-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding multi-provider draft and enabling dev OAuth2 provider #25
Adding multi-provider draft and enabling dev OAuth2 provider #25
Conversation
Makefile
Outdated
@@ -32,7 +32,11 @@ docker/build: | |||
|
|||
.PHONY: run | |||
run: | |||
@reflex -c reflex.conf -- sh -c ./bin/Will.IAM start-api | |||
make build && ./bin/Will.IAM start-api --host=localhost -v3 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Without adding --host=localhost
command, every time we compile and run Will.IAM we receive a MacOS Firewall message box asking us to allow connections to this app.
Telling that you are using localhost
avoid it on development.
@@ -1,5 +1,10 @@ | |||
version: '2' | |||
services: | |||
oauth2-server: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To help us with OAuth2 I'm using oauth2-mock-server that mocks some requests to use.
switch verbosity { | ||
case 0: | ||
log.Level = logrus.InfoLevel | ||
log.Level = logrus.ErrorLevel |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think that the verbosity code was added here by mistake. I added this hierarchy to make more sense to devs who want to use this option.
) | ||
|
||
// ProviderBlankMock is a Provider mock will all dummy implementations | ||
type ProviderBlankMock struct { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This provider is used only as a mock to some unit/integration tests on Will.IAM, so I've moved it untouched to another file.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Besides the above, LGTM!
Makefile
Outdated
@@ -32,7 +32,11 @@ docker/build: | |||
|
|||
.PHONY: run | |||
run: | |||
@reflex -c reflex.conf -- sh -c ./bin/Will.IAM start-api | |||
make build && ./bin/Will.IAM start-api --host=localhost -v3 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Instead of using make
command inside each other, use target dependency:
make build && ./bin/Will.IAM start-api --host=localhost -v3 | |
run: build | |
./bin/Will.IAM start-api --host=localhost -v3 |
compose-up: | ||
@mkdir -p docker_data && docker-compose up -d | ||
@until docker exec $(pg_docker_image) pg_isready; do echo 'Waiting Postgres...' && sleep 1; done | ||
@sleep 2 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why having this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Because the other similar command only start the database container postgres
, skipping the new oauth2-server
container.
Thinking now, to simplify this logic I'll an parameter here and edit db/up
to send a container parameter.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hm, having a better look, I see that the docker-compose
only starts dependencies. Why not starting Will.IAM as well. An upside on this approach is using compose
's depends_on
feature.
With that, you can declare Will.IAM dependencies and having it wait until they are fully initialized. You only need to provide a healthcheck
operations for each dependency, which should be pretty simple.
This is only a suggestion, if you'd like to address this in another PR, feel free to do it.
Co-authored-by: Felipe Rodopoulos <felipekss@gmail.com>
Makefile
Outdated
@mkdir -p docker_data && docker-compose up -d postgres | ||
@until docker exec $(pg_docker_image) pg_isready; do echo 'Waiting Postgres...' && sleep 1; done | ||
@sleep 2 | ||
make compose-up container=postgres |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think this approach will work if you need to wait for the dependency to be ready. The end of db/up
target is not a guarantee that Postgres is accepting connections on the container.
…AM into features/dev-provider
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Everything good!
Motivation and Context
The first time that you run Will.IAM you could have problems to setup a valid OAuth2 provider. It is implicit that you need to follow these steps and make a setup to enable Google OAuth2 to execute tests in development.
Description
To help with that I've changed the API to choose another OAuth2 provider from config and added a provider that calls a test OAuth2 server.
In future we can modify this dev server to allow a developer to simulate interactions with many users at same time using another systems that use Will.IAM to manage permissions.
How Has This Been Tested?
make compose-up
. This command will start three docker containers: database, oauth2-server and Will.IAM itself.a. (extra) If it is your first time running Will.IAM, make be sure to run
make db/setup
first to create Will.IAM database;http://localhost:3000
, just access the following link on a browser:It should trigger the OAuth2 authentication procedure (very similar to this explanation), returning to the referer link at the end.
Types of changes
Checklist: