Closed BenjaminKeller closed 7 years ago
@nils-wisiol Thank you for your feedback and the hint with the migrations. I corrected everything. @Armagetron I fix it.
Renamed eid_server to eid_service.
@nils-wisiol As already mentioned ...
is a stub and must be filled by following pull requests implementing the eID-Server. Sorry for the intendation mistake, I rechecked all files.
The eID will be most probably running at BOILERPLATE_DOMAIN/eID
OK, I adapt this and make use of the UseId-Call.
I moved the implementation into its own folder and created a python module for it. I added comments where the implementation of the eID-Server is missing.
tests are still broken
I seriously hoped that the increase of the requests would help to solve this issue with the failing tests. I have no idea why they fail.
@zervnet As already discussed on friday we have problems with too many connections to nginx/django. It has to be a limitation on the technical side because the tests fail randomly. The following error message is provided:
api_1 | [pid: 157|app: 0|req: 1/109] 10.0.0.2 () {40 vars in 584 bytes} [Tue Aug 22 06:31:33 2017] GET /api/eIdService/getTcTokenUrl?host=127.0.0.1 => generated 0 bytes in 361 msecs (HTTP/1.1 302) 4 headers in 257 bytes (1 switches on core 0)
api_1 | Tue Aug 22 06:31:33 2017 - uwsgi_response_write_body_do(): Broken pipe [core/writer.c line 331] during GET /api/eIdService/getTcTokenUrl?protocol=eid (10.0.0.2)
api_1 | OSError: write error
The following configurations didn't solve the problem:
www/conf/nginx.conf:
events {
- worker_connections 1024;
+ worker_connections 2048;
}
www/conf/sites-available/20-static-and-api.conf.var:
location /api/ {
# max .5r/s to the API per IP, but 10 at once is okay. This limit may need to be increased once
# client applications become more powerful
- limit_req zone=perip-api burst=10 nodelay;
+ limit_req zone=perip-api burst=1000 nodelay;
expires epoch;
etag off;
add_header Strict-Transport-Security "max-age=31536000";
There are indeed two tests failing, however the listing of which tests fail seems to be broken in frisby. I am looking into this.
I came to the conclusion that frisby is broken. With working tests, everything is fine. But with broken tests, it reports successful tests to be broken and vice-versa.
I propose migrating to an alternative testing framework, possibly chakram. Their examples are extensive and it seems to be better maintained in general, too.
Please also see #54
@nils-wisiol Can we merge now? Or do I have to rewrite history?
yes, please rewrite history :+1:
@nils-wisiol Done.
Fair enough. Next time, please use rebase instead of actually deleting the history to keep git blame
instact.
As required by #19 and #22.
@nils-wisiol You've requested to mark some lines in get_tc_token_url as important security features. How can I achieve that? By leaving a comment?