Remove liferay

.env.demo

@@ -62,7 +62,7 @@ LAYMAN_CLIENT_URL=http://layman_client:3000/client/
 
 # client
 LAYMAN_CLIENT_PUBLIC_URL=http://localhost/client/
-LAYMAN_CLIENT_VERSION=92d72356446c726da58753c9772a6d93afc5c717
+LAYMAN_CLIENT_VERSION=fbee452b481eb5a8a1125434d110bea5f13dc4e5
 
 # extra hosts to be added to /etc/hosts
 EXTRA_HOST1=1.2.3.4:1.2.3.4

.env.dev

@@ -63,7 +63,7 @@ LAYMAN_CLIENT_URL=http://layman_client:3000/client/
 
 # client
 LAYMAN_CLIENT_PUBLIC_URL=http://localhost:3000/client/
-LAYMAN_CLIENT_VERSION=92d72356446c726da58753c9772a6d93afc5c717
+LAYMAN_CLIENT_VERSION=fbee452b481eb5a8a1125434d110bea5f13dc4e5
 
 
 ##############################################################################
@@ -87,7 +87,7 @@ OAUTH2_CLIENT_SECRET=aY14rwkEKasNqBEZX8OnhpRk8lpHAfT7oKTlf4LriEK8oMZxhnGKcnt4bZ7
 OAUTH2_CLIENT1_ID=test-id-for-client-with-pkce-flow
 OAUTH2_AUTH_URL=http://localhost:8083/o/authorize
 OAUTH2_TOKEN_URL=http://wagtail:8000/o/token/
-OAUTH2_CALLBACK_URL=http://localhost:3000/client/authn/oauth2-liferay/callback
+OAUTH2_CALLBACK_URL=http://localhost:3000/client/authn/oauth2-provider/callback
 OAUTH2_INTROSPECTION_URL=http://wagtail:8000/o/introspect/
 OAUTH2_INTROSPECTION_SUB_KEY=username
 OAUTH2_USER_PROFILE_URL=http://wagtail:8000/profile

.env.test

@@ -63,7 +63,7 @@ LAYMAN_CLIENT_URL=http://layman_client_test:3000/client/
 
 # client
 LAYMAN_CLIENT_PUBLIC_URL=http://layman_test_run_1:8000/client/
-LAYMAN_CLIENT_VERSION=92d72356446c726da58753c9772a6d93afc5c717
+LAYMAN_CLIENT_VERSION=fbee452b481eb5a8a1125434d110bea5f13dc4e5
 
 
 ##############################################################################

.gitignore

@@ -12,9 +12,6 @@
 /deps/*/tmp
 /deps/*/log
 
-/deps/liferay/transit/*
-!/deps/liferay/transit/.gitkeep
-
 /.env*
 !/.env.demo
 !/.env.dev

CHANGELOG.md

@@ -5,11 +5,12 @@
 ### Upgrade requirements
 - Change environment variable [LAYMAN_CLIENT_VERSION](doc/env-settings.md#LAYMAN_CLIENT_VERSION):
   ```
-  LAYMAN_CLIENT_VERSION=d076d4d7f8d1b32ca2b167b64790a3034690f246
+  LAYMAN_CLIENT_VERSION=fbee452b481eb5a8a1125434d110bea5f13dc4e5
   ```
 - Rename environment variable `OAUTH2_LIFERAY_SECRET` to `OAUTH2_CLIENT_SECRET`.
 - Rename all environment variables `OAUTH2_LIFERAY_SECRET<n>` to `OAUTH2_CLIENT<n>_SECRET`. For example, variable `OAUTH2_LIFERAY_SECRET4` becomes `OAUTH2_CLIENT4_SECRET`.
 - Rename all other `OAUTH2_LIFERAY_<postfix>` environment variables to `OAUTH2_<postfix>`. For example, variable `OAUTH2_LIFERAY_AUTH_URL` becomes `OAUTH2_AUTH_URL`.
+- If you are using environment variable [`OAUTH2_CALLBACK_URL`](doc/env-settings.md#oauth2_callback_url), change only its URL path from `/client/authn/oauth2-liferay/callback` to `/client/authn/oauth2-provider/callback`. Keep protocol, domain, and port unchanged.
 - Stop using environment variable `LAYMAN_AUTHN_OAUTH2_PROVIDERS`, it has no effect to Layman anymore. There is exactly one OAuth2 provider Python module now, no need to set it.
 - Stop using HTTP header `AuthorizationIssUrl` when [authenticating by OAuth](doc/oauth2/index.md). The header has no effect to Layman anymore. There is exactly one OAuth2 provider now, no need to distinguish it. Now, the only distinguished HTTP header when authenticating by OAuth2 is `Authorization` header.
 - If you are running Layman with development settings
@@ -33,6 +34,7 @@
 #### Data migrations
 ### Changes
 - [#528](https://github.com/LayerManager/layman/issues/528) Endpoints [GET Layers](doc/rest.md#get-layers) and [GET Workspace Layers](doc/rest.md#get-workspace-layers) returns new key `wfs_wms_status`.
+- [#765](https://github.com/LayerManager/layman/issues/765) Remove Liferay from dev stack, use [Wagtail CRX](https://docs.coderedcorp.com/wagtail-crx/) + [Django OAuth Toolkit](https://django-oauth-toolkit.readthedocs.io/en/latest/) as new OAuth2 provider (authorization server).
 - Upgrade Python dependencies
   - redis 4.5.1 -> 4.5.4
   - owslib 0.27.2 -> 0.28.1

Makefile

@@ -276,39 +276,18 @@ geoserver-exec:
 geoserver-ensure-authn:
 	docker-compose -f docker-compose.deps.yml -f docker-compose.dev.yml run --rm --no-deps -u root layman_dev bash -c "cd src && python3 -B setup_geoserver.py"
 
-liferay-introspect:
-	curl 'http://localhost:8082/o/oauth2/introspect' --data 'client_id=id-353ab09c-f117-f2d5-d3a3-85cfb89e6746&client_secret=secret-d31a82c8-3e73-1058-e38a-f9191f7c2014&token=...'
-
-liferay-refresh:
-	curl 'http://localhost:8082/o/oauth2/token' --data 'grant_type=refresh_token&client_id=id-353ab09c-f117-f2d5-d3a3-85cfb89e6746&client_secret=secret-d31a82c8-3e73-1058-e38a-f9191f7c2014&refresh_token=...'
-
-liferay-userprofile:
-	curl -H "Authorization: Bearer ..." http://localhost:8082/api/jsonws/user/get-current-user
-
 get-current-user:
 	curl -H "Authorization: Bearer ..." http://localhost:8000/rest/current-user
 
-liferay-bash:
-	docker-compose -f docker-compose.deps.yml -f docker-compose.dev.yml exec liferay bash
-
-liferay-export-settings:
-	rm -f deps/liferay/transit/*
-	docker-compose -f docker-compose.deps.yml -f docker-compose.dev.yml exec liferay bash -c "cd data/hypersonic; cp lportal.log /etc/liferay/tmp/; cp lportal.properties /etc/liferay/tmp/; cp lportal.script /etc/liferay/tmp/"
-	rm -f deps/liferay/sample/hypersonic/*
-	mv -f deps/liferay/transit/* deps/liferay/sample/hypersonic/
-
-liferay-start:
-	docker-compose -f docker-compose.deps.yml up --force-recreate -d liferay
-
-liferay-stop:
-	docker-compose -f docker-compose.deps.yml stop liferay
-
 wagtail-build:
 	docker-compose -f docker-compose.deps.yml build wagtail
 
 wagtail-bash:
 	docker-compose -f docker-compose.deps.yml run --rm --entrypoint="bash" wagtail
 
+wagtail-exec:
+	docker-compose -f docker-compose.deps.yml exec wagtail bash
+
 wagtail-restart:
 	docker-compose -f docker-compose.deps.yml up --force-recreate --no-deps -d wagtail
 

README.md

@@ -87,6 +87,22 @@ Then visit [http://localhost/](http://localhost/). You will see simple web clien
 To stop running service, run `make stop-demo`.
 
 
+### Run demo with authentication
+
+By default, demo starts without [authentication provider](doc/security.md#authentication). You can publish layers and maps as anonymous user, but you can't log in nor publish any private data.
+
+To be able to use authentication and publish private data, follow these steps:
+- Stop demo instance by `make stop-demo`
+- Copy all  `OAUTH_*` environment variables from `.env.dev` to `.env` file.
+- In `.env` change environment variables:
+  ```
+  LAYMAN_AUTHN_MODULES=layman.authn.oauth2,layman.authn.http_header
+  OAUTH2_CALLBACK_URL=http://localhost/client/authn/oauth2-provider/callback
+  ```
+- Start demo with `make start-demo-full-with-optional-deps`
+
+Then you can log in with automatically provided Wagtail user `layman` and password `laymanpwd`.
+
 ## Configuration
 Layman's source code provides settings suitable for development, testing and demo purposes. Furthermore, there exists [`Makefile`](Makefile) with predefined commands for each purpose including starting all necessary services (both in background and foreground) and stoping it.
 
@@ -218,7 +234,7 @@ in log of `layman_dev` container:
 docker logs -f layman_dev
 ```
 
-Then visit [http://localhost:8000/](http://localhost:8000/). You will see simple web client that interacts with [REST API](doc/rest.md).
+Then visit [http://localhost:8000/](http://localhost:8000/). You will see simple web client that interacts with [REST API](doc/rest.md). You can also log in with automatically provided Wagtail user `layman` and password `laymanpwd`.
 
 To stop running service run:
 ```bash