From 165348dcc4fefcf6d2d8c819759d846a74b89db8 Mon Sep 17 00:00:00 2001 From: Vivien Kraus Date: Mon, 7 Dec 2020 22:20:53 +0100 Subject: Create a hello world server --- guix/vkraus/packages/webid-oidc.scm | 4 + guix/vkraus/services/webid-oidc.scm | 87 +++++++++++++++++++--- guix/vkraus/systems/webid-oidc-issuer.scm | 50 ------------- guix/vkraus/systems/webid-oidc.scm | 80 ++++++++++++++++++++ po/POTFILES.in | 3 +- po/fr.po | 58 ++++++++------- po/webid-oidc.pot | 21 ++++++ src/Makefile.am | 2 +- src/scm/webid-oidc/Makefile.am | 6 +- src/scm/webid-oidc/hello-world.scm | 117 ++++++++++++++++++++++++++++++ src/webid-oidc-hello | 12 +++ 11 files changed, 350 insertions(+), 90 deletions(-) delete mode 100644 guix/vkraus/systems/webid-oidc-issuer.scm create mode 100644 guix/vkraus/systems/webid-oidc.scm create mode 100644 src/scm/webid-oidc/hello-world.scm create mode 100644 src/webid-oidc-hello diff --git a/guix/vkraus/packages/webid-oidc.scm b/guix/vkraus/packages/webid-oidc.scm index 5f4bd91..d856731 100644 --- a/guix/vkraus/packages/webid-oidc.scm +++ b/guix/vkraus/packages/webid-oidc.scm @@ -64,6 +64,10 @@ (wrap-program (format #f "~a/bin/webid-oidc-issuer" out) `("GUILE_LOAD_PATH" ":" = ,mod-paths) + `("GUILE_LOAD_COMPILED_PATH" ":" = ,go-paths)) + (wrap-program + (format #f "~a/bin/webid-oidc-hello" out) + `("GUILE_LOAD_PATH" ":" = ,mod-paths) `("GUILE_LOAD_COMPILED_PATH" ":" = ,go-paths)))))))) (native-inputs `(("pkg-config" ,pkg-config) diff --git a/guix/vkraus/services/webid-oidc.scm b/guix/vkraus/services/webid-oidc.scm index 4c7834c..931e96a 100644 --- a/guix/vkraus/services/webid-oidc.scm +++ b/guix/vkraus/services/webid-oidc.scm @@ -31,6 +31,17 @@ webid-oidc-issuer-configuration-extra-options (default '()))) +(define-record-type* + webid-oidc-hello-configuration + make-webid-oidc-hello-configuration + webid-oidc-hello-configuration? + (webid-oidc webid-oidc-hello-configuration-webid-oidc + (default webid-oidc)) + (port webid-oidc-hello-configuration-port (default 8089)) + (extra-options + webid-oidc-hello-configuration-extra-options + (default '()))) + (export webid-oidc-issuer-configuration make-webid-oidc-issuer-configuration @@ -44,7 +55,13 @@ webid-oidc-issuer-configuration-authorization-endpoint-uri webid-oidc-issuer-configuration-token-endpoint-uri webid-oidc-issuer-configuration-port - webid-oidc-issuer-configuration-extra-options) + webid-oidc-issuer-configuration-extra-options + webid-oidc-hello-configuration + make-webid-oidc-hello-configuration + webid-oidc-hello-configuration? + webid-oidc-hello-configuration-webid-oidc + webid-oidc-hello-configuration-port + webid-oidc-hello-configuration-extra-options) (define webid-oidc-issuer-shepherd-service (match-lambda @@ -64,7 +81,7 @@ (gnu system file-systems))) (start #~(begin - (let* ((user (getpwnam "webid-oidc-issuer")) + (let* ((user (getpwnam "webid-oidc")) (prepare-directory (lambda (dir) (mkdir-p dir) @@ -87,8 +104,8 @@ "--log-file" "issuer.log" "--error-file" "issuer.err" #$@extra-options) - #:user "webid-oidc-issuer" - #:group "webid-oidc-issuer" + #:user "webid-oidc" + #:group "webid-oidc" #:directory "/var/log/webid-oidc" #:environment-variables `("XDG_DATA_HOME=/var/lib" @@ -96,14 +113,53 @@ "LANG=C")))) (stop #~(make-kill-destructor)))))))) -(define %webid-oidc-issuer-accounts - (list (user-group (name "webid-oidc-issuer") +(define webid-oidc-hello-shepherd-service + (match-lambda + (($ + webid-oidc port extra-options) + (with-imported-modules + (source-module-closure + '((gnu build shepherd) + (gnu system file-systems))) + (list (shepherd-service + (provision '(webid-oidc-hello)) + (documentation "Run a demonstration Solid server.") + (requirement '(user-processes)) + (modules '((gnu build shepherd) + (gnu system file-systems))) + (start + #~(begin + (let* ((user (getpwnam "webid-oidc")) + (prepare-directory + (lambda (dir) + (mkdir-p dir) + (chown dir (passwd:uid user) (passwd:gid user)) + (chmod dir #o700)))) + (prepare-directory "/var/log/webid-oidc") + (prepare-directory "/var/lib/webid-oidc") + (prepare-directory "/var/cache/webid-oidc")) + (make-forkexec-constructor + (list + (string-append #$webid-oidc "/bin/webid-oidc-hello") + "--port" (with-output-to-string (lambda () (display #$port))) + #$@extra-options) + #:user "webid-oidc" + #:group "webid-oidc" + #:directory "/var/log/webid-oidc" + #:environment-variables + `("XDG_DATA_HOME=/var/lib" + "XDG_CACHE_HOME=/var/cache" + "LANG=C")))) + (stop #~(make-kill-destructor)))))))) + +(define %webid-oidc-accounts + (list (user-group (name "webid-oidc") (system? #t)) (user-account - (name "webid-oidc-issuer") - (group "webid-oidc-issuer") + (name "webid-oidc") + (group "webid-oidc") (system? #t) - (comment "The user that runs the webid-oidc issuer.") + (comment "The user that runs the webid-oidc issuer and resource server.") (home-directory "/var/empty") (shell (file-append shadow "/sbin/nologin"))))) @@ -113,7 +169,18 @@ (extensions (list (service-extension account-service-type - (const %webid-oidc-issuer-accounts)) + (const %webid-oidc-accounts)) (service-extension shepherd-root-service-type webid-oidc-issuer-shepherd-service))))) + +(define-public webid-oidc-hello-service-type + (service-type + (name 'webid-oidc-hello) + (extensions + (list + (service-extension account-service-type + (const %webid-oidc-accounts)) + (service-extension + shepherd-root-service-type + webid-oidc-hello-shepherd-service))))) diff --git a/guix/vkraus/systems/webid-oidc-issuer.scm b/guix/vkraus/systems/webid-oidc-issuer.scm deleted file mode 100644 index 103f49f..0000000 --- a/guix/vkraus/systems/webid-oidc-issuer.scm +++ /dev/null @@ -1,50 +0,0 @@ -(define-module (vkraus systems webid-oidc-issuer) - #:use-module (gnu) - #:use-module (guix) - #:use-module (guix packages) - #:use-module (guix download) - #:use-module (vkraus services webid-oidc) - #:use-module (vkraus packages webid-oidc)) - -(operating-system - (locale "fr_FR.utf8") - (timezone "Europe/Paris") - (keyboard-layout (keyboard-layout "fr")) - (host-name "webid-oidc-issuer") - (users (cons* (user-account - (name "admin") - (comment "Administrator") - (group "users") - (home-directory "/home/admin") - (supplementary-groups - '("wheel" "netdev"))) - %base-user-accounts)) - (packages - (append - (list (specification->package "nss-certs")) - %base-packages)) - (services - (append - (cons* - (service webid-oidc-issuer-service-type - (webid-oidc-issuer-configuration - (webid-oidc webid-oidc-snapshot) - (issuer "http://localhost:8080") - (subject "http://localhost:8080/profile/card#me") - (password "p4ssw0rd") - (jwks-uri "http://localhost:8080/keys") - (authorization-endpoint-uri "http://localhost:8080/authorize") - (token-endpoint-uri "http://localhost:8080/token") - (port 8080))) - %base-services))) - (bootloader - (bootloader-configuration - (bootloader grub-efi-bootloader) - (target "/boot/efi") - (keyboard-layout keyboard-layout))) - (file-systems - (cons* (file-system - (mount-point "/") - (device "/dev/sda") - (type "ext4")) - %base-file-systems))) diff --git a/guix/vkraus/systems/webid-oidc.scm b/guix/vkraus/systems/webid-oidc.scm new file mode 100644 index 0000000..704c746 --- /dev/null +++ b/guix/vkraus/systems/webid-oidc.scm @@ -0,0 +1,80 @@ +(define-module (vkraus systems webid-oidc) + #:use-module (gnu) + #:use-module (guix) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (vkraus services webid-oidc) + #:use-module (vkraus packages webid-oidc) + #:use-module (gnu services web)) + +(operating-system + (locale "fr_FR.utf8") + (timezone "Europe/Paris") + (keyboard-layout (keyboard-layout "fr")) + (host-name "webid-oidc-issuer") + (users %base-user-accounts) + (packages + (append + (list (specification->package "nss-certs")) + %base-packages)) + (services + (append + (cons* + (service webid-oidc-issuer-service-type + (webid-oidc-issuer-configuration + (webid-oidc webid-oidc-snapshot) + (issuer "http://localhost:8080") + (subject "http://localhost:8080/profile/card#me") + (password "p4ssw0rd") + (jwks-uri "http://localhost:8080/keys") + (authorization-endpoint-uri "http://localhost:8080/authorize") + (token-endpoint-uri "http://localhost:8080/token") + (port 8080))) + (service webid-oidc-hello-service-type + (webid-oidc-hello-configuration + (webid-oidc webid-oidc-snapshot) + (port 8081))) + (service nginx-service-type + (nginx-configuration + (upstream-blocks + (list + (nginx-upstream-configuration + (name "issuer") + (servers (list "localhost:8080"))) + (nginx-upstream-configuration + (name "server") + (servers (list "localhost:8081"))))) + (server-blocks + (list + (nginx-server-configuration + (server-name '("localhost")) + (listen '("80")) + (locations + (list + (nginx-location-configuration + (uri "/profile/card") + (body (list "proxy_pass http://issuer;"))) + (nginx-location-configuration + (uri "/keys") + (body (list "proxy_pass http://issuer;"))) + (nginx-location-configuration + (uri "/authorize") + (body (list "proxy_pass http://issuer;"))) + (nginx-location-configuration + (uri "/token") + (body (list "proxy_pass http://issuer;"))) + (nginx-location-configuration + (uri "/") + (body (list "proxy_pass http://server;")))))))))) + %base-services))) + (bootloader + (bootloader-configuration + (bootloader grub-efi-bootloader) + (target "/boot/efi") + (keyboard-layout keyboard-layout))) + (file-systems + (cons* (file-system + (mount-point "/") + (device "/dev/sda") + (type "ext4")) + %base-file-systems))) diff --git a/po/POTFILES.in b/po/POTFILES.in index 97cf2cf..48b1c7d 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -9,4 +9,5 @@ src/hash/libwebidoidc-hash.c src/scm/webid-oidc/errors.scm src/scm/webid-oidc/identity-provider.scm src/scm/webid-oidc/authorization-page-unsafe.scm -src/scm/webid-oidc/resource-server.scm \ No newline at end of file +src/scm/webid-oidc/resource-server.scm +src/scm/webid-oidc/hello-world.scm diff --git a/po/fr.po b/po/fr.po index 0ccfc49..2c4a6fd 100644 --- a/po/fr.po +++ b/po/fr.po @@ -707,10 +707,12 @@ msgid "Warning: generating a new key pair." msgstr "Attention : génération d'une nouvelle paire de clé." #: src/scm/webid-oidc/identity-provider.scm:148 +#: src/scm/webid-oidc/hello-world.scm:31 msgid "command-line|version" msgstr "version" #: src/scm/webid-oidc/identity-provider.scm:150 +#: src/scm/webid-oidc/hello-world.scm:33 msgid "comand-line|help" msgstr "aide" @@ -743,6 +745,7 @@ msgid "comand-line|token-endpoint-uri" msgstr "uri-terminal-jeton" #: src/scm/webid-oidc/identity-provider.scm:166 +#: src/scm/webid-oidc/hello-world.scm:35 msgid "comand-line|port" msgstr "port" @@ -901,6 +904,7 @@ msgstr "" "Si vous trouvez une erreur dans le programme, envoyez-en un rapport à ~a.\n" #: src/scm/webid-oidc/identity-provider.scm:267 +#: src/scm/webid-oidc/hello-world.scm:61 #, scheme-format msgid "~a version ~a\n" msgstr "~a version ~a\n" @@ -934,6 +938,7 @@ msgid "You need to set the token endpoint URI.\n" msgstr "Vous devez définir l'URI du terminal de jeton.\n" #: src/scm/webid-oidc/identity-provider.scm:327 +#: src/scm/webid-oidc/hello-world.scm:72 msgid "The port should be a number between 0 and 65535.\n" msgstr "Le port doit être un nombre entre 0 et 65535.\n" @@ -1094,6 +1099,33 @@ msgstr "" msgid "~a: authentication failure: ~a\n" msgstr "~a : échec d’authentificationn : ~a\n" +#: src/scm/webid-oidc/hello-world.scm:44 +#, scheme-format +msgid "" +"~a [OPTIONS]...\n" +"\n" +"Display your identity contained in the XXX-Agent header.\n" +"\n" +"Options:\n" +" -h, --~a:\n" +" display this help message and exit.\n" +" -v, --~a:\n" +" display the version information (~a) and exit.\n" +" -p PORT, --port=~a:\n" +" set the port to bind.\n" +msgstr "" +"~a [OPTIONS]…\n" +"\n" +"Affiche votre identité contenue dans l’en-tête XXX-Agent.\n" +"\n" +"Options :\n" +" -h, --~a :\n" +" affiche ce message d’aide et quitte.\n" +" -v, --~a :\n" +" affiche le numéro de version (~a) et quitte.\n" +" -p PORT, --~a=8080 :\n" +" définit le port à lier.\n" + #, scheme-format #~ msgid "" #~ "~a is neither an identity provider (because ~a) nor a webid (because ~a)" @@ -1312,32 +1344,6 @@ msgstr "~a : échec d’authentificationn : ~a\n" #~ "L’adresse du serveur doit être présent (avec protocole) avec\n" #~ "--uri-sortant.\n" -#, scheme-format -#~ msgid "" -#~ "~a [OPTIONS]...\n" -#~ "\n" -#~ "Display your identity contained in the XXX-Agent header.\n" -#~ "\n" -#~ "Options:\n" -#~ " -h, --~a:\n" -#~ " display this help message and exit.\n" -#~ " -v, --~a:\n" -#~ " display the version information (~a) and exit.\n" -#~ " -p PORT, --port=~a:\n" -#~ " set the port to bind.\n" -#~ msgstr "" -#~ "~a [OPTIONS]…\n" -#~ "\n" -#~ "Affiche votre identité contenue dans l’en-tête XXX-Agent.\n" -#~ "\n" -#~ "Options :\n" -#~ " -h, --~a :\n" -#~ " affiche ce message d’aide et quitte.\n" -#~ " -v, --~a :\n" -#~ " affiche le numéro de version (~a) et quitte.\n" -#~ " -p PORT, --~a=8080 :\n" -#~ " définit le port à lier.\n" - #~ msgid "comand-line|client-id" #~ msgstr "id-client" diff --git a/po/webid-oidc.pot b/po/webid-oidc.pot index 59c3286..d652b54 100644 --- a/po/webid-oidc.pot +++ b/po/webid-oidc.pot @@ -690,10 +690,12 @@ msgid "Warning: generating a new key pair." msgstr "" #: src/scm/webid-oidc/identity-provider.scm:148 +#: src/scm/webid-oidc/hello-world.scm:31 msgid "command-line|version" msgstr "" #: src/scm/webid-oidc/identity-provider.scm:150 +#: src/scm/webid-oidc/hello-world.scm:33 msgid "comand-line|help" msgstr "" @@ -726,6 +728,7 @@ msgid "comand-line|token-endpoint-uri" msgstr "" #: src/scm/webid-oidc/identity-provider.scm:166 +#: src/scm/webid-oidc/hello-world.scm:35 msgid "comand-line|port" msgstr "" @@ -811,6 +814,7 @@ msgid "" msgstr "" #: src/scm/webid-oidc/identity-provider.scm:267 +#: src/scm/webid-oidc/hello-world.scm:61 #, scheme-format msgid "~a version ~a\n" msgstr "" @@ -844,6 +848,7 @@ msgid "You need to set the token endpoint URI.\n" msgstr "" #: src/scm/webid-oidc/identity-provider.scm:327 +#: src/scm/webid-oidc/hello-world.scm:72 msgid "The port should be a number between 0 and 65535.\n" msgstr "" @@ -995,3 +1000,19 @@ msgstr "" #, scheme-format msgid "~a: authentication failure: ~a\n" msgstr "" + +#: src/scm/webid-oidc/hello-world.scm:44 +#, scheme-format +msgid "" +"~a [OPTIONS]...\n" +"\n" +"Display your identity contained in the XXX-Agent header.\n" +"\n" +"Options:\n" +" -h, --~a:\n" +" display this help message and exit.\n" +" -v, --~a:\n" +" display the version information (~a) and exit.\n" +" -p PORT, --port=~a:\n" +" set the port to bind.\n" +msgstr "" diff --git a/src/Makefile.am b/src/Makefile.am index 83d4a04..79ac441 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -1,6 +1,6 @@ lib_LTLIBRARIES += %reldir%/libwebidoidc.la -dist_bin_SCRIPTS += %reldir%/webid-oidc-issuer +dist_bin_SCRIPTS += %reldir%/webid-oidc-issuer %reldir%/webid-oidc-hello AM_CPPFLAGS += -I %reldir% -I $(srcdir)/%reldir% diff --git a/src/scm/webid-oidc/Makefile.am b/src/scm/webid-oidc/Makefile.am index 061af17..c2d4646 100644 --- a/src/scm/webid-oidc/Makefile.am +++ b/src/scm/webid-oidc/Makefile.am @@ -20,7 +20,8 @@ dist_webidoidcmod_DATA += \ %reldir%/token-endpoint.scm \ %reldir%/identity-provider.scm \ %reldir%/provider-confirmation.scm \ - %reldir%/resource-server.scm + %reldir%/resource-server.scm \ + %reldir%/hello-world.scm webidoidcgo_DATA += \ %reldir%/errors.go \ @@ -44,6 +45,7 @@ webidoidcgo_DATA += \ %reldir%/token-endpoint.go \ %reldir%/identity-provider.go \ %reldir%/provider-confirmation.go \ - %reldir%/resource-server.go + %reldir%/resource-server.go \ + %reldir%/hello-world.go EXTRA_DIST += %reldir%/ChangeLog diff --git a/src/scm/webid-oidc/hello-world.scm b/src/scm/webid-oidc/hello-world.scm new file mode 100644 index 0000000..cda88e4 --- /dev/null +++ b/src/scm/webid-oidc/hello-world.scm @@ -0,0 +1,117 @@ +(define-module (webid-oidc hello-world) + #:use-module (webid-oidc resource-server) + #:use-module (webid-oidc jti) + #:use-module ((webid-oidc config) #:prefix cfg:) + #:use-module (web request) + #:use-module (web response) + #:use-module (web uri) + #:use-module (web server) + #:use-module (ice-9 optargs) + #:use-module (ice-9 receive) + #:use-module (ice-9 i18n) + #:use-module (ice-9 getopt-long) + #:use-module (ice-9 suspendable-ports) + #:use-module (sxml simple) + #:use-module (srfi srfi-19)) + +(define (G_ text) + (let ((out (gettext text))) + (if (string=? out text) + ;; No translation, disambiguate + (car (reverse (string-split text #\|))) + out))) + +(define-public (main) + (setvbuf (current-output-port) 'none) + (setvbuf (current-error-port) 'none) + (setlocale LC_ALL "") + (bindtextdomain cfg:package cfg:localedir) + (textdomain cfg:package) + (let ((version-sym + (string->symbol (G_ "command-line|version"))) + (help-sym + (string->symbol (G_ "comand-line|help"))) + (port-sym + (string->symbol (G_ "comand-line|port")))) + (let ((options + (let ((option-spec + `((,version-sym (single-char #\v) (value #f)) + (,help-sym (single-char #\h) (value #f)) + (,port-sym (single-char #\p) (value #t))))) + (getopt-long (command-line) option-spec)))) + (cond + ((option-ref options help-sym #f) + (format #t (G_ "~a [OPTIONS]... + +Display your identity contained in the XXX-Agent header. + +Options: + -h, --~a: + display this help message and exit. + -v, --~a: + display the version information (~a) and exit. + -p PORT, --port=~a: + set the port to bind. +") + (car (command-line)) + help-sym version-sym + cfg:version + port-sym)) + ((option-ref options version-sym #f) + (format #t (G_ "~a version ~a\n") + cfg:package cfg:version)) + (else + (let ((port-string + (option-ref options port-sym "8080")) + (jti-list (make-jti-list))) + (unless (and (string->number port-string) + (integer? (string->number port-string)) + (>= (string->number port-string) 0) + (<= (string->number port-string) 65535)) + (format (current-error-port) + (G_ "The port should be a number between 0 and 65535.\n")) + (exit 1)) + (let ((handler + (lambda (request request-body) + (if (eq? (request-method request) 'GET) + (let ((agent (assoc-ref (request-headers request) 'xxx-agent))) + (if (and agent (string->uri agent)) + (values + (build-response + #:headers '((content-type application/xhtml+xml))) + (with-output-to-string + (lambda () + (sxml->xml + `(*TOP* (*PI* xml "version=\"1.0\" encoding=\"utf-8\"") + (html (@ (xmlns "http://www.w3.org/1999/xhtml") + (xml:lang "en")) + (body + (h1 "Hello, " + (a (@ (href ,(uri->string (string->uri agent)))) + ,(uri->string (string->uri agent))) "!")))))))) + (values + (build-response #:code 401 + #:reason-phrase "Unauthorized" + #:headers '((content-type application/xhtml+xml))) + (with-output-to-string + (lambda () + (sxml->xml + `(*TOP* (*PI* xml "version=\"1.0\" encoding=\"utf-8\"") + (html (@ (xmlns "http://www.w3.org/1999/xhtml") + (xml:lang "en")) + (body + (h1 "Please authenticate!")))))))))) + (values + (build-response #:code 405 + #:reason-phrase "Method Not Allowed" + #:headers '((content-type application/xhtml+xml))) + (with-output-to-string + (lambda () + (sxml->xml + `(*TOP* (*PI* xml "version=\"1.0\" encoding=\"utf-8\"") + (html (@ (xmlns "http://www.w3.org/1999/xhtml") + (xml:lang "en")) + (body + (h1 "Please issue a GET request.")))))))))))) + (install-suspendable-ports!) + (run-server handler 'http (list #:port (string->number port-string)))))))))) diff --git a/src/webid-oidc-hello b/src/webid-oidc-hello new file mode 100644 index 0000000..b19481f --- /dev/null +++ b/src/webid-oidc-hello @@ -0,0 +1,12 @@ +#!/usr/local/bin/guile \ +--no-auto-compile -s +!# + +(use-modules (webid-oidc hello-world)) + +(format (current-error-port) "Logging to hello.log and hello.err.\n") + +(set-current-output-port (open-output-file "hello.log")) +(set-current-error-port (open-output-file "hello.err")) + +(main) -- cgit v1.2.3