diff --git a/Dockerfile b/Dockerfile index 1219c09..62b3354 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,14 @@ +# Use the official Nginx image from Docker Hub FROM nginx:alpine3.20 +# Copy your application files to the appropriate directory if needed COPY dist /usr/share/nginx/html + +# Copy custom Nginx configuration file to the container +COPY nginx-extra.conf /etc/nginx/conf.d/nginx-extra.conf + +# Expose the port that the application is running on +EXPOSE 80 + +# Start Nginx when the container launches +CMD ["nginx", "-g", "daemon off;"] diff --git a/app/index.tsx b/app/index.tsx index 5a021bc..d2b5cbe 100644 --- a/app/index.tsx +++ b/app/index.tsx @@ -6,16 +6,70 @@ import {Button, Text, View} from "react-native"; WebBrowser.maybeCompleteAuthSession(); // const redirectURI = AuthSession.makeRedirectUri({native: 'http://127.0.0.1:8082/ssoCallback', // TODO: why is it translated to localhost? Why /ssoCallback is missing?}); -const redirectURI = 'https://poc-sso-marn.van-hemmen.com/ssoCallback'; +const redirectURI = 'https://poc-sso-marn-500.van-hemmen.com/ssoCallback'; console.log(redirectURI); export default function indexScreen() { const [tokenResponse, setTokenResponse] = useState<TokenResponse | null>(null); - const clientId = '509-marn-app'; + const clientId = '509-marn-poc-app'; - const discovery = AuthSession.useAutoDiscovery('https://fes509-ref.m-team.be/login/oauth2/realms/root/realms/509'); + // const discovery = AuthSession.useAutoDiscovery('https://auth-integ.partenamut.be/login/oauth2'); + const discovery = { + "request_parameter_supported": true, + "pushed_authorization_request_endpoint": "https://auth-integ.partenamut.be/login/oauth2/par", + "introspection_encryption_alg_values_supported": ["ECDH-ES+A256KW", "ECDH-ES+A192KW", "RSA-OAEP", "ECDH-ES+A128KW", "RSA-OAEP-256", "A128KW", "A256KW", "ECDH-ES", "dir", "A192KW"], + "claims_parameter_supported": false, + "introspection_endpoint": "https://auth-integ.partenamut.be/login/oauth2/introspect", + "issuer": "https://auth-integ.partenamut.be/login/oauth2", + "id_token_encryption_enc_values_supported": ["A256GCM", "A192GCM", "A128GCM", "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512"], + "userinfo_encryption_enc_values_supported": ["A256GCM", "A192GCM", "A128GCM", "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512"], + "authorization_endpoint": "https://auth-integ.partenamut.be/login/oauth2/authorize", + "authorization_encryption_alg_values_supported": ["ECDH-ES+A256KW", "ECDH-ES+A192KW", "RSA-OAEP", "ECDH-ES+A128KW", "RSA-OAEP-256", "A128KW", "A256KW", "ECDH-ES", "dir", "A192KW"], + "introspection_encryption_enc_values_supported": ["A256GCM", "A192GCM", "A128GCM", "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512"], + "claims_supported": [], + "rcs_request_signing_alg_values_supported": ["PS384", "ES384", "RS384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512", "PS256", "PS512", "RS512"], + "token_endpoint_auth_methods_supported": ["client_secret_post", "private_key_jwt", "self_signed_tls_client_auth", "tls_client_auth", "none", "client_secret_basic"], + "tls_client_certificate_bound_access_tokens": true, + "response_modes_supported": ["query.jwt", "fragment", "jwt", "form_post.jwt", "form_post", "fragment.jwt", "query"], + "backchannel_logout_session_supported": true, + "token_endpoint": "https://auth-integ.partenamut.be/login/oauth2/access_token", + "response_types_supported": ["code token id_token", "code", "code id_token", "id_token", "code token", "token", "token id_token"], + "authorization_encryption_enc_values_supported": ["A256GCM", "A192GCM", "A128GCM", "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512"], + "revocation_endpoint_auth_methods_supported": ["client_secret_post", "private_key_jwt", "self_signed_tls_client_auth", "tls_client_auth", "none", "client_secret_basic"], + "request_uri_parameter_supported": true, + "grant_types_supported": ["implicit", "urn:ietf:params:oauth:grant-type:saml2-bearer", "refresh_token", "password", "client_credentials", "urn:ietf:params:oauth:grant-type:device_code", "authorization_code", "urn:openid:params:grant-type:ciba", "urn:ietf:params:oauth:grant-type:uma-ticket", "urn:ietf:params:oauth:grant-type:token-exchange", "urn:ietf:params:oauth:grant-type:jwt-bearer"], + "version": "3.0", + "userinfo_endpoint": "https://auth-integ.partenamut.be/login/oauth2/userinfo", + "require_request_uri_registration": true, + "code_challenge_methods_supported": ["plain", "S256"], + "id_token_encryption_alg_values_supported": ["ECDH-ES+A256KW", "ECDH-ES+A192KW", "RSA-OAEP", "ECDH-ES+A128KW", "RSA-OAEP-256", "A128KW", "A256KW", "ECDH-ES", "dir", "A192KW"], + "authorization_signing_alg_values_supported": ["PS384", "RS384", "EdDSA", "ES384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512", "PS256", "PS512", "RS512"], + "request_object_signing_alg_values_supported": ["PS384", "ES384", "RS384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512", "PS256", "PS512", "RS512"], + "request_object_encryption_alg_values_supported": ["ECDH-ES+A256KW", "ECDH-ES+A192KW", "ECDH-ES+A128KW", "RSA-OAEP", "RSA-OAEP-256", "A128KW", "A256KW", "ECDH-ES", "dir", "A192KW"], + "rcs_response_signing_alg_values_supported": ["PS384", "ES384", "RS384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512", "PS256", "PS512", "RS512"], + "introspection_signing_alg_values_supported": ["PS384", "RS384", "EdDSA", "ES384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512", "PS256", "PS512", "RS512"], + "check_session_iframe": "https://auth-integ.partenamut.be/login/oauth2/connect/checkSession", + "scopes_supported": [], + "backchannel_logout_supported": true, + "acr_values_supported": ["itsmeAffiliation", "eid", "impersonate", "impersonateNew", "usernamePassword", "fasCitizenLevel400", "itsme"], + "request_object_encryption_enc_values_supported": ["A256GCM", "A192GCM", "A128GCM", "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512"], + "rcs_request_encryption_alg_values_supported": ["ECDH-ES+A256KW", "ECDH-ES+A192KW", "RSA-OAEP", "ECDH-ES+A128KW", "RSA-OAEP-256", "A128KW", "A256KW", "ECDH-ES", "dir", "A192KW"], + "userinfo_signing_alg_values_supported": ["ES384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512"], + "require_pushed_authorization_requests": false, + "rcs_response_encryption_enc_values_supported": ["A256GCM", "A192GCM", "A128GCM", "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512"], + "userinfo_encryption_alg_values_supported": ["ECDH-ES+A256KW", "ECDH-ES+A192KW", "RSA-OAEP", "ECDH-ES+A128KW", "RSA-OAEP-256", "A128KW", "A256KW", "ECDH-ES", "dir", "A192KW"], + "end_session_endpoint": "https://auth-integ.partenamut.be/login/oauth2/connect/endSession", + "rcs_request_encryption_enc_values_supported": ["A256GCM", "A192GCM", "A128GCM", "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512"], + "revocation_endpoint": "https://auth-integ.partenamut.be/login/oauth2/token/revoke", + "rcs_response_encryption_alg_values_supported": ["ECDH-ES+A256KW", "ECDH-ES+A192KW", "ECDH-ES+A128KW", "RSA-OAEP", "RSA-OAEP-256", "A128KW", "A256KW", "ECDH-ES", "dir", "A192KW"], + "token_endpoint_auth_signing_alg_values_supported": ["PS384", "ES384", "RS384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512", "PS256", "PS512", "RS512"], + "jwks_uri": "https://auth-integ.partenamut.be/login/oauth2/connect/jwk_uri", + "subject_types_supported": ["public", "pairwise"], + "id_token_signing_alg_values_supported": ["PS384", "ES384", "RS384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512", "PS256", "PS512", "RS512"], + "registration_endpoint": "https://auth-integ.partenamut.be/login/oauth2/register" + } const [request, result, promptAsync] = AuthSession.useAuthRequest( { diff --git a/nginx-extra.conf b/nginx-extra.conf new file mode 100644 index 0000000..e77cbe4 --- /dev/null +++ b/nginx-extra.conf @@ -0,0 +1,21 @@ +server { + listen 80; + location / { + # other settings... + # Allow CORS for all domains (or specify a particular domain instead of *) + add_header 'Access-Control-Allow-Origin' '*'; + # Allow specific headers + add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization'; + # Allow specific methods + add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS'; + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' '*'; + add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS'; + add_header 'Access-Control-Max-Age' 1728000; + add_header 'Content-Type' 'text/plain; charset=utf-8'; + add_header 'Content-Length' 0; + return 204; + } + } +}