diff options
| author | vincent van beek <vincent@vlogic.nl> | 2026-04-02 10:55:56 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2026-04-02 09:55:56 +0100 |
| commit | 23d93ff366802bc5c6fe59109c8069f909f378f7 (patch) | |
| tree | 720535abacb289096ce2fc127c56c4507987067c | |
| parent | 07a2e0233a75e0cbc12c18b731d575a00a20aad2 (diff) | |
Fix authentication (#398)
* remove test flags for disabling authentication
| -rw-r--r-- | docker-compose.override.yml | 2 | ||||
| -rw-r--r-- | docker-compose.prod.yml | 2 | ||||
| -rw-r--r-- | docker-compose.yml | 9 | ||||
| -rw-r--r-- | opendc-web/opendc-web-server/src/main/resources/application-docker.properties | 21 | ||||
| -rw-r--r-- | opendc-web/opendc-web-server/src/main/webui/auth.js | 2 |
5 files changed, 17 insertions, 19 deletions
diff --git a/docker-compose.override.yml b/docker-compose.override.yml index d5428c4e..d5b8e786 100644 --- a/docker-compose.override.yml +++ b/docker-compose.override.yml @@ -1,5 +1,3 @@ -version: "3.8" - # Docker Compose overrides for development environments services: server: diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml index f757c481..51cecc61 100644 --- a/docker-compose.prod.yml +++ b/docker-compose.prod.yml @@ -1,5 +1,3 @@ -version: "3.8" - # Docker Compose overrides for production environments services: server: diff --git a/docker-compose.yml b/docker-compose.yml index 8b3c92a9..73f1ae87 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,6 @@ -version: "3.8" services: server: - image: atlargeresearch/opendc:v2.1 + image: atlargeresearch/opendc:v2.4k restart: on-failure networks: - backend @@ -12,6 +11,12 @@ services: source: ./traces target: /opt/opendc/traces environment: + QUARKUS_OPENDC_UI_AUTH_DOMAIN: ${OPENDC_AUTH0_DOMAIN} + QUARKUS_OPENDC_UI_AUTH_CLIENT_ID: ${OPENDC_AUTH0_CLIENT_ID} + QUARKUS_OPENDC_UI_AUTH_AUDIENCE: ${OPENDC_AUTH0_AUDIENCE} + QUARKUS_OIDC_APPLICATION_TYPE: service + QUARKUS_OIDC_TOKEN_AUDIENCE: ${OPENDC_AUTH0_AUDIENCE} + OPENDC_AUTH0_CLIENT_ID: ${OPENDC_AUTH0_CLIENT_ID} OPENDC_DB_USERNAME: ${OPENDC_DB_USERNAME:?No database username specified} OPENDC_DB_PASSWORD: ${OPENDC_DB_PASSWORD:?No database password specified} OPENDC_DB_URL: jdbc:postgresql://postgres:5432/opendc diff --git a/opendc-web/opendc-web-server/src/main/resources/application-docker.properties b/opendc-web/opendc-web-server/src/main/resources/application-docker.properties index f0b3e7dc..f85e9185 100644 --- a/opendc-web/opendc-web-server/src/main/resources/application-docker.properties +++ b/opendc-web/opendc-web-server/src/main/resources/application-docker.properties @@ -30,23 +30,18 @@ quarkus.datasource.jdbc.url=${OPENDC_DB_URL} quarkus.hibernate-orm.dialect=org.hibernate.dialect.PostgreSQLDialect # Security -opendc.security.enabled=true -quarkus.oidc.auth-server-url=https://${OPENDC_AUTH0_DOMAIN} -quarkus.oidc.client-id=${OPENDC_AUTH0_AUDIENCE} -quarkus.oidc.token.audience=${quarkus.oidc.client-id} +quarkus.oidc.auth-server-url=${OPENDC_AUTH0_DOMAIN} +quarkus.oidc.application-type=service +quarkus.oidc.client-id=${OPENDC_AUTH0_CLIENT_ID} +quarkus.oidc.token.audience=${OPENDC_AUTH0_AUDIENCE} quarkus.oidc.roles.role-claim-path=scope # Swagger UI -quarkus.swagger-ui.oauth-client-id=${OPENDC_AUTH0_DOCS_CLIENT_ID:} -quarkus.swagger-ui.oauth-additional-query-string-params={"audience":"${OPENDC_AUTH0_AUDIENCE:https://api.opendc.org/v2/}"} - -quarkus.smallrye-openapi.security-scheme=oidc -quarkus.smallrye-openapi.security-scheme-name=Auth0 -quarkus.smallrye-openapi.oidc-open-id-connect-url=https://${OPENDC_AUTH0_DOMAIN:opendc.eu.auth0.com}/.well-known/openid-configuration -quarkus.smallrye-openapi.servers=https://api.opendc.org +quarkus.swagger-ui.oauth-client-id=${OPENDC_AUTH0_CLIENT_ID} +quarkus.swagger-ui.oauth-additional-query-string-params={"audience":"${OPENDC_AUTH0_AUDIENCE:https://opendc.org}"} # Enable the settings below if you want to test the docker-compose deployment locally #quarkus.hibernate-orm.database.generation=drop-and-create -#quarkus.resteasy.path=/api -#quarkus.oidc.enabled=false +quarkus.resteasy.path=/api +quarkus.oidc.enabled=true #opendc.security.enabled=false diff --git a/opendc-web/opendc-web-server/src/main/webui/auth.js b/opendc-web/opendc-web-server/src/main/webui/auth.js index 8c88f526..89e8c0d7 100644 --- a/opendc-web/opendc-web-server/src/main/webui/auth.js +++ b/opendc-web/opendc-web-server/src/main/webui/auth.js @@ -83,6 +83,8 @@ export function AuthProvider({ children }) { clientId={authConfig.clientId} redirectUri={authConfig.redirectUri} audience={authConfig.audience} + cacheLocation="localstorage" + useRefreshTokens={true} > {children} </Auth0Provider> |