Merge pull request #214 from italia/dev

fix: cie logo fix: djagger examples Fix docker compose for WSL2 compliancy
italia · Mar 31, 2022 · 5a86e03 · 5a86e03
2 parents ef43f33 + e47e37d
commit 5a86e03
Show file tree

Hide file tree

Showing 39 changed files with 662 additions and 9,978 deletions.
diff --git a/.gitignore b/.gitignore
@@ -131,6 +131,7 @@ dmypy.json
 .pyre/
 !*/logs/README.md
 */logs/*
+
 examples/federation_authority/logs/
 examples/provider/logs/
 examples/relying_party/logs/
@@ -139,3 +140,5 @@ examples/federation_authority/federation_authority/settingslocal.py
 examples/relying_party/relying_party/settingslocal.py
 examples/provider/provider/settingslocal.py
 
+examples-docker/
+docker-compose-externalrp.yml
diff --git a/README.md b/README.md
@@ -38,7 +38,7 @@ each of these can be installed separately within a django project. These are the
 
 ------------------------------------------------
 
-![RP Auth demo](docs/images/rp_auth_demo_3.gif)
+![RP Auth demo](docs/images/rp_auth_demo_4.gif)
 _An onboarded Relying Party with a succesfull authentication._
 
 ## Setup
@@ -76,69 +76,18 @@ sudo pip install docker-compose
 
 Please do your customizations in each _settingslocal.py_ files and/or in the example dumps json file.
 
-Create volumes
-````
-sudo docker volume create --name=trust_anchor_project
-
-sudo docker volume create --name=provider_project
-
-sudo docker volume create --name=relying_party_project
-````
-
-Where the data are
-`sudo docker volume ls`
-
-
-Copy files in destination volumes
-````
-export TARGET_PATH_AT=$(docker volume inspect trust_anchor_project | jq .[0].Mountpoint | sed 's/"//g')
-export TARGET_PATH_OP=$(docker volume inspect provider_project | jq .[0].Mountpoint | sed 's/"//g')
-export TARGET_PATH_RP=$(docker volume inspect relying_party_project | jq .[0].Mountpoint | sed 's/"//g')
-
-sudo cp -R examples/federation_authority/* $TARGET_PATH_AT
-
-sudo cp -R examples/provider/* $TARGET_PATH_OP
-
-sudo cp -R examples/relying_party/* $TARGET_PATH_RP
-````
-
 Change hostnames from 127.0.0.1 to which one configured in the compose file, in the settingslocal.py files and in the dumps/example.json files.
-
-Configure the rewrite rules:
-
-````
-export SUB_AT='s\http://127.0.0.1:8000/\http://trust-anchor.org:8000/\g'
-export SUB_OP='s\http://127.0.0.1:8002/\http://cie-provider.org:8002/\g'
-export SUB_RP='s\http://127.0.0.1:8001/\http://relying-party.org:8001/\g'
-````
-
 In our example we rename:
 
 - http://127.0.0.1:8000 to http://trust-anchor.org:8000/
-````
-sudo sed -e $SUB_AT -e $SUB_RP -e $SUB_OP examples/federation_authority/dumps/example.json > $TARGET_PATH_AT/dumps/example.json
-sudo sed -e $SUB_AT -e $SUB_RP -e $SUB_OP examples/federation_authority/federation_authority/settingslocal.py.example > $TARGET_PATH_AT/federation_authority/settingslocal.py
-````
-
 - http://127.0.0.1:8001 to http://relying-party.org:8001/
-```
-sudo sed -e $SUB_AT -e $SUB_RP -e $SUB_OP examples/relying_party/dumps/example.json > $TARGET_PATH_RP/dumps/example.json
-sudo sed -e $SUB_AT -e $SUB_RP -e $SUB_OP examples/relying_party/relying_party/settingslocal.py.example > $TARGET_PATH_RP/relying_party/settingslocal.py
-```
-
 - http://127.0.0.1:8002 to http://cie-provider.org:8002/
-```
-sudo sed -e $SUB_AT -e $SUB_RP -e $SUB_OP examples/provider/dumps/example.json > $TARGET_PATH_OP/dumps/example.json
-sudo sed -e $SUB_AT -e $SUB_RP -e $SUB_OP examples/provider/provider/settingslocal.py.example > $TARGET_PATH_OP/provider/settingslocal.py
-```
 
+We can do that with the following steps:
+
+- Execute `bash docker-prepare.sh`
+- Customize the example data and settings contained in `examples-docker/` if needed (not by default for a demo)
 
-Feel free to customize the example data and settings. then check if everything is ok, for example:
-````
-sudo ls $TARGET_PATH_AT
-sudo ls $TARGET_PATH_RP
-sudo ls $TARGET_PATH_OP
-````
 
 Run the stack
 ````
@@ -150,7 +99,7 @@ Configure a proper DNS resolution for trust-anchor.org. In GNU/Linux we can conf
 127.0.0.1   localhost  trust-anchor.org relying-party.org cie-provider.org
 ````
 
-Point your web browser to `http://trust-anchor.org:8000/oidc/rp/landing` and do your first oidc authentication.
+Point your web browser to `http://relying-party.org:8001/oidc/rp/landing` and do your first oidc authentication.
 
 
 ## Usage

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -8,7 +8,7 @@ services:
     ports:
       - "8000:8000"
     volumes:
-      - trust_anchor_project:/django-project
+      - ./examples-docker/federation_authority:/django-project
     networks:
       - oidcfed
     command: |
@@ -26,7 +26,7 @@ services:
     ports:
       - "8002:8002"
     volumes:
-      - provider_project:/django-project
+      - ./examples-docker/provider:/django-project
     networks:
       - oidcfed
     depends_on:
@@ -46,7 +46,7 @@ services:
     ports:
       - "8001:8001"
     volumes:
-      - relying_party_project:/django-project
+      - ./examples-docker/relying_party:/django-project
     networks:
       - oidcfed
     depends_on:
@@ -57,13 +57,5 @@ services:
         python3 manage.py loaddata dumps/example.json &&
         python3 manage.py runserver 0.0.0.0:8001"
 
-volumes:
-  trust_anchor_project:
-    external: true
-  provider_project:
-    external: true
-  relying_party_project:
-    external: true
-
 networks:
   oidcfed:
diff --git a/docker-prepare.sh b/docker-prepare.sh
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+# Copy your configuration to a separate folder
+export EXPFOLDER="examples-docker"
+cp -R examples $EXPFOLDER
+
+# remove dev db
+rm $EXPFOLDER/relying_party/db.sqlite3 
+rm $EXPFOLDER/provider/db.sqlite3 
+rm $EXPFOLDER/federation_authority/db.sqlite3 
+
+# Configure the rewrite rules:
+export SUB_AT='s\http://127.0.0.1:8000/\http://trust-anchor.org:8000/\g'
+export SUB_RP='s\http://127.0.0.1:8001/\http://relying-party.org:8001/\g'
+export SUB_OP='s\http://127.0.0.1:8002/\http://cie-provider.org:8002/\g'
+
+# Apply the rewrite rules:
+
+sed -e $SUB_AT -e $SUB_RP -e $SUB_OP examples/federation_authority/dumps/example.json > $EXPFOLDER/federation_authority/dumps/example.json
+sed -e $SUB_AT -e $SUB_RP -e $SUB_OP examples/federation_authority/federation_authority/settingslocal.py.example > $EXPFOLDER/federation_authority/federation_authority/settingslocal.py
+
+sed -e $SUB_AT -e $SUB_RP -e $SUB_OP examples/relying_party/dumps/example.json > $EXPFOLDER/relying_party/dumps/example.json
+sed -e $SUB_AT -e $SUB_RP -e $SUB_OP examples/relying_party/relying_party/settingslocal.py.example > $EXPFOLDER/relying_party/relying_party/settingslocal.py
+
+sed -e $SUB_AT -e $SUB_RP -e $SUB_OP examples/provider/dumps/example.json > $EXPFOLDER/provider/dumps/example.json
+sed -e $SUB_AT -e $SUB_RP -e $SUB_OP examples/provider/provider/settingslocal.py.example > $EXPFOLDER/provider/provider/settingslocal.py
+
diff --git a/docs/images/rp_auth_demo_4.gif b/docs/images/rp_auth_demo_4.gif
diff --git a/docs/technical_specifications/AUTHORITY.md b/docs/technical_specifications/AUTHORITY.md
@@ -82,7 +82,7 @@ A response example:
 
 An entity MAY use the resolve endpoint to fetch resolved metadata and trust marks for an entity as seen/trusted by the resolver. 
 
-- `http://127.0.0.1:8000/resolve/?sub=http://127.0.0.1:8000/oidc/rp/&anchor=http://127.0.0.1:8000/&type=openid_relying_party&format=json`
+- `http://127.0.0.1:8000/resolve/?sub=http://127.0.0.1:8000/oidc/rp/&anchor=http://127.0.0.1:8000/&format=json`
 - `http://127.0.0.1:8000/resolve/?sub=http://127.0.0.1:8000/oidc/op/&anchor=http://127.0.0.1:8000/`