Skip to content

Commit 992ea8b

Browse files
ksstottksstott
committed
add ignoreHTTPSErrors: true
1 parent 0f43c29 commit 992ea8b

File tree

6 files changed

+138
-2
lines changed

6 files changed

+138
-2
lines changed

.github/workflows/playwright.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ on:
44
branches: [ main, master ]
55
pull_request:
66
branches: [ main, master ]
7+
workflow_dispatch:
78
jobs:
89
spa-test:
910
timeout-minutes: 60

MockOidcApp.AppHost/Program.cs

Lines changed: 126 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,138 @@
1+
using System.Text.Json;
2+
13
var builder = DistributedApplication.CreateBuilder(args);
24

35
var api = builder.AddProject<Projects.MockOidcApp_Api>("api")
46
.WithExternalHttpEndpoints();
57

6-
builder.AddNpmApp("vite", "../MockOidcApp.Vite", "dev")
8+
var vite = builder.AddNpmApp("vite", "../MockOidcApp.Vite", "dev")
79
.WithReference(api)
810
.WithEnvironment("BROWSER", "none")
911
.WithHttpEndpoint(env: "VITE_PORT", port: 5100)
1012
.WithExternalHttpEndpoints()
1113
.PublishAsDockerFile();
1214

15+
if (builder.ExecutionContext.IsPublishMode == false)
16+
{
17+
var clientId = Guid.NewGuid().ToString();
18+
var tenantId = Guid.NewGuid().ToString();
19+
var clientSecret = Guid.NewGuid().ToString();
20+
var certPassword = Guid.NewGuid().ToString();
21+
var certExportExe = builder.AddExecutable("cert-export-exe", "dotnet", ".", "dev-certs", "https", "-ep", "./dev-certificates/aspnetapp.pfx", "-p", certPassword, "--trust");
22+
23+
var mockEntra = builder.AddContainer("mock-entra", "ghcr.io/soluto/oidc-server-mock")
24+
.WaitForCompletion(certExportExe)
25+
.WithEnvironment("ASPNETCORE_Kestrel__Certificates__Default__Password", certPassword)
26+
.WithEnvironment("ASPNETCORE_Kestrel__Certificates__Default__Path", "/https/aspnetapp.pfx")
27+
.WithBindMount("./dev-certificates", "/https")
28+
.WithEnvironment("ASPNETCORE_URLS", "https://+:443")
29+
.WithHttpsEndpoint(targetPort: 443);
30+
31+
mockEntra
32+
.WithEnvironment("CLIENTS_CONFIGURATION_INLINE", () => System.Text.Json.JsonSerializer.Serialize(new[]
33+
{
34+
new
35+
{
36+
ClientId = clientId,
37+
// ClientSecrets = new[] { clientSecret },
38+
// Description = "Client for implicit flow",
39+
AllowedGrantTypes = new [] { "authorization_code" },
40+
RedirectUris = new [] { vite.GetEndpoint("http").Url },
41+
// PostLogoutRedirectUris = new [] { frontend.GetEndpoint("https").Url + "/signout-callback-oidc" },
42+
AllowedScopes = new [] { "openid", "profile", $"api://{clientId}/access_as_user" },
43+
AllowOfflineAccess = true,
44+
RequireClientSecret = false,
45+
AlwaysSendClientClaims = true,
46+
Claims = new [] {
47+
new { Type = "aud", Value = $"api://{clientId}" },
48+
new { Type = "ver", Value = $"1.0" },
49+
new { Type = "tid", Value = tenantId },
50+
},
51+
ClientClaimsPrefix = string.Empty,
52+
AlwaysIncludeUserClaimsInIdToken = true,
53+
}
54+
}))
55+
.WithEnvironment("USERS_CONFIGURATION_INLINE", () => System.Text.Json.JsonSerializer.Serialize(new[]
56+
{
57+
new
58+
{
59+
SubjectId = "1",
60+
Username = "admin@test.com",
61+
Password = "Password123",
62+
Claims = new []
63+
{
64+
new { Type = "name", Value = "Frank Gardner" },
65+
// new { Type = "tid", Value = Guid.NewGuid().ToString() },
66+
// new { Type = "aud", Value = $"api://{clientId}" },
67+
new { Type = "scp", Value = "access_as_user"},
68+
}
69+
}
70+
}))
71+
.WithEnvironment(
72+
"SERVER_OPTIONS_INLINE",
73+
() => JsonSerializer.Serialize(new
74+
{
75+
// Discovery = new { ShowGrantTypes = false },
76+
Cors = new
77+
{
78+
CorsPaths = new[]
79+
{
80+
// $"/{tenantId}/.well-known/openid-configuration",
81+
// $"/{tenantId}/connect/token",
82+
$"/{tenantId}/v2.0/.well-known/openid-configuration",
83+
$"/{tenantId}/v2.0/connect/token"
84+
}
85+
},
86+
// EmitStaticAudienceClaim = true,
87+
// Endpoints = new
88+
// {
89+
// EnablePushedAuthorizationEndpoint = false,
90+
// EnableCheckSessionEndpoint = false,
91+
// EnableTokenRevocationEndpoint = false,
92+
// EnableIntrospectionEndpoint = false,
93+
// EnableBackchannelAuthenticationEndpoint = false
94+
// },
95+
// UserInteraction = new { PromptValuesSupported = Array.Empty<object>() }
96+
// IssuerUri = $"{mockEntra.GetEndpoint("https").Url}/",
97+
EmitScopesAsSpaceDelimitedStringInJwt = true,
98+
}))
99+
.WithEnvironment("OVERRIDE_STANDARD_IDENTITY_RESOURCES", "true")
100+
.WithEnvironment(
101+
"IDENTITY_RESOURCES_INLINE",
102+
() => JsonSerializer.Serialize(new[]
103+
{
104+
new { Name = "openid", ClaimTypes = new[] { "sub" } },
105+
new { Name = "profile", ClaimTypes = new[] { "name" } }
106+
}))
107+
.WithEnvironment(
108+
"API_SCOPES_INLINE",
109+
() => JsonSerializer.Serialize(new[]
110+
{
111+
new
112+
{
113+
Name = $"api://{clientId}/access_as_user",
114+
UserClaims = new[]
115+
{
116+
"tid",
117+
"name",
118+
// "oid",
119+
// "email",
120+
"scp"
121+
}
122+
}
123+
}))
124+
.WithEnvironment("ASPNET_SERVICES_OPTIONS_INLINE", System.Text.Json.JsonSerializer.Serialize(new { BasePath = $"/{tenantId}/v2.0" }))
125+
// .WithEnvironment("ASPNET_SERVICES_OPTIONS_INLINE", System.Text.Json.JsonSerializer.Serialize(new { BasePath = $"/{tenantId}" }))
126+
.WithEnvironment("SERVER_CORS_ALLOWED_ORIGINS_INLINE", () => JsonSerializer.Serialize(new [] { vite.GetEndpoint("http").Url }));
127+
128+
api
129+
.WithEnvironment("AzureAd__Instance", mockEntra.GetEndpoint("https"))
130+
.WithEnvironment("AzureAd__ClientId", clientId)
131+
.WithEnvironment("AzureAd__TenantId", tenantId)
132+
// .WithEnvironment("AzureAd__SaveTokens", "true")
133+
;
134+
135+
vite.WaitFor(mockEntra);
136+
}
137+
13138
builder.Build().Run();

MockOidcApp.AppHost/dev-certificates/.gitignore

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
*
2+
!.gitignore

MockOidcApp.SpaIntegrationTests/playwright.config.ts

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,9 @@ export default defineConfig({
3030

3131
/* Collect trace when retrying the failed test. See https://playwright.dev/docs/trace-viewer */
3232
trace: 'retain-on-failure',
33+
34+
// TODO: Remove this line
35+
ignoreHTTPSErrors: true,
3336
},
3437

3538
/* Configure projects for major browsers */

MockOidcApp.SpaIntegrationTests/tests/homepage.spec.ts

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,11 @@ describe('Homepage', () => {
1414
const button = await page.getByTestId("auth-button");
1515
await button.waitFor();
1616
await button.click();
17-
throw new Error("Not implemented - How can we login with Entra credentials when the login page could change at any time?");
17+
const loginButton = page.getByRole('button', { name: 'Login' });
18+
await loginButton.waitFor();
19+
await page.getByRole('textbox', { name: 'Username' }).fill("admin@test.com");
20+
await page.getByRole('textbox', { name: 'Password' }).fill("Password123");
21+
await loginButton.click();
1822

1923
await expect(page.getByTestId("auth-button")).toHaveText("Logout");
2024
await expect(page.getByTestId("welcome-message")).toHaveText("Hello Frank Gardner");

MockOidcApp.Vite/src/authConfig.ts

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,7 @@ import { Configuration } from '@azure/msal-browser';
1313
auth: {
1414
clientId: settings.auth.clientId,
1515
authority: settings.auth.authority,
16+
knownAuthorities: [settings.auth.authority],
1617
redirectUri: window.location.origin,
1718
postLogoutRedirectUri: '/',
1819
},

0 commit comments

Comments
 (0)