Compare commits
10 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 71161a4da1 | |||
| c1ea9c4197 | |||
| e9675db11a | |||
| b8b0a4bf30 | |||
| c0ae476beb | |||
| acaef2e704 | |||
| d2d8e74ba9 | |||
| c8a25cf438 | |||
| cfe40735e6 | |||
| 742bcef858 |
@ -64,23 +64,4 @@ jobs:
|
||||
run: |
|
||||
docker push 192.168.0.100:8928/hithomelabs/cftunnels:test
|
||||
docker push 192.168.0.100:8928/hithomelabs/cftunnels:${{ needs.tag.outputs.new_version }}
|
||||
sync_forks:
|
||||
name: Sync All Forks
|
||||
runs-on: ubuntu-latest
|
||||
needs: build_tag_push
|
||||
steps:
|
||||
- name: Check out repository code
|
||||
uses: actions/checkout@v4
|
||||
- name: Sync all forks via Gitea API
|
||||
run: |
|
||||
echo "Fetching forks for Hithomelabs/CFTunnels..."
|
||||
response=$(curl -s -X GET "https://gitea.hithomelabs.com/api/v1/repos/Hithomelabs/CFTunnels/forks" -H "Authorization: token ${{secrets.TOKEN}}")
|
||||
filtered=$(echo "$response" | grep -o '"clone_url":"[^"]*"' | sed 's/"clone_url":"\([^"]*\)"/\1/' | grep -v "/Hithomelabs")
|
||||
echo "Detected forks:"
|
||||
echo "$filtered"
|
||||
readarray -t forks <<< "$filtered"
|
||||
for fork_url in "${forks[@]}"; do
|
||||
echo "🔄 Syncing fork: $fork_url"
|
||||
authed_url=$(echo "$fork_url" | sed "s#https://#https://${{secrets.TOKEN}}@#")
|
||||
git push "$authed_url" test &
|
||||
done
|
||||
|
||||
|
||||
@ -14,6 +14,7 @@ services:
|
||||
- HOST_PORT=${HOST_PORT}
|
||||
- POSTGRES_USER=${POSTGRES_USERNAME}
|
||||
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
|
||||
- SWAGGER_OAUTH_CLIENT_ID=${SWAGGER_OAUTH_CLIENT_ID}
|
||||
env_file:
|
||||
- stack.env
|
||||
restart: unless-stopped
|
||||
|
||||
@ -1,6 +1,8 @@
|
||||
package com.hithomelabs.CFTunnels.Config;
|
||||
|
||||
import io.swagger.v3.oas.models.Components;
|
||||
import io.swagger.v3.oas.models.OpenAPI;
|
||||
import io.swagger.v3.oas.models.security.*;
|
||||
import io.swagger.v3.oas.models.servers.Server;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
@ -16,6 +18,12 @@ public class OpenApiConfig {
|
||||
@Value("${api.baseUrl}")
|
||||
private String baseUrl;
|
||||
|
||||
@Value("${springdoc.swagger-ui.oauth.authorization-url}")
|
||||
private String authorizationUri;
|
||||
|
||||
@Value("${springdoc.swagger-ui.oauth.token-url}")
|
||||
private String tokenUri;
|
||||
|
||||
@Bean
|
||||
public OpenAPI openAPI() {
|
||||
Server httpsServer = new Server().url(baseUrl);
|
||||
@ -23,6 +31,24 @@ public class OpenApiConfig {
|
||||
ArrayList<Server> servers = new ArrayList<>();
|
||||
servers.add(httpsServer);
|
||||
openApi.setServers(servers);
|
||||
openApi.addSecurityItem(new SecurityRequirement().addList("oidcAuth"))
|
||||
.components(new Components()
|
||||
.addSecuritySchemes("oidcAuth",
|
||||
new SecurityScheme()
|
||||
.type(SecurityScheme.Type.OAUTH2)
|
||||
.flows(new OAuthFlows()
|
||||
.authorizationCode(new OAuthFlow()
|
||||
.authorizationUrl(authorizationUri)
|
||||
.tokenUrl(tokenUri)
|
||||
.scopes(new Scopes()
|
||||
.addString("openid", "OpenID scope")
|
||||
.addString("profile", "OpenID profile")
|
||||
.addString("email", "OpenID email"))
|
||||
)
|
||||
)
|
||||
)
|
||||
)
|
||||
.addSecurityItem(new SecurityRequirement().addList("oidcAuth"));
|
||||
return openApi;
|
||||
}
|
||||
}
|
||||
|
||||
@ -28,6 +28,7 @@ public class SecuirtyConfig {
|
||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeHttpRequests(auth -> auth
|
||||
//.requestMatchers( "/v3/api-docs/**", "/swagger-ui/**", "/swagger-ui.html" ).permitAll()
|
||||
.anyRequest().authenticated()
|
||||
).csrf(csrf -> csrf.disable())
|
||||
.with(new OAuth2LoginConfigurer<>(),
|
||||
|
||||
@ -1,32 +0,0 @@
|
||||
package com.hithomelabs.CFTunnels.Controllers;
|
||||
|
||||
|
||||
import org.springframework.boot.web.servlet.error.ErrorController;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
|
||||
@Controller
|
||||
public class HomeController implements ErrorController {
|
||||
|
||||
private static final String ERROR_PATH = "/error";
|
||||
|
||||
/**
|
||||
* Redirects the root (including any query params like ?continue=…)
|
||||
* straight into Swagger UI.
|
||||
*/
|
||||
@GetMapping("/")
|
||||
public String rootRedirect() {
|
||||
return "redirect:/swagger-ui/index.html";
|
||||
}
|
||||
|
||||
/**
|
||||
* Catches any errors (404s, unhandled paths) and punts them
|
||||
* into the same Swagger UI page.
|
||||
*/
|
||||
@RequestMapping(ERROR_PATH)
|
||||
public String onError() {
|
||||
return "redirect:/swagger-ui/index.html";
|
||||
}
|
||||
|
||||
}
|
||||
@ -11,6 +11,8 @@ import com.hithomelabs.CFTunnels.Models.Ingress;
|
||||
import com.hithomelabs.CFTunnels.Models.TunnelResponse;
|
||||
import com.hithomelabs.CFTunnels.Services.CloudflareAPIService;
|
||||
import com.hithomelabs.CFTunnels.Services.MappingRequestService;
|
||||
import io.swagger.v3.oas.annotations.Operation;
|
||||
import io.swagger.v3.oas.annotations.security.SecurityRequirement;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.web.servlet.error.ErrorController;
|
||||
import org.springframework.http.*;
|
||||
@ -64,6 +66,7 @@ public class TunnelController implements ErrorController {
|
||||
|
||||
@PreAuthorize("hasAnyRole('USER')")
|
||||
@GetMapping("/tunnels")
|
||||
@Operation( security = { @SecurityRequirement(name = "oidcAuth") } )
|
||||
public ResponseEntity<Map<String,Object>> getTunnels(){
|
||||
|
||||
ResponseEntity<Map> responseEntity = cloudflareAPIService.getCloudflareTunnels();
|
||||
@ -75,7 +78,7 @@ public class TunnelController implements ErrorController {
|
||||
}
|
||||
|
||||
@PreAuthorize("hasAnyRole('DEVELOPER')")
|
||||
@GetMapping("/tunnel/{tunnelId}")
|
||||
@GetMapping("/tunnel/{tunnelId}/mappings")
|
||||
public ResponseEntity<Map<String,Object>> getTunnelConfigurations(@PathVariable String tunnelId) {
|
||||
|
||||
ResponseEntity<Map> responseEntity = cloudflareAPIService.getCloudflareTunnelConfigurations(tunnelId, restTemplate, Map.class);
|
||||
@ -88,7 +91,7 @@ public class TunnelController implements ErrorController {
|
||||
|
||||
// 50df9101-f625-4618-b7c5-100338a57124
|
||||
@PreAuthorize("hasAnyRole('ADMIN')")
|
||||
@PutMapping("/tunnel/{tunnelId}/add")
|
||||
@PostMapping("/tunnel/{tunnelId}/mappings")
|
||||
public ResponseEntity<Map<String, Object>> addTunnelconfiguration(@PathVariable String tunnelId, @RequestBody Ingress ingress) throws JsonProcessingException {
|
||||
|
||||
ResponseEntity<TunnelResponse> responseEntity = cloudflareAPIService.getCloudflareTunnelConfigurations(tunnelId, restTemplateConfig.restTemplate(), TunnelResponse.class);
|
||||
@ -110,7 +113,7 @@ public class TunnelController implements ErrorController {
|
||||
}
|
||||
|
||||
@PreAuthorize("hasAnyRole('DEVELOPER')")
|
||||
@PutMapping("/tunnel/{tunnelId}/delete")
|
||||
@DeleteMapping("/tunnel/{tunnelId}/mappings")
|
||||
public ResponseEntity<Map<String, Object>> deleteTunnelConfiguration(@PathVariable String tunnelId, @RequestBody Ingress ingress) throws JsonProcessingException {
|
||||
|
||||
ResponseEntity<TunnelResponse> responseEntity = cloudflareAPIService.getCloudflareTunnelConfigurations(tunnelId, restTemplateConfig.restTemplate(), TunnelResponse.class);
|
||||
@ -139,7 +142,7 @@ public class TunnelController implements ErrorController {
|
||||
}
|
||||
|
||||
@PreAuthorize("hasAnyRole('DEVELOPER')")
|
||||
@PutMapping("/tunnel/{tunnelId}/request")
|
||||
@PostMapping("/tunnel/{tunnelId}/requests")
|
||||
public ResponseEntity<Request> createTunnelMappingRequest(@PathVariable String tunnelId, @AuthenticationPrincipal OidcUser oidcUser, @RequestBody Ingress ingess){
|
||||
Request request = mappingRequestService.createMappingRequest(tunnelId, ingess, oidcUser);
|
||||
if(request.getId() != null)
|
||||
|
||||
@ -1 +1,12 @@
|
||||
api.baseUrl=https://cftunnels.hithomelabs.com
|
||||
|
||||
# Production Database Configuration
|
||||
spring.datasource.url=jdbc:postgresql://postgres:5432/cftunnel
|
||||
spring.datasource.username=${POSTGRES_USERNAME}
|
||||
spring.datasource.password=${POSTGRES_PASSWORD}
|
||||
spring.datasource.driver-class-name=org.postgresql.Driver
|
||||
|
||||
# JPA Configuration
|
||||
spring.jpa.hibernate.ddl-auto=update
|
||||
spring.jpa.show-sql=false
|
||||
spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect
|
||||
@ -1,7 +1,12 @@
|
||||
api.baseUrl=https://testcf.hithomelabs.com
|
||||
|
||||
spring.datasource.url: jdbc:h2:mem:testdb
|
||||
spring.datasource.driver-class-name: org.h2.Driver
|
||||
spring.datasource.username: sa
|
||||
spring.datasource.password:
|
||||
spring.datasource.jpa.hibernate.ddl-auto: none
|
||||
# Test Database Configuration - Same as Production
|
||||
spring.datasource.url=jdbc:postgresql://postgres:5432/cftunnel
|
||||
spring.datasource.username=${POSTGRES_USERNAME}
|
||||
spring.datasource.password=${POSTGRES_PASSWORD}
|
||||
spring.datasource.driver-class-name=org.postgresql.Driver
|
||||
|
||||
# JPA Configuration
|
||||
spring.jpa.hibernate.ddl-auto=update
|
||||
spring.jpa.show-sql=true
|
||||
spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect
|
||||
|
||||
@ -18,6 +18,13 @@ spring.security.oauth2.client.provider.cftunnels.user-info-uri=https://auth.hith
|
||||
spring.security.oauth2.client.provider.cftunnels.jwk-set-uri=https://auth.hithomelabs.com/application/o/cftunnels/jwks/
|
||||
spring.security.oauth2.client.provider.cftunnels.issuer-uri=https://auth.hithomelabs.com/application/o/cftunnels/
|
||||
|
||||
springdoc.swagger-ui.oauth.client-id=${SWAGGER_OAUTH_CLIENT_ID}
|
||||
springdoc.swagger-ui.oauth.client-secret= # leave empty for public client
|
||||
springdoc.swagger-ui.oauth.use-pkce=true
|
||||
springdoc.swagger-ui.oauth.scopes=openid,profile,email
|
||||
springdoc.swagger-ui.oauth.authorization-url=https://auth.hithomelabs.com/application/o/authorize/
|
||||
springdoc.swagger-ui.oauth.token-url=https://auth.hithomelabs.com/application/o/token/
|
||||
|
||||
spring.datasource.url=jdbc:postgresql://192.168.0.100:5432/cftunnel
|
||||
spring.datasource.username=${POSTGRES_USERNAME}
|
||||
spring.datasource.password=${POSTGRES_PASSWORD}
|
||||
|
||||
@ -36,8 +36,7 @@ import static org.mockito.ArgumentMatchers.eq;
|
||||
import static org.mockito.Mockito.when;
|
||||
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf;
|
||||
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.oauth2Login;
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.put;
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
|
||||
import static org.hamcrest.Matchers.not;
|
||||
@ -162,7 +161,7 @@ class TunnelControllerTest {
|
||||
|
||||
when(cloudflareAPIService.getCloudflareTunnelConfigurations(eq("sampleTunnelId"), any(RestTemplate.class), eq(Map.class))).thenReturn(mockResponse);
|
||||
|
||||
mockMvc.perform(get("/cloudflare/tunnel/{tunnelId}", "sampleTunnelId")
|
||||
mockMvc.perform(get("/cloudflare/tunnel/{tunnelId}/mappings", "sampleTunnelId")
|
||||
.with(oauth2Login().oauth2User(buildOidcUser("username", Groups.HOMELAB_DEVELOPER))))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(MockMvcResultMatchers.content().contentType(MediaType.APPLICATION_JSON))
|
||||
@ -184,7 +183,7 @@ class TunnelControllerTest {
|
||||
ResponseEntity<TunnelResponse> expectedHttpTunnelResponse = new ResponseEntity<>(expectedTunnelConfig, HttpStatus.OK);
|
||||
when(cloudflareAPIService.putCloudflareTunnelConfigurations(eq("sampleTunnelId"), any(RestTemplate.class), eq(TunnelResponse.class), any(Config.class))).thenReturn(expectedHttpTunnelResponse);
|
||||
|
||||
mockMvc.perform(put("/cloudflare/tunnel/{tunnelId}/add", "sampleTunnelId")
|
||||
mockMvc.perform(post("/cloudflare/tunnel/{tunnelId}/mappings", "sampleTunnelId")
|
||||
.with(oauth2Login().oauth2User(buildOidcUser("admin", Groups.SYSTEM_ADMIN)))
|
||||
.with(csrf())
|
||||
.contentType(MediaType.APPLICATION_JSON)
|
||||
@ -209,7 +208,7 @@ class TunnelControllerTest {
|
||||
ResponseEntity<TunnelResponse> expectedHttpTunnelResponse = new ResponseEntity<>(expectedTunnelConfig, HttpStatus.OK);
|
||||
when(cloudflareAPIService.putCloudflareTunnelConfigurations(eq("sampleTunnelId"), any(RestTemplate.class), eq(TunnelResponse.class), any(Config.class))).thenReturn(expectedHttpTunnelResponse);
|
||||
|
||||
mockMvc.perform(put("/cloudflare/tunnel/{tunnelId}/delete", "sampleTunnelId")
|
||||
mockMvc.perform(delete("/cloudflare/tunnel/{tunnelId}/mappings", "sampleTunnelId")
|
||||
.with(oauth2Login().oauth2User(buildOidcUser("admin", Groups.SYSTEM_ADMIN)))
|
||||
.with(csrf())
|
||||
.contentType(MediaType.APPLICATION_JSON)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user