Cadoles/hydra-sql
22
0
Fork 0
Code Issues 5 Pull Requests 2 Projects Releases Wiki Activity

implémentaiton hydra-dispatcher
Some checks failed
Cadoles/hydra-sql/pipeline/head There was a failure building this commit
Details

Browse Source
This commit is contained in:
Rudy Masson
2025-09-22 15:16:05 +02:00
parent 6667f44aac
commit 3c3dba768e
5 changed files with 84 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.env
View File

@@ -25,7 +25,7 @@ DB_USER="lasql"
DB_PASSWORD="lasql"
ISSUER_URL="http://localhost:8000"
BASE_URL='http://localhost:8080'
BASE_URL='http://localhost:8083'
# connexion hydra
HYDRA_ADMIN_BASE_URL='http://hydra:4445'
APP_LOCALES="fr,en"
@@ -43,7 +43,7 @@ ALTCHA_DEBUG=false
ALTCHA_WORKERS=8
ALTCHA_DELAY=100
ALTCHA_MOCK_ERROR=false
ALTCHA_ENABLED=true
ALTCHA_ENABLED=false
ENABLED_2FA=true
URL_2FA=http://localhost:8070/2fa
URL_2FA=http://localhost:8084/2fa

60
compose.yml
View File

@@ -1,4 +1,26 @@
services:
hydra-dispatcher:
image: reg.cadoles.com/cadoles/hydra-dispatcher-standalone:2025.9.2-develop.1152.3cd1c49
ports:
- 8082:80
environment:
- APP_ENV=prod
- APP_DEBUG=false
- PHP_FPM_MEMORY_LIMIT=256m
- CADDY_HTTP_PORT=80
- HYDRA_ADMIN_BASE_URL=http://hydra:4445
- HYDRA_BASE_URL=http://hydra:4444
- HYDRA_REWRITE_ISSUER=yes
- HYDRA_ORIGINAL_ISSUER=http://localhost:8081
- HYDRA_NEW_ISSUER=http://localhost:8082
- DEFAULT_LOCALE=fr
- DISABLE_APP_AUTO_SELECT=false
- APP_LOCALES=fr,en
- HYDRA_ADMIN_AUTHORIZED_HOSTS=10.0.0.0/8,172.16.0.0/12,172.19.0.0/12,192.168.0.0/16
- REDIS_DSN=redis://redis:6379
- TRUSTED_PROXIES=REMOTE_ADDR
volumes:
- ./misc/compose/dispatcher/:/app/config/hydra/
hydra-sql:
build:
context: .
@@ -12,7 +34,7 @@ services:
- http_proxy=${http_proxy}
- https_proxy=${https_proxy}
ports:
- 8082:8071
- 8083:8071
tmpfs:
- /var/www/var/logs:uid=${FIXUID:-1000},gid=${FIXGID:-1000}
- /var/www/var/cache:uid=${FIXUID:-1000},gid=${FIXGID:-1000}
@@ -22,6 +44,7 @@ services:
- hydra
depends_on:
- redis
- hydra-dispatcher
extra_hosts:
- "localhost:127.0.0.1"
- "localhost:host-gateway"
@@ -48,10 +71,10 @@ services:
- APP_ENV=dev
- PHP_FPM_MEMORY_LIMIT=128m
- APP_LOCALES=fr,en
- HYDRA_ADMIN_BASE_URL=http://hydra:4445
- HYDRA_ADMIN_BASE_URL=http://hydra-dispatcher
- TRUSTED_PROXIES=127.0.0.1,REMOTE_ADDR,localhost
- ISSUER_URL=http://localhost:8000
- BASE_URL=http://localhost:8082
- BASE_URL=http://localhost:8083
- DB_USER=lasql
- DB_PASSWORD=lasql
- DEFAULT_LOCALE=fr
@@ -59,6 +82,8 @@ services:
- HASH_ALGO_LEGACY="sha256"
- SECURITY_PATTERN=password,salt,pepper
- CADDY_HTTP_PORT=8071
- ENABLED_2FA=true
- URL_2FA=http://localhost:8084/2fa
oidc-test:
image: bornholm/oidc-test:v0.0.0-1-g936a77e
environment:
@@ -84,8 +109,8 @@ services:
- HYDRA_ALLOW_INSECURE=yes
- HYDRA_URLS_SELF_ISSUER=http://localhost:8081/
- HYDRA_URLS_LOGOUT=http://localhost:8082/logout
- HYDRA_URLS_LOGIN=http://localhost:8082/
- HYDRA_URLS_CONSENT=http://localhost:8082/connect/consent
- HYDRA_URLS_LOGIN=http://localhost:8082/login
- HYDRA_URLS_CONSENT=http://localhost:8082/consent
- HYDRA_URLS_ERROR=http://localhost:8082/error
- HYDRA_LEVEL=debug
- HYDRA_DSN=postgres://lasql:lasql@postgres:5432/hydra
@@ -103,7 +128,7 @@ services:
"wget",
"--spider",
"-q",
"http://127.0.0.1:4444/.well-known/openid-configuration",
"http://localhost:4444/.well-known/openid-configuration",
]
interval: 10s
timeout: 10s
@@ -166,20 +191,21 @@ services:
environment:
- APP_ENV=dev
- APP_DEBUG=1 # Pour mode debug en dev
- CADDY_GLOBAL_OPTIONS=debug # Activer le mode debug
ports:
- "8070:80" # Mappe le port 80 du conteneur sur 8081 de l'hôte
- "8084:80" # Mappe le port 80 du conteneur sur 8081 de l'hôte
depends_on:
- postgres # Si tu utilises la DB partagée
pgweb:
container_name: pgweb
restart: always
image: sosedoff/pgweb
ports:
- "8095:8081"
environment:
- PGWEB_DATABASE_URL=postgres://lasql:lasql@postgres:5432/lasql?sslmode=disable
depends_on:
- postgres
# pgweb:
# container_name: pgweb
# restart: always
# image: sosedoff/pgweb
# ports:
# - "8085:8081"
# environment:
# - PGWEB_DATABASE_URL=postgres://lasql:lasql@postgres:5432/lasql?sslmode=disable
# depends_on:
# - postgres
volumes:
postgres:
mariadb:

33
misc/compose/dispatcher/example.yml Normal file
View File

@@ -0,0 +1,33 @@
hydra:
apps:
- id: hydra-sql
title:
fr: Hydra Sql
en: Hydra Sql En
description:
fr: Authentification via adresse courriel
en: Authentication by email address
icon_url: http://placehold.jp/84x123.png
login_url: http://localhost:8083/login
consent_url: http://localhost:8083/consent
options:
text_libre:
fr: "Connexion avec mot de passe"
en: "Login with password"
logout_url: http://localhost:8083/logout
attributes_rewrite_configuration:
mail:
replace: email
rules:
- "property_exists(consent.session.id_token, 'email') ? consent.session.id_token.email : null"
webhook:
enabled: false
api_url: http://hydra-dispatcher/test
api_key: ~
api_method: POST
webhook_post_login:
enabled: false
api_url: http://hydra-dispatcher/test
api_key: ~
api_method: POST
connected_user_redirect_url: '/'

2
src/Controller/MainController.php
View File

@@ -75,7 +75,7 @@ class MainController extends AbstractController
}
#[Route('/connect/consent', name: 'app_consent')]
public function consent(Request $request): RedirectResponse
public function consent(Request $request): Response
{
return $this->hydra->handleConsentRequest($request);
}

2
src/Security/SQLLoginUserAuthenticator.php
View File

@@ -32,7 +32,7 @@ class SQLLoginUserAuthenticator extends AbstractLoginFormAuthenticator
private readonly SQLLoginService $sqlLoginService,
private readonly PasswordEncoder $passwordHasher,
private readonly SQLLoginRequest $sqlLoginRequest
){
) {
}
/**