From a30001ff2a2e90bfd2b31152f0c513deeb1e2cc1 Mon Sep 17 00:00:00 2001 From: Darrel O'Pry Date: Sat, 11 Nov 2023 13:55:08 -0500 Subject: [PATCH] Fix/test app rp openid configuration (#1362) * fix: cors on .well-know redirect in test app (cherry picked from commit a592988d1c61635c7ef6b568b0f1c51a3912a06f) * fix: mismatched issuer origin for idp --- tests/app/README.md | 5 +++-- tests/app/idp/README.md | 15 +-------------- tests/app/idp/fixtures/seed.json | 7 ++++--- tests/app/idp/idp/apps.py | 7 ++++++- tests/app/rp/src/routes/+page.svelte | 2 +- 5 files changed, 15 insertions(+), 21 deletions(-) diff --git a/tests/app/README.md b/tests/app/README.md index 904af273c..a2632b262 100644 --- a/tests/app/README.md +++ b/tests/app/README.md @@ -1,7 +1,8 @@ # Test Apps These apps are for local end to end testing of DOT features. They were implemented to save maintainers the trouble of setting up -local test environments. +local test environments. You should be able to start both and instance of the IDP and RP using the directions below, then test the +functionality of the IDP using the RP. ## /tests/app/idp @@ -29,7 +30,7 @@ password: password You can update data in the IDP and then dump the data to a new seed file as follows. ``` - python -Xutf8 ./manage.py dumpdata -e sessions -e admin.logentry -e auth.permission -e contenttypes.contenttype --natural-foreign --natural-primary --indent 2 > fixtures/seed.json +python -Xutf8 ./manage.py dumpdata -e sessions -e admin.logentry -e auth.permission -e contenttypes.contenttype -e oauth2_provider.accesstoken -e oauth2_provider.refreshtoken -e oauth2_provider.idtoken --natural-foreign --natural-primary --indent 2 > fixtures/seed.json ``` ## /test/app/rp diff --git a/tests/app/idp/README.md b/tests/app/idp/README.md index 699b821d2..54245073d 100644 --- a/tests/app/idp/README.md +++ b/tests/app/idp/README.md @@ -1,16 +1,3 @@ # TEST IDP -This is an example IDP implementation for end to end testing. - -username: superuser -password: password - -## Development Tasks - -* update fixtures - - ``` - python -Xutf8 ./manage.py dumpdata -e sessions -e admin.logentry -e auth.permission -e contenttypes.contenttype -e oauth2_provider.grant -e oauth2_provider.accesstoken -e oauth2_provider.refreshtoken -e oauth2_provider.idtoken --natural-foreign --natural-primary --indent 2 > fixtures/seed.json - ``` - - *check seeds as you produce them to makre sure any unrequired models are excluded to keep our seeds as small as possible.* +see ../README.md diff --git a/tests/app/idp/fixtures/seed.json b/tests/app/idp/fixtures/seed.json index 270c62625..b77d1f4e2 100644 --- a/tests/app/idp/fixtures/seed.json +++ b/tests/app/idp/fixtures/seed.json @@ -3,7 +3,7 @@ "model": "auth.user", "fields": { "password": "pbkdf2_sha256$390000$29LoVHfFRlvEOJ9clv73Wx$fx5ejfUJ+nYsnBXFf21jZvDsq4o3p5io3TrAGKAVTq4=", - "last_login": "2023-10-05T14:39:15.980Z", + "last_login": "2023-11-11T17:24:19.359Z", "is_superuser": true, "username": "superuser", "first_name": "", @@ -30,8 +30,9 @@ "name": "OIDC - Authorization Code", "skip_authorization": true, "created": "2023-05-01T20:27:46.167Z", - "updated": "2023-05-11T16:37:21.669Z", - "algorithm": "RS256" + "updated": "2023-11-11T17:23:44.643Z", + "algorithm": "RS256", + "allowed_origins": "http://localhost:5173\r\nhttp://127.0.0.1:5173" } } ] diff --git a/tests/app/idp/idp/apps.py b/tests/app/idp/idp/apps.py index a9d8e3071..f40a9f644 100644 --- a/tests/app/idp/idp/apps.py +++ b/tests/app/idp/idp/apps.py @@ -3,7 +3,12 @@ def cors_allow_origin(sender, request, **kwargs): - return request.path == "/o/userinfo/" or request.path == "/o/userinfo" + return ( + request.path == "/o/userinfo/" + or request.path == "/o/userinfo" + or request.path == "/o/.well-known/openid-configuration" + or request.path == "/o/.well-known/openid-configuration/" + ) class IDPAppConfig(AppConfig): diff --git a/tests/app/rp/src/routes/+page.svelte b/tests/app/rp/src/routes/+page.svelte index 1aeb32372..5853d61f1 100644 --- a/tests/app/rp/src/routes/+page.svelte +++ b/tests/app/rp/src/routes/+page.svelte @@ -20,7 +20,7 @@ const metadata = {}; {#if browser}