Migrate Gamma to semi-standard OIDC

.github/workflows/docker.yml

@@ -0,0 +1,65 @@
+name: Docker
+
+on:
+  push:
+    branches: [master]
+    tags:
+      - v[0-9]+.[0-9]+.[0-9]+*
+  pull_request:
+    branches: [master]
+
+jobs:
+  build:
+    name: Build ${{ matrix.type }} image
+
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - type: backend
+            context: ./go-backend
+            images: ghcr.io/${{ github.repository_owner }}/linkit-backend
+          - type: frontend
+            context: ./frontend
+            images: ghcr.io/${{ github.repository_owner }}/linkit-frontend
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ matrix.images }}
+          tags: |
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+            type=sha
+            type=edge
+            type=ref,event=pr  
+
+      - name: Build Docker image (and push on master)
+        uses: docker/build-push-action@v6
+        with:
+          push: true
+          context: ${{ matrix.context }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+    permissions:
+      contents: read
+      packages: write

docker-compose.yaml

@@ -1,27 +1,29 @@
-version: "3"
 networks:
     gamma:
     mat:
 services:
-    # backend:
-    #     build:
-    #         context: ./backend
-    #         dockerfile: dev.Dockerfile
-    #     image: linkit_backend:dev
-    #     ports:
-    #         - 4000:4000
-    #         - 4001:4001
-    #     volumes:
-    #         - ./backend:/usr/src/app
-    #     environment:
-    #         ADMINS: admin
-    #         REDIRECT_URL: "localhost:3001"
-    #     networks:
-    #         - mat
-    #         - gamma
-    #     depends_on:
-    #         - redis
-    #         - gamma-backend
+    backend:
+        build:
+            context: ./go-backend
+        image: linkit_backend:dev
+        network_mode: "service:frontend"
+        volumes:
+            - ./backend:/usr/src/app
+        environment:
+            ADMINS: admin
+            REDIRECT_URL: "localhost:3001"
+            OIDC_CLIENT_ID: "id"
+            OIDC_CLIENT_SECRET: "secret"
+            OIDC_REDIRECT: "http://localhost:3001/auth/account/callback"
+            OIDC_ISSUER: "https://auth.chalmers.it"
+            DB_USER: postgres
+            DB_PORT: 5432
+            DB_PASS: example
+            DB_NAME: bookit
+            DB_HOST: db
+            REDIS_URI: redis:6379
+        depends_on:
+            - redis
     frontend:
         build:
             context: ./frontend
@@ -31,6 +33,8 @@ services:
             - mat
         ports:
             - 3001:3000
+            - 4000:4000
+            - 4001:4001
         volumes:
             - ./frontend/src:/usr/src/app/src
             - ./frontend/public:/usr/src/app/public
@@ -57,67 +61,3 @@ services:
             - mat
         ports:
             - 6379:6379
-    gamma-frontend:
-        image: cthit/gamma-frontend:development
-        environment:
-            HTTP_PROXY: http://gamma-backend:8081
-        depends_on:
-            - gamma-backend
-        networks:
-            - gamma
-        ports:
-            - 3000:3000
-
-    gamma-backend:
-        image: cthit/gamma-backend
-        environment:
-            # Default admin user name = admin
-            # Default admin password  = password
-
-            DB_USER: user
-            DB_PASSWORD: password
-            DB_HOST: gamma-db
-            DB_PORT: 5432
-            DB_NAME: postgres
-
-            REDIS_HOST: gamma-redis
-            REDIS_PASSWORD: ""
-            REDIS_PORT: 6379
-
-            GOTIFY_KEY: "123abc"
-            GOTIFY_URL: http://gamma-gotify:8080/mail
-
-            DEFAULT_CLIENT_NAME: demo
-            DEFAULT_CLIENT_ID: id
-            DEFAULT_CLIENT_SECRET: secret
-            DEFAULT_REDIRECT_URI: http://localhost:3001/auth/account/callback
-
-            SERVER_PORT: 8081
-            SUCCESSFUL_LOGIN: http://localhost:3000
-            CORS_ALLOWED_ORIGIN: http://localhost:3000
-            BACKEND_URI: http://localhost:8081
-            PRODUCTION: "false"
-            COOKIE_DOMAIN: localhost
-            IS_MOCKING_CLIENT: "true"
-        depends_on:
-            - gamma-redis
-            - gamma-db
-        networks:
-            - gamma
-            - mat
-        ports:
-            - 8081:8081
-
-    gamma-redis:
-        image: redis:5.0
-        networks:
-            - gamma
-
-    gamma-db:
-        image: postgres:10
-        environment:
-            POSTGRES_USER: user
-            POSTGRES_DB: postgres
-            POSTGRES_PASSWORD: password
-        networks:
-            - gamma

frontend/Dockerfile

@@ -1,5 +1,5 @@
 # build environment
-FROM node:15.6.0-alpine as build
+FROM node:18-alpine as build
 WORKDIR /app
 ENV PATH /app/node_modules/.bin:$PATH
 COPY package.json ./

frontend/dev.Dockerfile

@@ -1,4 +1,4 @@
-FROM node:14
+FROM node:18
 WORKDIR /usr/src/app
 COPY package.json yarn.lock ./
 RUN yarn install --network-timeout 10000000

frontend/package.json

@@ -24,8 +24,8 @@
         "yup": "^0.28.5"
     },
     "scripts": {
-        "start": "react-scripts start",
-        "build": "react-scripts build",
+        "start": "react-scripts --openssl-legacy-provider start",
+        "build": "react-scripts --openssl-legacy-provider build",
         "test": "react-scripts test",
         "eject": "react-scripts eject",
         "lint": "eslint src"

frontend/src/common/header/linkitheader.view.js

@@ -4,7 +4,7 @@ import { useHistory } from "react-router-dom";
 import { logOut } from "../../services/data.service";
 
 const LinkITHeader = ({ isAdmin }) => {
-    useGamma();
+    useGamma("/api/user/me", "/api/auth");
     const history = useHistory();
     return (
         <DigitGammaActions
@@ -24,12 +24,12 @@ const LinkITHeader = ({ isAdmin }) => {
             frontendUrl={
                 process.env.NODE_ENV === "development"
                     ? "http://localhost:3000"
-                    : "https://gamma.chalmers.it"
+                    : "https://auth.chalmers.it"
             }
             backendUrl={
                 process.env.NODE_ENV === "development"
                     ? "http://localhost:8081/api"
-                    : "https://gamma.chalmers.it"
+                    : "https://auth.chalmers.it"
             }
         />
     );

frontend/src/index.js

@@ -4,8 +4,11 @@ import ReactDOM from "react-dom";
 import App from "./App.jsx";
 import * as serviceWorker from "./serviceWorker";
 import { DigitProviders } from "@cthit/react-digit-components";
+import axios from "axios";
 import "./index.css";
 
+axios.defaults.withCredentials = true;
+
 ReactDOM.render(
     <DigitProviders children={<App />} />,
     document.getElementById("root")

go-backend/controllers/LinkController.go

@@ -100,8 +100,8 @@ func handleGetAllLinks(c *gin.Context) {
 func RouteLinkController(r *gin.RouterGroup, _db *gorm.DB) {
 	db = _db
 	v = validator.New()
-	r.GET("/", handleGetLinks)
-	r.POST("/", handleAddLink)
+	r.GET("", handleGetLinks)
+	r.POST("", handleAddLink)
 	r.DELETE("/:id", handleDeleteLink)
 	r.GET("/all", handleGetAllLinks)
 

go-backend/controllers/UserController.go

@@ -1,69 +1,69 @@
 package controllers
 
 import (
-	"encoding/json"
 	"fmt"
-	"net/http"
 	"os"
 
 	"github.com/gin-contrib/sessions"
 	"github.com/gin-gonic/gin"
 )
 
 var isDev = os.Getenv("DEV")
+
 func genericError(err error, c *gin.Context) {
 	fmt.Println(err.Error())
 	c.String(500, "Internal server error")
 	c.Abort()
 }
 
-type userResp struct {
-	Nick      string `json:"nick" binding:"required"`
-	AvatarURL string `json:"avatarUrl" binding:"required"`
-	Cid       string `json:"cid" binding:"required"`
-	IsAdmin   bool   `json:"isAdmin" binding:"required"`
-}
-
-var meURI = os.Getenv("GAMMA_ME")
-
 func handleGetMe(c *gin.Context) {
-
 	if isDev == "true" {
 		c.JSON(200, gin.H{"isAdmin": true, "nick": "admin", "cid": "admin", "avatarUrl": "https://homepages.cae.wisc.edu/~ece533/images/airplane.png"})
 		return
 	}
 
 	session := sessions.Default(c)
 	token := session.Get("token")
-	fmt.Println(token)
-	req, _ := http.NewRequest("GET", meURI, nil)
-	req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", token))
-
-	res, err := http.DefaultClient.Do(req)
-	if err != nil {
-		genericError(err, c)
+	if token == nil {
+		c.String(401, "not authenticated")
 		return
 	}
-	if res.StatusCode == 200 {
 
-		var resp userResp
-		err = json.NewDecoder(res.Body).Decode(&resp)
-		if err != nil {
-			genericError(err, c)
-			return
-		}
-		resp.IsAdmin = session.Get("isAdmin").(bool)
-		c.JSON(200, resp)
+	cidRaw := session.Get("cid")
+	isAdminRaw := session.Get("isAdmin")
 
-	} else {
-		fmt.Println(res.StatusCode)
-		c.String(500, "incorrect token")
-		c.Abort()
+	cid := ""
+	if cidRaw != nil {
+		cid = cidRaw.(string)
 	}
 
+	isAdmin := false
+	if isAdminRaw != nil {
+		isAdmin = isAdminRaw.(bool)
+	}
+
+    nick := cid
+    if n := session.Get("nick"); n != nil {
+        if s, ok := n.(string); ok && s != "" {
+            nick = s
+        }
+    }
+
+    avatar := ""
+    if a := session.Get("avatarUrl"); a != nil {
+        if s, ok := a.(string); ok && s != "" {
+            avatar = s
+        }
+    }
+
+    c.JSON(200, gin.H{"isAdmin": isAdmin, "nick": nick, "cid": cid, "avatarUrl": avatar})
 }
 
 // RouteUserController sets up routes for User controller
 func RouteUserController(r *gin.RouterGroup) {
-	r.GET("/me", handleGetMe)
+    r.GET("/me", handleGetMe)
+}
+
+func HandleGetMe(c *gin.Context) {
+    handleGetMe(c)
 }