Add dex integration

Author: alukach

docker-compose.yaml

@@ -47,7 +47,8 @@ services:
       context: .
     environment:
       UPSTREAM_URL: ${UPSTREAM_URL:-http://stac:8001}
-      OIDC_DISCOVERY_URL: ${OIDC_DISCOVERY_URL:-https://accounts.google.com/.well-known/openid-configuration}
+      OIDC_DISCOVERY_URL: ${OIDC_DISCOVERY_URL:-http://127.0.0.1:5556/dex/.well-known/openid-configuration}
+      OIDC_DISCOVERY_INTERNAL_URL: ${OIDC_DISCOVERY_INTERNAL_URL:-http://dex:5556/dex/.well-known/openid-configuration}
     env_file:
       - path: .env
         required: false
@@ -56,6 +57,14 @@ services:
     volumes:
       - ./src:/app/src
 
+  dex:
+    image: ghcr.io/dexidp/dex:latest
+    ports:
+      - "5556:5556"
+    volumes:
+      - ./examples/dex/config.yaml:/etc/dex/cfg/config.yaml
+    entrypoint: ["dex", "serve", "/etc/dex/cfg/config.yaml"]
+
 networks:
   default:
     name: eoapi-network

examples/dex/config.yaml

@@ -0,0 +1,28 @@
+issuer: http://localhost:5556/dex
+
+storage:
+  type: memory
+
+web:
+  http: 0.0.0.0:5556
+  allowedOrigins: ['*']
+
+oauth2:
+  skipApprovalScreen: true
+
+staticClients:
+  - id: stac
+    redirectURIs:
+      - "http://localhost:8000/docs/oauth2-redirect"
+    name: "STAC API (behind auth proxy)"
+    secret: super-super-secret
+
+enablePasswordDB: true
+
+staticPasswords:
+  - email: "[email protected]"
+    username: "admin"
+    # password: "password"
+    # bcrypt hash of the string "password": $(echo password | htpasswd -BinC 10 admin | cut -d: -f2)
+    hash: "$2a$10$2b2cU8CPhOTaGrs1HRQuAueS7JTT5ZHsHSzYiFPm1leZck7Mc8T4W"
+    userID: "08a8684b-db88-4b73-90a9-3cd1661f5466"