use shared consent app image

Rather than copy-pasting the mock consent app into each application, make use of a shared image.

use shared consent app image
Rather than copy-pasting the mock consent app into each application, make use of a shared image.
d1f7ce5a · Dr Rich Wareham · a30b3d2d · a30b3d2d · a30b3d2d · a30b3d2d
Commit d1f7ce5a authored 7 years ago by Dr Rich Wareham
--- a/compose/consent/Dockerfile
+++ b/compose/consent/Dockerfile
-FROM python:3.6
-
-COPY ./requirements.txt .
-RUN pip install -r requirements.txt
--- a/compose/consent/app.py
+++ b/compose/consent/app.py
-import logging
-import os
-
-from flask import Flask, request, render_template, redirect
-from requests_oauthlib import OAuth2Session
-from oauthlib.oauth2 import BackendApplicationClient
-
-
-LOG = logging.getLogger()
-logging.basicConfig(level=logging.INFO)
-
-CLIENT_ID, CLIENT_SECRET = os.environ['FORCE_ROOT_CLIENT_CREDENTIALS'].split(':')
-SCOPES = ['hydra.consent']
-
-TOKEN_ENDPOINT = 'http://hydra:4444/oauth2/token'
-CONSENT_ENDPOINT = 'http://hydra:4444/oauth2/consent/requests/'
-
-app = Flask(__name__)
-
-
-@app.route('/')
-def index():
-    return 'This is the consent app'
-
-
-@app.route('/consent', methods=['GET'])
-def consent_get():
-    session = get_session()
-
-    error = request.args.get('error')
-    error_description = request.args.get('error_description')
-    if error is not None:
-        return render_template('error.html', error=error, error_description=error_description)
-
-    consent_id = request.args.get('consent')
-    if consent_id is None:
-        return render_template(
-            'error.html',
-            error='no consent id',
-            error_description='No consent ID was given for the request')
-
-    r = session.get(CONSENT_ENDPOINT + consent_id)
-    r.raise_for_status()
-    consent = r.json()
-
-    return render_template('consent.html', consent=consent)
-
-
-@app.route('/consent', methods=['POST'])
-def consent_post():
-    session = get_session()
-
-    consent_id = request.args.get('consent')
-    if consent_id is None:
-        return 'no consent id'
-
-    r = session.get(CONSENT_ENDPOINT + consent_id)
-    r.raise_for_status()
-    consent = r.json()
-
-    username = request.form['username']
-
-    session.patch(
-        CONSENT_ENDPOINT + consent_id + '/accept', json={
-            'grantScopes': consent['requestedScopes'],
-            'subject': 'urn:example:crsid:' + username,
-        })
-
-    return redirect(consent['redirectUrl'])
-
-
-def get_session():
-    LOG.info('Fetching initial token')
-    client = BackendApplicationClient(client_id=CLIENT_ID)
-    session = OAuth2Session(client=client)
-    access_token = session.fetch_token(
-        timeout=1, token_url=TOKEN_ENDPOINT,
-        client_id=CLIENT_ID,
-        client_secret=CLIENT_SECRET,
-        scope=SCOPES,
-        verify=False)
-    LOG.info('Got access token: %r', access_token)
-
-    return session
--- a/compose/consent/requirements.txt
+++ b/compose/consent/requirements.txt
-flask
-requests
-requests-oauthlib
--- a/compose/consent/templates/consent.html
+++ b/compose/consent/templates/consent.html
-<!DOCTYPE html>
-<html>
-  <head><title>Consent App</title></head>
-  <body>
-    <p>
-      Client <strong>{{ consent.clientId }}</strong> has requested access to
-      the following scopes:
-      <strong>{{ consent.requestedScopes | join(", ") }}</strong>.
-    </p>
-    <p>
-      This is a <em>test</em> consent app which will grant all requested scopes
-      and set the subject to an authenticated user. Specify their username
-      below.
-    </p>
-    <form method="post" action="">
-      <input type="hidden" name="consent" value="{{ consent.id }}">
-      Username:
-      <input type="text" name="username" value="test0003">
-      <input type="submit" value="Log in">
-    </form>
-  </body>
-</html>
--- a/compose/consent/templates/error.html
+++ b/compose/consent/templates/error.html
-<!DOCTYPE html>
-<html>
-  <head><title>Consent App</title></head>
-  <body>
-    <h1>OAuth2 error</h1>
-    <p><strong>{{ error }}</strong>: {{ error_description }}</p>
-  </body>
-</html>
--- a/compose/hydra-consent.env
+++ b/compose/hydra-consent.env
+# To allow talking to OAuth2 endpoint over HTTP
+OAUTHLIB_INSECURE_TRANSPORT=1
+
+# Configuration for consent app
+CLIENT_ID=hydraroot
+CLIENT_SECRET=secret
+TOKEN_ENDPOINT=http://hydra:4444/oauth2/token
+CONSENT_ENDPOINT=http://hydra:4444/oauth2/consent/requests/
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -51,18 +51,9 @@ services:
    env_file:
      - compose/base.env
  consent:
-    build:
-      context: compose/consent
-    entrypoint: ["flask"]
-    command: ["run", "-h", "0.0.0.0", "-p", "8090"]
-    volumes:
-      - "./compose/consent/:/usr/src/app/:ro"
-    working_dir: "/usr/src/app"
-    environment:
-      - FLASK_DEBUG=1
-      - FLASK_APP=app.py
+    image: uisautomation/experimental-mock-consent-app
    env_file:
-      - compose/hydra.env
+      - compose/hydra-consent.env
    ports:
      - "8090:8090"
  hydra: