diff --git a/app/src/main/java/eu/gaiax/difs/aas/config/CustomAuthorizationRequestResolver.java b/app/src/main/java/eu/gaiax/difs/aas/config/CustomAuthorizationRequestResolver.java
index 93189da11c06ebb9d8be90b8cf3bc3fef30074dd..da2758e5cb64460fb4c105fe8234c3741cf34224 100644
--- a/app/src/main/java/eu/gaiax/difs/aas/config/CustomAuthorizationRequestResolver.java
+++ b/app/src/main/java/eu/gaiax/difs/aas/config/CustomAuthorizationRequestResolver.java
@@ -33,7 +33,8 @@ public class CustomAuthorizationRequestResolver implements OAuth2AuthorizationRe
public OAuth2AuthorizationRequest resolve(HttpServletRequest request) {
log.debug("resolve1.enter; request: {}", request);
OAuth2AuthorizationRequest req = defaultResolver.resolve(request);
- if (req == null && request.getServletPath().endsWith("/" + registrationId) && request.getParameter("session_state") == null) {
+ //log.debug("resolve1; resolved: {}", req);
+ if (req == null && request.getServletPath().endsWith("/" + registrationId) && request.getParameter("code") == null) { //session_state
CustomHttpRequest copy = new CustomHttpRequest(request);
copy.addParameter("action", "login");
req = defaultResolver.resolve(copy, registrationId);
@@ -78,14 +79,12 @@ public class CustomAuthorizationRequestResolver implements OAuth2AuthorizationRe
@Override
public String getParameter(String name) {
- if (params.get(name) != null ) {
- return params.get(name);
- }
- return super.getParameter(name);
+ String value = params.get(name);
+ return value == null ? super.getParameter(name) : value;
}
void addParameter(String name, String value) {
- params.put( name, value );
+ params.put(name, value);
}
}
diff --git a/app/src/main/resources/application-test.yml b/app/src/main/resources/application-test.yml
new file mode 100644
index 0000000000000000000000000000000000000000..c7e2ca11e365067459427135b6a8d862ac38bc14
--- /dev/null
+++ b/app/src/main/resources/application-test.yml
@@ -0,0 +1,25 @@
+server:
+ port: 8990
+spring:
+ security:
+ oauth2:
+ client:
+ registration:
+ demo-app-oidc:
+ provider: aas-app
+ client-id: demo-app
+ client-secret: secret
+ scope:
+ - openid
+ - profile
+ provider:
+ aas-app:
+# issuer-uri: https://auth-server.gxfs.dev
+# issuer-uri: http://key-server.gxfs.dev/realms/gaia-x
+# issuer-uri: https://key-server.gxfs.dev/realms/gaia-x
+# issuer-uri: http://key-server:8080/realms/gaia-x
+ issuer-uri: http://auth-server:9000
+
+logging:
+ level:
+ org.springframework.security: TRACE
\ No newline at end of file
diff --git a/app/src/main/resources/logback-spring.xml b/app/src/main/resources/logback-spring.xml
index 63505bcb11aeae08bf79ae91b548b744c4a49b4b..f594c83fa181aa05a3dc8a1cd3ab6a7022f936d0 100644
--- a/app/src/main/resources/logback-spring.xml
+++ b/app/src/main/resources/logback-spring.xml
@@ -2,15 +2,11 @@
<configuration>
<include resource="org/springframework/boot/logging/logback/defaults.xml"/>
- <logger name="org.springframework.web" level="DEBUG"/>
- <logger name="org.springframework.web.servlet.mvc.method.annotation" level="INFO"/>
- <logger name="eu.gaiax.difs.aas" level="DEBUG"/>
-
<springProperty scope="context" name="springAppName" source="spring.application.name"/>
<appender name="console" class="ch.qos.logback.core.ConsoleAppender">
<filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>DEBUG</level>
+ <level>TRACE</level>
</filter>
<encoder>
<pattern>${FILE_LOG_PATTERN}</pattern>
@@ -32,22 +28,9 @@
</encoder>
</appender>
- <!--springProfile name="dev"-->
- <root level="INFO">
- <appender-ref ref="console"/>
- <appender-ref ref="file"/>
- </root>
- <!--/springProfile-->
-
- <!--springProfile name="docker">
- <root level="INFO">
- <appender-ref ref="console"/>
- </root>
- </springProfile>
+ <root level="INFO">
+ <appender-ref ref="console"/>
+ <appender-ref ref="file"/>
+ </root>
- <springProfile name="!dev">
- <root level="INFO">
- <appender-ref ref="file"/>
- </root>
- </springProfile-->
</configuration>
diff --git a/service/src/main/resources/application-dev.yml b/service/src/main/resources/application-dev.yml
index 97c922228bd45ae737bda9a6663201a16ee7b01d..7065ba1586f8e61558ea5b2ac1624fb52b84066e 100644
--- a/service/src/main/resources/application-dev.yml
+++ b/service/src/main/resources/application-dev.yml
@@ -7,23 +7,6 @@ server:
mbeanregistry:
enabled: true
-spring:
- application:
- name: auth-service
- messages:
- encoding: ISO-8859-1
-
-management:
- endpoints:
- web:
- exposure:
- include: "*"
-
-springdoc:
- api-docs:
- path: /api/docs
- enabled: true
-
aas:
cache:
size: 0
diff --git a/service/src/main/resources/application-test.yml b/service/src/main/resources/application-test.yml
index fdd9b9f81dc302e5aad1d350282e8096da180720..dae8698054744b7d322c1e8b3e8a9dc02d9e0bfc 100644
--- a/service/src/main/resources/application-test.yml
+++ b/service/src/main/resources/application-test.yml
@@ -1,5 +1,8 @@
server:
port: 9000
+ tomcat:
+ mbeanregistry:
+ enabled: true
management:
endpoints:
@@ -9,19 +12,83 @@ management:
aas:
cache:
+ size: 0
ttl: 1m
iam:
+ base-uri: http://key-server:8080
iat:
+ dcr-uri: ${aas.iam.base-uri}/realms/gaia-x/clients-registrations/openid-connect
+ redirect-uri: ${aas.oidc.issuer}/*
secret: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJkMDc0OWE1MS04YTJmLTRkOWQtYTk2YS1jNzhjYTQyZmNlMTUifQ.eyJleHAiOjAsImlhdCI6MTY1Mjc4NTk2MCwianRpIjoiMjRjYjI2N2ItMmUwZi00YzQ5LTg0MGItYWUyNjQyNDg1OTU4IiwiaXNzIjoiaHR0cDovL2tleS1zZXJ2ZXI6ODA4MC9yZWFsbXMvZ2FpYS14IiwiYXVkIjoiaHR0cDovL2tleS1zZXJ2ZXI6ODA4MC9yZWFsbXMvZ2FpYS14IiwidHlwIjoiSW5pdGlhbEFjY2Vzc1Rva2VuIn0.IWu2-nP4ojXMxLn9B9lz7c-YQ-LDGhI9XUKdoa0f2tA
+ clients:
+ demo:
+ id: demo-app
+ secret: "{noop}secret"
+ redirect-uris:
+ - http://test-server:8990/login/oauth2/code/demo-app-oidc
+ oidc:
+ id: aas-app-oidc
+ secret: "{noop}secret1"
+ redirect-uris:
+ - ${aas.iam.base-uri}/realms/gaia-x/broker/ssi-oidc/endpoint
+ siop:
+ id: aas-app-siop
+ secret: "{noop}secret2"
+ redirect-uris:
+ - ${aas.iam.base-uri}/realms/gaia-x/broker/ssi-siop/endpoint
+ gxfs:
+ id: gxfs-demo
+# secret: "{noop}hmi-secret2"
+ redirect-uris:
+ - https://demo.gxfs.dev
+ portal:
+ id: demo-portal
+ secret: "{noop}demo-portal"
+ redirect-uris:
+ - https://fc-demo-server.gxfs.dev
+ - https://fc-server.gxfs.dev
+ - http://78.138.66.181:8088/*
+ jwk:
+ length: 3072
+ secret: 96ec048e-c640-4cfd-bc82-6571810a9d0f
oidc:
issuer: http://auth-server:9000
-# token:
-# ttl: 1m
+ static-scopes:
+ siop:
+ clock-skew: 5s
+ issuer: https://self-issued.me/v2
+ scopes:
+ openid:
+ - sub
+ - iss
+ - auth_time
+ profile:
+ - name
+ - given_name
+ - family_name
+ - middle_name
+ - preferred_username
+ - gender
+ - birthdate
+ - updated_at
+ email:
+ - email
+ - email_verified
+ token:
+ ttl: 5m
tsa:
+ url: http://trustservice/api
+ repo: aisbl
+ group: example
+ version: 1.0
+ action: evaluation
delay: 100
duration: 1000
request:
count: 1
+ statuses:
+ GetLoginProofResult: ACCEPTED
+ GetIatProofResult: ACCEPTED
logging:
level:
@@ -29,4 +96,4 @@ logging:
tsclaims: DEBUG
org.springframework.web: DEBUG
org.springframework.security: DEBUG
- eu.gaiax.difs.aas: DEBUG
+ eu.gaiax.difs.aas: DEBUG
diff --git a/service/src/main/resources/application.yml b/service/src/main/resources/application.yml
index 64e74c725ce576575efd55158b17e2a8d33742b3..3457211527f81b30044f827775a31120949da723 100644
--- a/service/src/main/resources/application.yml
+++ b/service/src/main/resources/application.yml
@@ -3,10 +3,23 @@ server:
servlet:
session:
timeout: 10m
+
+management:
+ endpoints:
+ web:
+ exposure:
+ include: "*"
spring:
application:
name: auth-service
+ messages:
+ encoding: ISO-8859-1
+
+springdoc:
+ api-docs:
+ path: /api/docs
+ enabled: true
logging:
level: