Use TLS in faekportal and fakeproxy

MarcialRosales · MarcialRosales · commit 00d34eadadc3 · 2024-11-14T16:58:44.000+01:00
when getting access token from uaa over tls
diff --git a/selenium/bin/components/fakeportal b/selenium/bin/components/fakeportal
@@ -1,3 +1,10 @@
+#!/usr/bin/env bash
+
+SCRIPT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+
+if [[ ! -z "${DEBUG}" ]]; then
+  set -x
+fi
 
 ensure_fakeportal() {
   if docker ps | grep fakeportal &> /dev/null; then
@@ -9,7 +16,7 @@ ensure_fakeportal() {
 
 init_fakeportal() {
   FAKEPORTAL_URL=${FAKEPORTAL_URL:-http://fakeportal:3000}
-  FAKEPORTAL_DIR=${SCRIPT}/../fakeportal
+  FAKEPORTAL_DIR=${SCRIPT}/../../fakeportal
   CLIENT_ID="${CLIENT_ID:-rabbit_idp_user}"
   CLIENT_SECRET="${CLIENT_SECRET:-rabbit_idp_user}"
   RABBITMQ_HOST=${RABBITMQ_HOST:-proxy:9090}
@@ -44,6 +51,8 @@ start_fakeportal() {
     --env UAA_URL="${UAA_URL_FOR_FAKEPORTAL}" \
     --env CLIENT_ID="${CLIENT_ID}" \
     --env CLIENT_SECRET="${CLIENT_SECRET}" \
+    --env NODE_EXTRA_CA_CERTS=/etc/uaa/ca_uaa_certificate.pem \
+    -v ${OAUTH_SERVER_CONFIG_DIR}:/etc/uaa \
     -v ${FAKEPORTAL_DIR}:/code/fakeportal \
     mocha-test:${mocha_test_tag} run fakeportal
 
diff --git a/selenium/bin/components/fakeproxy b/selenium/bin/components/fakeproxy
@@ -43,6 +43,8 @@ start_fakeproxy() {
     --env UAA_URL="${UAA_URL_FOR_FAKEPROXY}" \
     --env CLIENT_ID="${CLIENT_ID}" \
     --env CLIENT_SECRET="${CLIENT_SECRET}" \
+    --env NODE_EXTRA_CA_CERTS=/etc/uaa/ca_uaa_certificate.pem \
+    -v ${OAUTH_SERVER_CONFIG_DIR}:/etc/uaa \    
     -v ${FAKEPROXY_DIR}:/code/fakeportal \
     mocha-test:${mocha_test_tag} run fakeproxy
 
diff --git a/selenium/bin/suite_template b/selenium/bin/suite_template
@@ -437,37 +437,37 @@ generate-truststore-if-required() {
 generate-server-keystore-if-required() {
   NAME=$1
   FOLDER=$2
-  if [[ ! -f "${FOLDER}/server_${NAME}.jks " ]]; then
-	keytool -importkeystore \
-			-destkeystore ${FOLDER}/server_${NAME}.jks \
-			-srckeystore ${FOLDER}/server_${NAME}.p12 \
-			-deststoretype pkcs12 \
-			-srcstoretype pkcs12 \
-      -alias 1 \
-			-destalias server-${NAME}-tls \
-			-deststorepass foobar \
-			-destkeypass foobar \
-			-srcstorepass "" \
-			-srckeypass "" \
-			-noprompt
+  if [ ! -f "${FOLDER}/server_${NAME}.jks" ]; then
+    keytool -importkeystore \
+        -destkeystore ${FOLDER}/server_${NAME}.jks \
+        -srckeystore ${FOLDER}/server_${NAME}.p12 \
+        -deststoretype pkcs12 \
+        -srcstoretype pkcs12 \
+        -alias 1 \
+        -destalias server-${NAME}-tls \
+        -deststorepass foobar \
+        -destkeypass foobar \
+        -srcstorepass "" \
+        -srckeypass "" \
+        -noprompt
   fi
 }
 generate-client-keystore-if-required() {
   NAME=$1
   FOLDER=$2
-  if [[ ! -f "${FOLDER}/client_${NAME}.jks " ]]; then
-	keytool -importkeystore \
-			-destkeystore ${FOLDER}/client_${NAME}.jks \
-			-srckeystore ${FOLDER}/client_${NAME}.p12 \
-			-deststoretype pkcs12 \
-			-srcstoretype pkcs12 \
-      -alias 1 \
-			-destalias client-${NAME}-tls \
-			-deststorepass foobar \
-			-destkeypass foobar \
-			-srcstorepass "" \
-			-srckeypass "" \
-			-noprompt
+  if [ ! -f "${FOLDER}/client_${NAME}.jks" ]; then
+    keytool -importkeystore \
+        -destkeystore ${FOLDER}/client_${NAME}.jks \
+        -srckeystore ${FOLDER}/client_${NAME}.p12 \
+        -deststoretype pkcs12 \
+        -srcstoretype pkcs12 \
+        -alias 1 \
+        -destalias client-${NAME}-tls \
+        -deststorepass foobar \
+        -destkeypass foobar \
+        -srcstorepass "" \
+        -srckeypass "" \
+        -noprompt
   fi
 }
 
diff --git a/selenium/fakeportal/app.js b/selenium/fakeportal/app.js
@@ -56,8 +56,9 @@ function access_token(id, secret) {
   if (req.status == 200) {
     const token = JSON.parse(req.responseText).access_token;
     console.log("Token => " + token)
-    return token;
+    return token
   } else {
-    throw new Error(req.status + " : " + req.responseText);
+    throw new Error(req.status + " : " + " : " + 
+      req.response + " : " + req.responseText)
   }
 }
diff --git a/selenium/test/oauth/env.docker.fakeportal b/selenium/test/oauth/env.docker.fakeportal
@@ -1,3 +1,3 @@
 export FAKEPORTAL_URL=http://fakeportal:3000
 export RABBITMQ_HOST_FOR_FAKEPORTAL=${RABBITMQ_HOST}
-export UAA_URL_FOR_FAKEPORTAL=http://uaa:8080
+export UAA_URL_FOR_FAKEPORTAL=https://uaa:8443
diff --git a/selenium/test/oauth/env.local.fakeportal b/selenium/test/oauth/env.local.fakeportal
@@ -1,3 +1,3 @@
 export FAKEPORTAL_URL=http://localhost:3000
 export RABBITMQ_HOST_FOR_FAKEPORTAL=localhost:15672
-export UAA_URL_FOR_FAKEPORTAL=http://host.docker.internal:8080
+export UAA_URL_FOR_FAKEPORTAL=https://uaa:8443

Original file line number	Diff line number	Diff line change
`@@ -56,8 +56,9 @@ function access_token(id, secret) {`
`56`	`56`	`if (req.status == 200) {`
`57`	`57`	`const token = JSON.parse(req.responseText).access_token;`
`58`	`58`	`console.log("Token => " + token)`
`59`		`- return token;`
	`59`	`+ return token`
`60`	`60`	`} else {`
`61`		`- throw new Error(req.status + " : " + req.responseText);`
	`61`	`+ throw new Error(req.status + " : " + " : " +`
	`62`	`+ req.response + " : " + req.responseText)`
`62`	`63`	`}`
`63`	`64`	`}`