Closed jctanner closed 1 month ago
This setup will help debug ssl termination issues we might encounter in our various deployment scenarios.
Once the stack is spun up, I used this script to make a mocke azure authenticator ...
#!/usr/bin/env python import requests from pprint import pprint USERNAME = 'admin' PASSWORD = 'password' AUTH = (USERNAME, PASSWORD) BASEURL = 'http://localhost:8000' def main(): azurename = 'azure-test' authenticator_plugins_url = BASEURL + '/api/v1/authenticator_plugins/' authenticators_url = BASEURL + '/api/v1/authenticators/' rr = requests.get(authenticators_url, auth=AUTH) for ix, authenticator in enumerate(rr.json()['results']): print(f"{ix}. {authenticator['name']}") if authenticator['name'] == azurename: rd = requests.delete(BASEURL + authenticator['url'], auth=AUTH) #rrx = requests.get(authenticator_plugins_url, auth=AUTH) #for ix, plugin in enumerate(rrx.json()['authenticators']): # print(f"{ix}. plugin: {plugin['type']}") payload = { 'name': azurename, 'type': 'ansible_base.authentication.authenticator_plugins.azuread', 'enabled': True, 'priority': 1, 'configuration': { 'CALLBACK_URL': 'http://wrong.com', 'KEY': 'KEY11111', 'SECRET': 'SECRET11111', } } rr = requests.post(authenticators_url, auth=AUTH, json=payload) pprint(rr.json()) ds = rr.json() sso_url = BASEURL + ds['sso_login_url'] rr_sso = requests.get(sso_url, allow_redirects=False) headers = dict(rr_sso.headers) location = headers['Location'] redirect = location.split('&')[1] print('-' * 100) print(sso_url) print('\t-> ' + redirect) print('-' * 100) #import epdb; epdb.st() if __name__ == "__main__": main()
Then you can check how each node in the stack handles contstruction of the redirect uri ...
curl -k -v http://localhost:8000/api/social/login/ansible_base-authentication-authenticator_plugins-azuread__azure-test/ 2>&1 | grep Location curl -k -v http://localhost/api/social/login/ansible_base-authentication-authenticator_plugins-azuread__azure-test/ 2>&1 | grep Location curl -k -v https://localhost/api/social/login/ansible_base-authentication-authenticator_plugins-azuread__azure-test/ 2>&1 | grep Location
Issues 0 New issues 1 Accepted issue
Measures 0 Security Hotspots 0.0% Coverage on New Code 0.0% Duplication on New Code
See analysis details on SonarCloud
This setup will help debug ssl termination issues we might encounter in our various deployment scenarios.
Once the stack is spun up, I used this script to make a mocke azure authenticator ...
Then you can check how each node in the stack handles contstruction of the redirect uri ...