fuomag9
833284efb1
- Add Dex OIDC provider to test Docker Compose stack with static test users (alice, bob) and pre-configured OAuth client - Add forward-auth.spec.ts: credential-based forward auth flow tests (redirect, portal form, login, session cookie, forged cookie rejection) - Add forward-auth-oauth.spec.ts: full OAuth forward auth flow tests including user-based access (allowed/denied), group-based access, access revocation, and credential login coexisting with OAuth - Add waitForStatus helper for polling specific HTTP status codes - Expand portal.spec.ts with OAuth button visibility, URI scheme rejection, and strict alert selector tests Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
87 lines
2.6 KiB
YAML
87 lines
2.6 KiB
YAML
services:
|
|
web:
|
|
environment:
|
|
SESSION_SECRET: "test-session-secret-32chars!xxxY"
|
|
ADMIN_USERNAME: testadmin
|
|
ADMIN_PASSWORD: "TestPassword2026!"
|
|
BASE_URL: http://localhost:3000
|
|
NEXTAUTH_URL: http://localhost:3000
|
|
# OAuth via Dex OIDC provider
|
|
OAUTH_ENABLED: "true"
|
|
OAUTH_PROVIDER_NAME: "Dex"
|
|
OAUTH_CLIENT_ID: cpm-test-client
|
|
OAUTH_CLIENT_SECRET: cpm-test-secret
|
|
OAUTH_ISSUER: http://localhost:5556/dex
|
|
OAUTH_AUTHORIZATION_URL: http://localhost:5556/dex/auth
|
|
OAUTH_TOKEN_URL: http://dex:5556/dex/token
|
|
OAUTH_USERINFO_URL: http://dex:5556/dex/userinfo
|
|
OAUTH_ALLOW_AUTO_LINKING: "true"
|
|
caddy:
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
# L4 test ports (TCP)
|
|
- "15432:15432"
|
|
- "15433:15433"
|
|
# L4 test ports (UDP)
|
|
- "15353:15353/udp"
|
|
# Dex OIDC provider for OAuth E2E tests
|
|
dex:
|
|
image: dexidp/dex:v2.41.1
|
|
command: ["dex", "serve", "/etc/dex/config.yml"]
|
|
volumes:
|
|
- ./tests/dex/config.yml:/etc/dex/config.yml:ro
|
|
ports:
|
|
- "5556:5556"
|
|
networks:
|
|
- caddy-network
|
|
# Lightweight echo server reachable by Caddy as "echo-server:8080".
|
|
# Returns a fixed body so tests can assert the proxy routed the request.
|
|
echo-server:
|
|
image: hashicorp/http-echo
|
|
command: ["-text=echo-ok", "-listen=:8080"]
|
|
networks:
|
|
- caddy-network
|
|
# Second echo server for load-balancing tests.
|
|
# Returns a different body so tests can distinguish which upstream served the request.
|
|
echo-server-2:
|
|
image: hashicorp/http-echo
|
|
command: ["-text=echo-server-2", "-listen=:8080"]
|
|
networks:
|
|
- caddy-network
|
|
# Request-echo server: reflects the full HTTP request (method + path + headers) in the response body.
|
|
# Used by path-prefix-rewrite tests to assert that Caddy rewrote the path before forwarding.
|
|
whoami-server:
|
|
image: traefik/whoami
|
|
networks:
|
|
- caddy-network
|
|
# TCP echo server for L4 proxy tests.
|
|
# Listens on port 9000 and echoes back anything sent to it with a prefix.
|
|
tcp-echo:
|
|
image: cjimti/go-echo
|
|
platform: linux/amd64
|
|
environment:
|
|
TCP_PORT: "9000"
|
|
NODE_NAME: "tcp-echo-ok"
|
|
networks:
|
|
- caddy-network
|
|
# UDP echo server for L4 proxy tests.
|
|
# Simple socat-based UDP echo: reflects any datagram back to sender.
|
|
udp-echo:
|
|
image: alpine/socat
|
|
command: ["UDP4-RECVFROM:9001,fork", "EXEC:cat"]
|
|
networks:
|
|
- caddy-network
|
|
|
|
volumes:
|
|
caddy-manager-data:
|
|
name: caddy-manager-data-test
|
|
caddy-data:
|
|
name: caddy-data-test
|
|
caddy-config:
|
|
name: caddy-config-test
|
|
caddy-logs:
|
|
name: caddy-logs-test
|
|
geoip-data:
|
|
name: geoip-data-test
|