Cadoles/hydra-sql
22
0
Fork 0
Code Issues 5 Pull Requests 2 Projects Releases Wiki Activity

implémentaiton hydra-dispatcher
Some checks failed
Cadoles/hydra-sql/pipeline/head There was a failure building this commit
Details

Browse Source
This commit is contained in:
Rudy Masson
2025-09-22 15:16:05 +02:00
parent 6667f44aac
commit 3c3dba768e
5 changed files with 84 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.env
View File

@@ -25,7 +25,7 @@ DB_USER="lasql"
DB_PASSWORD="lasql" DB_PASSWORD="lasql"
ISSUER_URL="http://localhost:8000" ISSUER_URL="http://localhost:8000"
BASE_URL='http://localhost:8080' BASE_URL='http://localhost:8083'
# connexion hydra # connexion hydra
HYDRA_ADMIN_BASE_URL='http://hydra:4445' HYDRA_ADMIN_BASE_URL='http://hydra:4445'
APP_LOCALES="fr,en" APP_LOCALES="fr,en"
@@ -43,7 +43,7 @@ ALTCHA_DEBUG=false
ALTCHA_WORKERS=8 ALTCHA_WORKERS=8
ALTCHA_DELAY=100 ALTCHA_DELAY=100
ALTCHA_MOCK_ERROR=false ALTCHA_MOCK_ERROR=false
ALTCHA_ENABLED=true ALTCHA_ENABLED=false
ENABLED_2FA=true ENABLED_2FA=true
URL_2FA=http://localhost:8070/2fa URL_2FA=http://localhost:8084/2fa

62
compose.yml
View File

@@ -1,4 +1,26 @@
services: services:
hydra-dispatcher:
image: reg.cadoles.com/cadoles/hydra-dispatcher-standalone:2025.9.2-develop.1152.3cd1c49
ports:
- 8082:80
environment:
- APP_ENV=prod
- APP_DEBUG=false
- PHP_FPM_MEMORY_LIMIT=256m
- CADDY_HTTP_PORT=80
- HYDRA_ADMIN_BASE_URL=http://hydra:4445
- HYDRA_BASE_URL=http://hydra:4444
- HYDRA_REWRITE_ISSUER=yes
- HYDRA_ORIGINAL_ISSUER=http://localhost:8081
- HYDRA_NEW_ISSUER=http://localhost:8082
- DEFAULT_LOCALE=fr
- DISABLE_APP_AUTO_SELECT=false
- APP_LOCALES=fr,en
- HYDRA_ADMIN_AUTHORIZED_HOSTS=10.0.0.0/8,172.16.0.0/12,172.19.0.0/12,192.168.0.0/16
- REDIS_DSN=redis://redis:6379
- TRUSTED_PROXIES=REMOTE_ADDR
volumes:
- ./misc/compose/dispatcher/:/app/config/hydra/
hydra-sql: hydra-sql:
build: build:
context: . context: .
@@ -12,7 +34,7 @@ services:
- http_proxy=${http_proxy} - http_proxy=${http_proxy}
- https_proxy=${https_proxy} - https_proxy=${https_proxy}
ports: ports:
- 8082:8071 - 8083:8071
tmpfs: tmpfs:
- /var/www/var/logs:uid=${FIXUID:-1000},gid=${FIXGID:-1000} - /var/www/var/logs:uid=${FIXUID:-1000},gid=${FIXGID:-1000}
- /var/www/var/cache:uid=${FIXUID:-1000},gid=${FIXGID:-1000} - /var/www/var/cache:uid=${FIXUID:-1000},gid=${FIXGID:-1000}
@@ -22,6 +44,7 @@ services:
- hydra - hydra
depends_on: depends_on:
- redis - redis
- hydra-dispatcher
extra_hosts: extra_hosts:
- "localhost:127.0.0.1" - "localhost:127.0.0.1"
- "localhost:host-gateway" - "localhost:host-gateway"
@@ -48,10 +71,10 @@ services:
- APP_ENV=dev - APP_ENV=dev
- PHP_FPM_MEMORY_LIMIT=128m - PHP_FPM_MEMORY_LIMIT=128m
- APP_LOCALES=fr,en - APP_LOCALES=fr,en
- HYDRA_ADMIN_BASE_URL=http://hydra:4445 - HYDRA_ADMIN_BASE_URL=http://hydra-dispatcher
- TRUSTED_PROXIES=127.0.0.1,REMOTE_ADDR,localhost - TRUSTED_PROXIES=127.0.0.1,REMOTE_ADDR,localhost
- ISSUER_URL=http://localhost:8000 - ISSUER_URL=http://localhost:8000
- BASE_URL=http://localhost:8082 - BASE_URL=http://localhost:8083
- DB_USER=lasql - DB_USER=lasql
- DB_PASSWORD=lasql - DB_PASSWORD=lasql
- DEFAULT_LOCALE=fr - DEFAULT_LOCALE=fr
@@ -59,6 +82,8 @@ services:
- HASH_ALGO_LEGACY="sha256" - HASH_ALGO_LEGACY="sha256"
- SECURITY_PATTERN=password,salt,pepper - SECURITY_PATTERN=password,salt,pepper
- CADDY_HTTP_PORT=8071 - CADDY_HTTP_PORT=8071
- ENABLED_2FA=true
- URL_2FA=http://localhost:8084/2fa
oidc-test: oidc-test:
image: bornholm/oidc-test:v0.0.0-1-g936a77e image: bornholm/oidc-test:v0.0.0-1-g936a77e
environment: environment:
@@ -84,8 +109,8 @@ services:
- HYDRA_ALLOW_INSECURE=yes - HYDRA_ALLOW_INSECURE=yes
- HYDRA_URLS_SELF_ISSUER=http://localhost:8081/ - HYDRA_URLS_SELF_ISSUER=http://localhost:8081/
- HYDRA_URLS_LOGOUT=http://localhost:8082/logout - HYDRA_URLS_LOGOUT=http://localhost:8082/logout
- HYDRA_URLS_LOGIN=http://localhost:8082/ - HYDRA_URLS_LOGIN=http://localhost:8082/login
- HYDRA_URLS_CONSENT=http://localhost:8082/connect/consent - HYDRA_URLS_CONSENT=http://localhost:8082/consent
- HYDRA_URLS_ERROR=http://localhost:8082/error - HYDRA_URLS_ERROR=http://localhost:8082/error
- HYDRA_LEVEL=debug - HYDRA_LEVEL=debug
- HYDRA_DSN=postgres://lasql:lasql@postgres:5432/hydra - HYDRA_DSN=postgres://lasql:lasql@postgres:5432/hydra
@@ -103,7 +128,7 @@ services:
"wget", "wget",
"--spider", "--spider",
"-q", "-q",
"http://127.0.0.1:4444/.well-known/openid-configuration", "http://localhost:4444/.well-known/openid-configuration",
] ]
interval: 10s interval: 10s
timeout: 10s timeout: 10s
@@ -166,20 +191,21 @@ services:
environment: environment:
- APP_ENV=dev - APP_ENV=dev
- APP_DEBUG=1 # Pour mode debug en dev - APP_DEBUG=1 # Pour mode debug en dev
- CADDY_GLOBAL_OPTIONS=debug # Activer le mode debug
ports: ports:
- "8070:80" # Mappe le port 80 du conteneur sur 8081 de l'hôte - "8084:80" # Mappe le port 80 du conteneur sur 8081 de l'hôte
depends_on: depends_on:
- postgres # Si tu utilises la DB partagée - postgres # Si tu utilises la DB partagée
pgweb: # pgweb:
container_name: pgweb # container_name: pgweb
restart: always # restart: always
image: sosedoff/pgweb # image: sosedoff/pgweb
ports: # ports:
- "8095:8081" # - "8085:8081"
environment: # environment:
- PGWEB_DATABASE_URL=postgres://lasql:lasql@postgres:5432/lasql?sslmode=disable # - PGWEB_DATABASE_URL=postgres://lasql:lasql@postgres:5432/lasql?sslmode=disable
depends_on: # depends_on:
- postgres # - postgres
volumes: volumes:
postgres: postgres:
mariadb: mariadb:

33
misc/compose/dispatcher/example.yml Normal file
View File

@@ -0,0 +1,33 @@
hydra:
apps:
- id: hydra-sql
title:
fr: Hydra Sql
en: Hydra Sql En
description:
fr: Authentification via adresse courriel
en: Authentication by email address
icon_url: http://placehold.jp/84x123.png
login_url: http://localhost:8083/login
consent_url: http://localhost:8083/consent
options:
text_libre:
fr: "Connexion avec mot de passe"
en: "Login with password"
logout_url: http://localhost:8083/logout
attributes_rewrite_configuration:
mail:
replace: email
rules:
- "property_exists(consent.session.id_token, 'email') ? consent.session.id_token.email : null"
webhook:
enabled: false
api_url: http://hydra-dispatcher/test
api_key: ~
api_method: POST
webhook_post_login:
enabled: false
api_url: http://hydra-dispatcher/test
api_key: ~
api_method: POST
connected_user_redirect_url: '/'

2
src/Controller/MainController.php
View File

@@ -75,7 +75,7 @@ class MainController extends AbstractController
} }
#[Route('/connect/consent', name: 'app_consent')] #[Route('/connect/consent', name: 'app_consent')]
public function consent(Request $request): RedirectResponse public function consent(Request $request): Response
{ {
return $this->hydra->handleConsentRequest($request); return $this->hydra->handleConsentRequest($request);
} }

6
src/Security/SQLLoginUserAuthenticator.php
View File

@@ -32,7 +32,7 @@ class SQLLoginUserAuthenticator extends AbstractLoginFormAuthenticator
private readonly SQLLoginService $sqlLoginService, private readonly SQLLoginService $sqlLoginService,
private readonly PasswordEncoder $passwordHasher, private readonly PasswordEncoder $passwordHasher,
private readonly SQLLoginRequest $sqlLoginRequest private readonly SQLLoginRequest $sqlLoginRequest
){ ) {
} }
/** /**
@@ -101,10 +101,10 @@ class SQLLoginUserAuthenticator extends AbstractLoginFormAuthenticator
if ($user->getLogin() !== $userIdentifier) { if ($user->getLogin() !== $userIdentifier) {
throw new UserNotFoundException(sprintf('User "%s" not found.', $userIdentifier)); throw new UserNotFoundException(sprintf('User "%s" not found.', $userIdentifier));
} }
return $user; return $user;
}; };
$passport = new SelfValidatingPassport(new UserBadge($login, $loader)); $passport = new SelfValidatingPassport(new UserBadge($login, $loader));
$passport->setAttribute('attributes', $user->getAttributes()); $passport->setAttribute('attributes', $user->getAttributes());