Run tests agains the keycloak on labdev.

ed57cfff · Markus Scheidgen · 63bad93a · ed57cfff · ed57cfff · ed57cfff
Commit ed57cfff authored Aug 28, 2019 by Markus Scheidgen
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -90,6 +90,7 @@ tests:
    NOMAD_RABBITMQ_HOST: rabbitmq
    NOMAD_ELASTIC_HOST: elastic
    NOMAD_MONGO_HOST: mongo
+    NOMAD_KEYCLOAK_CLIENT_SECRET: ${CI_KEYCLOAK_TEST_CLIENT_SECRET}
  script:
    - cd /app
    - python -m pytest --cov=nomad -sv tests

--- a/nomad/config.py
+++ b/nomad/config.py
@@ -111,14 +111,16 @@ elastic = NomadConfig(
    index_name='nomad_fairdi_calcs'
 )

+keycloak_base_url = 'https://labdev-nomad.esc.rzg.mpg.de/fairdi/keycloak/auth/'
+
 keycloak = NomadConfig(
-    server_url='http://localhost:8002/auth/',
-    issuer_url='http://localhost:8002/auth/realms/fairdi_nomad_test',
+    server_url=keycloak_base_url,
+    issuer_url=keycloak_base_url + 'realms/fairdi_nomad_test',
    realm_name='fairdi_nomad_test',
    username='admin',
    password='password',
    client_id='nomad_api_dev',
-    client_secret_key='ae9bb323-3793-4243-9e4b-f380c54e54e2'
+    client_secret='**********'
 )

 mongo = NomadConfig(

--- a/nomad/infrastructure.py
+++ b/nomad/infrastructure.py
@@ -27,6 +27,7 @@ from mongoengine import connect
 import smtplib
 from email.mime.text import MIMEText
 from keycloak import KeycloakOpenID, KeycloakAdmin
+from keycloak.exceptions import KeycloakAuthenticationError
 import json
 import jwt
 from flask import g, request
@@ -119,7 +120,7 @@ class Keycloak():
                server_url=config.keycloak.server_url,
                client_id=config.keycloak.client_id,
                realm_name=config.keycloak.realm_name,
-                client_secret_key=config.keycloak.client_secret_key)
+                client_secret_key=config.keycloak.client_secret)

        return self.__oidc_client

@@ -162,8 +163,10 @@ class Keycloak():
                username, password = basicauth.decode(auth)
                token_info = self._oidc_client.token(username=username, password=password)
                g.oidc_access_token = token_info['access_token']
+            except KeycloakAuthenticationError:
+                return 'Could not authenticate, wrong credentials'
            except Exception as e:
-                # TODO logging
+                logger.error('Could not authenticate Basic auth', exc_info=e)
                return 'Could not authenticate Basic auth: %s' % str(e)

        if g.oidc_access_token is not None: