From 768c884324d5f23c01e81b24294f1d5b0a3508fd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Emiliano=20Su=C3=B1=C3=A9?= <emiliano.sune@gmail.com>
Date: Mon, 6 Feb 2023 17:31:16 -0800
Subject: [PATCH] Automate ngrok url mapping for controller, agent services
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Emiliano Suñé <emiliano.sune@gmail.com>
---
 .gitignore                         |  1 +
 docker/docker-compose-ngrok.yaml   | 25 ++++++++++++++++
 docker/docker-compose.yaml         | 23 --------------
 docker/manage                      | 48 +++++++++++++++++++++++++++---
 oidc-controller/api/core/config.py | 25 +++-------------
 5 files changed, 74 insertions(+), 48 deletions(-)
 create mode 100644 docker/docker-compose-ngrok.yaml

diff --git a/.gitignore b/.gitignore
index bd0e904d..eb5fb2f6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -128,6 +128,7 @@ proxy-data/
 
 # General
 .env
+*ngrok.json
 
 # Visual Studio Code
 .vscode
diff --git a/docker/docker-compose-ngrok.yaml b/docker/docker-compose-ngrok.yaml
new file mode 100644
index 00000000..f448ca94
--- /dev/null
+++ b/docker/docker-compose-ngrok.yaml
@@ -0,0 +1,25 @@
+version: "3"
+services:
+  controller-ngrok:
+    image: wernight/ngrok
+    environment:
+      - CONTROLLER_SERVICE_PORT=5000
+    ports:
+      - 4056:4040
+    command: ngrok http controller:5000 --log stdout
+    networks:
+      - vc_auth
+
+  aca-py-ngrok:
+    image: wernight/ngrok
+    environment:
+      - AGENT_HTTP_PORT=${AGENT_HTTP_PORT}
+    ports:
+      - 4059:4040
+    command: ngrok http aca-py:${AGENT_HTTP_PORT} --log stdout
+    networks:
+      - vc_auth
+
+networks:
+  vc_auth:
+    driver: bridge
diff --git a/docker/docker-compose.yaml b/docker/docker-compose.yaml
index 9d30b501..1f3454a0 100644
--- a/docker/docker-compose.yaml
+++ b/docker/docker-compose.yaml
@@ -6,8 +6,6 @@ services:
     depends_on:
       controller-db:
         condition: service_started
-      controller-ngrok:
-        condition: service_started
     environment:
       - DB_HOST=${MONGODB_HOST}
       - DB_PORT=${MONGODB_PORT}
@@ -77,26 +75,6 @@ services:
     networks:
       - vc_auth
 
-  controller-ngrok:
-    image: wernight/ngrok
-    environment:
-      - CONTROLLER_SERVICE_PORT=5000
-    ports:
-      - 4056:4040
-    command: ngrok http controller:5000 --log stdout
-    networks:
-      - vc_auth
-  
-  aca-py-ngrok:
-    image: wernight/ngrok
-    environment:
-      - AGENT_HTTP_PORT=${AGENT_HTTP_PORT}
-    ports:
-      - 4059:4040
-    command: ngrok http aca-py:${AGENT_HTTP_PORT} --log stdout
-    networks:
-      - vc_auth
-
   aca-py:
     image: bcgovimages/aries-cloudagent:py36-1.16-1_1.0.0-rc1
     environment:
@@ -124,7 +102,6 @@ services:
       - vc_auth
     depends_on:
       - wallet-db
-      - aca-py-ngrok
     entrypoint: /bin/bash
     command: [
         "-c",
diff --git a/docker/manage b/docker/manage
index 9a758ab4..74e6fd92 100644
--- a/docker/manage
+++ b/docker/manage
@@ -19,6 +19,20 @@ function echoWarning (){
   echo -e "${_yellow}${_msg}${_nc}"
 }
 
+function echoSuccess (){
+  _msg=${1}
+  _green='\e[32m'
+  _nc='\e[0m' # No Color
+  echo -e "${_green}${_msg}${_nc}"
+}
+
+function echoInfo (){
+  _msg=${1}
+  _gray='\e[36m'
+  _nc='\e[0m' # No Color
+  echo -e "${_gray}${_msg}${_nc}"
+}
+
 function generateKey(){
   (
     _length=${1:-48}
@@ -83,8 +97,8 @@ EOF
 # Default Settings:
 # -----------------------------------------------------------------------------------------------------------------
 DEFAULT_CONTAINERS="keycloak keycloak-db controller-db"
-ACAPY_CONTAINERS="aca-py wallet-db aca-py-ngrok"
-PROD_CONTAINERS="controller controller-ngrok"
+ACAPY_CONTAINERS="aca-py wallet-db"
+PROD_CONTAINERS="controller"
 
 # -----------------------------------------------------------------------------------------------------------------
 # Functions:
@@ -160,7 +174,7 @@ configureEnvironment() {
   export AGENT_HOST="http://aca-py"
   export AGENT_NGROK_TUNNEL="http://aca-py-ngrok:4040"
   export AGENT_NAME="VC-AuthN Agent"
-  export AGENT_HTTP_PORT="8030"
+  export AGENT_HTTP_PORT=${AGENT_HTTP_PORT:-8030}
   export AGENT_ADMIN_PORT=${AGENT_ADMIN_PORT:-"8077"}
   export AGENT_ADMIN_URL=${AGENT_ADMIN_URL:-http://$AGENT_HOST:$AGENT_ADMIN_PORT}
   export AGENT_ENDPOINT=${AGENT_ENDPOINT:-http://$AGENT_HOST:$AGENT_HTTP_PORT}
@@ -271,11 +285,34 @@ initializeUserPrompts() {
         ;;
     esac
   done
+
+  read -p "Do you want to use ngrok for your agent and controller [y/n]? " -n 1 -r
+  echo    # (optional) move to a new line
+  if [[ $REPLY =~ ^[Yy]$ ]]
+  then
+      echo "AGENT_HTTP_PORT=8030" >> .env
+      #  start ngrok containers first so we can grab the URLs
+      COMPOSE_PROJECT_NAME="${COMPOSE_PROJECT_NAME:-vc-authn}" docker compose -f docker-compose-ngrok.yaml up -d --force-recreate
+      
+      echoInfo "Determining ngrok url for controller service..."
+      docker run --rm curlimages/curl -L -s http://host.docker.internal:4056/api/tunnels > controller-ngrok.json
+      NGROK_CONTROLLER_URL=$(docker run --rm -i stedolan/jq < controller-ngrok.json --raw-output '.tunnels | map(select(.name | contains("command_line"))) | .[0] | .public_url')
+      echo "CONTROLLER_URL=${NGROK_CONTROLLER_URL}" >> .env
+      echoSuccess "The controller url is: ${NGROK_CONTROLLER_URL}"
+
+      echoInfo "Determining ngrok url for agent service..."
+      docker run --rm curlimages/curl -L -s http://host.docker.internal:4059/api/tunnels > agent-ngrok.json
+      NGROK_AGENT_URL=$(docker run --rm -i stedolan/jq < agent-ngrok.json --raw-output '.tunnels | map(select(.name | contains("command_line"))) | .[0] | .public_url')
+      echo "AGENT_ENDPOINT=${NGROK_AGENT_URL}" >> .env
+      echoSuccess "The agent url is: ${NGROK_AGENT_URL}"
+
+      rm *-ngrok.json
+  fi
 }
 
 setDefaultProofConfig() {
   # post default proof-request configuration to controller
-  docker run --network=vc-authn_vc_auth --rm curlimages/curl:latest -X POST "http://controller:5000/api/vc-configs" -H "accept: application/json" -H "X-Api-Key: controller-api-key" -H "Content-Type: application/json-patch+json" -d "{ \"id\": \"test-request-config\", \"subject_identifier\": \"email\", \"configuration\": { \"name\": \"Basic Proof\", \"version\": \"1.0\", \"requested_attributes\": [ { \"name\": \"email\", \"restrictions\": [] }, { \"name\": \"first_name\", \"restrictions\": [] }, { \"name\": \"last_name\", \"restrictions\": [] } ], \"requested_predicates\": [] }}" 
+  docker run --network=vc-authn_vc_auth --rm curlimages/curl -X POST "http://controller:5000/api/vc-configs" -H "accept: application/json" -H "X-Api-Key: controller-api-key" -H "Content-Type: application/json-patch+json" -d "{ \"id\": \"test-request-config\", \"subject_identifier\": \"email\", \"configuration\": { \"name\": \"Basic Proof\", \"version\": \"1.0\", \"requested_attributes\": [ { \"name\": \"email\", \"restrictions\": [] }, { \"name\": \"first_name\", \"restrictions\": [] }, { \"name\": \"last_name\", \"restrictions\": [] } ], \"requested_predicates\": [] }}" 
 }
 # =================================================================================================================
 
@@ -319,6 +356,9 @@ stop)
   docker-compose stop 
   ;;
 rm|down)
+  # stop ngrok services, if running
+  docker compose -f docker-compose-ngrok.yaml down
+  
   # delete previously saved settings
   if [ -f ".env" ] ; then
     rm ".env"
diff --git a/oidc-controller/api/core/config.py b/oidc-controller/api/core/config.py
index 6b7defea..ef49d3f9 100644
--- a/oidc-controller/api/core/config.py
+++ b/oidc-controller/api/core/config.py
@@ -39,31 +39,14 @@ class GlobalConfig(BaseSettings):
     MONGODB_URL: str = f"mongodb://{DB_USER}:{DB_PASS}@{DB_HOST}:{DB_PORT}/{DB_NAME}?retryWrites=true&w=majority"
 
     CONTROLLER_URL: str = os.environ.get("CONTROLLER_URL")
-    # # Get CONTROLLER_URL from env or NGROK.
-    CONTROLLER_NGROK: str = os.environ.get("CONTROLLER_NGROK")
-    if not CONTROLLER_URL and CONTROLLER_NGROK:
-        raw_resp = requests.get(CONTROLLER_NGROK + "/api/tunnels")
-        resp = json.loads(raw_resp.content)
-        CONTROLLER_URL = resp["tunnels"][0]["public_url"]
-        print("loaded CONTROLLER_URL from NGROK_TUNNEL_HOST")
-    print("CONTROLLER_URL: " + CONTROLLER_URL)
-
-    #
+
     ACAPY_AGENT_URL: str = os.environ.get("ACAPY_AGENT_URL")
-    ACAPY_NGROK_TUNNEL_HOST: str = os.environ.get("ACAPY_NGROK_TUNNEL_HOST")
-    if not ACAPY_AGENT_URL and not ACAPY_NGROK_TUNNEL_HOST:
+    # ACAPY_NGROK_TUNNEL_HOST: str = os.environ.get("ACAPY_NGROK_TUNNEL_HOST")
+    if not ACAPY_AGENT_URL:
         print(
-            "WARNING: neither ACAPY_AGENT_URL or ACAPY_NGROK_TUNNEL_HOST provided, agent will not be accessible"
+            "WARNING: ACAPY_AGENT_URL was not provided, agent will not be accessible"
         )
 
-    if not ACAPY_AGENT_URL and ACAPY_NGROK_TUNNEL_HOST:
-        raw_resp = requests.get(ACAPY_NGROK_TUNNEL_HOST + "/api/tunnels")
-        resp = json.loads(raw_resp.content)
-        https_tunnels = [t for t in resp["tunnels"] if t["proto"] == "https"]
-        ACAPY_AGENT_URL = https_tunnels[0]["public_url"]
-        print("loaded ACAPY_AGENT_URL from ACAPY_NGROK_TUNNEL_HOST")
-    print("ACAPY_AGENT_URL: " + str(ACAPY_AGENT_URL))
-
     ACAPY_TENANCY: str = os.environ.get(
         "ACAPY_TENANCY", "single"
     )  # other option is "multi"