Add OAuth2 mock server for CI testing

2024-11-24 22:20:28 +01:00 · 2023-08-23 19:44:59 +02:00 · 2023-08-23 19:44:59 +02:00 · 7ddeb992e7
commit 7ddeb992e7
parent 5147753a79
4 changed files with 55 additions and 16 deletions
--- a/cmd/backup/config.go
+++ b/cmd/backup/config.go
@ -72,6 +72,7 @@ type Config struct {
 	AzureStoragePath              string          `split_words:"true"`
 	AzureStorageEndpoint          string          `split_words:"true" default:"https://{{ .AccountName }}.blob.core.windows.net/"`
 	DropboxEndpoint               string          `split_words:"true" default:"https://api.dropbox.com/"`
+	DropboxOAuth2Endpoint         string          `split_words:"true" default:"https://api.dropbox.com/"`
 	DropboxRefreshToken           string          `split_words:"true"`
 	DropboxAppKey                 string          `split_words:"true"`
 	DropboxAppSecret              string          `split_words:"true"`
--- a/internal/storage/dropbox/dropbox.go
+++ b/internal/storage/dropbox/dropbox.go
@ -27,6 +27,7 @@ type dropboxStorage struct {
 // Config allows to configure a Dropbox storage backend.
 type Config struct {
 	Endpoint         string
+	OAuth2Endpoint   string
 	RefreshToken     string
 	AppKey           string
 	AppSecret        string
@ -36,7 +37,7 @@ type Config struct {

 // NewStorageBackend creates and initializes a new Dropbox storage backend.
 func NewStorageBackend(opts Config, logFunc storage.Log) (storage.Backend, error) {
-	tokenUrl, _ := url.JoinPath(opts.Endpoint, "oauth2/token")
+	tokenUrl, _ := url.JoinPath(opts.OAuth2Endpoint, "oauth2/token")

 	conf := &oauth2.Config{
 		ClientID:     opts.AppKey,
@ -46,28 +47,21 @@ func NewStorageBackend(opts Config, logFunc storage.Log) (storage.Backend, error
 		},
 	}

-	isCITest := opts.Endpoint != "https://api.dropbox.com/"
-
 	logFunc(storage.LogLevelInfo, "Dropbox", "Fetching fresh access token for Dropbox storage backend.")
-	token := &oauth2.Token{RefreshToken: opts.RefreshToken}
-	if !isCITest {
-		tkSource := conf.TokenSource(context.Background(), &oauth2.Token{RefreshToken: opts.RefreshToken})
-		var err error
-		token, err = tkSource.Token()
-		if err != nil {
-			return nil, fmt.Errorf("(*dropboxStorage).NewStorageBackend: Error refreshing token: %w", err)
-		}
+	tkSource := conf.TokenSource(context.Background(), &oauth2.Token{RefreshToken: opts.RefreshToken})
+	token, err := tkSource.Token()
+	if err != nil {
+		return nil, fmt.Errorf("(*dropboxStorage).NewStorageBackend: Error refreshing token: %w", err)
 	}

-	dbxConfig := dropbox.Config{}
+	dbxConfig := dropbox.Config{
+		Token: token.AccessToken,
+	}

-	if isCITest {
-		dbxConfig.Token = opts.RefreshToken
+	if opts.Endpoint != "https://api.dropbox.com/" {
 		dbxConfig.URLGenerator = func(hostType string, namespace string, route string) string {
 			return fmt.Sprintf("%s/%d/%s/%s", opts.Endpoint, 2, namespace, route)
 		}
-	} else {
-		dbxConfig.Token = token.AccessToken
 	}

 	client := files.New(dbxConfig)
--- a/test/dropbox/docker-compose.yml
+++ b/test/dropbox/docker-compose.yml
@ -11,6 +11,17 @@ services:
    volumes:
      - ./user_v2.yaml:/etc/openapi/user_v2.yaml

+  oauth2_mock:
+    image: ghcr.io/navikt/mock-oauth2-server:1.0.0
+    ports:
+      - 8090:8090
+    environment:
+      PORT: 8090
+      JSON_CONFIG_PATH: '/etc/oauth2/config.yaml'
+    volumes:
+      - ./oauth2_config.yaml:/etc/oauth2/config.yaml
+    hostname: host.docker.internal
+
  backup:
    image: offen/docker-volume-backup:${TEST_VERSION:-canary}
    hostname: hostnametoken
@ -25,6 +36,7 @@ services:
      BACKUP_PRUNING_LEEWAY: 5s
      BACKUP_PRUNING_PREFIX: test
      DROPBOX_ENDPOINT: http://openapi_mock:8080
+      DROPBOX_OAUTH2_ENDPOINT: http://oauth2_mock:8090
      DROPBOX_REFRESH_TOKEN: test
      DROPBOX_APP_KEY: test
      DROPBOX_APP_SECRET: test
--- a/test/dropbox/oauth2_config.yaml
+++ b/test/dropbox/oauth2_config.yaml
@ -0,0 +1,32 @@
+{
+   "issuer":"http://localhost:8090/default",
+   "authorization_endpoint":"http://localhost:8090/default/authorize",
+   "end_session_endpoint" : "http://localhost:8090/default/endsession",
+   "revocation_endpoint" : "http://localhost:8090/default/revoke",
+   "token_endpoint":"http://localhost:8090/default/token",
+   "userinfo_endpoint":"http://localhost:8090/default/userinfo",
+   "jwks_uri":"http://localhost:8090/default/jwks",
+   "introspection_endpoint":"http://localhost:8090/default/introspect",
+   "response_types_supported":[
+      "query",
+      "fragment",
+      "form_post"
+   ],
+   "subject_types_supported":[
+      "public"
+   ],
+   "id_token_signing_alg_values_supported":[
+     "ES256",
+     "ES384",
+     "RS256",
+     "RS384",
+     "RS512",
+     "PS256",
+     "PS384",
+     "PS512"
+   ],
+  "code_challenge_methods_supported":[
+      "plain", 
+      "S256" 
+  ]
+}