summaryrefslogtreecommitdiff
path: root/vkraus/systems/test.scm
diff options
context:
space:
mode:
Diffstat (limited to 'vkraus/systems/test.scm')
-rw-r--r--vkraus/systems/test.scm131
1 files changed, 92 insertions, 39 deletions
diff --git a/vkraus/systems/test.scm b/vkraus/systems/test.scm
index 1bfc2b8..1ad6af5 100644
--- a/vkraus/systems/test.scm
+++ b/vkraus/systems/test.scm
@@ -21,12 +21,95 @@
#:use-module (vkraus packages disfluid)
#:use-module (vkraus services disfluid))
+(define full-configuration
+ `((use-modules (webid-oidc server endpoint)
+ (webid-oidc server endpoint resource-server)
+ (webid-oidc server endpoint identity-provider)
+ (webid-oidc server endpoint client)
+ (webid-oidc oidc-configuration)
+ (oop goops))
+ (make <router>
+ #:routed
+ (list
+ (make <identity-provider>
+ #:host "alice.localhost"
+ #:oidc-discovery
+ (make <oidc-discovery>
+ #:path "/.well-known/openid-configuration"
+ #:configuration
+ (make <oidc-configuration>
+ #:jwks-uri "http://alice.localhost/keys"
+ #:authorization-endpoint "http://alice.localhost/authorize"
+ #:token-endpoint "http://alice.localhost/token"))
+ #:authorization-endpoint
+ (make <authorization-endpoint>
+ #:path "/authorize"
+ #:subject "http://alice.localhost/profile/card#me"
+ #:encrypted-password ,(crypt "alice" "$6$.salt.for.Alice.")
+ #:key-file "/var/lib/disfluid/alice/key.jwk")
+ #:token-endpoint
+ (make <token-endpoint>
+ #:path "/token"
+ #:issuer "http://alice.localhost"
+ #:key-file "/var/lib/disfluid/alice/key.jwk")
+ #:jwks-endpoint
+ (make <jwks-endpoint>
+ #:path "/keys"
+ #:key-file "/var/lib/disfluid/alice/key.jwk")
+ #:default
+ (make <authenticator>
+ #:backend
+ (make <resource-server>
+ #:server-name "http://alice.localhost"
+ #:owner "http://alice.localhost/profile/card#me")
+ #:server-uri "http://alice.localhost"))
+ (make <identity-provider>
+ #:host "bob.localhost"
+ #:oidc-discovery
+ (make <oidc-discovery>
+ #:path "/.well-known/openid-configuration"
+ #:configuration
+ (make <oidc-configuration>
+ #:jwks-uri "http://bob.localhost/keys"
+ #:authorization-endpoint "http://bob.localhost/authorize"
+ #:token-endpoint "http://bob.localhost/token"))
+ #:authorization-endpoint
+ (make <authorization-endpoint>
+ #:path "/authorize"
+ #:subject "http://bob.localhost/profile/card#me"
+ #:encrypted-password ,(crypt "bob" "$6$And.salt.for.Bob")
+ #:key-file "/var/lib/disfluid/bob/key.jwk")
+ #:token-endpoint
+ (make <token-endpoint>
+ #:path "/token"
+ #:issuer "http://bob.localhost"
+ #:key-file "/var/lib/disfluid/bob/key.jwk")
+ #:jwks-endpoint
+ (make <jwks-endpoint>
+ #:path "/keys"
+ #:key-file "/var/lib/disfluid/bob/key.jwk")
+ #:default
+ (make <authenticator>
+ #:backend
+ (make <resource-server>
+ #:server-name "http://bob.localhost"
+ #:owner "http://bob.localhost/profile/card#me")
+ #:server-uri "http://bob.localhost"))
+ (make <client-id>
+ #:host "client.localhost"
+ #:client-id "https://client.localhost/id"
+ #:redirect-uris '("https://client.localhost/authorized")
+ #:client-name "Local Client Application"
+ #:client-uri "https://client.localhost/about"
+ #:grant-types '(authorization_code refresh_token)
+ #:response-types '(code))))))
+
(operating-system
(host-name "disfluid-test-system")
(hosts-file
(plain-file "hosts"
- "127.0.0.1 localhost
-::1 localhost
+ "127.0.0.1 localhost alice.localhost bob.localhost
+::1 localhost alice.localhost bob.localhost
"))
(users %base-user-accounts)
(packages
@@ -37,48 +120,18 @@
(append
(list
(service disfluid-service-type
- `(("alice"
- . ,(disfluid-server-configuration
- (complete-corresponding-source "https://webid-oidc.planete-kraus.eu/complete-corresponding-source.tar.gz")
- (server-name "http://localhost:8081")
- (subject "http://localhost:8081/alice#me")
- (encrypted-password-file
- (computed-file "alice-password"
- #~(let ((salt "$6$.salt.for.Alice.")
- (password "alice"))
- (call-with-output-file #$output
- (lambda (port)
- (format port "~a\n"
- (crypt password salt)))))))
- (key-file "/var/lib/disfluid/alice/key.jwk")
- (jwks-uri "http://localhost:8081/keys")
- (authorization-endpoint-uri "http://localhost:8081/authorize")
- (token-endpoint-uri "http://localhost:8081/token")
- (port 8081)))
- ("bob"
- . ,(disfluid-server-configuration
- (complete-corresponding-source "https://webid-oidc.planete-kraus.eu/complete-corresponding-source.tar.gz")
- (server-name "http://localhost:8082")
- (subject "http://localhost:8082/bob#me")
- (encrypted-password-file
- (computed-file "bob-password"
- #~(let ((salt "$6$And.salt.for.Bob")
- (password "bob"))
- (call-with-output-file #$output
- (lambda (port)
- (format port "~a\n"
- (crypt password salt)))))))
- (key-file "/var/lib/disfluid/bob/key.jwk")
- (jwks-uri "http://localhost:8082/keys")
- (authorization-endpoint-uri "http://localhost:8082/authorize")
- (token-endpoint-uri "http://localhost:8082/token")
- (port 8082))))))
+ (disfluid-server-configuration
+ (complete-corresponding-source "http://ccs.local/disfluid.tar.gz")
+ (configuration
+ (scheme-file "disfluid-configuration.scm"
+ full-configuration))
+ (port 8080))))
%base-services))
(timezone "Europe/Paris")
(bootloader
(bootloader-configuration
(bootloader grub-efi-bootloader)
- (target "/boot/efi")))
+ (targets '("/boot/efi"))))
(mapped-devices '())
(file-systems
`(,(file-system
generated by cgit v1.2.3 (git 2.44.0) at 2024-05-15 01:52:59 +0000