Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Dev env keycloak #34

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 25 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,30 @@
# Accounting application for the LgHS


## Devenv, compile and run

1. create an alias for docker-compose
```bash
alias dcacc='docker-compose -p lghs-accounting -f path/to/accounting/dev-env/docker-compose.yml'
```

2. start and init the dev-env
```bash
./dev-env/init.sh
```

3. launch app
```bash
dcacc up -d
```

4. add entry to host `127.0.0.1 keycloak` and connect to https://localhost or to http://localhost:80 (use user foobar/pwd)






## Dependencies

You'll need a postgresql database and a compiled version of [coda-rs](https://github.com/bendem/coda-rs/tree/develop).
Expand Down
13 changes: 13 additions & 0 deletions dev-env/apache/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
FROM httpd:2.4

RUN mkdir -p /usr/local/apache2/conf/sites/ /usr/local/apache2/htdocs/login
RUN echo 'IncludeOptional /conf/sites/*.conf' | tee -a /usr/local/apache2/conf/httpd.conf

COPY resources/custom.conf /conf/sites/custom.conf
COPY resources/key /key
COPY resources/cert /cert





21 changes: 21 additions & 0 deletions dev-env/apache/resources/cert
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDczCCAlugAwIBAgIUaDm8Odr9Md37KJh+ddvLHtf+fn0wDQYJKoZIhvcNAQEL
BQAwSDELMAkGA1UEBhMCQkUxEzARBgNVBAgMClNvbWUtU3RhdGUxDTALBgNVBAoM
BGZyb2wxFTATBgNVBAMMDGNoYW1hbi5sb2NhbDAgFw0yMTExMjIyMTQ5MDBaGA8y
Mjk1MDkwNzIxNDkwMFowSDELMAkGA1UEBhMCQkUxEzARBgNVBAgMClNvbWUtU3Rh
dGUxDTALBgNVBAoMBGZyb2wxFTATBgNVBAMMDGNoYW1hbi5sb2NhbDCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMjT9okqxA20zrn78rEs+wmYlvmtZtQg
FGDQjRfLPfl8APYiKxkCR5BV6MAabX0b9JVIr4iyxUvn00Ln+8rgLIA1ZylwQ/aN
2qOAGgKSJrTysKDrPi+nBQBMRFrg+KmtKQadkBp960G+muZ4mlOn2KQiADsBUEXj
7C7g6zaFW+AucTxuB1/iGSIHN8JJuWeR+tWTnZKD9Cj9RW123iJm6MzF3mU8jEju
+3ymkr56guvtKI2DznARzKaoZA3SALFcL9HST766dlfnVJ9xBoXvFI9tbQr6jYI7
pkdqWILVQ+6D4/nfYkzTdJBncV9sSkMC30KrD+T1YtePCZpJDGToaecCAwEAAaNT
MFEwHQYDVR0OBBYEFDQnyWPiMtOEjmS+VG8TBybCQQQiMB8GA1UdIwQYMBaAFDQn
yWPiMtOEjmS+VG8TBybCQQQiMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL
BQADggEBADn7Zpk3hGzV+FeppkJDVZOv5mXjZMDGtJq05ZnDrw52sQgSkOAYw1ed
EAzl08Bh5D48hbUiTAIZfIg0UciZB4ONwfggjirX+3HGx4i+rkxfLn/CTG4bDs0B
p+1a7y0VAw9C6KcL8+J2s7QYN/LvQ7rRmwAvpkNzcY2uNTldGsjDSFiprS62JfLu
NDVzAzLAUEt8yo6Nz+IMOrDqO/BLAkWiOaNt5fA7l8ZhhAb0gXScXJUqvKphuXVo
cXUL5MKgBWwCfZVqhtM2oa43163IdfxJZvBfInWBMXi2sZn2KsBxBkX0yicNbcDw
psN5uaKYHML7D5qwFdiIQByco7js8DQ=
-----END CERTIFICATE-----
30 changes: 30 additions & 0 deletions dev-env/apache/resources/custom.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
Listen 443

ServerName accounting.local


<VirtualHost *:443>

LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_html_module modules/mod_proxy_html.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule ssl_module modules/mod_ssl.so

SSLEngine on
SSLCertificateFile "/cert"
SSLCertificateKeyFile "/key"

RequestHeader set "X-Forwarded-SSL" expr=%{HTTPS}
RequestHeader set X-Forwarded-Proto https
RequestHeader set X-Forwarded-Port 443

ProxyPreserveHost On
ProxyPass / http://app:8080/
ProxyPassReverse / http://app:8080/


</VirtualHost>

28 changes: 28 additions & 0 deletions dev-env/apache/resources/key
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDI0/aJKsQNtM65
+/KxLPsJmJb5rWbUIBRg0I0Xyz35fAD2IisZAkeQVejAGm19G/SVSK+IssVL59NC
5/vK4CyANWcpcEP2jdqjgBoCkia08rCg6z4vpwUATERa4PiprSkGnZAafetBvprm
eJpTp9ikIgA7AVBF4+wu4Os2hVvgLnE8bgdf4hkiBzfCSblnkfrVk52Sg/Qo/UVt
dt4iZujMxd5lPIxI7vt8ppK+eoLr7SiNg85wEcymqGQN0gCxXC/R0k++unZX51Sf
cQaF7xSPbW0K+o2CO6ZHaliC1UPug+P532JM03SQZ3FfbEpDAt9Cqw/k9WLXjwma
SQxk6GnnAgMBAAECggEAcHbrQEN3yWkwv8yNS5Ux/Fy8Z5Qo2rAgWVtRODr0OOut
qijWU8oIA5dooXPrTr3CCXvL+VSL0oc/st8xDZresOm3HOim1sL35soNRtVL4ddq
/KLgj1UMIu+S9AW6m2LCb9b65SsQ/R9dpaVyX1jGpJv53xFMP+d004fXkQ+7tN2v
NI/C9WAVwocNX/1nz/tiNgIYDqFpeS//cce89m/k1VtYQsPypIsIkVh9gBDMtJW2
KTJoShd+hLUlYj5JYoyNHWQZKQ9YIN8p+GDhxL72Xxz3iq0XmsiQTOkqVuq+4Qw0
GwMZLT1+HUCw5NmNYG61b3HDwPS+ABVvu6l1OOtwCQKBgQDpE124L/rJatLovBJH
BGYnTu0Y1tD9PsYW27HDVWXm9yKiDKss+5KnkZLecAKWUdvQejG8dwdsjCvz0O4v
L4B8esuuhvxoARmzHdKiPw3jwnrf8BokIz3j4smhGizb5M2n9zzSKPqOGaYbUy4Z
UNcfECyzLJbzgW3op1dysN3gGwKBgQDclKE8+w0vrkxW1+GcPk4xMcJUGLC5hzgQ
OLODyqW0rBIW82A8SjBssRynmcO7tZinBbxZaQQtVf6eGP9U3fQPgwR90SrTy0K2
URmC75QuwZw6OiR0HSZ8ylTJ6B3dW1J3P/lpOPiCgLlpQs63sdZVE6IvlcZlF0k3
ipBxQ9FyJQKBgHcIWu68IjpHghs2Iad/SaR9nHz5CJatPoFiBfEaZgaE5H0aNzmr
6YQGxpkvX0Lh338jSM9Vgsce9zt30ozql5X7KJajfbioBzYA3xfZWACfzB0eBFu8
W9lMc2kBczOCML29eKRkJUH5O2ntGzf2n0bP/eQru5P03+rXu8NpLIdNAoGBAJ38
5q+isQMhuBPLdBBQn/ikRyest4dqzkDwG8Oddao+RIajsp38FUsEYB27CHJ90uRu
O0Ve7lr6aPAbv2Wtw40IrkLfeelQgGvNEpSxvFTw31DlLA7ugg6HbMtgsWNGcX5w
F9fBslzmjeZSr3TqrzUoZtXmVL87OnnJiUNW68DxAoGAKSeg8xQRG26QBKVtrLja
TZpwkbEZIpOY8wMSeOYIVH6PiautbOcWKQo4UpIH2wIX7FM56kgPHitw7/5sZ7CE
pZZNbfS+dPQZp/SIvU3Sw3qxcu2dXcm0dMSS+Wz0HjBfhR0bF8lfF2/dQTLBhAko
fxOx5Y2q7R4hoVa4ysOmye8=
-----END PRIVATE KEY-----
10 changes: 10 additions & 0 deletions dev-env/dbMockData.sql
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
insert into accounting.accounts (id,name, description, current_balance) values ('25e575be-1123-435a-aea4-d45ec68796f5','foo','bar',42);

insert into accounting.codas (id,filename, content, account_id, sequence_number) VALUES
('4fc22296-4313-4845-b823-5f97268e26cc', 'test', 'test', '25e575be-1123-435a-aea4-d45ec68796f5', 1);

insert into accounting.movement_categories (id, name, description, type) VALUES ('93b87203-896a-4951-8c69-3f739e5df96e', 'test', 'test', 'test');

insert into accounting.movements (id, amount, entry_date, account_id, coda_id, coda_sequence_number, counter_party_account_number, counter_party_name, communication, category_id) VALUES
('6e289df4-1e35-4206-9b12-ab1723c6f446', 1, now(), '25e575be-1123-435a-aea4-d45ec68796f5', '4fc22296-4313-4845-b823-5f97268e26cc', 1, 'test', 'test', 'test', '93b87203-896a-4951-8c69-3f739e5df96e');

34 changes: 34 additions & 0 deletions dev-env/docker-compose.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
version: "2"

services:

apache:
build: apache
ports:
- 443:443

app:
image: registry.gitlab.com/lghs/accounting/accounting-build-docker
volumes:
- ..:/src
- $HOME/.gradle:/gradle/.gradle
ports:
- 80:8080
user: $UID
working_dir: /src
command: ["gradle","--stacktrace","bootRun"]

db:
image: postgres:13
environment:
- POSTGRES_HOST_AUTH_METHOD=trust


keycloak:
image: quay.io/keycloak/keycloak:15.0.2
ports:
- 8080:8080
environment:
- KEYCLOAK_USER=admin
- KEYCLOAK_PASSWORD=pwd
- KEYCLOAK_FRONTEND_URL=http://keycloak:8080/auth/
79 changes: 79 additions & 0 deletions dev-env/init.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
#!/bin/bash

set -ue
set -o pipefail

DIR=$(cd $(dirname $0) && pwd)

INFO_COLOR='\033[0;33m'
ERROR_COLOR='\033[0;3om'
NC='\033[0m' # No Color

info(){
echo -e ${INFO_COLOR}$@${NC}
}

error(){
>&2 echo -e ${ERROR_COLOR}$@${NC}
}


function dcacc(){
docker-compose -p lghs-accounting -f $DIR//docker-compose.yml $@
}

function waitDbReady(){
(dcacc exec -T db psql -U postgres < <( echo 'select 1 ;') 2>&1 > /dev/null ) || (
if [ $1 -lt 20 ]
then
echo '.'
sleep 2
waitDbReady $(( $1 + 1 ))
else
error "time out waiting for db"
exit 1
fi
)
}

function getKeycloakToken(){
curl --data "username=admin&password=pwd&grant_type=password&client_id=admin-cli" http://localhost:8080/auth/realms/master/protocol/openid-connect/token \
| sed 's/.*access_token":"//g' | sed 's/".*//g' \
|| (

if [ $1 -lt 20 ]
then
(>&2 wait for keycloak to be ready)
sleep 2
getKeycloakToken $(( $1 + 1 ))
else
error "time out waiting for db"
exit 2
fi
)
}

info start db and keycloak
dcacc up -d db keycloak

info wait for db to start
waitDbReady 0

info init db
cat $DIR/../prepare_db.sql | dcacc exec -T db psql -Upostgres


info generate jook tables
dcacc run --rm app gradle --stacktrace jooq

info fill db with mock data
cat $DIR/dbMockData.sql | dcacc exec -T db psql -U postgres lghs_accounting


info get keycloak token

TOKEN=$(getKeycloakToken 1)
info token : $TOKEN

curl -v http://localhost:8080/auth/admin/realms/master/clients -H "Content-Type: application/json" -H "Authorization: bearer $TOKEN" --data @$DIR/keycloak/accounting.json
curl -v http://localhost:8080/auth/admin/realms/master/users -H "Content-Type: application/json" -H "Authorization: bearer $TOKEN" --data @$DIR/keycloak/fooBarUser.json
66 changes: 66 additions & 0 deletions dev-env/keycloak/accounting.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
{
"clientId": "accounting",
"secret":"f539b20e-048a-4d81-90bf-238477fb3ad6",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [
"*"
],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": true,
"serviceAccountsEnabled": false,
"publicClient": false,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {
"id.token.as.detached.signature": "false",
"saml.assertion.signature": "false",
"saml.force.post.binding": "false",
"saml.multivalued.roles": "false",
"saml.encrypt": "false",
"oauth2.device.authorization.grant.enabled": "false",
"backchannel.logout.revoke.offline.tokens": "false",
"saml.server.signature": "false",
"saml.server.signature.keyinfo.ext": "false",
"use.refresh.tokens": "true",
"exclude.session.state.from.auth.response": "false",
"oidc.ciba.grant.enabled": "false",
"saml.artifact.binding": "false",
"backchannel.logout.session.required": "true",
"client_credentials.use_refresh_token": "false",
"saml_force_name_id_format": "false",
"require.pushed.authorization.requests": "false",
"saml.client.signature": "false",
"tls.client.certificate.bound.access.tokens": "false",
"saml.authnstatement": "false",
"display.on.consent.screen": "false",
"saml.onetimeuse.condition": "false"
},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": true,
"nodeReRegistrationTimeout": -1,
"defaultClientScopes": [
"web-origins",
"roles",
"profile",
"email"
],
"optionalClientScopes": [
"address",
"phone",
"offline_access",
"microprofile-jwt"
],
"access": {
"view": true,
"configure": true,
"manage": true
}
}
18 changes: 18 additions & 0 deletions dev-env/keycloak/fooBarUser.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
{"firstName":"foo",
"lastName":"bar",
"email":"[email protected]",
"enabled":"true",
"credentials": [ {
"type" : "password",
"hashedSaltedValue" : "26g/2ah/a+FR1NyRZw762fiu1q3vToa50El8AdXDKOZacF13v5FZ3S6dqgj9wTq9QUBA8CbCCPQdzRKozK1+hQ==",
"salt" : "rERt21H5qyALrIAghSi4Ow==",
"hashIterations" : 27500,
"counter" : 0,
"algorithm" : "pbkdf2-sha256",
"digits" : 0,
"period" : 0,
"createdDate" : 1645982432000,
"config" : { }
} ],
"username":"foobar"
}
4 changes: 2 additions & 2 deletions gradle.properties
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
database_url=jdbc:postgresql:lghs_accounting
database_url=jdbc:postgresql://db/lghs_accounting
database_schema=accounting
database_driver=org.postgresql.Driver
database_user=lghs_accounting_root
database_password=
database_password=lghs_accounting_root_password
15 changes: 15 additions & 0 deletions prepare_db.sql
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
create user lghs_accounting_root with password 'lghs_accounting_root_password'; -- change it really
create database lghs_accounting owner lghs_accounting_root;

\c lghs_accounting
revoke all on schema public from public;

create user lghs_accounting_app with password 'lghs_accounting_app_password'; -- change it really
grant connect on database lghs_accounting to lghs_accounting_app;

grant usage on schema public to lghs_accounting_root;
grant usage on schema public to lghs_accounting_app;

create extension "uuid-ossp";
create extension pgcrypto;
create extension btree_gist;
Original file line number Diff line number Diff line change
@@ -1,7 +1,10 @@
package be.lghs.accounting.configuration;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.CacheControl;
import org.springframework.mail.javamail.JavaMailSender;
import org.springframework.mail.javamail.JavaMailSenderImpl;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

Expand All @@ -28,4 +31,10 @@ public void addResourceHandlers(ResourceHandlerRegistry registry) {
.addResourceLocations("classpath:/public/")
.setCacheControl(staticCacheControl);
}


@Bean
public JavaMailSender javaMailSender() {
return new JavaMailSenderImpl();
}
}
Loading