ "model": "sites.site",
+ "pk": 1,
+ "fields": {
+ "domain": "testprovider:8088",
+ "name": "testprovider"
+ }
+ },
+ {
+ "model": "oidc_provider.responsetype",
+ "pk": 1,
+ "fields": {
+ "value": "code",
+ "description": "code (Authorization Code Flow)"
+ }
+ },
+ {
+ "model": "oidc_provider.responsetype",
+ "pk": 2,
+ "fields": {
+ "value": "id_token",
+ "description": "id_token (Implicit Flow)"
+ }
+ },
+ {
+ "model": "oidc_provider.responsetype",
+ "pk": 3,
+ "fields": {
+ "value": "id_token token",
+ "description": "id_token token (Implicit Flow)"
+ }
+ },
+ {
+ "model": "oidc_provider.responsetype",
+ "pk": 4,
+ "fields": {
+ "value": "code token",
+ "description": "code token (Hybrid Flow)"
+ }
+ },
+ {
+ "model": "oidc_provider.responsetype",
+ "pk": 5,
+ "fields": {
+ "value": "code id_token",
+ "description": "code id_token (Hybrid Flow)"
+ }
+ },
+ {
+ "model": "oidc_provider.responsetype",
+ "pk": 6,
+ "fields": {
+ "value": "code id_token token",
+ "description": "code id_token token (Hybrid Flow)"
+ }
+ },
+ {
+ "model": "oidc_provider.client",
+ "pk": 1,
+ "fields": {
+ "name": "testrpHS256",
+ "owner": null,
+ "client_type": "confidential",
+ "client_id": "1",
+ "client_secret": "secret",
+ "jwt_alg": "HS256",
+ "date_created": "2017-11-10",
+ "website_url": "",
+ "terms_url": "",
+ "contact_email": "",
+ "logo": "",
+ "reuse_consent": true,
+ "require_consent": true,
+ "_redirect_uris": "http://localhost/oidc/callback/",
+ "_post_logout_redirect_uris": "",
+ "_scope": "",
+ "response_types": [
+ 1
+ ]
+ }
+ },
+ {
+ "model": "oidc_provider.client",
+ "pk": 2,
+ "fields": {
+ "name": "testrpHS256",
+ "owner": null,
+ "client_type": "confidential",
+ "client_id": "2",
+ "client_secret": "secret",
+ "jwt_alg": "HS256",
+ "date_created": "2017-11-10",
+ "website_url": "",
+ "terms_url": "",
+ "contact_email": "",
+ "logo": "",
+ "reuse_consent": true,
+ "require_consent": true,
+ "_redirect_uris": "http://localhost:8000/oidc/callback/",
+ "_post_logout_redirect_uris": "",
+ "_scope": "",
+ "response_types": [
+ 1
+ ]
+ }
+ },
+ {
+ "model": "oidc_provider.client",
+ "pk": 3,
+ "fields": {
+ "name": "testrpRS256",
+ "owner": null,
+ "client_type": "confidential",
+ "client_id": "3",
+ "client_secret": "secret",
+ "jwt_alg": "RS256",
+ "date_created": "2017-11-10",
+ "website_url": "",
+ "terms_url": "",
+ "contact_email": "",
+ "logo": "",
+ "reuse_consent": true,
+ "require_consent": true,
+ "_redirect_uris": "http://localhost:8000/oidc/callback/",
+ "_post_logout_redirect_uris": "",
+ "_scope": "",
+ "response_types": [
+ 1
+ ]
+ }
+ },
+ {
+ "model": "oidc_provider.rsakey",
+ "pk": 3,
+ "fields": {
+ "key": "-----BEGIN RSA PRIVATE KEY-----\nMIICXAIBAAKBgQDAAgiIdiJG7GSMKTRbnGjWpHp1ulJ43/iQjDywWh5MP3in2PK8\nPVI6ItxIFLV81nWZMymA7hjfP7adOlxKY6rI+fExn8cTimI3W/oX6mHrPXm52uj/\nwe839pxxkeD7cmWgaif9Sujuy5AHUuUM1BTlO55POHkmhWyYMKC2P29qgQIDAQAB\nAoGAUHdJri6b1M8yoA6Qk6frw7AwZfAMqf1qxOEQefN6aQfcf7MKntqwAA8l88tB\n96xEokxvo0mlAMJJvIB9tusn4dIHKpmQGacQWVd/KONxPkvyuGgQXX5KCusZTbg7\ni6YQM52RGbExVFWLdGYJRBvzyfRkWX0b4LiderPZUiD6J/UCQQDZIgnLqYyGw3Ro\nnNboWYyOtLhKMF59f/0aSMXLlWdsnFG8kVm/7tw6jcDBalELci/+ExL2JACGwDea\n8DpvWiEDAkEA4mCovWmMDiS8tQCeY5NDic1wMp51+Ya8RX47bvb5F+X7SSE9L87y\n6eU9zVBSY8F+9npkvrxoU9PlKbS3Lzz1KwJAZ5/8BsuS+lnbe3Wmhtr93rlW3mk5\nHzHu7BVg+GkEI+xygcjoiVYImpU+MdB4fzrutpYJzZie+7BOmU4exTfBWwJBAKj+\nN3mO/Xrhee41VAhJuzV4I7XmDXQFXS8TmRKxVCq/COQC6EZ0W2q4M3a964OEw18E\n54hr5gYOPRjxS378JpkCQDjKw2Vyw0S0M8O2hOGuNsUtlGApYKt2iA41jGUf7bvO\nWz/tQuEIXQMd4e9zxNxOzPJOtjR1gyPZyi/FvsgDJDU=\n-----END RSA PRIVATE KEY-----"
+ }
+ }
+]
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/manage.py b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/manage.py
new file mode 100755
index 00000000000..5fccf17e2ac
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/manage.py
@@ -0,0 +1,22 @@
+#!/usr/bin/env python
+import os
+import sys
+
+if __name__ == "__main__":
+ os.environ.setdefault("DJANGO_SETTINGS_MODULE", "oidcprovider.settings")
+ try:
+ from django.core.management import execute_from_command_line
+ except ImportError:
+ # The above import may fail for some other reason. Ensure that the
+ # issue is really that Django is missing to avoid masking other
+ # exceptions on Python 2.
+ try:
+ import django
+ except ImportError:
+ raise ImportError(
+ "Couldn't import Django. Are you sure it's installed and "
+ "available on your PYTHONPATH environment variable? Did you "
+ "forget to activate a virtual environment?"
+ )
+ raise
+ execute_from_command_line(sys.argv)
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/__init__.py b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/__init__.py
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/management/__init__.py b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/management/__init__.py
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/management/commands/__init__.py b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/management/commands/__init__.py
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/management/commands/createuser.py b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/management/commands/createuser.py
new file mode 100644
index 00000000000..76eb780c1f5
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/management/commands/createuser.py
@@ -0,0 +1,36 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+"""
+Create a user in the OIDC provider.
+"""
+
+from django.contrib.auth.models import User
+from django.core.management.base import BaseCommand
+
+
+class Command(BaseCommand):
+ help = "Create a user in the OIDC provider."
+
+ def add_arguments(self, parser):
+ parser.add_argument("username", help="account username")
+ parser.add_argument("password", help="account password")
+ parser.add_argument("email", help="account email address")
+ parser.add_argument("groups", help="account user groups", nargs='*')
+
+ def handle(self, **options):
+ username = options["username"]
+ password = options["password"]
+ email = options["email"]
+ groups = options["groups"]
+
+ if User.objects.filter(username=username).exists():
+ self.stdout.write("User {} already exists.".format(username))
+ return
+
+ user = User.objects.create(username=username, email=email)
+ user.set_password(password)
+ user.groups.set(groups)
+ user.save()
+ self.stdout.write("User {} created.".format(username))
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/settings.py b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/settings.py
new file mode 100644
index 00000000000..9f2eca62c36
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/settings.py
@@ -0,0 +1,149 @@
+"""
+Django settings for oidcprovider project.
+
+Generated by 'django-admin startproject' using Django 1.11.6.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/1.11/topics/settings/
+
+For the full list of settings and their values, see
+https://docs.djangoproject.com/en/1.11/ref/settings/
+"""
+
+import os
+
+# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
+BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
+
+
+# Quick-start development settings - unsuitable for production
+# See https://docs.djangoproject.com/en/1.11/howto/deployment/checklist/
+
+# SECURITY WARNING: keep the secret key used in production secret!
+SECRET_KEY = '_brj&4ea0ec%ybc(rz32jpqwypdy4@d9lttg&g7!^e(m!-52si'
+SESSION_COOKIE_NAME = 'oidcprovider'
+
+# SECURITY WARNING: don't run with debug turned on in production!
+DEBUG = True
+
+ALLOWED_HOSTS = ['*']
+SITE_ID = 1
+
+# Application definition
+
+INSTALLED_APPS = [
+ 'django.contrib.admin',
+ 'django.contrib.auth',
+ 'django.contrib.contenttypes',
+ 'django.contrib.sessions',
+ 'django.contrib.messages',
+ 'django.contrib.staticfiles',
+ 'django.contrib.sites',
+
+ 'oidc_provider',
+ 'oidcprovider',
+ 'pinax_theme_bootstrap',
+ 'account',
+ 'bootstrapform',
+
+
+]
+
+MIDDLEWARE = [
+ 'django.middleware.security.SecurityMiddleware',
+ 'django.contrib.sessions.middleware.SessionMiddleware',
+ 'django.middleware.common.CommonMiddleware',
+ 'django.middleware.csrf.CsrfViewMiddleware',
+ 'django.contrib.auth.middleware.AuthenticationMiddleware',
+ 'django.contrib.messages.middleware.MessageMiddleware',
+ 'django.middleware.clickjacking.XFrameOptionsMiddleware',
+
+ # django-user-accounts
+ 'account.middleware.LocaleMiddleware',
+ 'account.middleware.TimezoneMiddleware'
+]
+
+ROOT_URLCONF = 'oidcprovider.urls'
+
+TEMPLATES = [
+ {
+ 'BACKEND': 'django.template.backends.django.DjangoTemplates',
+ 'DIRS': [],
+ 'APP_DIRS': True,
+ 'OPTIONS': {
+ 'context_processors': [
+ 'django.template.context_processors.debug',
+ 'django.template.context_processors.request',
+ 'django.contrib.auth.context_processors.auth',
+ 'django.contrib.messages.context_processors.messages',
+ 'pinax_theme_bootstrap.context_processors.theme',
+ 'account.context_processors.account',
+ ],
+ },
+ },
+]
+
+WSGI_APPLICATION = 'oidcprovider.wsgi.application'
+
+
+# Database
+# https://docs.djangoproject.com/en/1.11/ref/settings/#databases
+
+DATABASES = {
+ 'default': {
+ 'ENGINE': 'django.db.backends.sqlite3',
+ 'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
+ }
+}
+
+
+# Password validation
+# https://docs.djangoproject.com/en/1.11/ref/settings/#auth-password-validators
+
+AUTH_PASSWORD_VALIDATORS = [
+ {
+ 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
+ },
+ {
+ 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
+ },
+ {
+ 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
+ },
+ {
+ 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
+ },
+]
+
+
+# Internationalization
+# https://docs.djangoproject.com/en/1.11/topics/i18n/
+
+LANGUAGE_CODE = 'en-us'
+
+TIME_ZONE = 'UTC'
+
+USE_I18N = True
+
+USE_L10N = True
+
+USE_TZ = True
+
+
+# Static files (CSS, JavaScript, Images)
+# https://docs.djangoproject.com/en/1.11/howto/static-files/
+
+STATIC_URL = '/static/'
+
+
+# OIDC provider settings
+LOGIN_URL = '/account/login'
+ACCOUNT_EMAIL_CONFIRMATION_EMAIL = False
+
+
+# Workaround to actually delete the account instead of marking it as inactive
+def _delete_user(obj):
+ obj.user.delete()
+
+
+ACCOUNT_DELETION_MARK_CALLBACK = _delete_user
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/templates/home.html b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/templates/home.html
new file mode 100644
index 00000000000..6daa9168437
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/templates/home.html
@@ -0,0 +1,14 @@
+{% extends "site_base.html" %}
+
+{% block head_title %}Home{% endblock %}
+
+{% block body %}
+<h1>Welcome to {% if SITE_NAME %}{{ SITE_NAME }}{% else %}testprovider{% endif %}!</h1>
+<div>
+ {% if request.user.is_authenticated %}
+ <p>Current user: {{ user.email }}</p>
+ {% else %}
+ <p>User not logged in</p>
+ {% endif %}
+</div>
+{% endblock body %}
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/templates/site_base.html b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/templates/site_base.html
new file mode 100644
index 00000000000..909a80cc317
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/templates/site_base.html
@@ -0,0 +1,28 @@
+{% extends "theme_bootstrap/base.html" %}
+{% load static %}
+
+{% block footer %}
+ <p>Test OIDC provider</p>
+{% endblock %}
+
+{% block styles %}
+ <link rel="stylesheet" href="{% static 'pinax/css/theme.css' %}">
+ <link rel="stylesheet"
+ href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css"
+ integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u"
+ crossorigin="anonymous">
+ <link rel="stylesheet"
+ href="https://stackpath.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css"
+ integrity="sha384-MI32KR77SgI9QAPUs+6R7leEOwtop70UsjEtFEezfKnMjXWx15NENsZpfDgq8m8S"
+ crossorigin="anonymous">
+{% endblock styles %}
+
+{% block scripts %}
+ <script src="https://code.jquery.com/jquery-2.2.4.min.js"
+ integrity="sha384-rY/jv8mMhqDabXSo+UCggqKtdmBfd3qC2/KvyTDNQ6PcUJXaxK1tMepoQda4g5vB"
+ crossorigin="anonymous"></script>
+ <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"
+ integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa"
+ crossorigin="anonymous"></script>
+{% endblock scripts %}
+
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/urls.py b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/urls.py
new file mode 100644
index 00000000000..3f8296b1167
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/urls.py
@@ -0,0 +1,12 @@
+from django.conf.urls import include, url
+from django.contrib import admin
+
+from .views import HomePageView
+
+urlpatterns = [
+ url(r'^openid/', include('oidc_provider.urls', namespace='oidc_provider')),
+ url(r'^account/', include('account.urls')),
+ url(r'^admin/', admin.site.urls),
+ url(r'^$', HomePageView.as_view(), name='home'),
+
+]
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/views.py b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/views.py
new file mode 100644
index 00000000000..14cc50fec47
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/views.py
@@ -0,0 +1,6 @@
+from django.views.generic.base import TemplateView
+
+
+class HomePageView(TemplateView):
+
+ template_name = "home.html"
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/wsgi.py b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/wsgi.py
new file mode 100644
index 00000000000..a995efc0526
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/oidcprovider/wsgi.py
@@ -0,0 +1,16 @@
+"""
+WSGI config for oidcprovider project.
+
+It exposes the WSGI callable as a module-level variable named ``application``.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/1.11/howto/deployment/wsgi/
+"""
+
+import os
+
+from django.core.wsgi import get_wsgi_application
+
+os.environ.setdefault("DJANGO_SETTINGS_MODULE", "oidcprovider.settings")
+
+application = get_wsgi_application()
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/requirements.txt b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/requirements.txt
new file mode 100644
index 00000000000..78415f8c8b0
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testprovider/requirements.txt
@@ -0,0 +1,4 @@
+django<3
+django-oidc-provider
+django-user-accounts
+pinax-theme-bootstrap
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/bin/run.sh b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/bin/run.sh
new file mode 100755
index 00000000000..6c365a5d40d
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/bin/run.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+TEST_OIDC_ALGO=${TEST_OIDC_ALGO}
+RUNNER="./bin/run_$TEST_OIDC_ALGO.sh"
+
+exec $RUNNER
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/bin/run_hs.sh b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/bin/run_hs.sh
new file mode 100755
index 00000000000..d2880cfa48e
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/bin/run_hs.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+export OIDC_RP_CLIENT_ID='1'
+export OIDC_RP_CLIENT_SECRET='bd01adf93cfb'
+python manage.py migrate --noinput
+python manage.py runserver 0.0.0.0:8081
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/bin/run_rs.sh b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/bin/run_rs.sh
new file mode 100755
index 00000000000..82e27b82659
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/bin/run_rs.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+
+export OIDC_RP_IDP_SIGN_KEY=$(cat provider_rsa.key)
+export OIDC_RP_CLIENT_ID='2'
+export OIDC_RP_CLIENT_SECRET='a6b4dad2f215'
+export OIDC_RP_SIGN_ALGO='RS256'
+python manage.py migrate --noinput
+python manage.py runserver 0.0.0.0:8081
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/manage.py b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/manage.py
new file mode 100755
index 00000000000..b588f3da043
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/manage.py
@@ -0,0 +1,22 @@
+#!/usr/bin/env python
+import os
+import sys
+
+if __name__ == "__main__":
+ os.environ.setdefault("DJANGO_SETTINGS_MODULE", "testrp.settings")
+ try:
+ from django.core.management import execute_from_command_line
+ except ImportError:
+ # The above import may fail for some other reason. Ensure that the
+ # issue is really that Django is missing to avoid masking other
+ # exceptions on Python 2.
+ try:
+ import django
+ except ImportError:
+ raise ImportError(
+ "Couldn't import Django. Are you sure it's installed and "
+ "available on your PYTHONPATH environment variable? Did you "
+ "forget to activate a virtual environment?"
+ )
+ raise
+ execute_from_command_line(sys.argv)
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/provider_rsa.key b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/provider_rsa.key
new file mode 100644
index 00000000000..8d4b4180509
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/provider_rsa.key
@@ -0,0 +1,6 @@
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDAAgiIdiJG7GSMKTRbnGjWpHp1
+ulJ43/iQjDywWh5MP3in2PK8PVI6ItxIFLV81nWZMymA7hjfP7adOlxKY6rI+fEx
+n8cTimI3W/oX6mHrPXm52uj/we839pxxkeD7cmWgaif9Sujuy5AHUuUM1BTlO55P
+OHkmhWyYMKC2P29qgQIDAQAB
+-----END PUBLIC KEY-----
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/requirements.txt b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/requirements.txt
new file mode 100644
index 00000000000..4bb815165fb
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/requirements.txt
@@ -0,0 +1,6 @@
+django
+djangorestframework
+python-decouple
+mozilla-django-oidc
+six
+splinter
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/__init__.py b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/__init__.py
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/settings.py b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/settings.py
new file mode 100644
index 00000000000..e746e99f9d0
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/settings.py
@@ -0,0 +1,153 @@
+"""
+Django settings for testrp project.
+
+Generated by 'django-admin startproject' using Django 1.11.6.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/1.11/topics/settings/
+
+For the full list of settings and their values, see
+https://docs.djangoproject.com/en/1.11/ref/settings/
+"""
+
+import os
+
+from decouple import config
+
+
+# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
+BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
+
+
+# Quick-start development settings - unsuitable for production
+# See https://docs.djangoproject.com/en/1.11/howto/deployment/checklist/
+
+# SECURITY WARNING: keep the secret key used in production secret!
+SECRET_KEY = '@n!q#(pw!ta3_^*!i7&8m(ev91qdju(5^ijx)a%5+upwv+s_u-'
+
+# SECURITY WARNING: don't run with debug turned on in production!
+DEBUG = True
+
+ALLOWED_HOSTS = ['*']
+
+
+# Application definition
+
+INSTALLED_APPS = [
+ 'django.contrib.admin',
+ 'django.contrib.auth',
+ 'django.contrib.contenttypes',
+ 'django.contrib.sessions',
+ 'django.contrib.messages',
+ 'django.contrib.staticfiles',
+
+ 'rest_framework',
+ 'mozilla_django_oidc',
+ 'testrp'
+]
+
+MIDDLEWARE = [
+ 'django.middleware.security.SecurityMiddleware',
+ 'django.contrib.sessions.middleware.SessionMiddleware',
+ 'django.middleware.common.CommonMiddleware',
+ 'django.middleware.csrf.CsrfViewMiddleware',
+ 'django.contrib.auth.middleware.AuthenticationMiddleware',
+ 'django.contrib.messages.middleware.MessageMiddleware',
+ 'django.middleware.clickjacking.XFrameOptionsMiddleware',
+]
+
+# Django<1.10 Compatibility
+MIDDLEWARE_CLASSES = MIDDLEWARE
+
+ROOT_URLCONF = 'testrp.urls'
+
+TEMPLATES = [
+ {
+ 'BACKEND': 'django.template.backends.django.DjangoTemplates',
+ 'DIRS': [],
+ 'APP_DIRS': True,
+ 'OPTIONS': {
+ 'context_processors': [
+ 'django.template.context_processors.debug',
+ 'django.template.context_processors.request',
+ 'django.contrib.auth.context_processors.auth',
+ 'django.contrib.messages.context_processors.messages',
+ ],
+ },
+ },
+]
+
+WSGI_APPLICATION = 'testrp.wsgi.application'
+
+
+# Database
+# https://docs.djangoproject.com/en/1.11/ref/settings/#databases
+
+DATABASES = {
+ 'default': {
+ 'ENGINE': 'django.db.backends.sqlite3',
+ 'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
+ }
+}
+
+
+# Password validation
+# https://docs.djangoproject.com/en/1.11/ref/settings/#auth-password-validators
+
+AUTH_PASSWORD_VALIDATORS = [
+ {
+ 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
+ },
+ {
+ 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
+ },
+ {
+ 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
+ },
+ {
+ 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
+ },
+]
+
+
+# Internationalization
+# https://docs.djangoproject.com/en/1.11/topics/i18n/
+
+LANGUAGE_CODE = 'en-us'
+
+TIME_ZONE = 'UTC'
+
+USE_I18N = True
+
+USE_L10N = True
+
+USE_TZ = True
+
+
+# Static files (CSS, JavaScript, Images)
+# https://docs.djangoproject.com/en/1.11/howto/static-files/
+
+STATIC_URL = '/static/'
+
+REST_FRAMEWORK = {
+ 'DEFAULT_AUTHENTICATION_CLASSES': [
+ 'mozilla_django_oidc.contrib.drf.OIDCAuthentication'
+ ]
+}
+
+
+# OIDC SETUP
+AUTHENTICATION_BACKENDS = (
+ 'mozilla_django_oidc.auth.OIDCAuthenticationBackend',
+)
+
+OIDC_RP_CLIENT_ID = config('OIDC_RP_CLIENT_ID')
+OIDC_RP_CLIENT_SECRET = config('OIDC_RP_CLIENT_SECRET')
+OIDC_RP_SIGN_ALGO = config('OIDC_RP_SIGN_ALGO', default='HS256')
+OIDC_RP_IDP_SIGN_KEY = config('OIDC_RP_IDP_SIGN_KEY', default=None)
+OIDC_OP_AUTHORIZATION_ENDPOINT = 'http://testprovider:8080/openid/authorize'
+OIDC_OP_TOKEN_ENDPOINT = 'http://testprovider:8080/openid/token'
+OIDC_OP_USER_ENDPOINT = 'http://testprovider:8080/openid/userinfo'
+
+LOGOUT_REDIRECT_URL = '/'
+LOGIN_REDIRECT_URL = '/'
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/templates/home.html b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/templates/home.html
new file mode 100644
index 00000000000..0b07cc8c9ec
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/templates/home.html
@@ -0,0 +1,22 @@
+<html>
+ <body>
+ <div>
+ Welcome to testrp!
+ </div>
+ <div>
+ {% if request.user.is_authenticated %}
+ <p>Current user: {{ user.email }}</p>
+ <div>
+ <form action="/oidc/logout/" method="POST">
+ {% csrf_token %}
+ <input type="submit" value="Logout"/>
+ </form>
+ </div>
+ {% else %}
+ <a href="{% url 'oidc_authentication_init' %}">
+ Login
+ </a>
+ {% endif %}
+ </div>
+ </body>
+</html>
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/urls.py b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/urls.py
new file mode 100644
index 00000000000..beaf5a59208
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/urls.py
@@ -0,0 +1,10 @@
+from django.conf.urls import include, url
+
+from .views import HomePageView, TestAPIView
+
+
+urlpatterns = [
+ url(r'^oidc/', include('mozilla_django_oidc.urls')),
+ url(r'^api/$', TestAPIView.as_view(), name='api'),
+ url(r'^$', HomePageView.as_view(), name='home')
+]
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/views.py b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/views.py
new file mode 100644
index 00000000000..47b860cce32
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/views.py
@@ -0,0 +1,17 @@
+from django.views.generic.base import TemplateView
+from mozilla_django_oidc.utils import is_authenticated
+from rest_framework.response import Response
+from rest_framework.views import APIView
+
+
+class HomePageView(TemplateView):
+
+ template_name = "home.html"
+
+
+class TestAPIView(APIView):
+
+ def get(self, request):
+ return Response({
+ 'is_authenticated': is_authenticated(request.user)
+ })
diff --git a/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/wsgi.py b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/wsgi.py
new file mode 100644
index 00000000000..ea4648b82c5
--- /dev/null
+++ b/SAS/TMSS/docker/tmss-nginxenv/docker-test-mozilla-django-oidc/testrp/testrp/wsgi.py
@@ -0,0 +1,16 @@
+"""
+WSGI config for testrp project.
+
+It exposes the WSGI callable as a module-level variable named ``application``.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/1.11/howto/deployment/wsgi/
+"""
+
+import os
+
+from django.core.wsgi import get_wsgi_application
+
+os.environ.setdefault("DJANGO_SETTINGS_MODULE", "testrp.settings")
+
+application = get_wsgi_application()
diff --git a/SAS/TMSS/docker/tmss-nginxenv/nginx.conf b/SAS/TMSS/docker/tmss-nginxenv/nginx.conf
index be69719c08d..55ef8eccd0b 100644
--- a/SAS/TMSS/docker/tmss-nginxenv/nginx.conf
+++ b/SAS/TMSS/docker/tmss-nginxenv/nginx.conf
@@ -10,6 +10,17 @@ http {
server {
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+
+ proxy_redirect off;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Host $server_name;
+
+
location / {
try_files $uri @proxy_to_app;
}
@@ -20,36 +31,62 @@ http {
location @proxy_to_app {
proxy_pass http://django;
-
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
-
- proxy_redirect off;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Host $server_name;
}
+location /openid/ {
+ proxy_pass http://tmss_test_oidc:8088;
+ }
- location /openid/ {
- proxy_pass http://tmss_test_oidc:8088$uri;
-
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
-
- proxy_redirect off;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Host $server_name;
- }
- }
}
+ # server {
+
+# listen 5005;
+
+# proxy_http_version 1.1;
+# proxy_set_header Host $http_host;
+# proxy_set_header Upgrade $http_upgrade;
+# proxy_set_header Connection "upgrade";
+# proxy_set_header X-Real-IP $remote_addr;
+# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+# proxy_set_header X-Forwarded-Proto $scheme;
+# proxy_redirect off;
+
+# location /static/ {
+# try_files $uri $uri/ @api_proxy;
+# }
+
+# location @api_proxy {
+# proxy_pass http://tmss_test:8000$uri;
+# proxy_intercept_errors on;
+# recursive_error_pages on;
+# }
+
+# location /api/ {
+# proxy_pass http://tmss_test:8000;
+# }
+
+
+# location @dashboard_proxy {
+# proxy_pass http://tmss_test:8000$uri;
+# }
+
+# location /dashboard/ {
+# proxy_pass http://tmss_test:8000;
+# }
+
+# location /oidc/ {
+# proxy_pass http://tmss_test:8000;
+# }
+
+# location /openid/ {
+# proxy_pass http://tmss_test_oidc:8088;
+# }
+
+# }
+}
+
--
GitLab