mock-oauth2-server icon indicating copy to clipboard operation
mock-oauth2-server copied to clipboard

Published 20 hours ago verified publisher icon navikt

question: Looking for Server API Doc

Open esumerfd opened this issue 3 years ago • 5 comments
trafficstars

I am build an Auth0 simulator and want to integrate your oauth server in our CI chain. We can just run your container build but want to initiate tests from Cypress so am wondering of you have some API doc for us to put this together.

The need at the moment is to make the /authorize endpoint generate a custom claim.

esumerfd avatar Oct 05 '22 20:10 esumerfd

Hello @esumerfd .

Have you seen: https://github.com/navikt/mock-oauth2-server#api-documentation ?

Or are you talking about the REST-API, it follows the specification for OAuth 2.0: 4.1.1. Authorization Request

ybelMekk avatar Oct 09 '22 17:10 ybelMekk

Ah, a third option. Perhaps my use cases isn't supported. Create issuer configuration over REST

It's a CI environment and this solution as a Auth0 Simulator works fine. Now I am looking for ways to extend it to represent failure scenarios etc.

esumerfd avatar Oct 10 '22 21:10 esumerfd

~Ah, I see, its been up for discussion before I believe: https://github.com/navikt/mock-oauth2-server/issues/194~ ~We currently only support JSON_CONFIG at startup of the docker container, but I can see the potential of dynamically in a CI env update claims or user info.~ ~Please open a PR if you familiar with kotlin?~

Forget about it, see Tommys 👇🏾

ybelMekk avatar Oct 10 '22 21:10 ybelMekk

@esumerfd If all you need is control over the claims per authorization request you can set interactiveLogin: true if you are using a custom json_config (if you are not using json_config it will default to true in standalone mode).

When interactiveLogin is true you will get a login form containing a form parameter called claims, which can contain any json you'd like so you can set scopes there. You should be able to automate this with Cypress by posting the claims you want to the authorize endpoint. This is from a similar issue: https://github.com/navikt/mock-oauth2-server/issues/220

tommytroen avatar Oct 11 '22 07:10 tommytroen

Yes, thanks, I have this fancy Cypress test so far and am wondering about how to encode other failure type flows:

  it('Load Auth0 Login Page', () => {
    cy.visit('/authenticate/login')
    cy.get('input[name="username"]').type('ignore-text')
    cy.get('textarea[name="claims"]').type(
      `{{}"https://stackct.com/product_user_id":${context.user.id}{}}`,
    )
    cy.get('input[type="submit"]').click()

    cy.title().should('eq', 'STACK')
  })

Thanks for the help. I might be learning Kotlin soon :-)

esumerfd avatar Oct 11 '22 13:10 esumerfd

👍 closing this for now

ybelMekk avatar Oct 22 '22 17:10 ybelMekk