First automatic bridge setup

compose-test.yaml

@@ -0,0 +1,90 @@
+services:
+  hydra-migrate:
+    image: oryd/hydra:v2.2.0
+    restart: on-failure
+    networks:
+      - ory-hydra-network
+    command: migrate sql -e --yes
+    environment:
+      - DSN=postgres://hydra:secret@postgresd:5432/hydra?sslmode=disable&max_conns=20&max_idle_conns=4
+    depends_on:
+      - postgresd
+
+  hydra:
+    depends_on:
+      - postgresd
+    image: oryd/hydra:v2.2.0
+    networks:
+      - ory-hydra-network
+    ports:
+      - 5004:4444 # Public port
+      - 5001:4445 # Admin port
+    command: serve all --dev
+    environment:
+      - URLS_SELF_ISSUER=http://localhost:5004/
+      - URLS_CONSENT=http://localhost:5002/api/consent
+      - URLS_LOGIN=http://localhost:5002/login
+      - DSN=postgres://hydra:secret@postgresd:5432/hydra?sslmode=disable&max_conns=20&max_idle_conns=4
+      - SECRETS_SYSTEM=youReallyNeedToChangeThis
+      - OIDC_SUBJECT_IDENTIFIERS_SUPPORTED_TYPES=public,pairwise
+      - OIDC_SUBJECT_IDENTIFIERS_PAIRWISE_SALT=youReallyNeedToChangeThis
+      - SERVE_PUBLIC_CORS_ENABLED=true
+      - SERVE_PUBLIC_CORS_ALLOWED_METHODS=POST,GET,PUT,DELETE
+      - SERVE_ADMIN_CORS_ENABLED=true
+      - SERVE_ADMIN_CORS_ALLOWED_METHODS=POST,GET,PUT,DELETE
+      - LOG_LEVEL=error
+      - LOG_FORMAT=json
+      - LOG_LEAK_SENSITIVE_VALUES=false
+      - OAUTH2_EXPOSE_INTERNAL_ERRORS=1
+      - WEBFINGER_OIDC_DISCOVERY_USERINFO_URL=http://localhost:5004/userinfo
+      - OIDC_DYNAMIC_CLIENT_REGISTRATION_ENABLED=true
+    restart: on-failure
+
+  postgresd:
+    image: postgres:16
+    networks:
+      - ory-hydra-network
+    ports:
+      - 5433:5432
+    environment:
+      - POSTGRES_USER=hydra
+      - POSTGRES_PASSWORD=secret
+      - POSTGRES_DB=hydra
+    restart: on-failure
+
+  vclogin:
+    env_file:
+      - ./vclogin/.env.test
+    environment:
+      - HYDRA_ADMIN_URL=http://hydra:4445
+      - REDIS_HOST=redis
+      - REDIS_PORT=6379
+    networks:
+      - ory-hydra-network
+    ports:
+      - 5002:3000
+    build:
+      context: ./vclogin
+    restart: unless-stopped
+
+  redis:
+    image: redis:7.2.2
+    networks:
+      - ory-hydra-network
+    ports:
+      - 6379:6379
+    restart: unless-stopped
+
+  test_client:
+    image: oryd/hydra:v2.2.0
+    networks:
+      - ory-hydra-network
+    ports:
+      - 9010:9010
+    volumes:
+      - ./test_client_test.sh:/test_client_test.sh
+    entrypoint: ["sh", "/test_client_test.sh"]
+
+networks:
+  ory-hydra-network:
+    name: ory-hydra-net

test_client_test.sh

@@ -0,0 +1,41 @@
+#!/bin/bash
+
+URL="http://hydra:4444/userinfo"
+
+# wait until hydra is up
+while true; do
+  # Use wget to check if there's any HTTP response, including errors
+  STATUS=$(wget --server-response --spider "$URL" 2>&1 | awk '/HTTP\// {print $2}' | tail -n 1)
+
+  if [ -n "$STATUS" ]; then
+    echo "Success: Received HTTP status code $STATUS from $URL!"
+    break
+  else
+    echo "Waiting for any HTTP response from $URL..."
+    sleep 5 # Wait for 5 seconds before checking again
+  fi
+done
+
+client=$(hydra create client --skip-tls-verify \
+  --name testclient \
+  --secret some-secret \
+  --grant-type authorization_code \
+  --response-type token,code,id_token \
+  --scope openid \
+  --redirect-uri "http://localhost:9010/callback" \
+  -e http://hydra:4445 \
+  --format json)
+
+echo "$client"
+
+client_id=$(echo "$client" | grep -o '"client_id":"[^"]*"' | sed 's/"client_id":"//;s/"//')
+
+hydra perform authorization-code --skip-tls-verify \
+  --port 9010 \
+  --client-id "$client_id" \
+  --client-secret some-secret \
+  --redirect "http://localhost:9010/callback" \
+  --scope openid \
+  --auth-url http://localhost:5004/oauth2/auth \
+  --token-url http://hydra:4444/oauth2/token \
+  -e http://hydra:4444

vclogin/.env.test

@@ -1,4 +1,7 @@
 LOGIN_POLICY=./__tests__/testdata/policies/acceptAnything.json
 DID_KEY_JWK={"kty":"OKP","crv":"Ed25519","x":"cwa3dufHNLg8aQb2eEUqTyoM1cKQW3XnOkMkj_AAl5M","d":"me03qhLByT-NKrfXDeji-lpADSpVOKWoaMUzv5EyzKY"}
-EXTERNAL_URL=http://example.com
+EXTERNAL_URL=http://localhost
 INCR_AUTH_API_SECRET=verysecret
+HYDRA_ADMIN_URL=http://localhost:5001
+REDIS_HOST=localhost
+REDIS_PORT=6379

vclogin/__tests__/e2e/e2eLogin.spec.ts

@@ -0,0 +1,67 @@
+/**
+ * Copyright 2024 Software Engineering for Business Information Systems (sebis) <[email protected]> .
+ * SPDX-License-Identifier: MIT
+ */
+
+/* eslint-disable no-console */
+import { test, expect } from "@playwright/test";
+import { spawn } from "node:child_process";
+import {
+  DockerComposeEnvironment,
+  StartedDockerComposeEnvironment,
+  Wait,
+} from "testcontainers";
+
+const delay = (ms: int) => new Promise((resolve) => setTimeout(resolve, ms));
+
+const composeFilePath = "../";
+const composeFile = "compose-test.yaml";
+
+let environment: StartedDockerComposeEnvironment;
+
+test.beforeAll(async () => {
+  test.setTimeout(120000);
+  environment = await new DockerComposeEnvironment(composeFilePath, composeFile)
+    .withWaitStrategy(
+      "hydra-migrate-1",
+      Wait.forLogMessage("Successfully applied migrations!"),
+    )
+    .withBuild()
+    .up();
+  delay(6000);
+});
+
+test.afterAll(async () => {
+  await environment.down();
+});
+
+test.describe("Index Page", () => {
+  test("has headline", async ({ page }) => {
+    await page.goto("http://localhost:5002");
+
+    await expect(
+      page.getByRole("heading", { name: "SSI-to-OIDC Bridge" }),
+    ).toBeVisible({ timeout: 15000 });
+  });
+});
+
+test.describe("Login Flow", () => {
+  test("sign in with email", async ({ page }) => {
+    const testclient = spawn("sh", ["../test_client.sh"], { detached: true });
+    testclient.stdout.on("data", (data) => {
+      console.error(`stdout: ${data}`);
+    });
+    testclient.stderr.on("data", (data) => {
+      console.error(`stderr: ${data}`);
+    });
+    delay(6000);
+
+    await page.goto("http://localhost:9010");
+
+    await expect(
+      page.getByRole("link", { name: "Authorize application" }),
+    ).toBeVisible({
+      timeout: 15000,
+    });
+  });
+});

vclogin/package.json

@@ -9,7 +9,7 @@
     "start": "NODE_OPTIONS='-r next-logger' next start",
     "lint": "next lint",
     "test": "vitest run --coverage",
-    "test:e2e": "npx playwright test"
+    "test:e2e": "DEBUG=testcontainers* npx playwright test --workers=1"
   },
   "dependencies": {
     "@material-tailwind/react": "^2.0.3",