testing auth

app/src/main/java/eu/gaiax/difs/aas/config/CustomAuthorizationRequestResolver.java

@@ -33,7 +33,8 @@ public class CustomAuthorizationRequestResolver implements OAuth2AuthorizationRe
     public OAuth2AuthorizationRequest resolve(HttpServletRequest request) {
         log.debug("resolve1.enter; request: {}", request);
         OAuth2AuthorizationRequest req = defaultResolver.resolve(request);
-        if (req == null && request.getServletPath().endsWith("/" + registrationId) && request.getParameter("session_state") == null) {
+        //log.debug("resolve1; resolved: {}", req);
+        if (req == null && request.getServletPath().endsWith("/" + registrationId) && request.getParameter("code") == null) { //session_state
             CustomHttpRequest copy = new CustomHttpRequest(request);
             copy.addParameter("action", "login");
             req = defaultResolver.resolve(copy, registrationId);
@@ -78,14 +79,12 @@ public class CustomAuthorizationRequestResolver implements OAuth2AuthorizationRe
 
         @Override
         public String getParameter(String name) {
-            if (params.get(name) != null ) {
-                return params.get(name);
-            }
-            return super.getParameter(name);
+            String value = params.get(name);
+            return value == null ? super.getParameter(name) : value;
         }
 
         void addParameter(String name, String value) {
-            params.put( name, value );
+            params.put(name, value);
         }
     }
 

app/src/main/resources/application-test.yml

+server:
+  port: 8990
+spring:
+  security:
+    oauth2:
+      client:
+        registration:
+          demo-app-oidc:
+            provider: aas-app
+            client-id: demo-app
+            client-secret: secret
+            scope: 
+              - openid
+              - profile
+        provider:
+          aas-app:
+#            issuer-uri: https://auth-server.gxfs.dev
+#            issuer-uri: http://key-server.gxfs.dev/realms/gaia-x
+#            issuer-uri: https://key-server.gxfs.dev/realms/gaia-x
+#            issuer-uri: http://key-server:8080/realms/gaia-x
+            issuer-uri: http://auth-server:9000
+
+logging:
+  level:
+    org.springframework.security: TRACE            
\ No newline at end of file

app/src/main/resources/logback-spring.xml

@@ -2,15 +2,11 @@
 <configuration>
     <include resource="org/springframework/boot/logging/logback/defaults.xml"/>
 
-    <logger name="org.springframework.web" level="DEBUG"/>
-    <logger name="org.springframework.web.servlet.mvc.method.annotation" level="INFO"/>
-    <logger name="eu.gaiax.difs.aas" level="DEBUG"/>
-
     <springProperty scope="context" name="springAppName" source="spring.application.name"/>
 
     <appender name="console" class="ch.qos.logback.core.ConsoleAppender">
         <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
-            <level>DEBUG</level>
+            <level>TRACE</level>
         </filter>
         <encoder>
             <pattern>${FILE_LOG_PATTERN}</pattern>
@@ -32,22 +28,9 @@
         </encoder>
     </appender>
 
-    <!--springProfile name="dev"-->
-        <root level="INFO">
-            <appender-ref ref="console"/>
-            <appender-ref ref="file"/>
-        </root>
-    <!--/springProfile-->
-
-    <!--springProfile name="docker">
-        <root level="INFO">
-            <appender-ref ref="console"/>
-        </root>
-    </springProfile>
+    <root level="INFO">
+        <appender-ref ref="console"/>
+        <appender-ref ref="file"/>
+    </root>
 
-    <springProfile name="!dev">
-        <root level="INFO">
-            <appender-ref ref="file"/>
-        </root>
-    </springProfile-->
 </configuration>

service/src/main/resources/application-dev.yml

@@ -7,23 +7,6 @@ server:
     mbeanregistry:
       enabled: true
 
-spring:
-  application:
-    name: auth-service
-  messages:
-    encoding: ISO-8859-1
-    
-management:
-  endpoints:
-    web:
-      exposure:
-        include: "*"
-
-springdoc:
-  api-docs:
-    path: /api/docs
-    enabled: true
-
 aas:
   cache:
     size: 0

service/src/main/resources/application-test.yml

 server:
   port: 9000
+  tomcat:
+    mbeanregistry:
+      enabled: true
 
 management:
   endpoints:
@@ -9,19 +12,83 @@ management:
 
 aas:
   cache:
+    size: 0
     ttl: 1m
   iam:
+    base-uri: http://key-server:8080
     iat:
+      dcr-uri: ${aas.iam.base-uri}/realms/gaia-x/clients-registrations/openid-connect
+      redirect-uri: ${aas.oidc.issuer}/*
       secret: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJkMDc0OWE1MS04YTJmLTRkOWQtYTk2YS1jNzhjYTQyZmNlMTUifQ.eyJleHAiOjAsImlhdCI6MTY1Mjc4NTk2MCwianRpIjoiMjRjYjI2N2ItMmUwZi00YzQ5LTg0MGItYWUyNjQyNDg1OTU4IiwiaXNzIjoiaHR0cDovL2tleS1zZXJ2ZXI6ODA4MC9yZWFsbXMvZ2FpYS14IiwiYXVkIjoiaHR0cDovL2tleS1zZXJ2ZXI6ODA4MC9yZWFsbXMvZ2FpYS14IiwidHlwIjoiSW5pdGlhbEFjY2Vzc1Rva2VuIn0.IWu2-nP4ojXMxLn9B9lz7c-YQ-LDGhI9XUKdoa0f2tA
+    clients:
+      demo:
+        id: demo-app
+        secret: "{noop}secret"
+        redirect-uris: 
+          - http://test-server:8990/login/oauth2/code/demo-app-oidc
+      oidc:
+        id: aas-app-oidc
+        secret: "{noop}secret1"
+        redirect-uris: 
+          - ${aas.iam.base-uri}/realms/gaia-x/broker/ssi-oidc/endpoint
+      siop:
+        id: aas-app-siop
+        secret: "{noop}secret2"
+        redirect-uris: 
+          - ${aas.iam.base-uri}/realms/gaia-x/broker/ssi-siop/endpoint
+      gxfs:
+        id: gxfs-demo
+#        secret: "{noop}hmi-secret2"
+        redirect-uris: 
+          - https://demo.gxfs.dev
+      portal:
+        id: demo-portal
+        secret: "{noop}demo-portal"
+        redirect-uris: 
+          - https://fc-demo-server.gxfs.dev
+          - https://fc-server.gxfs.dev
+          - http://78.138.66.181:8088/*
+  jwk:
+      length: 3072
+      secret: 96ec048e-c640-4cfd-bc82-6571810a9d0f
   oidc:
     issuer: http://auth-server:9000
-#  token:
-#    ttl: 1m
+    static-scopes:
+  siop:
+    clock-skew: 5s 
+    issuer: https://self-issued.me/v2
+  scopes:
+    openid:
+      - sub
+      - iss
+      - auth_time
+    profile:
+      - name
+      - given_name
+      - family_name
+      - middle_name
+      - preferred_username
+      - gender
+      - birthdate
+      - updated_at
+    email:
+      - email
+      - email_verified
+  token:
+    ttl: 5m
   tsa:
+    url: http://trustservice/api
+    repo: aisbl
+    group: example
+    version: 1.0
+    action: evaluation
     delay: 100
     duration: 1000
     request:
       count: 1
+    statuses:
+      GetLoginProofResult: ACCEPTED
+      GetIatProofResult: ACCEPTED
 
 logging:
   level:
@@ -29,4 +96,4 @@ logging:
     tsclaims: DEBUG
     org.springframework.web: DEBUG
     org.springframework.security: DEBUG
-    eu.gaiax.difs.aas: DEBUG
+    eu.gaiax.difs.aas: DEBUG    

service/src/main/resources/application.yml

@@ -3,10 +3,23 @@ server:
   servlet:
     session:
       timeout: 10m
+
+management:
+  endpoints:
+    web:
+      exposure:
+        include: "*"
   
 spring:
   application:
     name: auth-service
+  messages:
+    encoding: ISO-8859-1
+
+springdoc:
+  api-docs:
+    path: /api/docs
+    enabled: true
 
 logging:
   level: