CadolesKube/sso-kustom
15
0
Fork 0
Code Issues 20 Pull Requests 6 Projects Releases Wiki Activity

feat: add oidc-test app component

Browse Source
This commit is contained in:
wpetit
2023-12-07 08:59:45 +01:00
parent 4d29851350
commit caa180747e
12 changed files with 133 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
examples/authenticated-app/kustomization.yaml
View File

@ -2,20 +2,12 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../../resources/hydra
- ../../resources/hydra-dispatcher
- ./resources/app.yaml
- ../../overlays/full
- ./resources/ingress.yaml
- ./resources/oauth2-client.yaml
- ./resources/saml-idp.yaml
- ./resources/self-signed-issuer.yaml
- ./resources/port-forwarder.yaml
components:
- ../../components/hydra-cnpg-database
#- ../../components/hydra-oidc
- ../../components/hydra-saml
patchesJson6902:
- target:
version: v1
@ -36,4 +28,14 @@ patchesJson6902:
version: v1
kind: Secret
name: hydra-secret
path: patches/hydra-secret.yaml
path: patches/hydra-secret.yaml
- target:
version: v1
kind: ConfigMap
name: oidc-test
path: patches/oidc-test.yaml
- target:
version: v1alpha1
kind: OAuth2Client
name: oidc-test-oauth2-client
path: patches/oidc-test-oauth2-client.yaml

6
examples/authenticated-app/patches/oidc-test-oauth2-client.yaml Normal file
View File

@ -0,0 +1,6 @@
- op: replace
path: "/spec/redirectUris/0"
value: https://ssokustom/oauth2/callback
- op: replace
path: "/spec/postLogoutRedirectUris/0"
value: https://ssokustom

6
examples/authenticated-app/patches/oidc-test.yaml Normal file
View File

@ -0,0 +1,6 @@
- op: replace
path: "/data/OIDC_REDIRECT_URL"
value: https://ssokustom/oauth2/callback
- op: replace
path: "/data/OIDC_POST_LOGOUT_REDIRECT_URL"
value: https://ssokustom

66
examples/authenticated-app/resources/app.yaml
View File

@ -1,66 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
io.kompose.service: app
name: app
spec:
replicas: 1
selector:
matchLabels:
io.kompose.service: app
strategy:
type: Recreate
template:
metadata:
labels:
io.kompose.service: app
spec:
containers:
- image: reg.cadoles.com/cadoles/oidc-test:2023.11.6-stable.1557.e16b905
name: app
ports:
- containerPort: 8080
resources: {}
env:
- name: LOG_LEVEL
value: "0"
- name: HTTP_ADDRESS
value: 0.0.0.0:8080
- name: OIDC_CLIENT_ID
valueFrom:
secretKeyRef:
name: app-oidc-secret
key: client_id
- name: OIDC_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: app-oidc-secret
key: client_secret
- name: OIDC_ISSUER_URL
value: http://hydra:4444
- name: OIDC_REDIRECT_URL
value: https://ssokustom/oauth2/callback
- name: OIDC_POST_LOGOUT_REDIRECT_URL
value: https://ssokustom
- name: OIDC_SKIP_ISSUER_VERIFICATION
value: "true"
- name: OIDC_INSECURE_SKIP_VERIFY
value: "true"
restartPolicy: Always
---
apiVersion: v1
kind: Service
metadata:
labels:
io.kompose.service: app
name: app
spec:
ports:
- name: http
port: 8080
targetPort: 8080
selector:
io.kompose.service: app
status:
loadBalancer: {}

2
examples/authenticated-app/resources/ingress.yaml
View File

@ -20,7 +20,7 @@ spec:
pathType: Prefix
backend:
service:
name: app
name: oidc-test
port:
name: http
---

18
examples/authenticated-app/resources/oauth2-client.yaml
View File

@ -1,18 +0,0 @@
apiVersion: hydra.ory.sh/v1alpha1
kind: OAuth2Client
metadata:
name: app-oauth2-client
spec:
clientName: "app"
tokenEndpointAuthMethod: "client_secret_basic"
grantTypes:
- authorization_code
- refresh_token
responseTypes:
- code
scope: "openid email"
secretName: app-oidc-secret
redirectUris:
- https://ssokustom/oauth2/callback
postLogoutRedirectUris:
- https://ssokustom