GuillaumeHemmen/sso-poc-marn
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Implement CI-CD #1

Merged
GuillaumeHemmen merged 2 commits from feat/ci-cd into master 2024-10-17 11:41:39 +02:00
Conversation 0 Commits 2 Files changed 4 +54 -67
4 changed files with 54 additions and 67 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

43
.woodpecker.yml Normal file
View file

@ -0,0 +1,43 @@
steps:
install-npm:
image: git.van-hemmen.com/guillaumehemmen/debian-node-firebase:debian_12-node_20
commands:
- npm install
build-web:
image: git.van-hemmen.com/guillaumehemmen/debian-node-firebase:debian_12-node_20
commands:
- npx expo export --platform web
docker-master:
image: woodpeckerci/plugin-docker-buildx
settings:
repo: git.van-hemmen.com/GuillaumeHemmen/sso-poc-marn
tags: latest,${CI_COMMIT_SHA:0:8}
registry: git.van-hemmen.com
username:
from_secret: docker_username
password:
from_secret: docker_password
when:
event:
- push
- manual
branch: 'master'
docker-other:
image: woodpeckerci/plugin-docker-buildx
settings:
repo: git.van-hemmen.com/guillaumehemmen/sso-poc-marn
tags: ${CI_COMMIT_SHA:0:8-tag-sha},${CI_COMMIT_BRANCH/\//-}
registry: git.van-hemmen.com
username:
from_secret: docker_username
password:
from_secret: docker_password
when:
event:
- push
- manual
branch:
exclude: 'master'

3
Dockerfile Normal file
View file

@ -0,0 +1,3 @@
FROM nginx:alpine3.20
COPY dist /usr/share/nginx/html

2
app/_layout.tsx
View file

@ -15,7 +15,7 @@ export {
export const unstable_settings = { export const unstable_settings = {
// Ensure that reloading on `/modal` keeps a back button present. // Ensure that reloading on `/modal` keeps a back button present.
initialRouteName: '(tabs)', initialRouteName: 'index',
}; };
// Prevent the splash screen from auto-hiding before asset loading is complete. // Prevent the splash screen from auto-hiding before asset loading is complete.

73
app/index.tsx
View file

@ -13,72 +13,13 @@ console.log(redirectURI);
export default function indexScreen() { export default function indexScreen() {
const [tokenResponse, setTokenResponse] = useState<TokenResponse | null>(null); const [tokenResponse, setTokenResponse] = useState<TokenResponse | null>(null);
// const discovery = AuthSession.useAutoDiscovery('https://fes509-integ.m-team.be/login/oauth2/realms/root/realms/509'); const clientId = '509-marn-app';
const discovery: AuthSession.DiscoveryDocument = {
tokenEndpoint: 'https://fes509-integ.m-team.be:443/login/oauth2/access_token', const discovery = AuthSession.useAutoDiscovery('https://fes509-ref.m-team.be/login/oauth2/realms/root/realms/509');
revocationEndpoint: 'https://fes509-integ.m-team.be:443/login/oauth2/token/revoke',
endSessionEndpoint: 'https://fes509-integ.m-team.be:443/login/oauth2/connect/endSession',
authorizationEndpoint: 'https://fes509-integ.m-team.be:443/login/oauth2/authorize',
userInfoEndpoint: 'https://fes509-integ.m-team.be:443/login/oauth2/userinfo',
registrationEndpoint: 'https://fes509-integ.m-team.be:443/login/oauth2/register',
discoveryDocument: {
"request_parameter_supported": true,
"pushed_authorization_request_endpoint": "https://fes509-integ.m-team.be:443/login/oauth2/par",
"introspection_encryption_alg_values_supported": ["RSA-OAEP-256", "ECDH-ES+A256KW", "A128KW", "A192KW", "RSA-OAEP", "ECDH-ES+A192KW", "A256KW", "ECDH-ES", "ECDH-ES+A128KW", "dir"],
"claims_parameter_supported": false,
"introspection_endpoint": "https://fes509-integ.m-team.be:443/login/oauth2/introspect",
"issuer": "https://fes509-integ.m-team.be:443/login/oauth2",
"id_token_encryption_enc_values_supported": ["A256GCM", "A128GCM", "A256CBC-HS512", "A128CBC-HS256", "A192CBC-HS384", "A192GCM"],
"userinfo_encryption_enc_values_supported": ["A256GCM", "A128CBC-HS256", "A192CBC-HS384", "A192GCM", "A128GCM", "A256CBC-HS512"],
"authorization_endpoint": "https://fes509-integ.m-team.be:443/login/oauth2/authorize",
"authorization_encryption_alg_values_supported": ["ECDH-ES+A256KW", "ECDH-ES", "A256KW", "RSA-OAEP", "A128KW", "RSA-OAEP-256", "A192KW", "ECDH-ES+A192KW", "dir", "ECDH-ES+A128KW"],
"introspection_encryption_enc_values_supported": ["A128CBC-HS256", "A192CBC-HS384", "A256GCM", "A256CBC-HS512", "A128GCM", "A192GCM"],
"claims_supported": [],
"rcs_request_signing_alg_values_supported": ["RS512", "PS384", "PS256", "HS256", "HS384", "ES512", "RS256", "RS384", "HS512", "ES384", "ES256", "PS512"],
"token_endpoint_auth_methods_supported": ["client_secret_post", "private_key_jwt", "self_signed_tls_client_auth", "tls_client_auth", "none", "client_secret_basic"],
"tls_client_certificate_bound_access_tokens": true,
"response_modes_supported": ["query", "fragment.jwt", "form_post", "form_post.jwt", "jwt", "fragment", "query.jwt"],
"backchannel_logout_session_supported": true,
"token_endpoint": "https://fes509-integ.m-team.be:443/login/oauth2/access_token",
"response_types_supported": ["code token id_token", "code", "code id_token", "id_token", "code token", "token", "token id_token"],
"authorization_encryption_enc_values_supported": ["A192CBC-HS384", "A256CBC-HS512", "A128CBC-HS256", "A256GCM", "A192GCM", "A128GCM"],
"revocation_endpoint_auth_methods_supported": ["client_secret_post", "private_key_jwt", "self_signed_tls_client_auth", "tls_client_auth", "none", "client_secret_basic"],
"request_uri_parameter_supported": true,
"grant_types_supported": ["implicit", "urn:ietf:params:oauth:grant-type:saml2-bearer", "refresh_token", "password", "client_credentials", "urn:ietf:params:oauth:grant-type:device_code", "authorization_code", "urn:openid:params:grant-type:ciba", "urn:ietf:params:oauth:grant-type:uma-ticket", "urn:ietf:params:oauth:grant-type:token-exchange", "urn:ietf:params:oauth:grant-type:jwt-bearer"],
"version": "3.0",
"userinfo_endpoint": "https://fes509-integ.m-team.be:443/login/oauth2/userinfo",
"require_request_uri_registration": true,
"code_challenge_methods_supported": ["plain", "S256"],
"id_token_encryption_alg_values_supported": ["A128KW", "A192KW", "ECDH-ES+A256KW", "RSA-OAEP-256", "RSA-OAEP", "A256KW", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES", "dir"],
"authorization_signing_alg_values_supported": ["PS256", "ES256", "RS512", "ES384", "RS384", "HS256", "PS512", "ES512", "RS256", "HS384", "HS512", "PS384", "EdDSA"],
"request_object_signing_alg_values_supported": ["RS256", "ES512", "PS512", "RS384", "HS512", "ES256", "ES384", "HS256", "HS384", "PS384", "RS512", "PS256"],
"request_object_encryption_alg_values_supported": ["RSA-OAEP-256", "ECDH-ES", "ECDH-ES+A192KW", "ECDH-ES+A128KW", "A256KW", "RSA-OAEP", "dir", "A128KW", "ECDH-ES+A256KW", "A192KW"],
"rcs_response_signing_alg_values_supported": ["PS256", "ES384", "RS512", "ES256", "HS512", "PS384", "RS256", "ES512", "PS512", "HS384", "HS256", "RS384"],
"introspection_signing_alg_values_supported": ["ES384", "PS384", "ES256", "PS256", "PS512", "EdDSA", "HS512", "RS384", "RS256", "RS512", "HS256", "ES512", "HS384"],
"check_session_iframe": "https://fes509-integ.m-team.be:443/login/oauth2/connect/checkSession",
"scopes_supported": [],
"backchannel_logout_supported": true,
"acr_values_supported": ["itsmeAffiliation", "eid", "impersonate", "impersonateNew", "usernamePassword", "itsme", "fasCitizenLevel400", "biometric"],
"request_object_encryption_enc_values_supported": ["A128GCM", "A256GCM", "A192CBC-HS384", "A256CBC-HS512", "A128CBC-HS256", "A192GCM"],
"rcs_request_encryption_alg_values_supported": ["dir", "A192KW", "RSA-OAEP-256", "ECDH-ES+A256KW", "RSA-OAEP", "ECDH-ES", "A256KW", "A128KW", "ECDH-ES+A128KW", "ECDH-ES+A192KW"],
"userinfo_signing_alg_values_supported": ["ES256", "HS512", "ES512", "HS384", "RS256", "ES384", "HS256"],
"require_pushed_authorization_requests": false,
"rcs_response_encryption_enc_values_supported": ["A256CBC-HS512", "A192CBC-HS384", "A256GCM", "A128GCM", "A192GCM", "A128CBC-HS256"],
"userinfo_encryption_alg_values_supported": ["RSA-OAEP", "dir", "A256KW", "ECDH-ES+A256KW", "ECDH-ES", "RSA-OAEP-256", "A128KW", "ECDH-ES+A192KW", "A192KW", "ECDH-ES+A128KW"],
"end_session_endpoint": "https://fes509-integ.m-team.be:443/login/oauth2/connect/endSession",
"rcs_request_encryption_enc_values_supported": ["A256GCM", "A256CBC-HS512", "A192GCM", "A128CBC-HS256", "A128GCM", "A192CBC-HS384"],
"revocation_endpoint": "https://fes509-integ.m-team.be:443/login/oauth2/token/revoke",
"rcs_response_encryption_alg_values_supported": ["ECDH-ES+A256KW", "dir", "A256KW", "ECDH-ES+A192KW", "RSA-OAEP-256", "ECDH-ES", "ECDH-ES+A128KW", "A128KW", "A192KW", "RSA-OAEP"],
"token_endpoint_auth_signing_alg_values_supported": ["RS512", "RS384", "RS256", "ES512", "HS256", "HS384", "PS512", "ES384", "PS256", "ES256", "HS512", "PS384"],
"jwks_uri": "https://fes509-integ.m-team.be:443/login/oauth2/connect/jwk_uri",
"subject_types_supported": ["public", "pairwise"],
"id_token_signing_alg_values_supported": ["RS384", "RS256", "PS512", "ES512", "HS384", "HS256", "PS256", "ES256", "PS384", "ES384", "RS512", "HS512"],
"registration_endpoint": "https://fes509-integ.m-team.be:443/login/oauth2/register"
}
};
const [request, result, promptAsync] = AuthSession.useAuthRequest( const [request, result, promptAsync] = AuthSession.useAuthRequest(
{ {
clientId: '509-marn-app', clientId,
redirectUri: redirectURI, redirectUri: redirectURI,
usePKCE: true, usePKCE: true,
}, },
@ -148,14 +89,14 @@ export default function indexScreen() {
if (tokenResponse) { if (tokenResponse) {
const exCode = await AuthSession.revokeAsync( const exCode = await AuthSession.revokeAsync(
{ {
clientId: '509-marn-app', clientId,
token: tokenResponse.accessToken!, token: tokenResponse.accessToken!,
}, },
{revocationEndpoint: discovery!.revocationEndpoint?.replace(':443', '')}, {revocationEndpoint: discovery!.revocationEndpoint?.replace(':443', '')},
); );
const exCode2 = await AuthSession.revokeAsync( const exCode2 = await AuthSession.revokeAsync(
{ {
clientId: '509-marn-app', clientId,
token: tokenResponse.refreshToken!, token: tokenResponse.refreshToken!,
}, },
{revocationEndpoint: discovery!.revocationEndpoint?.replace(':443', '')}, {revocationEndpoint: discovery!.revocationEndpoint?.replace(':443', '')},