Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replace fastify-auth0-verify fork with official release #82

Closed
gnarea opened this issue Apr 8, 2023 · 1 comment · Fixed by #163
Closed

Replace fastify-auth0-verify fork with official release #82

gnarea opened this issue Apr 8, 2023 · 1 comment · Fixed by #163
Labels
released

Comments

@gnarea
Copy link
Member

gnarea commented Apr 8, 2023

#81 integrates a temporary fork, which is needed until nearform/fastify-auth0-verify#224 is resolved.
@gnarea gnarea mentioned this issue Apr 8, 2023
Merged
kodiakhq bot pushed a commit that referenced this issue Apr 10, 2023
@gnarea
chore: Integrate authentication library (#81)
fa02bb5 
Fixes #2.

High-level changes:

- Integrate [`mock-oauth2-server`](https://github.com/navikt/mock-oauth2-server) in development.
- Integrate fork of [`fastify-auth0-verify`](https://github.com/nearform/fastify-auth0-verify). See #82.

#84 will actually use `request.user` to enforce authorisation, so no endpoint is being updated to enforce authorisation here.

# Testing

This PR can be verified by creating the dummy route `GET /authn` as follows:

```diff
diff --git a/src/services/routes/healthcheck.routes.ts b/src/services/routes/healthcheck.routes.ts
index 7b7abe7..6cf48d3 100644
--- a/src/services/routes/healthcheck.routes.ts
+++ b/src/services/routes/healthcheck.routes.ts
@@ -20,5 +20,15 @@ export default function registerRoutes(
     },
   });
 
+  fastify.route({
+    method: ['GET'],
+    url: '/authn',
+    preValidation: fastify.authenticate,
+
+    async handler(request, reply): Promise<void> {
+      await reply.code(HTTP_STATUS_CODES.OK).send(request.user);
+    },
```

Then making requests to it as follows:

```http
### Make anonymous request
GET http://veraid-authority.default.10.103.177.106.sslip.io/authn

### Make authenticated request with invalid credentials
GET http://veraid-authority.default.10.103.177.106.sslip.io/authn
Authorization: Bearer INVALID_TOKEN

### Make authenticated request with valid credentials
GET http://veraid-authority.default.10.103.177.106.sslip.io/authn
Authorization: Bearer <VALID-TOKEN-HERE>
```

`<VALID-TOKEN-HERE>` can be obtained with:

```http
### Authenticate with authorisation server (client credentials)
POST http://mock-authz-server.default.10.103.177.106.sslip.io/default/token
Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials&client_id=admin@example.com&client_secret=s3cr3t
```
gnarea added a commit that referenced this issue May 19, 2023
@gnarea
fix(deps): Replace fastify-auth0-verify with fastify-jwt-jwks
0c1ce71 
Fixes #82
@gnarea gnarea mentioned this issue May 19, 2023
Merged
@kodiakhq kodiakhq bot closed this as completed in #163 May 19, 2023
kodiakhq bot pushed a commit that referenced this issue May 19, 2023
@gnarea
fix(deps): Replace fastify-auth0-verify with fastify-jwt-jwks (#163)
1c974b9 
Fixes #82

See: nearform/fastify-auth0-verify#224 (comment)
@github-actions
Copy link

🎉 This issue has been resolved in version 1.16.8 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
released
Projects
VeraId Authority v1
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(deps): Replace fastify-auth0-verify with fastify-jwt-jwks relaycorp/veraid-authority
1 participant
@gnarea