diff --git a/.env.test.local.example b/.env.test.local.example index 4c6076b4ae06..048b843b247f 100644 --- a/.env.test.local.example +++ b/.env.test.local.example @@ -33,7 +33,7 @@ NEXTCLOUD_LOCAL_OAUTH_CLIENT_SECRET= NEXTCLOUD_LOCAL_OPENPROJECT_UID= NEXTCLOUD_LOCAL_OPENPROJECT_SECRET= -NEXTCLOUD_LOCAL_OPENPROJECT_REDIRECT_URI=https://nextcloud.local/index.php/apps/integration_openproject/oauth-redirect +NEXTCLOUD_LOCAL_OPENPROJECT_REDIRECT_URI=https://nextcloud.internal/index.php/apps/integration_openproject/oauth-redirect NEXTCLOUD_LOCAL_OAUTH_CLIENT_ACCESS_TOKEN= NEXTCLOUD_LOCAL_OAUTH_CLIENT_REFRESH_TOKEN= diff --git a/docker/dev/gitlab/docker-compose.yml b/docker/dev/gitlab/docker-compose.yml index 7389f4ed4ebc..44353f98316d 100644 --- a/docker/dev/gitlab/docker-compose.yml +++ b/docker/dev/gitlab/docker-compose.yml @@ -19,7 +19,7 @@ services: networks: - external extra_hosts: - - "openproject.local:host-gateway" + - "openproject.internal:host-gateway" labels: - "traefik.enable=true" - "traefik.http.routers.gitlab.rule=Host(`gitlab.local`)" diff --git a/docker/dev/keycloak/docker-compose.yml b/docker/dev/keycloak/docker-compose.yml index aac66478bc40..0280f9955a31 100644 --- a/docker/dev/keycloak/docker-compose.yml +++ b/docker/dev/keycloak/docker-compose.yml @@ -18,7 +18,7 @@ services: networks: - external extra_hosts: - - "openproject.local:host-gateway" + - "openproject.internal:host-gateway" environment: - KC_DB=postgres - KC_DB_USERNAME=keycloak @@ -27,7 +27,7 @@ services: - KEYCLOAK_ADMIN=admin - KEYCLOAK_ADMIN_PASSWORD=admin - KC_DB_SCHEMA=public - - KC_HOSTNAME=keycloak.local + - KC_HOSTNAME=keycloak.internal - KC_FEATURES=token-exchange - KC_TRANSACTION_XA_ENABLED=false volumes: @@ -35,7 +35,7 @@ services: - keycloak-data:/opt/keycloak/data/ labels: - "traefik.enable=true" - - "traefik.http.routers.keycloak-sub-secure.rule=Host(`keycloak.local`)" + - "traefik.http.routers.keycloak-sub-secure.rule=Host(`keycloak.internal`)" - "traefik.http.routers.keycloak-sub-secure.entrypoints=websecure" - "traefik.http.routers.keycloak-sub-secure.tls=true" - "traefik.http.routers.keycloak-sub-secure.tls.certresolver=step" diff --git a/docker/dev/tls/docker-compose.core-override.example.yml b/docker/dev/tls/docker-compose.core-override.example.yml index 152d6b9d5ad1..15dce8a74877 100644 --- a/docker/dev/tls/docker-compose.core-override.example.yml +++ b/docker/dev/tls/docker-compose.core-override.example.yml @@ -8,14 +8,14 @@ services: SSL_CERT_FILE: /etc/ssl/certs/ca-certificates.crt # uncomment and set all the envs below to integrate keycloak with OpenProject # OPENPROJECT_OPENID__CONNECT_KEYCLOAK_DISPLAY__NAME: Keycloak - # OPENPROJECT_OPENID__CONNECT_KEYCLOAK_HOST: keycloak.local - # OPENPROJECT_OPENID__CONNECT_KEYCLOAK_IDENTIFIER: https://openproject.local + # OPENPROJECT_OPENID__CONNECT_KEYCLOAK_HOST: keycloak.internal + # OPENPROJECT_OPENID__CONNECT_KEYCLOAK_IDENTIFIER: https://openproject.internal # OPENPROJECT_OPENID__CONNECT_KEYCLOAK_SECRET: - # OPENPROJECT_OPENID__CONNECT_KEYCLOAK_ISSUER: https://keycloak.local/realms/ + # OPENPROJECT_OPENID__CONNECT_KEYCLOAK_ISSUER: https://keycloak.internal/realms/ # OPENPROJECT_OPENID__CONNECT_KEYCLOAK_AUTHORIZATION__ENDPOINT: /realms//protocol/openid-connect/auth # OPENPROJECT_OPENID__CONNECT_KEYCLOAK_TOKEN__ENDPOINT: /realms//protocol/openid-connect/token # OPENPROJECT_OPENID__CONNECT_KEYCLOAK_USERINFO__ENDPOINT: /realms//protocol/openid-connect/userinfo - # OPENPROJECT_OPENID__CONNECT_KEYCLOAK_END__SESSION__ENDPOINT: https://keycloak.local/realms//protocol/openid-connect/logout + # OPENPROJECT_OPENID__CONNECT_KEYCLOAK_END__SESSION__ENDPOINT: https://keycloak.internal/realms//protocol/openid-connect/logout networks: - external volumes: diff --git a/docker/dev/tls/docker-compose.override.example.yml b/docker/dev/tls/docker-compose.override.example.yml index f35ccb1bbb2d..47e13f147054 100644 --- a/docker/dev/tls/docker-compose.override.example.yml +++ b/docker/dev/tls/docker-compose.override.example.yml @@ -7,7 +7,7 @@ services: # The reason to do this is that step-ca tries to validate the domains # by connecting to them, and we'd like it to go through traefik, instead # of calling the service containers directly. - - openproject.local - - nextcloud.local - - gitlab.local - - keycloak.local + - openproject.internal + - nextcloud.internal + - gitlab.internal + - keycloak.internal diff --git a/docker/dev/tls/docker-compose.yml b/docker/dev/tls/docker-compose.yml index d9172f23f87e..c5fc20e6f975 100644 --- a/docker/dev/tls/docker-compose.yml +++ b/docker/dev/tls/docker-compose.yml @@ -35,10 +35,10 @@ services: networks: external: aliases: - - traefik.local + - traefik.internal labels: - "traefik.enable=true" - - "traefik.http.routers.traefik.rule=Host(`traefik.local`)" + - "traefik.http.routers.traefik.rule=Host(`traefik.internal`)" - "traefik.http.routers.traefik.service=api@internal" - "traefik.http.routers.traefik.entrypoints=websecure" diff --git a/docker/prod/setup/postinstall-onprem.sh b/docker/prod/setup/postinstall-onprem.sh index 277917033ba2..455d128b2f3d 100755 --- a/docker/prod/setup/postinstall-onprem.sh +++ b/docker/prod/setup/postinstall-onprem.sh @@ -10,7 +10,7 @@ apt-get update -qq # See https://salsa.debian.org/postfix-team/postfix-dev/-/blob/debian/buster-updates/debian/postfix.postinst#L40 if [ -f /run/.containerenv -o -f /.dockerenv ]; then mv /bin/hostname /bin/x-hostname - echo openproject.local > /etc/hostname + echo openproject.internal > /etc/hostname apt-get install -y postfix mv /bin/x-hostname /bin/hostname fi diff --git a/docs/api/apiv3/components/examples/storage-nextcloud-unauthorized-response.yml b/docs/api/apiv3/components/examples/storage-nextcloud-unauthorized-response.yml index b26f9a3d1130..84086ddb34aa 100644 --- a/docs/api/apiv3/components/examples/storage-nextcloud-unauthorized-response.yml +++ b/docs/api/apiv3/components/examples/storage-nextcloud-unauthorized-response.yml @@ -59,7 +59,7 @@ value: href: urn:openproject-org:api:v3:storages:authorization:FailedAuthorization title: Authorization failed authorize: - href: https://nextcloud25.local/index.php/apps/oauth2/authorize?client_id=fnrIeJZqqAKGQlejuDaGhSQfCAVtoayHLACWCYcPJ0w17Pp6daPPUktkM9QaGxca&redirect_uri=https://openproject.local/oauth_clients/fnrIeJZqqAKGQlejuDaGhSQfCAVtoayHLACWCYcPJ0w17Pp6daPPUktkM9QaGxca/callback&response_type=code + href: https://nextcloud25.internal/index.php/apps/oauth2/authorize?client_id=fnrIeJZqqAKGQlejuDaGhSQfCAVtoayHLACWCYcPJ0w17Pp6daPPUktkM9QaGxca&redirect_uri=https://openproject.internal/oauth_clients/fnrIeJZqqAKGQlejuDaGhSQfCAVtoayHLACWCYcPJ0w17Pp6daPPUktkM9QaGxca/callback&response_type=code title: Authorize projectStorages: href: /api/v3/project_storages?filters=[{"storageId":{"operator":"=","values":["1337"]}}] diff --git a/docs/api/apiv3/components/schemas/project_storage_model.yml b/docs/api/apiv3/components/schemas/project_storage_model.yml index 7f43d8c48e90..8ff493f9c0b2 100644 --- a/docs/api/apiv3/components/schemas/project_storage_model.yml +++ b/docs/api/apiv3/components/schemas/project_storage_model.yml @@ -113,4 +113,4 @@ example: open: href: '/api/v3/storages/81/open' openWithConnectionEnsured: - href: '/oauth_clients/123/ensure_connection?destination_url=https%3A%2F%2Fopenproject.local%2Fprojects%2Fdeath-star%2Fproject_storages%2F23%2Fopen&storage_id=81' + href: '/oauth_clients/123/ensure_connection?destination_url=https%3A%2F%2Fopenproject.internal%2Fprojects%2Fdeath-star%2Fproject_storages%2F23%2Fopen&storage_id=81' diff --git a/docs/development/development-environment/docker/README.md b/docs/development/development-environment/docker/README.md index a0131770acfc..b6b0873f77cb 100644 --- a/docs/development/development-environment/docker/README.md +++ b/docs/development/development-environment/docker/README.md @@ -236,7 +236,7 @@ At the end you will be running two separate docker-compose stacks: 2. the stack defined in `docker/dev/tls` that runs the CA and reverse proxy. If the setup is successful, you will be able to access the local OpenProject application -under `https://openproject.local`. Of course, the host name is replaceable. +under `https://openproject.internal`. Of course, the host name is replaceable. ### Resolving host names @@ -246,8 +246,8 @@ and `443` and redirect those requests to the specific container. To make it happ define for your services to your `/etc/hosts`. ```shell -127.0.0.1 openproject.local traefik.local -::1 openproject.local traefik.local +127.0.0.1 openproject.internal traefik.internal +::1 openproject.internal traefik.internal ``` #### DNS? Where are you? @@ -375,7 +375,7 @@ In addition, we need to alter the environmental variables used in the new overri like that: ```shell -OPENPROJECT_DEV_HOST=openproject.local +OPENPROJECT_DEV_HOST=openproject.internal OPENPROJECT_DEV_URL=https://${OPENPROJECT_DEV_HOST} ``` @@ -397,7 +397,7 @@ to have Nextcloud running to test the Nextcloud-OpenProject integration. To do t ### Troubleshooting -After this setup you should be able to access your OpenProject development instance at `https://openproject.local`. If +After this setup you should be able to access your OpenProject development instance at `https://openproject.internal`. If something went wrong, check if your problem is listed here. #### Certificate invalid @@ -415,7 +415,7 @@ docker compose --project-directory docker/dev/tls up -d Within `docker/dev/gitlab` a compose file is provided for running local Gitlab instance with TLS support. This provides a production like environment for testing the OpenProject GitLab integration against a community edition GitLab instance -accessible on `https://gitlab.local`. +accessible on `https://gitlab.internal`. > NOTE: Configure [TLS Support](#tls-support) first before starting the GitLab service @@ -446,10 +446,10 @@ docker compose --project-directory docker/dev/gitlab exec -it gitlab gitlab-rake ## Keycloak Service -> NOTE: OpenID connect is an enterprise feature in OpenProject. So, to be able to use this feature for development setup, we need to have an `Enterprise Edition Token` which is restricted to the domain `openproject.local` +> NOTE: OpenID connect is an enterprise feature in OpenProject. So, to be able to use this feature for development setup, we need to have an `Enterprise Edition Token` which is restricted to the domain `openproject.internal` Within `docker/dev/keycloak` a compose file is provided for running local keycloak instance with TLS support. This provides -a production like environment for testing the OpenProject Keycloak integration against a keycloak instance accessible on `https://keycloak.local`. +a production like environment for testing the OpenProject Keycloak integration against a keycloak instance accessible on `https://keycloak.internal`. > NOTE: Configure [TLS Support](#tls-support) first before starting the Keycloak service @@ -461,7 +461,7 @@ Start up the docker compose service for Keycloak as follows: docker compose --project-directory docker/dev/keycloak up -d ``` -Once the keycloak service is started and running, you can access the keycloak instance on `https://keycloak.local` +Once the keycloak service is started and running, you can access the keycloak instance on `https://keycloak.internal` and login with initial username and password as `admin`. Keycloak being an OpenID connect provider, we need to setup an OIDC integration for OpenProject. diff --git a/docs/development/kerberos/README.md b/docs/development/kerberos/README.md index c1e5e9370829..b69b0a9208e8 100644 --- a/docs/development/kerberos/README.md +++ b/docs/development/kerberos/README.md @@ -15,7 +15,7 @@ To test Kerberos, you'll need to setup a local kerberos admin and kdc server. Th - A debian / ubuntu VM or local machine -- A local packaged installation installed using the hostname `openproject.local` +- A local packaged installation installed using the hostname `openproject.internal` ## Installing kerberos server @@ -25,22 +25,22 @@ First, install kdc and admin server: apt install krb5-kdc krb5-admin-server krb5-config -y ``` -During that installation, you'll be asked to enter the default realm. We'll use `TEST.LOCAL` in the course of this guide. +During that installation, you'll be asked to enter the default realm. We'll use `TEST.INTERNAL` in the course of this guide. ![Defining the default realm](realm.png) Next, you'll have to enter the hostnames used for your server. We'll assume this setup: -- The development server is running under `openproject.local` -- The KDC and admin server will be running under `kerberos.local` +- The development server is running under `openproject.internal` +- The KDC and admin server will be running under `kerberos.internal` You can simply add both of these hostnames to localhost in your `/etc/hosts` file. -Then, in the following screen, enter `openproject.local kerberos.local` +Then, in the following screen, enter `openproject.internal kerberos.internal` ![image-20220622162300570](image-20220622162300570.png) -For the administrative server, also enter `kerberos.local` +For the administrative server, also enter `kerberos.internal` ![Add the admin server](admin-server.png) @@ -50,7 +50,7 @@ The next dialog, you can simply continue with OK. The configuration will continu Next, add the realm with the command `krb5_newrealm`. You'll be prompted for a password. Double-check that it prints this line or similar: -`Initializing database '/var/lib/krb5kdc/principal' for realm 'TEST.LOCAL',` +`Initializing database '/var/lib/krb5kdc/principal' for realm 'TEST.INTERNAL',` Enter a password and continue with enter. The realm is now setup. @@ -58,7 +58,7 @@ Next, you'll restart the kdc server with `systemctl restart krb5-kdc` and confi ### Adding your principal -You can now run `kadmin.local` to access the admin CLI for adding principals to kerberos. In that prompt, enter a new user for testing: +You can now run `kadmin.internal` to access the admin CLI for adding principals to kerberos. In that prompt, enter a new user for testing: `addprinc user1` @@ -67,14 +67,14 @@ This will prompt for a password for user1, which you have to confirm afterwards. To check that the user was created successfully, run this command `get_principal`: ```text -> kadmin.local: get_principal user1 -Principal: user1@TEST.LOCAL +> kadmin.internal: get_principal user1 +Principal: user1@TEST.INTERNAL Expiration date: [never] Last password change: Mi Jun 22 16:28:58 CEST 2022 Password expiration date: [never] Maximum ticket life: 0 days 10:00:00 Maximum renewable life: 7 days 00:00:00 -Last modified: Mi Jun 22 16:28:58 CEST 2022 (HTTP/admin@TEST.LOCAL) +Last modified: Mi Jun 22 16:28:58 CEST 2022 (HTTP/admin@TEST.INTERNAL) Last successful authentication: [never] Last failed authentication: [never] Failed password attempts: 0 @@ -90,21 +90,21 @@ Policy: [none] The OpenProject Apache module for kerberos will call the kerberos with its own service principal. That we will have to create and add a keytab for, so that the password can be access by Apache. -In the `kadmin.local` prompt, run this: +In the `kadmin.internal` prompt, run this: ```shell -addprinc -randkey HTTP/openproject.local +addprinc -randkey HTTP/openproject.internal ``` Note that this will not require a password prompt. -This adds a principal for the HTTP/openproject.local service. Next, add it to a keyfile at `/etc/apache2/openproject.keytab`: +This adds a principal for the HTTP/openproject.internal service. Next, add it to a keyfile at `/etc/apache2/openproject.keytab`: ```shell -ktadd -k /etc/apache2/openproject.keytab HTTP/openproject.local +ktadd -k /etc/apache2/openproject.keytab HTTP/openproject.internal ``` -Exit the `kadmin.local` console. Make sure the file is readable by apache2: +Exit the `kadmin.internal` console. Make sure the file is readable by apache2: ```shell chown www-data:www-data /etc/apache2/openproject.keytab @@ -128,14 +128,14 @@ Add the following contents: AuthType GSSAPI # The Basic Auth dialog name shown to the user # change this freely - AuthName "TEST.LOCAL realm login" + AuthName "TEST.INTERNAL realm login" # The realm used for Kerberos, you will want to # change this to your actual domain GssapiCredStore keytab:/etc/apache2/openproject.keytab # You can also try to set the explicit name instead of the keytab, # this will lookup the keytab from its default location /etc/kr5b.keytab - #GssapiCredStore HTTP/openproject.local@TEST.LOCAL + #GssapiCredStore HTTP/openproject.internal@TEST.INTERNAL # Disable SSL GssapiSSLonly Off # Enable sending username without REALM @@ -154,7 +154,7 @@ Add the following contents: Save the file and check the config with `apache2ctl configtest`. If this works fine, restart apache with `systemctl restart apache2`. -If your OpenProject installation isn't yet running under `openproject.local`, run `openproject reconfigure` to change the hostname. +If your OpenProject installation isn't yet running under `openproject.internal`, run `openproject reconfigure` to change the hostname. ## Configure OpenProject diff --git a/docs/development/localhost-ssl/README.md b/docs/development/localhost-ssl/README.md index 58e95f916909..b9f80d101938 100644 --- a/docs/development/localhost-ssl/README.md +++ b/docs/development/localhost-ssl/README.md @@ -121,14 +121,14 @@ setup a reverse proxy in docker, like [traefik](https://traefik.io/). Then follo ```yaml labels: - - "traefik.http.routers.op-backend.rule=Host(`op-backend.local`)" + - "traefik.http.routers.op-backend.rule=Host(`op-backend.internal`)" ``` - add the extra hosts to your `/etc/hosts` to redirect to `localhost` - add the extra hosts to your `backend` service with ```yaml - OPENPROJECT_DEV_EXTRA_HOSTS: 'op-backend.local,op-backend.local' + OPENPROJECT_DEV_EXTRA_HOSTS: 'op-backend.internal,op-backend.internal' ``` > **Reminder**: diff --git a/docs/system-admin-guide/authentication/kerberos/README.md b/docs/system-admin-guide/authentication/kerberos/README.md index 4513ae82b5d8..982cebdb15b9 100644 --- a/docs/system-admin-guide/authentication/kerberos/README.md +++ b/docs/system-admin-guide/authentication/kerberos/README.md @@ -22,7 +22,7 @@ Assuming you have Kerberos set up with a realm, you need to create a Kerberos se Create the service principal (e.g. using `kadmin`) and a keytab for OpenProject used for Apache with the following commands: ```shell -# Assuming you're in the `kadmin.local` interactive command +# Assuming you're in the `kadmin.internal` interactive command addprinc -randkey HTTP/openproject.example.com ktadd -k /etc/apache2/openproject.keytab HTTP/openproject.example.com diff --git a/modules/storages/spec/common/storages/peripherals/storage_interaction/nextcloud/download_link_query_spec.rb b/modules/storages/spec/common/storages/peripherals/storage_interaction/nextcloud/download_link_query_spec.rb index 349d364f217a..4f3f5cfa5baf 100644 --- a/modules/storages/spec/common/storages/peripherals/storage_interaction/nextcloud/download_link_query_spec.rb +++ b/modules/storages/spec/common/storages/peripherals/storage_interaction/nextcloud/download_link_query_spec.rb @@ -74,7 +74,7 @@ expect(download_link).to be_success uri = URI(download_link.result) - expect(uri.host).to eq("nextcloud.local") + expect(uri.host).to eq("nextcloud.internal") expect(uri.path) .to match(/index.php\/apps\/integration_openproject\/direct\/[0-9a-zA-Z]+\/#{file_link.origin_name}/) end @@ -95,7 +95,7 @@ expect(download_link).to be_success uri = URI(download_link.result) - expect(uri.host).to eq("nextcloud.local") + expect(uri.host).to eq("nextcloud.internal") expect(uri.path) .to match(/index.php\/apps\/integration_openproject\/direct\/[0-9a-zA-Z]+\/#{file_link.origin_name}/) end diff --git a/modules/storages/spec/common/storages/peripherals/storage_interaction/nextcloud/upload_link_query_spec.rb b/modules/storages/spec/common/storages/peripherals/storage_interaction/nextcloud/upload_link_query_spec.rb index 9f57257b7373..a905a13f16ff 100644 --- a/modules/storages/spec/common/storages/peripherals/storage_interaction/nextcloud/upload_link_query_spec.rb +++ b/modules/storages/spec/common/storages/peripherals/storage_interaction/nextcloud/upload_link_query_spec.rb @@ -49,7 +49,7 @@ Storages::UploadData.new(folder_id: "169", file_name: "DeathStart_blueprints.tiff") end let(:token) { "SrQJeC5zM3B5Gw64d7dEQFQpFw8YBAtZWoxeLb59AR7PpGPyoGAkAko5G6ZiZ2HA" } - let(:upload_url) { "https://nextcloud.local/index.php/apps/integration_openproject/direct-upload/#{token}" } + let(:upload_url) { "https://nextcloud.internal/index.php/apps/integration_openproject/direct-upload/#{token}" } let(:upload_method) { :post } it_behaves_like "upload_link_query: successful upload link response" diff --git a/modules/storages/spec/factories/storage_factory.rb b/modules/storages/spec/factories/storage_factory.rb index 048e890902e7..394c2e9b42c4 100644 --- a/modules/storages/spec/factories/storage_factory.rb +++ b/modules/storages/spec/factories/storage_factory.rb @@ -115,7 +115,7 @@ end name { "Nextcloud Local" } - host { "https://nextcloud.local/" } + host { "https://nextcloud.internal/" } initialize_with do Storages::NextcloudStorage.create_or_find_by(attributes.except(:oauth_client, :oauth_application)) @@ -131,7 +131,7 @@ uid: ENV.fetch("NEXTCLOUD_LOCAL_OPENPROJECT_UID", "MISSING_NEXTCLOUD_LOCAL_OPENPROJECT_UID"), secret: ENV.fetch("NEXTCLOUD_LOCAL_OPENPROJECT_SECRET", "MISSING_NEXTCLOUD_LOCAL_OPENPROJECT_SECRET"), redirect_uri: ENV.fetch("NEXTCLOUD_LOCAL_OPENPROJECT_REDIRECT_URI", - "https://nextcloud.local/index.php/apps/integration_openproject/oauth-redirect"), + "https://nextcloud.internal/index.php/apps/integration_openproject/oauth-redirect"), scopes: "api_v3", integration: storage) diff --git a/modules/storages/spec/requests/api/v3/storages/storages_api_spec.rb b/modules/storages/spec/requests/api/v3/storages/storages_api_spec.rb index e964dc790826..5e54f179be9a 100644 --- a/modules/storages/spec/requests/api/v3/storages/storages_api_spec.rb +++ b/modules/storages/spec/requests/api/v3/storages/storages_api_spec.rb @@ -105,7 +105,7 @@ describe "POST /api/v3/storages" do let(:path) { api_v3_paths.storages } - let(:host) { "https://example.nextcloud.local" } + let(:host) { "https://example.nextcloud.internal" } let(:name) { "APIStorage" } let(:type) { "urn:openproject-org:api:v3:storages:Nextcloud" } let(:params) do diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/auth/nextcloud/basic_auth.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/auth/nextcloud/basic_auth.yml index 167e84304c58..fed9fb845520 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/auth/nextcloud/basic_auth.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/auth/nextcloud/basic_auth.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: get - uri: https://nextcloud.local/ocs/v1.php/cloud/user + uri: https://nextcloud.internal/ocs/v1.php/cloud/user body: encoding: US-ASCII string: '' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/auth/nextcloud/basic_auth_password_invalid.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/auth/nextcloud/basic_auth_password_invalid.yml index 5fa325bb2c6c..fc9b73be9b82 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/auth/nextcloud/basic_auth_password_invalid.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/auth/nextcloud/basic_auth_password_invalid.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: get - uri: https://nextcloud.local/ocs/v1.php/cloud/user + uri: https://nextcloud.internal/ocs/v1.php/cloud/user body: encoding: US-ASCII string: '' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/auth/nextcloud/user_token_access_token_invalid.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/auth/nextcloud/user_token_access_token_invalid.yml index 4fdeeb62ec21..2ffc03cc227f 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/auth/nextcloud/user_token_access_token_invalid.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/auth/nextcloud/user_token_access_token_invalid.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: get - uri: https://nextcloud.local/ocs/v1.php/cloud/user + uri: https://nextcloud.internal/ocs/v1.php/cloud/user body: encoding: US-ASCII string: '' @@ -81,7 +81,7 @@ http_interactions: recorded_at: Fri, 08 Mar 2024 09:27:40 GMT - request: method: post - uri: https://nextcloud.local/index.php/apps/oauth2/api/v1/token + uri: https://nextcloud.internal/index.php/apps/oauth2/api/v1/token body: encoding: ASCII-8BIT string: grant_type=refresh_token&scope=&client_id=7fj7lpG0GOqwOGhHAyfGwd1oEgtbTto7mctu0IaSN3SE79o9Xs0q8k3kDiEwXDrM&client_secret=j7RoyauWeIpMc7cYdY3lewCGKxdgiAowonpGzmAuj9iRSvYBAGXhP7hvz9Hp7skR&refresh_token=HRrpqZowJjD6OzBnwkpFTJAnAGQFUkhJ7En4ZpPtkhrPEIuRohVY56ooknlsrRVdIUOUPvyqtTzXomxDcOXvjnXhpREA18CkYOYQ3s2fxqOlk9u9mNrSTxHaqD0mpItw @@ -155,7 +155,7 @@ http_interactions: recorded_at: Fri, 08 Mar 2024 09:27:41 GMT - request: method: get - uri: https://nextcloud.local/ocs/v1.php/cloud/user + uri: https://nextcloud.internal/ocs/v1.php/cloud/user body: encoding: US-ASCII string: '' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/auth/nextcloud/user_token_refresh_token_invalid.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/auth/nextcloud/user_token_refresh_token_invalid.yml index 4fd947950820..d71141c3ee68 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/auth/nextcloud/user_token_refresh_token_invalid.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/auth/nextcloud/user_token_refresh_token_invalid.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: get - uri: https://nextcloud.local/ocs/v1.php/cloud/user + uri: https://nextcloud.internal/ocs/v1.php/cloud/user body: encoding: US-ASCII string: '' @@ -81,7 +81,7 @@ http_interactions: recorded_at: Fri, 08 Mar 2024 09:21:35 GMT - request: method: post - uri: https://nextcloud.local/index.php/apps/oauth2/api/v1/token + uri: https://nextcloud.internal/index.php/apps/oauth2/api/v1/token body: encoding: ASCII-8BIT string: grant_type=refresh_token&scope=&client_id=7fj7lpG0GOqwOGhHAyfGwd1oEgtbTto7mctu0IaSN3SE79o9Xs0q8k3kDiEwXDrM&client_secret=j7RoyauWeIpMc7cYdY3lewCGKxdgiAowonpGzmAuj9iRSvYBAGXhP7hvz9Hp7skR&refresh_token= diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/capabilities_invalid_data.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/capabilities_invalid_data.yml index f85b18288227..ae67b18f1923 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/capabilities_invalid_data.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/capabilities_invalid_data.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: get - uri: https://nextcloud.local/ocs/v2.php/cloud/capabilities + uri: https://nextcloud.internal/ocs/v2.php/cloud/capabilities body: encoding: US-ASCII string: '' @@ -71,6 +71,6 @@ http_interactions: body: encoding: UTF-8 string: '{"ocs":{"meta":{"status":"ok","statuscode":200,"message":"OK"},"data":{"version":{"major":28,"minor":0,"micro":7,"string":"28.0.7","edition":"","extendedSupport":false},"capabilities":{"bruteforce":{"delay":0,"allow-listed":false},"integration_openproject":{"app_version":"2.6","groupfolder_version":"16.0.7","groupfolders_enabled":true},"theming":{"name":"Nextcloud","url":"https:\/\/nextcloud.com","slogan":"a - safe home for all your data","color":"#00679e","color-text":"#ffffff","color-element":"#00679e","color-element-bright":"#00679e","color-element-dark":"#00679e","logo":"https:\/\/nextcloud.local\/core\/img\/logo\/logo.svg?v=0","background":"#00679e","background-plain":true,"background-default":true,"logoheader":"https:\/\/nextcloud.local\/core\/img\/logo\/logo.svg?v=0","favicon":"https:\/\/nextcloud.local\/core\/img\/logo\/logo.svg?v=0"}}}}}' + safe home for all your data","color":"#00679e","color-text":"#ffffff","color-element":"#00679e","color-element-bright":"#00679e","color-element-dark":"#00679e","logo":"https:\/\/nextcloud.internal\/core\/img\/logo\/logo.svg?v=0","background":"#00679e","background-plain":true,"background-default":true,"logoheader":"https:\/\/nextcloud.internal\/core\/img\/logo\/logo.svg?v=0","favicon":"https:\/\/nextcloud.internal\/core\/img\/logo\/logo.svg?v=0"}}}}}' recorded_at: Thu, 18 Jul 2024 11:27:28 GMT recorded_with: VCR 6.2.0 diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/capabilities_success.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/capabilities_success.yml index aa5685c1c289..fadf72c383ea 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/capabilities_success.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/capabilities_success.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: get - uri: https://nextcloud.local/ocs/v2.php/cloud/capabilities + uri: https://nextcloud.internal/ocs/v2.php/cloud/capabilities body: encoding: US-ASCII string: '' @@ -71,6 +71,6 @@ http_interactions: body: encoding: UTF-8 string: '{"ocs":{"meta":{"status":"ok","statuscode":200,"message":"OK"},"data":{"version":{"major":28,"minor":0,"micro":7,"string":"28.0.7","edition":"","extendedSupport":false},"capabilities":{"bruteforce":{"delay":0,"allow-listed":false},"integration_openproject":{"app_version":"2.6.3","groupfolder_version":"16.0.7","groupfolders_enabled":true},"theming":{"name":"Nextcloud","url":"https:\/\/nextcloud.com","slogan":"a - safe home for all your data","color":"#00679e","color-text":"#ffffff","color-element":"#00679e","color-element-bright":"#00679e","color-element-dark":"#00679e","logo":"https:\/\/nextcloud.local\/core\/img\/logo\/logo.svg?v=0","background":"#00679e","background-plain":true,"background-default":true,"logoheader":"https:\/\/nextcloud.local\/core\/img\/logo\/logo.svg?v=0","favicon":"https:\/\/nextcloud.local\/core\/img\/logo\/logo.svg?v=0"}}}}}' + safe home for all your data","color":"#00679e","color-text":"#ffffff","color-element":"#00679e","color-element-bright":"#00679e","color-element-dark":"#00679e","logo":"https:\/\/nextcloud.internal\/core\/img\/logo\/logo.svg?v=0","background":"#00679e","background-plain":true,"background-default":true,"logoheader":"https:\/\/nextcloud.internal\/core\/img\/logo\/logo.svg?v=0","favicon":"https:\/\/nextcloud.internal\/core\/img\/logo\/logo.svg?v=0"}}}}}' recorded_at: Thu, 18 Jul 2024 08:57:07 GMT recorded_with: VCR 6.2.0 diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/capabilities_success_app_disabled.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/capabilities_success_app_disabled.yml index 5ba43df5d47c..416ab003e62c 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/capabilities_success_app_disabled.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/capabilities_success_app_disabled.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: get - uri: https://nextcloud.local/ocs/v2.php/cloud/capabilities + uri: https://nextcloud.internal/ocs/v2.php/cloud/capabilities body: encoding: US-ASCII string: '' @@ -71,6 +71,6 @@ http_interactions: body: encoding: UTF-8 string: '{"ocs":{"meta":{"status":"ok","statuscode":200,"message":"OK"},"data":{"version":{"major":28,"minor":0,"micro":7,"string":"28.0.7","edition":"","extendedSupport":false},"capabilities":{"bruteforce":{"delay":0,"allow-listed":false},"theming":{"name":"Nextcloud","url":"https:\/\/nextcloud.com","slogan":"a - safe home for all your data","color":"#00679e","color-text":"#ffffff","color-element":"#00679e","color-element-bright":"#00679e","color-element-dark":"#00679e","logo":"https:\/\/nextcloud.local\/core\/img\/logo\/logo.svg?v=0","background":"#00679e","background-plain":true,"background-default":true,"logoheader":"https:\/\/nextcloud.local\/core\/img\/logo\/logo.svg?v=0","favicon":"https:\/\/nextcloud.local\/core\/img\/logo\/logo.svg?v=0"}}}}}' + safe home for all your data","color":"#00679e","color-text":"#ffffff","color-element":"#00679e","color-element-bright":"#00679e","color-element-dark":"#00679e","logo":"https:\/\/nextcloud.internal\/core\/img\/logo\/logo.svg?v=0","background":"#00679e","background-plain":true,"background-default":true,"logoheader":"https:\/\/nextcloud.internal\/core\/img\/logo\/logo.svg?v=0","favicon":"https:\/\/nextcloud.internal\/core\/img\/logo\/logo.svg?v=0"}}}}}' recorded_at: Thu, 18 Jul 2024 11:08:36 GMT recorded_with: VCR 6.2.0 diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/capabilities_success_group_folder_disabled.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/capabilities_success_group_folder_disabled.yml index 612fd14c4d06..b1ae695e10e3 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/capabilities_success_group_folder_disabled.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/capabilities_success_group_folder_disabled.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: get - uri: https://nextcloud.local/ocs/v2.php/cloud/capabilities + uri: https://nextcloud.internal/ocs/v2.php/cloud/capabilities body: encoding: US-ASCII string: '' @@ -71,6 +71,6 @@ http_interactions: body: encoding: UTF-8 string: '{"ocs":{"meta":{"status":"ok","statuscode":200,"message":"OK"},"data":{"version":{"major":28,"minor":0,"micro":7,"string":"28.0.7","edition":"","extendedSupport":false},"capabilities":{"bruteforce":{"delay":0,"allow-listed":false},"integration_openproject":{"app_version":"2.6.3","groupfolder_version":"16.0.7","groupfolders_enabled":false},"theming":{"name":"Nextcloud","url":"https:\/\/nextcloud.com","slogan":"a - safe home for all your data","color":"#00679e","color-text":"#ffffff","color-element":"#00679e","color-element-bright":"#00679e","color-element-dark":"#00679e","logo":"https:\/\/nextcloud.local\/core\/img\/logo\/logo.svg?v=0","background":"#00679e","background-plain":true,"background-default":true,"logoheader":"https:\/\/nextcloud.local\/core\/img\/logo\/logo.svg?v=0","favicon":"https:\/\/nextcloud.local\/core\/img\/logo\/logo.svg?v=0"}}}}}' + safe home for all your data","color":"#00679e","color-text":"#ffffff","color-element":"#00679e","color-element-bright":"#00679e","color-element-dark":"#00679e","logo":"https:\/\/nextcloud.internal\/core\/img\/logo\/logo.svg?v=0","background":"#00679e","background-plain":true,"background-default":true,"logoheader":"https:\/\/nextcloud.internal\/core\/img\/logo\/logo.svg?v=0","favicon":"https:\/\/nextcloud.internal\/core\/img\/logo\/logo.svg?v=0"}}}}}' recorded_at: Thu, 18 Jul 2024 11:03:34 GMT recorded_with: VCR 6.2.0 diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/capabilities_success_group_folder_not_installed.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/capabilities_success_group_folder_not_installed.yml index 4d6008985497..cf26ac0db1a3 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/capabilities_success_group_folder_not_installed.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/capabilities_success_group_folder_not_installed.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: get - uri: https://nextcloud.local/ocs/v2.php/cloud/capabilities + uri: https://nextcloud.internal/ocs/v2.php/cloud/capabilities body: encoding: US-ASCII string: '' @@ -71,6 +71,6 @@ http_interactions: body: encoding: UTF-8 string: '{"ocs":{"meta":{"status":"ok","statuscode":200,"message":"OK"},"data":{"version":{"major":28,"minor":0,"micro":7,"string":"28.0.7","edition":"","extendedSupport":false},"capabilities":{"bruteforce":{"delay":0,"allow-listed":false},"integration_openproject":{"app_version":"2.6.3","groupfolder_version":"0","groupfolders_enabled":false},"theming":{"name":"Nextcloud","url":"https:\/\/nextcloud.com","slogan":"a - safe home for all your data","color":"#00679e","color-text":"#ffffff","color-element":"#00679e","color-element-bright":"#00679e","color-element-dark":"#00679e","logo":"https:\/\/nextcloud.local\/core\/img\/logo\/logo.svg?v=0","background":"#00679e","background-plain":true,"background-default":true,"logoheader":"https:\/\/nextcloud.local\/core\/img\/logo\/logo.svg?v=0","favicon":"https:\/\/nextcloud.local\/core\/img\/logo\/logo.svg?v=0"}}}}}' + safe home for all your data","color":"#00679e","color-text":"#ffffff","color-element":"#00679e","color-element-bright":"#00679e","color-element-dark":"#00679e","logo":"https:\/\/nextcloud.internal\/core\/img\/logo\/logo.svg?v=0","background":"#00679e","background-plain":true,"background-default":true,"logoheader":"https:\/\/nextcloud.internal\/core\/img\/logo\/logo.svg?v=0","favicon":"https:\/\/nextcloud.internal\/core\/img\/logo\/logo.svg?v=0"}}}}}' recorded_at: Thu, 18 Jul 2024 11:04:56 GMT recorded_with: VCR 6.2.0 diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/create_folder_already_exists.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/create_folder_already_exists.yml index 5667112fc995..ad419d69c80f 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/create_folder_already_exists.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/create_folder_already_exists.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: mkcol - uri: https://nextcloud.local/remote.php/dav/files/admin/Folder + uri: https://nextcloud.internal/remote.php/dav/files/admin/Folder body: encoding: US-ASCII string: '' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/create_folder_parent.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/create_folder_parent.yml index 0c26aa182613..696019f56952 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/create_folder_parent.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/create_folder_parent.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: mkcol - uri: https://nextcloud.local/remote.php/dav/files/admin/Folder/F%C3%B6lder%20CreatedBy%20%C3%87ommand + uri: https://nextcloud.internal/remote.php/dav/files/admin/Folder/F%C3%B6lder%20CreatedBy%20%C3%87ommand body: encoding: US-ASCII string: '' @@ -77,7 +77,7 @@ http_interactions: recorded_at: Tue, 23 Apr 2024 11:25:29 GMT - request: method: propfind - uri: https://nextcloud.local/remote.php/dav/files/admin/Folder/F%C3%B6lder%20CreatedBy%20%C3%87ommand + uri: https://nextcloud.internal/remote.php/dav/files/admin/Folder/F%C3%B6lder%20CreatedBy%20%C3%87ommand body: encoding: UTF-8 string: | @@ -174,7 +174,7 @@ http_interactions: recorded_at: Tue, 23 Apr 2024 11:25:29 GMT - request: method: delete - uri: https://nextcloud.local/remote.php/dav/files/admin/Folder/F%C3%B6lder%20CreatedBy%20%C3%87ommand + uri: https://nextcloud.internal/remote.php/dav/files/admin/Folder/F%C3%B6lder%20CreatedBy%20%C3%87ommand body: encoding: US-ASCII string: '' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/create_folder_parent_not_found.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/create_folder_parent_not_found.yml index 4763ed992dc3..d2f29901f478 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/create_folder_parent_not_found.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/create_folder_parent_not_found.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: mkcol - uri: https://nextcloud.local/remote.php/dav/files/admin/DeathStar3/New%20Folder + uri: https://nextcloud.internal/remote.php/dav/files/admin/DeathStar3/New%20Folder body: encoding: US-ASCII string: '' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/create_folder_root.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/create_folder_root.yml index 24965787e5dd..6067e4888662 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/create_folder_root.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/create_folder_root.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: mkcol - uri: https://nextcloud.local/remote.php/dav/files/admin/F%C3%B6lder%20CreatedBy%20%C3%87ommand + uri: https://nextcloud.internal/remote.php/dav/files/admin/F%C3%B6lder%20CreatedBy%20%C3%87ommand body: encoding: US-ASCII string: '' @@ -77,7 +77,7 @@ http_interactions: recorded_at: Tue, 23 Apr 2024 11:22:31 GMT - request: method: propfind - uri: https://nextcloud.local/remote.php/dav/files/admin/F%C3%B6lder%20CreatedBy%20%C3%87ommand + uri: https://nextcloud.internal/remote.php/dav/files/admin/F%C3%B6lder%20CreatedBy%20%C3%87ommand body: encoding: UTF-8 string: | @@ -174,7 +174,7 @@ http_interactions: recorded_at: Tue, 23 Apr 2024 11:22:32 GMT - request: method: delete - uri: https://nextcloud.local/remote.php/dav/files/admin/F%C3%B6lder%20CreatedBy%20%C3%87ommand + uri: https://nextcloud.internal/remote.php/dav/files/admin/F%C3%B6lder%20CreatedBy%20%C3%87ommand body: encoding: US-ASCII string: '' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/delete_folder.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/delete_folder.yml index 4b445746b8ff..737305c39a87 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/delete_folder.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/delete_folder.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: mkcol - uri: https://nextcloud.local/remote.php/dav/files/admin/To%20Be%20Deleted%20Soon + uri: https://nextcloud.internal/remote.php/dav/files/admin/To%20Be%20Deleted%20Soon body: encoding: US-ASCII string: '' @@ -77,7 +77,7 @@ http_interactions: recorded_at: Tue, 23 Apr 2024 13:36:36 GMT - request: method: propfind - uri: https://nextcloud.local/remote.php/dav/files/admin/To%20Be%20Deleted%20Soon + uri: https://nextcloud.internal/remote.php/dav/files/admin/To%20Be%20Deleted%20Soon body: encoding: UTF-8 string: | @@ -174,7 +174,7 @@ http_interactions: recorded_at: Tue, 23 Apr 2024 13:36:36 GMT - request: method: delete - uri: https://nextcloud.local/remote.php/dav/files/admin/To%20Be%20Deleted%20Soon + uri: https://nextcloud.internal/remote.php/dav/files/admin/To%20Be%20Deleted%20Soon body: encoding: US-ASCII string: '' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/delete_folder_not_found.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/delete_folder_not_found.yml index b0d15c9c5961..a3be9e8999ca 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/delete_folder_not_found.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/delete_folder_not_found.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: delete - uri: https://nextcloud.local/remote.php/dav/files/admin/IDoNotExist + uri: https://nextcloud.internal/remote.php/dav/files/admin/IDoNotExist body: encoding: US-ASCII string: '' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/download_link_query_not_found.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/download_link_query_not_found.yml index 928ae15557d3..6ea7f2085445 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/download_link_query_not_found.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/download_link_query_not_found.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: post - uri: https://nextcloud.local/ocs/v2.php/apps/dav/api/v1/direct + uri: https://nextcloud.internal/ocs/v2.php/apps/dav/api/v1/direct body: encoding: UTF-8 string: '{"fileId":"DeathStarNumberThree"}' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/download_link_query_success.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/download_link_query_success.yml index 233b1009c28e..481bf1ca3eee 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/download_link_query_success.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/download_link_query_success.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: post - uri: https://nextcloud.local/ocs/v2.php/apps/dav/api/v1/direct + uri: https://nextcloud.internal/ocs/v2.php/apps/dav/api/v1/direct body: encoding: UTF-8 string: '{"fileId":"182"}' @@ -80,6 +80,6 @@ http_interactions: - '183' body: encoding: UTF-8 - string: '{"ocs":{"meta":{"status":"ok","statuscode":200,"message":"OK"},"data":{"url":"https:\/\/nextcloud.local\/remote.php\/direct\/I5uqL5tARwsUPNuqSzTMJ8dvsCmqAxBF18ltlmzDEEFn5ZOyfbkAFoJ4rMSV"}}}' + string: '{"ocs":{"meta":{"status":"ok","statuscode":200,"message":"OK"},"data":{"url":"https:\/\/nextcloud.internal\/remote.php\/direct\/I5uqL5tARwsUPNuqSzTMJ8dvsCmqAxBF18ltlmzDEEFn5ZOyfbkAFoJ4rMSV"}}}' recorded_at: Mon, 08 Apr 2024 11:34:13 GMT recorded_with: VCR 6.2.0 diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/download_link_query_unauthorized.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/download_link_query_unauthorized.yml index 3cafd5c27d0e..dbcbef6fc835 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/download_link_query_unauthorized.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/download_link_query_unauthorized.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: post - uri: https://nextcloud.local/ocs/v2.php/apps/dav/api/v1/direct + uri: https://nextcloud.internal/ocs/v2.php/apps/dav/api/v1/direct body: encoding: UTF-8 string: '{"fileId":"182"}' @@ -74,7 +74,7 @@ http_interactions: recorded_at: Mon, 08 Apr 2024 11:49:14 GMT - request: method: post - uri: https://nextcloud.local/index.php/apps/oauth2/api/v1/token + uri: https://nextcloud.internal/index.php/apps/oauth2/api/v1/token body: encoding: ASCII-8BIT string: grant_type=refresh_token&scope=&client_id=7fj7lpG0GOqwOGhHAyfGwd1oEgtbTto7mctu0IaSN3SE79o9Xs0q8k3kDiEwXDrM&client_secret=j7RoyauWeIpMc7cYdY3lewCGKxdgiAowonpGzmAuj9iRSvYBAGXhP7hvz9Hp7skR&refresh_token=FONj4kNQyzalItisiPfffipcIL0Ou4X5Q0fy0le2OmBkozdkzh8JNWGXnK9ZuQbDbCBe9B5wEpZzKofVUJdANHQ1yfX8wrqJtB6SbRqCcDEjzuSTssNwNYqIRsLHj4br @@ -148,7 +148,7 @@ http_interactions: recorded_at: Mon, 08 Apr 2024 11:49:14 GMT - request: method: post - uri: https://nextcloud.local/ocs/v2.php/apps/dav/api/v1/direct + uri: https://nextcloud.internal/ocs/v2.php/apps/dav/api/v1/direct body: encoding: UTF-8 string: '{"fileId":"182"}' @@ -226,6 +226,6 @@ http_interactions: - '182' body: encoding: UTF-8 - string: '{"ocs":{"meta":{"status":"ok","statuscode":200,"message":"OK"},"data":{"url":"https:\/\/nextcloud.local\/remote.php\/direct\/tfqJBvmg8n89HX0iFVMhQHVYLTKsJx69aNnbGjU8HOrXfKTTVMBTFFu60SMI"}}}' + string: '{"ocs":{"meta":{"status":"ok","statuscode":200,"message":"OK"},"data":{"url":"https:\/\/nextcloud.internal\/remote.php\/direct\/tfqJBvmg8n89HX0iFVMhQHVYLTKsJx69aNnbGjU8HOrXfKTTVMBTFFu60SMI"}}}' recorded_at: Mon, 08 Apr 2024 11:49:14 GMT recorded_with: VCR 6.2.0 diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_info_query_not_found.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_info_query_not_found.yml index 1f499b0f282e..094171e5d238 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_info_query_not_found.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_info_query_not_found.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: get - uri: https://nextcloud.local/ocs/v1.php/apps/integration_openproject/fileinfo/not_existent + uri: https://nextcloud.internal/ocs/v1.php/apps/integration_openproject/fileinfo/not_existent body: encoding: US-ASCII string: '' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_info_query_success_deleted_file.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_info_query_success_deleted_file.yml index 657514f50370..08a5c122aaf7 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_info_query_success_deleted_file.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_info_query_success_deleted_file.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: get - uri: https://nextcloud.local/ocs/v1.php/apps/integration_openproject/fileinfo/47 + uri: https://nextcloud.internal/ocs/v1.php/apps/integration_openproject/fileinfo/47 body: encoding: US-ASCII string: '' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_info_query_success_file.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_info_query_success_file.yml index e070e1ded7c5..2a1d1aed9adb 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_info_query_success_file.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_info_query_success_file.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: get - uri: https://nextcloud.local/ocs/v1.php/apps/integration_openproject/fileinfo/267 + uri: https://nextcloud.internal/ocs/v1.php/apps/integration_openproject/fileinfo/267 body: encoding: US-ASCII string: '' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_info_query_success_folder.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_info_query_success_folder.yml index 90d65aa1039c..55f52098a193 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_info_query_success_folder.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_info_query_success_folder.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: get - uri: https://nextcloud.local/ocs/v1.php/apps/integration_openproject/fileinfo/350 + uri: https://nextcloud.internal/ocs/v1.php/apps/integration_openproject/fileinfo/350 body: encoding: US-ASCII string: '' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_info_query_success_special_characters.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_info_query_success_special_characters.yml index bfd8c6d365d6..69b8e7f47e46 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_info_query_success_special_characters.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_info_query_success_special_characters.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: get - uri: https://nextcloud.local/ocs/v1.php/apps/integration_openproject/fileinfo/361 + uri: https://nextcloud.internal/ocs/v1.php/apps/integration_openproject/fileinfo/361 body: encoding: US-ASCII string: '' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_path_to_id_map_query_invalid_parent.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_path_to_id_map_query_invalid_parent.yml index f10e1ae12f99..4b00e1143e0e 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_path_to_id_map_query_invalid_parent.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_path_to_id_map_query_invalid_parent.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: propfind - uri: https://nextcloud.local/remote.php/dav/files/admin/I/just/made/that/up + uri: https://nextcloud.internal/remote.php/dav/files/admin/I/just/made/that/up body: encoding: UTF-8 string: | diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_path_to_id_map_query_parent_folder.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_path_to_id_map_query_parent_folder.yml index a1fd79fd7d9d..0b4c223c32b0 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_path_to_id_map_query_parent_folder.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_path_to_id_map_query_parent_folder.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: propfind - uri: https://nextcloud.local/remote.php/dav/files/admin/Folder + uri: https://nextcloud.internal/remote.php/dav/files/admin/Folder body: encoding: UTF-8 string: | diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_path_to_id_map_query_root.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_path_to_id_map_query_root.yml index 562e2ad833f8..1656ae4cdfa1 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_path_to_id_map_query_root.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/file_path_to_id_map_query_root.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: propfind - uri: https://nextcloud.local/remote.php/dav/files/admin + uri: https://nextcloud.internal/remote.php/dav/files/admin body: encoding: UTF-8 string: | diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_info_query_not_found.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_info_query_not_found.yml index 587d0aac370b..22168689d881 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_info_query_not_found.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_info_query_not_found.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: post - uri: https://nextcloud.local/ocs/v1.php/apps/integration_openproject/filesinfo + uri: https://nextcloud.internal/ocs/v1.php/apps/integration_openproject/filesinfo body: encoding: UTF-8 string: '{"fileIds":["1234"]}' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_info_query_only_one_not_authorized.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_info_query_only_one_not_authorized.yml index 89b4f2157d15..1e5aeffe9f38 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_info_query_only_one_not_authorized.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_info_query_only_one_not_authorized.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: post - uri: https://nextcloud.local/ocs/v1.php/apps/integration_openproject/filesinfo + uri: https://nextcloud.internal/ocs/v1.php/apps/integration_openproject/filesinfo body: encoding: UTF-8 string: '{"fileIds":["182","1234"]}' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_info_query_success.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_info_query_success.yml index aece85b382ec..bd312d3170c5 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_info_query_success.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_info_query_success.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: post - uri: https://nextcloud.local/ocs/v1.php/apps/integration_openproject/filesinfo + uri: https://nextcloud.internal/ocs/v1.php/apps/integration_openproject/filesinfo body: encoding: UTF-8 string: '{"fileIds":["182","203","222"]}' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_info_query_unauthorized.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_info_query_unauthorized.yml index 01f8bd7556da..a53e2b9086f4 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_info_query_unauthorized.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_info_query_unauthorized.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: post - uri: https://nextcloud.local/ocs/v1.php/apps/integration_openproject/filesinfo + uri: https://nextcloud.internal/ocs/v1.php/apps/integration_openproject/filesinfo body: encoding: UTF-8 string: '{"fileIds":["182","203","222"]}' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_query_empty_folder.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_query_empty_folder.yml index c327ec0774ce..84f73755043b 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_query_empty_folder.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_query_empty_folder.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: propfind - uri: https://nextcloud.local/remote.php/dav/files/m.jade@death.star/Folder%20with%20spaces/very%20empty%20folder + uri: https://nextcloud.internal/remote.php/dav/files/m.jade@death.star/Folder%20with%20spaces/very%20empty%20folder body: encoding: UTF-8 string: | diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_query_invalid_parent.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_query_invalid_parent.yml index 70318402b428..8509e3d25230 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_query_invalid_parent.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_query_invalid_parent.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: propfind - uri: https://nextcloud.local/remote.php/dav/files/m.jade@death.star/I/just/made/that/up + uri: https://nextcloud.internal/remote.php/dav/files/m.jade@death.star/I/just/made/that/up body: encoding: UTF-8 string: | diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_query_parent_folder.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_query_parent_folder.yml index 74ee796edba7..33292c6e4948 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_query_parent_folder.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_query_parent_folder.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: propfind - uri: https://nextcloud.local/remote.php/dav/files/m.jade@death.star/Folder/Nested%20Folder + uri: https://nextcloud.internal/remote.php/dav/files/m.jade@death.star/Folder/Nested%20Folder body: encoding: UTF-8 string: | diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_query_root.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_query_root.yml index 57319dd619af..20bb7cafc839 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_query_root.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_query_root.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: propfind - uri: https://nextcloud.local/remote.php/dav/files/m.jade@death.star + uri: https://nextcloud.internal/remote.php/dav/files/m.jade@death.star body: encoding: UTF-8 string: | diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_query_umlauts.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_query_umlauts.yml index 5b82aecb99c4..c682dcfd1b85 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_query_umlauts.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/files_query_umlauts.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: propfind - uri: https://nextcloud.local/remote.php/dav/files/m.jade@death.star/%C3%9Cml%C3%A6%C3%BBts + uri: https://nextcloud.internal/remote.php/dav/files/m.jade@death.star/%C3%9Cml%C3%A6%C3%BBts body: encoding: UTF-8 string: | diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/rename_file_not_found.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/rename_file_not_found.yml index 5166e1a939ca..68ddf19d450d 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/rename_file_not_found.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/rename_file_not_found.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: get - uri: https://nextcloud.local/ocs/v1.php/apps/integration_openproject/fileinfo/sith_have_yellow_light_sabers + uri: https://nextcloud.internal/ocs/v1.php/apps/integration_openproject/fileinfo/sith_have_yellow_light_sabers body: encoding: US-ASCII string: '' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/rename_file_success.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/rename_file_success.yml index 171b2895028e..bed1e439d978 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/rename_file_success.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/rename_file_success.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: get - uri: https://nextcloud.local/ocs/v1.php/apps/integration_openproject/fileinfo/169 + uri: https://nextcloud.internal/ocs/v1.php/apps/integration_openproject/fileinfo/169 body: encoding: US-ASCII string: '' @@ -80,7 +80,7 @@ http_interactions: recorded_at: Mon, 24 Jun 2024 12:47:43 GMT - request: method: move - uri: https://nextcloud.local/remote.php/dav/files/admin/Folder + uri: https://nextcloud.internal/remote.php/dav/files/admin/Folder body: encoding: US-ASCII string: '' @@ -88,7 +88,7 @@ http_interactions: Authorization: - Bearer Destination: - - https://nextcloud.local/remote.php/dav/files/admin/I%20am%20the%20senat + - https://nextcloud.internal/remote.php/dav/files/admin/I%20am%20the%20senat User-Agent: - httpx.rb/1.2.6 Accept: @@ -157,7 +157,7 @@ http_interactions: recorded_at: Mon, 24 Jun 2024 12:47:43 GMT - request: method: get - uri: https://nextcloud.local/ocs/v1.php/apps/integration_openproject/fileinfo/169 + uri: https://nextcloud.internal/ocs/v1.php/apps/integration_openproject/fileinfo/169 body: encoding: US-ASCII string: '' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/rename_file_with_location_success.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/rename_file_with_location_success.yml index 66af7a90012e..b66e56ae4748 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/rename_file_with_location_success.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/rename_file_with_location_success.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: get - uri: https://nextcloud.local/ocs/v1.php/apps/integration_openproject/fileinfo/167 + uri: https://nextcloud.internal/ocs/v1.php/apps/integration_openproject/fileinfo/167 body: encoding: US-ASCII string: '' @@ -81,7 +81,7 @@ http_interactions: recorded_at: Mon, 24 Jun 2024 12:47:44 GMT - request: method: move - uri: https://nextcloud.local/remote.php/dav/files/admin/Folder%20with%20spaces/New%20Requests/request_001.md + uri: https://nextcloud.internal/remote.php/dav/files/admin/Folder%20with%20spaces/New%20Requests/request_001.md body: encoding: US-ASCII string: '' @@ -89,7 +89,7 @@ http_interactions: Authorization: - Bearer Destination: - - https://nextcloud.local/remote.php/dav/files/admin/Folder%20with%20spaces/New%20Requests/I%E2%9D%A4%EF%B8%8Fyou%20death%20star.md + - https://nextcloud.internal/remote.php/dav/files/admin/Folder%20with%20spaces/New%20Requests/I%E2%9D%A4%EF%B8%8Fyou%20death%20star.md User-Agent: - httpx.rb/1.2.6 Accept: @@ -162,7 +162,7 @@ http_interactions: recorded_at: Mon, 24 Jun 2024 12:47:44 GMT - request: method: get - uri: https://nextcloud.local/ocs/v1.php/apps/integration_openproject/fileinfo/167 + uri: https://nextcloud.internal/ocs/v1.php/apps/integration_openproject/fileinfo/167 body: encoding: US-ASCII string: '' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/upload_link_not_found.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/upload_link_not_found.yml index 95561212f436..48913c2f92dc 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/upload_link_not_found.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/upload_link_not_found.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: post - uri: https://nextcloud.local/index.php/apps/integration_openproject/direct-upload-token + uri: https://nextcloud.internal/index.php/apps/integration_openproject/direct-upload-token body: encoding: UTF-8 string: '{"folder_id":"1337"}' diff --git a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/upload_link_success.yml b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/upload_link_success.yml index cda5daf12c6d..fcccee91b8dd 100644 --- a/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/upload_link_success.yml +++ b/modules/storages/spec/support/fixtures/vcr_cassettes/nextcloud/upload_link_success.yml @@ -2,7 +2,7 @@ http_interactions: - request: method: post - uri: https://nextcloud.local/index.php/apps/integration_openproject/direct-upload-token + uri: https://nextcloud.internal/index.php/apps/integration_openproject/direct-upload-token body: encoding: UTF-8 string: '{"folder_id":"169"}' diff --git a/spec/requests/api/v3/authentication_spec.rb b/spec/requests/api/v3/authentication_spec.rb index 7683cd988607..2280f59c2145 100644 --- a/spec/requests/api/v3/authentication_spec.rb +++ b/spec/requests/api/v3/authentication_spec.rb @@ -374,30 +374,97 @@ def set_basic_auth_header(user, password) "providers" => { "keycloak" => { "display_name" => "Keycloak", - "identifier" => "https://openproject.local", + "identifier" => "https://openproject.internal", "secret" => "9AWjVC3A4U1HLrZuSP4xiwHfw6zmgECn", - "host" => "keycloak.local", - "issuer" => "https://keycloak.local/realms/master", + "host" => "keycloak.internal", + "issuer" => "https://keycloak.internal/realms/master", "authorization_endpoint" => "/realms/master/protocol/openid-connect/auth", "token_endpoint" => "/realms/master/protocol/openid-connect/token", "userinfo_endpoint" => "/realms/master/protocol/openid-connect/userinfo", - "end_session_endpoint" => "https://keycloak.local/realms/master/protocol/openid-connect/logout", - "jwks_uri" => "https://keycloak.local/realms/master/protocol/openid-connect/certs" + "end_session_endpoint" => "https://keycloak.internal/realms/master/protocol/openid-connect/logout", + "jwks_uri" => "https://keycloak.internal/realms/master/protocol/openid-connect/certs" } } } } ) do - let(:rsa_signed_access_token_without_aud) do - "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI5N0FteXZvUzhCRkZSZm01ODVHUGdBMTZHMUgyVjIyRWR4eHVBWVV1b0trIn0.eyJleHAiOjE3MjEyODM0MzAsImlhdCI6MTcyMTI4MzM3MCwianRpIjoiYzUyNmI0MzUtOTkxZi00NzRhLWFkMWItYzM3MTQ1NmQxZmQwIiwiaXNzIjoiaHR0cHM6Ly9rZXljbG9hay5sb2NhbC9yZWFsbXMvbWFzdGVyIiwiYXVkIjpbIm1hc3Rlci1yZWFsbSIsImFjY291bnQiXSwic3ViIjoiYjcwZTJmYmYtZWE2OC00MjBjLWE3YTUtMGEyODdjYjY4OWM2IiwidHlwIjoiQmVhcmVyIiwiYXpwIjoiaHR0cHM6Ly9vcGVucHJvamVjdC5sb2NhbCIsInNlc3Npb25fc3RhdGUiOiJlYjIzNTI0MC0wYjQ3LTQ4ZmEtOGIzZS1mM2IzMTBkMzUyZTMiLCJhY3IiOiIxIiwiYWxsb3dlZC1vcmlnaW5zIjpbImh0dHBzOi8vb3BlbnByb2plY3QubG9jYWwiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbImNyZWF0ZS1yZWFsbSIsImRlZmF1bHQtcm9sZXMtbWFzdGVyIiwib2ZmbGluZV9hY2Nlc3MiLCJhZG1pbiIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsibWFzdGVyLXJlYWxtIjp7InJvbGVzIjpbInZpZXctcmVhbG0iLCJ2aWV3LWlkZW50aXR5LXByb3ZpZGVycyIsIm1hbmFnZS1pZGVudGl0eS1wcm92aWRlcnMiLCJpbXBlcnNvbmF0aW9uIiwiY3JlYXRlLWNsaWVudCIsIm1hbmFnZS11c2VycyIsInF1ZXJ5LXJlYWxtcyIsInZpZXctYXV0aG9yaXphdGlvbiIsInF1ZXJ5LWNsaWVudHMiLCJxdWVyeS11c2VycyIsIm1hbmFnZS1ldmVudHMiLCJtYW5hZ2UtcmVhbG0iLCJ2aWV3LWV2ZW50cyIsInZpZXctdXNlcnMiLCJ2aWV3LWNsaWVudHMiLCJtYW5hZ2UtYXV0aG9yaXphdGlvbiIsIm1hbmFnZS1jbGllbnRzIiwicXVlcnktZ3JvdXBzIl19LCJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6ImVtYWlsIHByb2ZpbGUiLCJzaWQiOiJlYjIzNTI0MC0wYjQ3LTQ4ZmEtOGIzZS1mM2IzMTBkMzUyZTMiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIn0.cLgbN9kygRwthUx0R0FazPfIUeEUVnw4HnDgN-Hsnm9oXVr6MqmfTRKEI-6n62dlnVKsdadF_tWf3jp26d6neLj1zlR-vojwaHm8A08S9m6IeMr9e0CGiYVHjrJtEeTgq6P9cJJfe7uuhSSvlG3ltFPDxaAe14Dz3BjhLO3iaCRkWfAZjKmnW-IMzzzHfGH-7of7qCAlF5ObEax38mf1Q0OmsPA4_5po-FFtw7H7FfDjsr6EXgtdwloDePkk2XIHs2XsIo0YugVHC9GqCWgBA8MBvCirFivqM53paZMnjhpQH-xgTpYGWlw3WNbG2Rny2GoEwIxdYOUO2amDQ_zkrQ" + let(:expected_message) { "You did not provide the correct credentials." } + let(:token) do + JWT.encode(token_payload, rsa_private, "RS256", kid: jwk[:kid]) end - let(:rsa_signed_access_token_with_aud) do - "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI5N0FteXZvUzhCRkZSZm01ODVHUGdBMTZHMUgyVjIyRWR4eHVBWVV1b0trIn0.eyJleHAiOjE3MjEyODQ3NjksImlhdCI6MTcyMTI4NDcwOSwianRpIjoiNjhiYzNmZTMtNDFhZi00MGUwLTg4NGEtNDgxNTM1MTU3NjIyIiwiaXNzIjoiaHR0cHM6Ly9rZXljbG9hay5sb2NhbC9yZWFsbXMvbWFzdGVyIiwiYXVkIjpbImh0dHBzOi8vb3BlbnByb2plY3QubG9jYWwiLCJtYXN0ZXItcmVhbG0iLCJhY2NvdW50Il0sInN1YiI6ImI3MGUyZmJmLWVhNjgtNDIwYy1hN2E1LTBhMjg3Y2I2ODljNiIsInR5cCI6IkJlYXJlciIsImF6cCI6Imh0dHBzOi8vb3BlbnByb2plY3QubG9jYWwiLCJzZXNzaW9uX3N0YXRlIjoiNWI5OWM3M2EtY2QwNS00N2MwLTgwZTctODRjYTNiYTI0MDQ1IiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyJodHRwczovL29wZW5wcm9qZWN0LmxvY2FsIl0sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJjcmVhdGUtcmVhbG0iLCJkZWZhdWx0LXJvbGVzLW1hc3RlciIsIm9mZmxpbmVfYWNjZXNzIiwiYWRtaW4iLCJ1bWFfYXV0aG9yaXphdGlvbiJdfSwicmVzb3VyY2VfYWNjZXNzIjp7Im1hc3Rlci1yZWFsbSI6eyJyb2xlcyI6WyJ2aWV3LXJlYWxtIiwidmlldy1pZGVudGl0eS1wcm92aWRlcnMiLCJtYW5hZ2UtaWRlbnRpdHktcHJvdmlkZXJzIiwiaW1wZXJzb25hdGlvbiIsImNyZWF0ZS1jbGllbnQiLCJtYW5hZ2UtdXNlcnMiLCJxdWVyeS1yZWFsbXMiLCJ2aWV3LWF1dGhvcml6YXRpb24iLCJxdWVyeS1jbGllbnRzIiwicXVlcnktdXNlcnMiLCJtYW5hZ2UtZXZlbnRzIiwibWFuYWdlLXJlYWxtIiwidmlldy1ldmVudHMiLCJ2aWV3LXVzZXJzIiwidmlldy1jbGllbnRzIiwibWFuYWdlLWF1dGhvcml6YXRpb24iLCJtYW5hZ2UtY2xpZW50cyIsInF1ZXJ5LWdyb3VwcyJdfSwiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJlbWFpbCBwcm9maWxlIiwic2lkIjoiNWI5OWM3M2EtY2QwNS00N2MwLTgwZTctODRjYTNiYTI0MDQ1IiwiZW1haWxfdmVyaWZpZWQiOmZhbHNlLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJhZG1pbiJ9.WS2TWDHFU2Amglj6j4LYhsUY5oyw3J7PhllGf0MH3Kz_ETT7GZCR6MvtvY1EuOb11t_YKrQ6M8LBHhh5j9mrFNrg-vTXMaYmXwXCQxfKtHvTVbo4coEPpnW_8NEVBG8dvduLRVK_o7BbNhZH9FCe5sb_7EbA18E7evHNLWi9co4nLsSBQSeBoHRSJqD28Yr2Xj1u618bVz_grAlm0DiwhJhGzkv-JJtUGa1xQyIkNeogPWalnLpzspa2Q2i5LeLB02aoPDlQ_PkUF6Tn6IGY2for8HQQlYkjBvhxL_wMBDoNRKlFycqkCBSedsPx2m6NdmBK8ppLgaMfKe0uVGvaTg" + let(:token_payload) do + { "exp" => 1721283430, + "iat" => 1721283370, + "jti" => "c526b435-991f-474a-ad1b-c371456d1fd0", + "iss" => token_iss, + "aud" => token_aud, + "sub" => "b70e2fbf-ea68-420c-a7a5-0a287cb689c6", + "typ" => "Bearer", + "azp" => "https://openproject.internal", + "session_state" => "eb235240-0b47-48fa-8b3e-f3b310d352e3", + "acr" => "1", + "allowed-origins" => ["https://openproject.internal"], + "realm_access" => { "roles" => ["create-realm", "default-roles-master", "offline_access", "admin", + "uma_authorization"] }, + "resource_access" => + { "master-realm" => + { "roles" => + ["view-realm", + "view-identity-providers", + "manage-identity-providers", + "impersonation", + "create-client", + "manage-users", + "query-realms", + "view-authorization", + "query-clients", + "query-users", + "manage-events", + "manage-realm", + "view-events", + "view-users", + "view-clients", + "manage-authorization", + "manage-clients", + "query-groups"] }, + "account" => { "roles" => ["manage-account", "manage-account-links", "view-profile"] } }, + "scope" => "email profile", + "sid" => "eb235240-0b47-48fa-8b3e-f3b310d352e3", + "email_verified" => false, + "preferred_username" => "admin" } end + let(:token_aud) { ["master-realm", "account"] } let(:token_exp) { Time.zone.at(JWT.decode(token, nil, false)[0]["exp"]) } let(:token_sub) { JWT.decode(token, nil, false)[0]["sub"] } - let(:expected_message) { "You did not provide the correct credentials." } - let(:keys_request_stub) { nil } + let(:token_iss) { "https://keycloak.internal/realms/master" } + let(:keys_request_stub) do + stub_request(:get, "https://keycloak.internal/realms/master/protocol/openid-connect/certs") + .with( + headers: { + "Accept" => "*/*", + "Accept-Encoding" => "gzip;q=1.0,deflate;q=0.6,identity;q=0.3", + "User-Agent" => "JSON::JWK::Set::Fetcher 2.7.2" + } + ).to_return(status: 200, body: keys_hash.to_json, headers: {}) + end + let(:keys_hash) do + { "keys" => + [{ "kid" => "CANAG6lJUPKqKDoWxxXL5wAHf2U18BAzm_LJm7RPTGk", + "kty" => "RSA", + "alg" => "RSA-OAEP", + "use" => "enc", + "n" => + "nqJexS6n-SxKSDUxXp_dsNwDW6cZ4Rtgqq9ut_lp1CNSph5wTnLG3aQQsTEvx5o3-SZ-pHjJ0gtEpg7clAz-w-YQyZoAXkFtQqmZJxsmdS4K0yILxO3WUNdJQlutjmq-Ri50Senn5IV7yEYWLo8St1qzUqWZhp0HKudyty24triC9UJTK03W3_Tr5c1X8vKL8duAjvLB7p_sYUOrnLq5pD5lqwxVSAiN8qS5zVNZMrhGV5aN1vN_vue_tw8c2SVOCLLTrUh3441rYaeo-UwQZF7ZTm30xflqAIfe8qMoB20wtWYAXR0D5iqkkdEH4XanCYVm5vdUFIPPvXZhRDWoNQ", + "e" => "AQAB", + "x5c" => + ["MIICmzCCAYMCBgGQupeGPzANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjQwNzE2MDgwODMwWhcNMzQwNzE2MDgxMDEwWjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeol7FLqf5LEpINTFen92w3ANbpxnhG2Cqr263+WnUI1KmHnBOcsbdpBCxMS/Hmjf5Jn6keMnSC0SmDtyUDP7D5hDJmgBeQW1CqZknGyZ1LgrTIgvE7dZQ10lCW62Oar5GLnRJ6efkhXvIRhYujxK3WrNSpZmGnQcq53K3Lbi2uIL1QlMrTdbf9OvlzVfy8ovx24CO8sHun+xhQ6ucurmkPmWrDFVICI3ypLnNU1kyuEZXlo3W83++57+3DxzZJU4IstOtSHfjjWthp6j5TBBkXtlObfTF+WoAh97yoygHbTC1ZgBdHQPmKqSR0QfhdqcJhWbm91QUg8+9dmFENag1AgMBAAEwDQYJKoZIhvcNAQELBQADggEBAB/AGvP0gviPoJszj/oQgBsMpPGRHLpnTmrXnTaa7Xk2sgExAb4zUAwxGjtR347t697cpiKQYBkR2ndswnt93Sx/Ot+yn5BdYcNvZuEh5jb5bkH2V4h6/LrYljTymby+XPBEf+XLhBOjoI3SKtNJk4pEqVNwLuKKbObqJcE3G3VBVSdzRUcIrjZr7yAQeLnhczS3hJ0Ct6Y7S5Q6DK+/PU1+AvlW+7GfzpRMqVfLcqhNpRwdCVGlJYKaUJfIe1vav10D94xA0U1sKex3iA1S+1HlS2BCWx/0rXwgcquMpUZlOAKiT0K6SIFxBFFnM9eQbF97Dz7Bzw+jyqStGUcH9YA="], + "x5t" => "TuBfrOL00KXDrOWTv3jw7Uxx3hA", + "x5t#S256" => "7su5lOXF5qcMuvp44ynsoyk3B0l9Sr_bOVlg768shpY" }, + jwk] } + end + let(:jwk) { JWT::JWK.create_from(rsa_public).export } + let(:rsa_private) { OpenSSL::PKey::RSA.generate(2048) } + let(:rsa_public) { rsa_private.public_key } before do create(:user, identity_url: "keycloak:#{token_sub}") @@ -407,9 +474,7 @@ def set_basic_auth_header(user, password) end context "when token is issued by provider not configured in OP" do - let(:token) do - "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyLCJpc3MiOiJpc3N1ZXIuY29tIn0.C9gEPaqdNSEZ4dZHz0z51VCylScIEqRLnwMCkNXuz6g" - end + let(:token_iss) { "https://unk.asd" } it do get resource @@ -421,9 +486,7 @@ def set_basic_auth_header(user, password) context "when token is issued by provider configured in OP" do context "when token signature algorithm is not supported" do - let(:token) do - "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyLCJpc3MiOiJodHRwczovL2tleWNsb2FrLmxvY2FsL3JlYWxtcy9tYXN0ZXIifQ.Pwod8ZJqq3jWsbnrGw4ZU1-aLS2bSicb8PgiF78JHUc" - end + let(:token) { JWT.encode(token_payload, "hmac_secret", "HS256") } it do get resource @@ -433,87 +496,60 @@ def set_basic_auth_header(user, password) end end - context "when kid is present" do - let(:keys_request_stub) do - stub_request(:get, "https://keycloak.local/realms/master/protocol/openid-connect/certs") - .with( - headers: { - "Accept" => "*/*", - "Accept-Encoding" => "gzip;q=1.0,deflate;q=0.6,identity;q=0.3", - "User-Agent" => "JSON::JWK::Set::Fetcher 2.7.2" - } - ) - .to_return(status: 200, body: '{"keys":[{"kid":"CANAG6lJUPKqKDoWxxXL5wAHf2U18BAzm_LJm7RPTGk","kty":"RSA","alg":"RSA-OAEP","use":"enc","n":"nqJexS6n-SxKSDUxXp_dsNwDW6cZ4Rtgqq9ut_lp1CNSph5wTnLG3aQQsTEvx5o3-SZ-pHjJ0gtEpg7clAz-w-YQyZoAXkFtQqmZJxsmdS4K0yILxO3WUNdJQlutjmq-Ri50Senn5IV7yEYWLo8St1qzUqWZhp0HKudyty24triC9UJTK03W3_Tr5c1X8vKL8duAjvLB7p_sYUOrnLq5pD5lqwxVSAiN8qS5zVNZMrhGV5aN1vN_vue_tw8c2SVOCLLTrUh3441rYaeo-UwQZF7ZTm30xflqAIfe8qMoB20wtWYAXR0D5iqkkdEH4XanCYVm5vdUFIPPvXZhRDWoNQ","e":"AQAB","x5c":["MIICmzCCAYMCBgGQupeGPzANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjQwNzE2MDgwODMwWhcNMzQwNzE2MDgxMDEwWjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeol7FLqf5LEpINTFen92w3ANbpxnhG2Cqr263+WnUI1KmHnBOcsbdpBCxMS/Hmjf5Jn6keMnSC0SmDtyUDP7D5hDJmgBeQW1CqZknGyZ1LgrTIgvE7dZQ10lCW62Oar5GLnRJ6efkhXvIRhYujxK3WrNSpZmGnQcq53K3Lbi2uIL1QlMrTdbf9OvlzVfy8ovx24CO8sHun+xhQ6ucurmkPmWrDFVICI3ypLnNU1kyuEZXlo3W83++57+3DxzZJU4IstOtSHfjjWthp6j5TBBkXtlObfTF+WoAh97yoygHbTC1ZgBdHQPmKqSR0QfhdqcJhWbm91QUg8+9dmFENag1AgMBAAEwDQYJKoZIhvcNAQELBQADggEBAB/AGvP0gviPoJszj/oQgBsMpPGRHLpnTmrXnTaa7Xk2sgExAb4zUAwxGjtR347t697cpiKQYBkR2ndswnt93Sx/Ot+yn5BdYcNvZuEh5jb5bkH2V4h6/LrYljTymby+XPBEf+XLhBOjoI3SKtNJk4pEqVNwLuKKbObqJcE3G3VBVSdzRUcIrjZr7yAQeLnhczS3hJ0Ct6Y7S5Q6DK+/PU1+AvlW+7GfzpRMqVfLcqhNpRwdCVGlJYKaUJfIe1vav10D94xA0U1sKex3iA1S+1HlS2BCWx/0rXwgcquMpUZlOAKiT0K6SIFxBFFnM9eQbF97Dz7Bzw+jyqStGUcH9YA="],"x5t":"TuBfrOL00KXDrOWTv3jw7Uxx3hA","x5t#S256":"7su5lOXF5qcMuvp44ynsoyk3B0l9Sr_bOVlg768shpY"},{"kid":"97AmyvoS8BFFRfm585GPgA16G1H2V22EdxxuAYUuoKk","kty":"RSA","alg":"RS256","use":"sig","n":"jMB2r7BG4QJzLnA2_fgG1mxlh2RX_MSx0lc2lrPIVFGYBuAu8irwRLSexX5aQdD_AtnxLD4g9jiG6VEDwmWopEe0fr-QMl0IiES5tJuQMrjhajOkzr8xTYu6zl-knL0tu99iRbmKNYzEcv0TAgY_95n4gD5tPhYvY4gXuHrFKqYkJQPsSgoThlH7hAtfzsDt6yp3P2lQUESGg3pzc_J_NKnQkkggcNB06Hlz4DmcHxhWXK51P1V9cE7qh4PrhsJ-SOH5grcN9PtOZi6f2VlWdFdyisT-YehNklfVqBtdCLm7Ocghhl0HSgLuV-9dHCdwBLUpABsdsd0L3LRCUgRfjQ","e":"AQAB","x5c":["MIICmzCCAYMCBgGQupeFFTANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjQwNzE2MDgwODMwWhcNMzQwNzE2MDgxMDEwWjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCMwHavsEbhAnMucDb9+AbWbGWHZFf8xLHSVzaWs8hUUZgG4C7yKvBEtJ7FflpB0P8C2fEsPiD2OIbpUQPCZaikR7R+v5AyXQiIRLm0m5AyuOFqM6TOvzFNi7rOX6ScvS2732JFuYo1jMRy/RMCBj/3mfiAPm0+Fi9jiBe4esUqpiQlA+xKChOGUfuEC1/OwO3rKnc/aVBQRIaDenNz8n80qdCSSCBw0HToeXPgOZwfGFZcrnU/VX1wTuqHg+uGwn5I4fmCtw30+05mLp/ZWVZ0V3KKxP5h6E2SV9WoG10Iubs5yCGGXQdKAu5X710cJ3AEtSkAGx2x3QvctEJSBF+NAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIoBCsOO0bXiVspoXkqdOts4+3sULbbp5aEwQscmLX017Zvv5jxdkZxUYk8L08lNB+WlC1ES4VlmtE06D0cWYErGpArJzVBKgYSA3CkA9veBEugHviMqfwg3suNc8S+GtaRBvpbVZtXydjjqA8GZ4eKhPoJLHHCX6X2Ad33Cdt0/ftucjTqAKVzzzgWZejy+ZKP6ybAqYJ+EZoPUXlyWT3uwcpGEJ3nzOYYGTfxOSmAwnH2v5Z/JWr9ex5o/+QBuBhFcg0z8NcHa3Z0E6ZC9GGxV7XztBqYicO+nONHTLCctoJmyXvLM4j8qIG2UQgPIiwIL0Jkz6xQAYyXvsb+LhM8="],"x5t":"BFrni6MoX-CJwtMT4vzij1HBSTI","x5t#S256":"-Ge3y4JRezxhGTDfbkNoz7prkokzYtbKQ9ardPtfcz4"}]}', headers: {}) - end - - context "when access token has not expired yet" do - context "when aud does not contain client_id" do - let(:token) { rsa_signed_access_token_without_aud } - - it do - Timecop.freeze(token_exp - 20.seconds) do - get resource - end - expect(last_response).to have_http_status :unauthorized - expect(last_response.header["WWW-Authenticate"]).to eq('Bearer realm="OpenProject API" error="invalid_token" error_description="The access token audience claim is wrong"') - expect(JSON.parse(last_response.body)).to eq(error_response_body) - end - end - - context "when aud contains client_id" do - let(:token) { rsa_signed_access_token_with_aud } - - it do - Timecop.freeze(token_exp - 20.seconds) do - get resource - end - expect(last_response).to have_http_status :ok + context "when access token has not expired yet" do + context "when aud does not contain client_id" do + it do + Timecop.freeze(token_exp - 20.seconds) do + get resource end + expect(last_response).to have_http_status :unauthorized + expect(last_response.header["WWW-Authenticate"]).to eq('Bearer realm="OpenProject API" error="invalid_token" error_description="The access token audience claim is wrong"') + expect(JSON.parse(last_response.body)).to eq(error_response_body) end end - context "when access token has expired already" do - let(:token) { rsa_signed_access_token_without_aud } + context "when aud contains client_id" do + let(:token_aud) { ["master-realm", "account", "https://openproject.internal"] } it do - Timecop.freeze(token_exp + 20.seconds) do + Timecop.freeze(token_exp - 20.seconds) do get resource end + expect(last_response).to have_http_status :ok + end + end + end - expect(last_response).to have_http_status :unauthorized - expect(last_response.header["WWW-Authenticate"]).to eq('Bearer realm="OpenProject API" error="invalid_token" error_description="The access token expired"') - expect(JSON.parse(last_response.body)).to eq(error_response_body) + context "when access token has expired already" do + it do + Timecop.freeze(token_exp + 20.seconds) do + get resource end - it "caches keys request to keycloak" do - Timecop.freeze(token_exp + 20.seconds) do - get resource - end - expect(last_response).to have_http_status :unauthorized + expect(last_response).to have_http_status :unauthorized + expect(last_response.header["WWW-Authenticate"]).to eq('Bearer realm="OpenProject API" error="invalid_token" error_description="The access token expired"') + expect(JSON.parse(last_response.body)).to eq(error_response_body) + end - Timecop.freeze(token_exp + 20.seconds) do - get resource - end - expect(last_response).to have_http_status :unauthorized + it "caches keys request to keycloak" do + Timecop.freeze(token_exp + 20.seconds) do + get resource + end + expect(last_response).to have_http_status :unauthorized - expect(keys_request_stub).to have_been_made.once + Timecop.freeze(token_exp + 20.seconds) do + get resource end + expect(last_response).to have_http_status :unauthorized + + expect(keys_request_stub).to have_been_made.once end end context "when kid is absent in keycloak keys response" do - let(:keys_request_stub) do - stub_request(:get, "https://keycloak.local/realms/master/protocol/openid-connect/certs") - .with( - headers: { - "Accept" => "*/*", - "Accept-Encoding" => "gzip;q=1.0,deflate;q=0.6,identity;q=0.3", - "User-Agent" => "JSON::JWK::Set::Fetcher 2.7.2" - } - ) - .to_return(status: 200, body: '{"keys":[{"kid":"CANAG6lJUPKqKDoWxxXL5wAHf2U18BAzm_LJm7RPTGk","kty":"RSA","alg":"RSA-OAEP","use":"enc","n":"nqJexS6n-SxKSDUxXp_dsNwDW6cZ4Rtgqq9ut_lp1CNSph5wTnLG3aQQsTEvx5o3-SZ-pHjJ0gtEpg7clAz-w-YQyZoAXkFtQqmZJxsmdS4K0yILxO3WUNdJQlutjmq-Ri50Senn5IV7yEYWLo8St1qzUqWZhp0HKudyty24triC9UJTK03W3_Tr5c1X8vKL8duAjvLB7p_sYUOrnLq5pD5lqwxVSAiN8qS5zVNZMrhGV5aN1vN_vue_tw8c2SVOCLLTrUh3441rYaeo-UwQZF7ZTm30xflqAIfe8qMoB20wtWYAXR0D5iqkkdEH4XanCYVm5vdUFIPPvXZhRDWoNQ","e":"AQAB","x5c":["MIICmzCCAYMCBgGQupeGPzANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjQwNzE2MDgwODMwWhcNMzQwNzE2MDgxMDEwWjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeol7FLqf5LEpINTFen92w3ANbpxnhG2Cqr263+WnUI1KmHnBOcsbdpBCxMS/Hmjf5Jn6keMnSC0SmDtyUDP7D5hDJmgBeQW1CqZknGyZ1LgrTIgvE7dZQ10lCW62Oar5GLnRJ6efkhXvIRhYujxK3WrNSpZmGnQcq53K3Lbi2uIL1QlMrTdbf9OvlzVfy8ovx24CO8sHun+xhQ6ucurmkPmWrDFVICI3ypLnNU1kyuEZXlo3W83++57+3DxzZJU4IstOtSHfjjWthp6j5TBBkXtlObfTF+WoAh97yoygHbTC1ZgBdHQPmKqSR0QfhdqcJhWbm91QUg8+9dmFENag1AgMBAAEwDQYJKoZIhvcNAQELBQADggEBAB/AGvP0gviPoJszj/oQgBsMpPGRHLpnTmrXnTaa7Xk2sgExAb4zUAwxGjtR347t697cpiKQYBkR2ndswnt93Sx/Ot+yn5BdYcNvZuEh5jb5bkH2V4h6/LrYljTymby+XPBEf+XLhBOjoI3SKtNJk4pEqVNwLuKKbObqJcE3G3VBVSdzRUcIrjZr7yAQeLnhczS3hJ0Ct6Y7S5Q6DK+/PU1+AvlW+7GfzpRMqVfLcqhNpRwdCVGlJYKaUJfIe1vav10D94xA0U1sKex3iA1S+1HlS2BCWx/0rXwgcquMpUZlOAKiT0K6SIFxBFFnM9eQbF97Dz7Bzw+jyqStGUcH9YA="],"x5t":"TuBfrOL00KXDrOWTv3jw7Uxx3hA","x5t#S256":"7su5lOXF5qcMuvp44ynsoyk3B0l9Sr_bOVlg768shpY"},{"kid":"9755555S8BFFRfm585GPgA16G1H2V22EdxxuAYUuoKk","kty":"RSA","alg":"RS256","use":"sig","n":"jMB2r7BG4QJzLnA2_fgG1mxlh2RX_MSx0lc2lrPIVFGYBuAu8irwRLSexX5aQdD_AtnxLD4g9jiG6VEDwmWopEe0fr-QMl0IiES5tJuQMrjhajOkzr8xTYu6zl-knL0tu99iRbmKNYzEcv0TAgY_95n4gD5tPhYvY4gXuHrFKqYkJQPsSgoThlH7hAtfzsDt6yp3P2lQUESGg3pzc_J_NKnQkkggcNB06Hlz4DmcHxhWXK51P1V9cE7qh4PrhsJ-SOH5grcN9PtOZi6f2VlWdFdyisT-YehNklfVqBtdCLm7Ocghhl0HSgLuV-9dHCdwBLUpABsdsd0L3LRCUgRfjQ","e":"AQAB","x5c":["MIICmzCCAYMCBgGQupeFFTANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjQwNzE2MDgwODMwWhcNMzQwNzE2MDgxMDEwWjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCMwHavsEbhAnMucDb9+AbWbGWHZFf8xLHSVzaWs8hUUZgG4C7yKvBEtJ7FflpB0P8C2fEsPiD2OIbpUQPCZaikR7R+v5AyXQiIRLm0m5AyuOFqM6TOvzFNi7rOX6ScvS2732JFuYo1jMRy/RMCBj/3mfiAPm0+Fi9jiBe4esUqpiQlA+xKChOGUfuEC1/OwO3rKnc/aVBQRIaDenNz8n80qdCSSCBw0HToeXPgOZwfGFZcrnU/VX1wTuqHg+uGwn5I4fmCtw30+05mLp/ZWVZ0V3KKxP5h6E2SV9WoG10Iubs5yCGGXQdKAu5X710cJ3AEtSkAGx2x3QvctEJSBF+NAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIoBCsOO0bXiVspoXkqdOts4+3sULbbp5aEwQscmLX017Zvv5jxdkZxUYk8L08lNB+WlC1ES4VlmtE06D0cWYErGpArJzVBKgYSA3CkA9veBEugHviMqfwg3suNc8S+GtaRBvpbVZtXydjjqA8GZ4eKhPoJLHHCX6X2Ad33Cdt0/ftucjTqAKVzzzgWZejy+ZKP6ybAqYJ+EZoPUXlyWT3uwcpGEJ3nzOYYGTfxOSmAwnH2v5Z/JWr9ex5o/+QBuBhFcg0z8NcHa3Z0E6ZC9GGxV7XztBqYicO+nONHTLCctoJmyXvLM4j8qIG2UQgPIiwIL0Jkz6xQAYyXvsb+LhM8="],"x5t":"BFrni6MoX-CJwtMT4vzij1HBSTI","x5t#S256":"-Ge3y4JRezxhGTDfbkNoz7prkokzYtbKQ9ardPtfcz4"}]}', headers: {}) + let(:keys_hash) do + { "keys" => [] } end - let(:token) { rsa_signed_access_token_with_aud } it do Timecop.freeze(token_exp - 20.seconds) do