This repository contains an Express web application that implements some tasks to automate the users' provisioning in the IO Azure API management developer portal.
The goal is to automate some operations that would otherwise require the manual intervention of the APIs administrator: this lets developers start testing the API just after signing-up.
User's authentication takes place against an Azure Active Directory B2C tenant.
The following tasks are triggered from the logged in users clicking on call-to-action just after the sign-up in the developer portal:
-
The user is assigned to the API management groups configured
-
The user is subscribed to the API management product configured
-
The service tied to the user subscription is created through the Digital Citizenship APIs
-
A test profile (with a fake fiscal code) is created through the Digital Citizenship APIs
-
An email is sent to the user through the Digital Citizenship APIs. The email contains the fake fiscal code, so that the user can start testing the API right away. At this point, users can only send messages to their own email address, which is tied to the fake profile created.
The application can be tested locally, either on the developer host machine (using dev tools, such as npm and yarn), or using Docker.
Both a Dockerfile and a docker-compose.yaml files are in the root of this repository.
To build the local test environment using Docker, copy the .env.demo file in this repository and rename it into .env. Customize it with your values. Then, run:
docker-compose up -dThen, access the application at http://localhost:8080.
To bring down the Docker test environment and remove the container, use
docker-compose downBoth the frontend and the backend applications need some environment variables defined in order to work. Environment variables can be customized as needed.
Environment variables are written inside a .env file that is then COPYed into the docker container at build time. The application reads from the .env file shipped within the container.
The table below describes all the Environment variables needed by the front end of the application.
| Variable name | Description | type |
|---|---|---|
| ADMIN_API_URL | your_apim_url | string |
| ADMIN_API_KEY | your_admin_api_key | string |
| APIM_PRODUCT_NAME | starter | string |
| APIM_USER_GROUPS | ApiLimitedMessageWrite,ApiInfoRead,ApiMessageRead,ApiLimitedProfileRead | string (comma separated |
| APPINSIGHTS_INSTRUMENTATIONKEY | you_appinsights_instrumentationkey | string |
| ARM_APIM | your_apim_name | string |
| ARM_RESOURCE_GROUP | your_resource_group | string |
| ARM_SUBSCRIPTION_ID | your_arm_subscription_id | string |
| ARM_TENANT_ID | your_tenant_id | string |
| USE_SERVICE_PRINCIPAL | true | bool |
| SERVICE_PRINCIPAL_CLIENT_ID | your_service_principal_client_id | string |
| SERVICE_PRINCIPAL_SECRET | your_service_principal_client_secret | string |
| SERVICE_PRINCIPAL_TENANT_ID | your_service_principal_tenant_id | string |
| CLIENT_NAME | your_client_name | string |
| CLIENT_ID | your_client_id | string |
| CLIENT_SECRET | your_client_secret | string |
| COOKIE_IV | your_cookie_iv | string |
| COOKIE_KEY | your_cookie_key | string |
| LOG_LEVEL | debug | string |
| POLICY_NAME | B2C_1_SignUpIn | string |
| RESET_PASSWORD_POLICY_NAME | B2C_1_PasswordReset | string |
| POST_LOGIN_URL | https://developer.io.italia.it | string |
| POST_LOGOUT_URL | https://developer.io.italia.it | string |
| REPLY_URL | https://developer.io.italia.it | string |
| TENANT_ID | your_tenant_id | string |
| WEBSITE_NODE_DEFAULT_VERSION | 6.11.2 | string |
| WEBSITE_NPM_DEFAULT_VERSION | 6.1.0 | string |
The application can be deployed either as an Azure application service or as a stand-alone container, running for example on top of Kubernetes.
At each change, a Docker image is automatically produced (and tagged) on DockerHub. The image is public and can be consumed for application deployments.
For more informations about IO application deployments on Kubernetes check this out.
The paragraph explains how to deploy the application as an Azure AppService Deployment. The instructions assume that the app service has been already created and configured to support the application.
NOTE: The application is now deployed on the apim-portal-prod AppService on Azure. The following code snippets assume that apim-portal-prod is the AppService name.
The application can deployed by pushing it to the git repository linked to the AppService. Git credentials can be got using:
$ az webapp deployment list-publishing-credentials --resource-group apim-portal --name apim-portal-prod
To deploy the application you must build it before pushing the compiled artifacts to the app service git repository:
$ git remote add production https://apim-portal-prod.scm.azurewebsites.net:443/apim-portal-prod.git
$ git checkout -b production master
$ npm run build
$ git add -f build
$ git commit -m "added build artifacts"
$ git push production-
Navigate to the developer portal -> sign-up
-
Compile the ADB2C sign-up form providing Service and Organization name
-
Click on "Subscribe to Digital Citizenship API" cta in the landing page
You should receive an API-Key (in the developer portal) and an email with a fake fiscal code that you can use to start testing the Digital Citizenship API.
The web directory in this repository contains an HTML template and some CSS styles to customize the aspect of both the ADB2C sign-in and sign-up default pages.
Moreover, it contains a page with the privacy policy which is reachable from a link placed in the sign-in entry page.
To set up the customization:
- Deploy the HTML template and CSSs to GitHub Pages
yarn gh-pages- Refer to the installation manual to customize the sign-up and sign-in default forms.