diff --git a/config/caddy/Caddyfile b/config/caddy/Caddyfile index 3d4b7e99..402399b3 100644 --- a/config/caddy/Caddyfile +++ b/config/caddy/Caddyfile @@ -44,23 +44,38 @@ import rp-{$MIP_LINK:direct} {$KEYCLOAK_HOST} } - handle /services/sso/* { + ### Portal-Backend Keycloak Authentication ---------------> ### + + # Redirect the login to the new portal-backend oauth2 login url + redir /services/sso/login /{$PORTAL_BACKEND_CONTEXT:services}/{$PORTALBACKEND_AUTH_URL:/oauth2/authorization/keycloak} + + # Keycloak redirects on /services/ after login. In that case, redirect to / + redir /services/ / permanent + + handle /services/oauth2/* { uri replace /services/ /{$PORTAL_BACKEND_CONTEXT:services}/ import rp-{$MIP_LINK:direct} {$PORTAL_BACKEND_SERVER} } - handle_path /services/* { - import rp-{$MIP_LINK:direct} {$GATEWAY_SERVER} + handle /services/login/oauth2/* { + uri replace /services/ /{$PORTAL_BACKEND_CONTEXT:services}/ + import rp-{$MIP_LINK:direct} {$PORTAL_BACKEND_SERVER} } - # keycloak redirect on /services/ after login. In that case, redirect to / - redir /services/ / permanent + handle /services/logout { + uri replace /services/ /{$PORTAL_BACKEND_CONTEXT:services}/ + import rp-{$MIP_LINK:direct} {$PORTAL_BACKEND_SERVER} + } - # hotfix for whitelabel error after login - redir /services/error / temporary + ### <--------------- Portal-Backend Keycloak Authentication ### + + + handle_path /services/* { + import rp-{$MIP_LINK:direct} {$GATEWAY_SERVER} + } handle_errors { - @4xx expression `{http.error.status_code} == 401 || {http.error.status_code} == 404` + @4xx expression `{http.error.status_code} == 404` redir * / temporary } -} +} \ No newline at end of file diff --git a/federation_info.py b/federation_info.py index 9ef8232a..c59b3d3c 100644 --- a/federation_info.py +++ b/federation_info.py @@ -21,7 +21,7 @@ def cli(): LOG_FILE_CHUNK_SIZE = 1024 # Will read the logfile in chunks TIMESTAMP_REGEX = ( - r"\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}.\d{3}" # 2022-04-13 18:25:22.875 + r"\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d{3}Z" # 2022-04-13T18:25:22.875Z ) EXPERIMENT_FINISHED_PATTERN = rf"({TIMESTAMP_REGEX}) INFO .*? User -> (.*?) ,Endpoint.*?Finished the experiment: .*?uuid=(.*?), name.*?, status=(.*?), result.*?, finished=(.*?), algorithm=(.*?), algorithmId.*? created=(.*?), updated.*?" EXPERIMENT_TIMESTAMP_FORMAT = "%Y-%m-%d %H:%M:%S.%f" diff --git a/tests/backend_components/docker-compose.yml b/tests/backend_components/docker-compose.yml index 2be28819..3a313222 100644 --- a/tests/backend_components/docker-compose.yml +++ b/tests/backend_components/docker-compose.yml @@ -183,7 +183,7 @@ services: restart: unless-stopped portalbackend_db: - image: postgres:11.3-alpine + image: postgres:11.20-alpine volumes: - ./.stored_data/portalbackenddb:/var/lib/postgresql/data hostname: portalbackend_db @@ -228,7 +228,8 @@ services: ### Exareme ### EXAREME_URL: http://exareme_master:9090 ### Keycloak ### - AUTHENTICATION: 0 # Should be enabled for keycloak + AUTHENTICATION: 0 +# AUTHENTICATION: 1 # Should be enabled for keycloak KEYCLOAK_AUTH_URL: http://172.17.0.1/auth/ KEYCLOAK_REALM: MIP KEYCLOAK_CLIENT_ID: MIP diff --git a/tests/frontend_components/docker-compose.yml b/tests/frontend_components/docker-compose.yml index e4c3b192..f7f29c9d 100644 --- a/tests/frontend_components/docker-compose.yml +++ b/tests/frontend_components/docker-compose.yml @@ -18,10 +18,12 @@ services: - ENGINE_TYPE=exareme - ENGINE_BASE_URL=http://172.17.0.1:8080/services/ - AUTH_SKIP=true + - AUTH_ENABLE_SSO=false # - AUTH_ENABLE_SSO=true # Should be enabled for Keycloak - BASE_URL_CONTEXT=services - GATEWAY_PORT=8081 - CACHE_ENABLED=false + - NODE_ENV=development links: - gateway-db depends_on: @@ -52,10 +54,10 @@ services: EXTERNAL_MIP_PROTOCOL: http KEYCLOAK_HOST: http://keycloak:8095 KEYCLOAK_AUTH_PATH: /auth + PORTALBACKEND_AUTH_URL: /oauth2/authorization/keycloak MIP_LINK: direct restart: unless-stopped - # keycloak_db: # image: postgres:12.2 # volumes: