deactivate login routes in revproxy

.gitignore

@@ -115,6 +115,6 @@ helm-chart/renku-gateway/charts/**
 
 .DS_Store
 
-gateway
+revproxy
 covprofile
 

Makefile

@@ -1,19 +1,19 @@
 PKG_NAME=github.com/SwissDataScienceCenter/renku-gateway
 
-.PHONY: build clean tests
+.PHONY: build clean tests auth_tests run_revproxy
 
 auth_tests:
 	poetry run flake8 -v
 	poetry run pytest
 
 build: internal/login/spec.gen.go
 	go mod download
-	go build -o gateway $(PKG_NAME)/cmd/gateway 
+	go build -o revproxy $(PKG_NAME)/cmd/revproxy 
 
 clean:
 	go clean
 	go clean -testcache
-	rm -f gateway covprofile
+	rm -f revproxy covprofile
 
 tests:
 	go mod download
@@ -22,3 +22,5 @@ tests:
 internal/login/spec.gen.go: apispec.yaml
 	oapi-codegen -generate types,server,spec -package login $< > $@ 
 
+run_revproxy:
+	go run $(PKG_NAME)/cmd/revproxy

cmd/revproxy/main.go

@@ -11,9 +11,9 @@ import (
 	"runtime/debug"
 	"time"
 
+	// "github.com/SwissDataScienceCenter/renku-gateway/internal/login"
 	"github.com/SwissDataScienceCenter/renku-gateway/internal/config"
 	"github.com/SwissDataScienceCenter/renku-gateway/internal/db"
-	"github.com/SwissDataScienceCenter/renku-gateway/internal/login"
 	"github.com/SwissDataScienceCenter/renku-gateway/internal/models"
 	"github.com/SwissDataScienceCenter/renku-gateway/internal/revproxy"
 	"github.com/getsentry/sentry-go"
@@ -75,9 +75,9 @@ func main() {
 	})
 	// Initialize shared models like db adapter
 	dbOptions := []db.RedisAdapterOption{db.WithRedisConfig(gwConfig.Redis)}
-	if gwConfig.Login.TokenEncryption.Enabled && gwConfig.Login.TokenEncryption.SecretKey != "" {
-		dbOptions = append(dbOptions, db.WithEcryption(string(gwConfig.Login.TokenEncryption.SecretKey)))
-	}
+	// if gwConfig.Login.TokenEncryption.Enabled && gwConfig.Login.TokenEncryption.SecretKey != "" {
+	// 	dbOptions = append(dbOptions, db.WithEcryption(string(gwConfig.Login.TokenEncryption.SecretKey)))
+	// }
 	dbAdapter, err := db.NewRedisAdapter(dbOptions...)
 	if err != nil {
 		slog.Error("DB adapter initialization failed", "error", err)
@@ -88,13 +88,15 @@ func main() {
 	revproxy := revproxy.NewServer(&gwConfig.Revproxy)
 	revProxyMiddlewares := append(commonMiddlewares, sessionHandler.Middleware())
 	revproxy.RegisterHandlers(e, revProxyMiddlewares...)
+
 	// Initialize login server
-	loginServer, err := login.NewLoginServer(login.WithConfig(gwConfig.Login), login.WithTokenStore(&dbAdapter), login.WithSessionStore(&dbAdapter))
-	if err != nil {
-		slog.Error("login handlers initialization failed", "error", err)
-		os.Exit(1)
-	}
-	loginServer.RegisterHandlers(e, commonMiddlewares...)
+	// loginServer, err := login.NewLoginServer(login.WithConfig(gwConfig.Login), login.WithTokenStore(&dbAdapter), login.WithSessionStore(&dbAdapter))
+	// if err != nil {
+	// 	slog.Error("login handlers initialization failed", "error", err)
+	// 	os.Exit(1)
+	// }
+	// loginServer.RegisterHandlers(e, commonMiddlewares...)
+
 	// Rate limiting
 	if gwConfig.Server.RateLimits.Enabled {
 		e.Use(middleware.RateLimiter(

internal/config/config_handler_test.go

@@ -30,55 +30,55 @@ func TestReadConfig(t *testing.T) {
 	t.Setenv("CONFIG_LOCATION", tmpDir)
 	err := createSecretFile(path.Join(tmpDir, "secret_config.yaml"))
 	require.NoError(t, err)
-	providerID := "renku"
+	// providerID := "renku"
 	ch := NewConfigHandler()
 	config, err := ch.Config()
 	require.NoError(t, err)
 	assert.NotEqual(t, config, Config{})
-	assert.Len(t, config.Login.Providers, 1)
+	// assert.Len(t, config.Login.Providers, 1)
 	assert.Equal(t, "https://renkulab.io", config.Revproxy.RenkuBaseURL.String())
-	assert.Equal(t, RedactedString("secret-key-from-secret-file"), config.Login.TokenEncryption.SecretKey)
-	assert.Equal(t, RedactedString("client-secret-from-secret-file"), config.Login.Providers[providerID].ClientSecret)
-	assert.Equal(t, RedactedString("enc-key-from-secret-file"), config.Login.Providers[providerID].CookieEncodingKey)
-	assert.Equal(t, RedactedString("hash-key-from-secret-file"), config.Login.Providers[providerID].CookieHashKey)
-	assert.Equal(t, true, config.Login.Providers[providerID].Default)
+	// assert.Equal(t, RedactedString("secret-key-from-secret-file"), config.Login.TokenEncryption.SecretKey)
+	// assert.Equal(t, RedactedString("client-secret-from-secret-file"), config.Login.Providers[providerID].ClientSecret)
+	// assert.Equal(t, RedactedString("enc-key-from-secret-file"), config.Login.Providers[providerID].CookieEncodingKey)
+	// assert.Equal(t, RedactedString("hash-key-from-secret-file"), config.Login.Providers[providerID].CookieHashKey)
+	// assert.Equal(t, true, config.Login.Providers[providerID].Default)
 }
 
 func TestReadConfigWithEnvVars(t *testing.T) {
 	tmpDir := t.TempDir()
 	t.Setenv("CONFIG_LOCATION", tmpDir)
 	err := createSecretFile(path.Join(tmpDir, "secret_config.yaml"))
 	require.NoError(t, err)
-	providerID := "renku"
+	// providerID := "renku"
 	t.Setenv("GATEWAY_LOGIN_PROVIDERS_RENKU_CLIENTSECRET", "env-var-secret")
 	t.Setenv("GATEWAY_REVPROXY_RENKUBASEURL", "https://dev.renku.ch")
 	t.Setenv("GATEWAY_LOGIN_TOKENENCRYPTION_SECRETKEY", "token-encryption-key-12345678910")
 	ch := NewConfigHandler()
 	config, err := ch.Config()
 	require.NoError(t, err)
 	assert.NotEqual(t, config, Config{})
-	assert.Len(t, config.Login.Providers, 1)
+	// assert.Len(t, config.Login.Providers, 1)
 	assert.Equal(t, "https://dev.renku.ch", config.Revproxy.RenkuBaseURL.String())
-	assert.Equal(t, RedactedString("env-var-secret"), config.Login.Providers[providerID].ClientSecret)
-	assert.Equal(t, RedactedString("enc-key-from-secret-file"), config.Login.Providers[providerID].CookieEncodingKey)
-	assert.Equal(t, RedactedString("hash-key-from-secret-file"), config.Login.Providers[providerID].CookieHashKey)
-	assert.Equal(t, RedactedString("token-encryption-key-12345678910"), config.Login.TokenEncryption.SecretKey)
-	assert.Equal(t, true, config.Login.Providers[providerID].Default)
+	// assert.Equal(t, RedactedString("env-var-secret"), config.Login.Providers[providerID].ClientSecret)
+	// assert.Equal(t, RedactedString("enc-key-from-secret-file"), config.Login.Providers[providerID].CookieEncodingKey)
+	// assert.Equal(t, RedactedString("hash-key-from-secret-file"), config.Login.Providers[providerID].CookieHashKey)
+	// assert.Equal(t, RedactedString("token-encryption-key-12345678910"), config.Login.TokenEncryption.SecretKey)
+	// assert.Equal(t, true, config.Login.Providers[providerID].Default)
 }
 
 func TestReadConfigWithEnvVarsNoSecretFile(t *testing.T) {
 	t.Setenv("GATEWAY_LOGIN_PROVIDERS_RENKU_CLIENTSECRET", "env-var-secret")
 	t.Setenv("GATEWAY_LOGIN_TOKENENCRYPTION_SECRETKEY", "token-encryption-key-12345678910")
-	providerID := "renku"
+	// providerID := "renku"
 	ch := NewConfigHandler()
 	config, err := ch.Config()
 	require.NoError(t, err)
 	slog.Info("configuration data", "config", config)
 	assert.NotEqual(t, config, Config{})
-	assert.Len(t, config.Login.Providers, 1)
+	// assert.Len(t, config.Login.Providers, 1)
 	assert.Equal(t, "https://renkulab.io", config.Revproxy.RenkuBaseURL.String())
-	assert.Equal(t, RedactedString("env-var-secret"), config.Login.Providers[providerID].ClientSecret)
-	assert.Equal(t, RedactedString("token-encryption-key-12345678910"), config.Login.TokenEncryption.SecretKey)
-	assert.Equal(t, true, config.Login.Providers[providerID].Default)
+	// assert.Equal(t, RedactedString("env-var-secret"), config.Login.Providers[providerID].ClientSecret)
+	// assert.Equal(t, RedactedString("token-encryption-key-12345678910"), config.Login.TokenEncryption.SecretKey)
+	// assert.Equal(t, true, config.Login.Providers[providerID].Default)
 }
 

internal/config/main.go

@@ -28,7 +28,7 @@ func (r RedactedString) MarshalBinary() ([]byte, error) {
 type Config struct {
 	Server     ServerConfig
 	Revproxy   RevproxyConfig
-	Login      LoginConfig
+	// Login      LoginConfig
 	Redis      RedisConfig
 	Monitoring MonitoringConfig
 }
@@ -52,11 +52,11 @@ var CLISessionCookieOpt = models.WithCookieTemplate(http.Cookie{Name: "_renku_cl
 var UISessionCookieOpt = models.WithCookieTemplate(http.Cookie{Name: "_renku_ui_session", Secure: true, HttpOnly: true, Path: "/"})
 
 func (c *Config) Validate() error {
-	err := c.Login.Validate()
-	if err != nil {
-		return err
-	}
-	err = c.Revproxy.Validate()
+	// err := c.Login.Validate()
+	// if err != nil {
+	// 	return err
+	// }
+	err := c.Revproxy.Validate()
 	if err != nil {
 		return err
 	}