local setup procedure improvements

VAuthenticator · Mar 3, 2024 · 0936daa · 0936daa
1 parent 54f0f68
commit 0936daa
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 13 deletions.
diff --git a/local-environment/README.md b/local-environment/README.md
@@ -17,13 +17,20 @@ Here there are all the needed scripts to orchestrate all the process to configur
   - docker-compose up
 - create an .env file like this:
   ````
-  TABLES_SUFFIX=xxx
-  ACCOUNT_ID=xxxx
-  VAUTHENTICATOR_BUCKET=xxxx
-  VAUTHENTICATOR_MANAGEMENT_UI_BUCKET=xxxx
-  TF_STATE_BUCKET=xxxx
-  MASTER_KEY=will be available on the aws console or in the terraform resource apply console log 
+  IS_PRODUCITON=False
+  DYNAMO_DB_ENDPOINT=http://localhost:4566
+  KMS_ENDPOINT=http://localhost:4566
+  
+  ACCOUNT_ID=000000000000
+  AWS_ACCESS_KEY_ID=xxxx
+  AWS_SECRET_ACCESS_KEY=xxxx
   AWS_REGION=xxxx
+  
+  TABLES_SUFFIX=_Local_Staging
+  
+  VAUTHENTICATOR_BUCKET=vauthenticator-local-dev-document-bucket
+  VAUTHENTICATOR_MANAGEMENT_UI_BUCKET=vauthenticator-management-ui-local-dev-document-bucket
+  MASTER_KEY=will be available on the aws console or in the terraform resource apply console log 
   ````
 - run the setup.sh
   ```
@@ -36,9 +43,9 @@ Here there are all the needed scripts to orchestrate all the process to configur
     - Property name is: `key.master-key: ${MASTER_KEY}`
     - create the IAM key and set up the required environment variables like below
       ```
-      AWS_ACCESS_KEY_ID=xxxx
-      AWS_SECRET_ACCESS_KEY=xxxx
-      AWS_REGION=xxxx
+      AWS_ACCESS_KEY_ID=it is irrelevant
+      AWS_SECRET_ACCESS_KEY=it is irrelevant
+      AWS_REGION=could be whatever aws region you would like to configure.. in local stack all will be local
       ```
   
 - run the init.sh: After that the init.sh is executed you will have configured.
@@ -54,4 +61,4 @@ Here there are all the needed scripts to orchestrate all the process to configur
     - password: secret
 
 
-- to reset all the environment use the ```./dispose.sh``` script
+- to reset all the environment you can destroy your local compose environment
diff --git a/scripts/setup.py b/scripts/setup.py
@@ -6,9 +6,12 @@
 
 from dotenv import load_dotenv
 
+def str2bool(v):
+    return v.lower() in ("True")
+
 load_dotenv(dotenv_path="../local-environment/.env")
 
-isProduction = bool(os.getenv("IS_PRODUCITON"))
+isProduction = str2bool(os.getenv("IS_PRODUCITON"))
 print(isProduction)
 
 
@@ -53,6 +56,7 @@ def store_account():
         "credentialsNonExpired": True,
         "accountNonLocked": True,
         "accountNonExpired": True,
+        "mandatory_action": "NO_ACTION",
         "authorities": set(["ROLE_USER", "VAUTHENTICATOR_ADMIN"])
     })
 
@@ -73,7 +77,8 @@ def store_sso_client_applications():
 
     table = dynamodb.Table(f"VAuthenticator_ClientApplication{table_suffix}")
     scopes = set(
-        ["openid", "profile", "email", "admin:reset-password", "admin:change-password", "admin:key-reader", "admin:key-editor",
+        ["openid", "profile", "email", "admin:reset-password", "admin:change-password", "admin:key-reader",
+         "admin:key-editor",
          "admin:mail-template-reader", "admin:mail-template-writer"])
     if isProduction:
         scopes.add("mfa:always")
@@ -83,7 +88,7 @@ def store_sso_client_applications():
         "client_secret": pass_encoded(client_secret),
         "with_pkce": False,
         "scopes": scopes,
-        "authorized_grant_types": set(["AUTHORIZATION_CODE"]),
+        "authorized_grant_types": set(["AUTHORIZATION_CODE", "REFRESH_TOKEN"]),
         "web_server_redirect_uri": "http://local.management.vauthenticator.com:8080/login/oauth2/code/client",
         "authorities": set(["ROLE_USER", "VAUTHENTICATOR_ADMIN"]),
         "access_token_validity": 180,