Draft: Initial work on local password provider

Makefile

@@ -1,6 +1,8 @@
 all: help
 .SILENT:
 
+SHELL := /bin/bash
+
 .PHONY: help
 help:
 	echo "Wilford OAuth2 Server"
@@ -10,24 +12,77 @@ help:
 	echo "- upload-server 	: Build and upload the server Docker image"
 	echo "- upload-docs		: Build and upload the docs Docker image"
 	echo "- upload-ui	 	: Build and upload the ui Docker image"
+	echo "- dev 			: Run all applications locally in developmer mode"
+	echo "- dev-ide			: Prepares the environment and shows you how to run the programs from your IDE"
 
 test_oidc_key.pem:
 	openssl genrsa -out ./test_oidc_key.pem 4096
-	
+
 test_oidc_key.pem.pub: test_oidc_key.pem
 	openssl rsa -in ./test_oidc_key.pem -pubout -outform PEM -out ./test_oidc_key.pem.pub
 
 config.json: sample_config.json
 	cp sample_config.json config.json
 
+config_docker.json: sample_config_docker.json
+	cp sample_config_docker.json config_docker.json
+
+
 .PHONY: up
-up: test_oidc_key.pem test_oidc_key.pem.pub config.json
+up: test_oidc_key.pem test_oidc_key.pem.pub config_docker.json
 	docker compose up -d
 	echo "Wilford UI available at 	http://localhost:2522"
 	echo "Wilford Docs available at	http://localhost:2523"
 	echo "EspoCRM UI availabel at 	http://localhost:2524"
 	echo "If this is the first run, please configure EspoCRM and Wilford."
 
+.PHONY: dev-ide
+dev-ide: test_oidc_key.pem test_oidc_key.pem.pub config.json
+	# Database
+	docker compose up -d mariadb-wilford
+	echo "Waiting for Database to start..."
+
+	echo "Start the server with the following environmental variables set:"
+	echo "- RUST_LOG=INFO,wilford=TRACE"
+	echo "- CONFIG_PATH=$(shell pwd)/config.json"
+
+	echo "Then start the server with:"
+	echo "cargo run -p wilford"
+
+
+.PHONY: dev
+dev: test_oidc_key.pem test_oidc_key.pem.pub config.json ui/node_modules
+	# Database
+	docker compose up -d mariadb-wilford
+	echo "Waiting for Database to start..."
+	#sleep 5
+
+	# Server
+	echo "Starting server"
+
+	cd server && \
+		RUST_LOG=INFO,wilford=TRACE \
+		CONFIG_PATH=$(shell pwd)/config.json \
+		cargo run -p wilford & \
+		export SERVER_PID=$$!;
+
+	# Start UI
+	echo "Starting frontend"
+	cd ui && yarn run dev --clearScreen false & \
+		export UI_PID=$$!;
+
+	# Wait until user does Ctrl+C
+	sleep 2
+	echo "Server and UI running. Ctrl+C to exit"
+	read -r -d '' _ </dev/tty
+
+	# Kill UI and server
+	echo "Killing programs"
+	kill $(SERVER_PID)
+	kill $(UI_PID)
+ui/node_modules: ui/package.json ui/yarn.lock
+	cd ui && yarn
+
 .PHONY: upload-all
 upload-all: upload-server upload-docs upload-ui
 

README.md

@@ -1,27 +1,33 @@
 # Wilford
-Bolted-on OAuth2 provider using EspoCRM as credentials provider.
+OAuth2 and OpenID Connect implementation.
 
-You create accounts in EspoCRM, 
-configure permissions here in Wilford. 
-Your applications will then authenticate with Wilford, 
-and your users can continue using their EspoCRM login credentials.
+## Authorization provders
+- EspoCRM: Utilizes the EspoCRM system as it's password and user managment system
+- Local: Utilizes the local database as it's password and user managment system
 
 ## Development
+Requirments:
+- Server
+  - [Rust compiler, Cargo](https://rust-lang.org)
+  - Docker
+- Frontend
+  - Node >= 22
+  - Yarn
+
 - Start everything with
 ```bash
-make up
+make dev
 ```
 This will:
 - Create an OIDC signing key if it doesn't exist
 - Copy `sample_config.json` to `config.json`
-- Start all containers
+- Start the server and the frontend
 
 The following services will be available:
 - The backend, on port [2521](http://localhost:2512)
-- The frontend, on port [2522](http://localhost:2522)
-- The docs, on port [2523](http://localhost:2523)
-- EspoCRM, on port [2524](http://localhost:2524)
+- The frontend, on port [3000](http://localhost:3000)
 
+## Configuring EspoCRM
 After starting, you should configure an API-client in EspoCRM:
 1. Log in with EspoCRM [here](http://localhost:2524). Your username and password are `admin`
 2. In the top right, select the three dots > Administration
@@ -42,6 +48,8 @@ make up
 ```
 
 ## Generate OIDC Key
+When using `make dev`, this is done automatically.
+
 ```bash
 # Private key
 openssl genrsa -out ./oidc.pem 4096

config_docker.json

@@ -0,0 +1,21 @@
+{
+  "http": {
+    "ui_login_path": "http://localhost:2522/login",
+    "authorization_endpoint": "http://localhost:2521/api/oauth/authorize",
+    "token_endpoint": "http://localhost:2521/api/oauth/token",
+    "jwks_uri_endpoint": "https://localhost:2521/.well-known/jwks.json"
+  },
+  "database": {
+    "user": "wilford",
+    "password": "wilford",
+    "host": "mariadb-wilford",
+    "database": "wilford"
+  },
+  "authorization_provider": "Local",
+  "default_client": {
+    "redirect_uri": "http://localhost:2522/login-ok"
+  },
+  "oidc_signing_key": "/test_oidc_key.pem",
+  "oidc_public_key": "/test_oidc_key.pem.pub",
+  "oidc_issuer": "http://localhost:2521"
+}

docker-compose.yml

@@ -4,6 +4,8 @@ services:
     image: mariadb
     volumes:
       - "./tmp/mariadb-wilford:/var/lib/mysql"
+    ports:
+      - "3306:3306"
     environment:
       - "MARIADB_ROOT_PASSWORD=123"
       - "MARIADB_USER=wilford"
@@ -30,7 +32,7 @@ services:
       - "CONFIG_PATH=/config.json"
       - "RUST_LOG=DEBUG"
     volumes:
-      - "./config.json:/config.json"
+      - "./config_docker.json:/config.json"
       - "./test_oidc_key.pem:/test_oidc_key.pem"
       - "./test_oidc_key.pem.pub:/test_oidc_key.pem.pub"
     depends_on:
@@ -73,4 +75,4 @@ services:
     volumes:
       - "./localhost.pem:/etc/ssl/certs/ssl-cert-snakeoil.pem"
       - "./localhost-key.pem:/etc/ssl/private/ssl-cert-snakeoil.key"
-      - "./nginx.conf:/etc/nginx/conf.d/default.conf:ro"
+      - "./nginx.conf:/etc/nginx/conf.d/default.conf:ro"

email_banner.hbs

@@ -0,0 +1,10 @@
+<div class="banner">
+  <table>
+    <tr>
+      <td>
+        <img src="https://public.svsticky.nl/logos/logo_compact_outline_wit.png" height="40" width="80" alt="Logo"
+          title="Logo" style="display:block;" />
+      </td>
+    </tr>
+  </table>
+</div>

nginx.conf

@@ -29,7 +29,6 @@ server {
         proxy_pass https://google.com;
     }
 
-
     location / {
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;

sample_config.json

@@ -1,25 +1,26 @@
 {
   "http": {
-    "ui_login_path": "http://localhost:2522/login",
+    "ui_login_path": "http://localhost:3000/login",
     "authorization_endpoint": "http://localhost:2521/api/oauth/authorize",
     "token_endpoint": "http://localhost:2521/api/oauth/token",
     "jwks_uri_endpoint": "https://localhost:2521/.well-known/jwks.json"
   },
   "database": {
     "user": "wilford",
     "password": "wilford",
-    "host": "mariadb-wilford",
+    "host": "localhost",
     "database": "wilford"
   },
-  "espo": {
-    "host": "http://espocrm",
-    "api_key": "",
-    "secret_key": ""
-  },
+  "authorization_provider": "Local",
   "default_client": {
-    "redirect_uri": "http://localhost:2522/login-ok"
+    "redirect_uri": "http://localhost:3000/login-ok"
   },
-  "oidc_signing_key": "/test_oidc_key.pem",
-  "oidc_public_key": "/test_oidc_key.pem.pub",
-  "oidc_issuer": "http://localhost:2521"
+  "oidc_signing_key": "../test_oidc_key.pem",
+  "oidc_public_key": "../test_oidc_key.pem.pub",
+  "oidc_issuer": "http://localhost:2521",
+  "email": {
+    "smtp": "smtp-relay.gmail.com",
+    "from": "Wilford <[email protected]>",
+    "banner_file": "../email_banner.hbs"
+  }
 }

sample_config_docker.json

@@ -0,0 +1,26 @@
+{
+  "http": {
+    "ui_login_path": "http://localhost:2522/login",
+    "authorization_endpoint": "http://localhost:2521/api/oauth/authorize",
+    "token_endpoint": "http://localhost:2521/api/oauth/token",
+    "jwks_uri_endpoint": "https://localhost:2521/.well-known/jwks.json"
+  },
+  "database": {
+    "user": "wilford",
+    "password": "wilford",
+    "host": "mariadb-wilford",
+    "database": "wilford"
+  },
+  "authorization_provider": "Local",
+  "default_client": {
+    "redirect_uri": "http://localhost:2522/login-ok"
+  },
+  "oidc_signing_key": "/test_oidc_key.pem",
+  "oidc_public_key": "/test_oidc_key.pem.pub",
+  "oidc_issuer": "http://localhost:2521",
+  "email": {
+    "smtp": "smtp-relay.gmail.com",
+    "from": "Wilford <[email protected]>",
+    "banner_file": "../email_banner.hbs"
+  }
+}