From 3cc0b440bcf7697e05d111c66d7b95555631a296 Mon Sep 17 00:00:00 2001
From: Maarten de Waard <maarten@greenhost.nl>
Date: Fri, 5 Nov 2021 10:44:58 +0100
Subject: [PATCH] replace all occurences of openappstack, oas, etc. with
Stackspin
---
.gitlab-ci.yml | 4 +--
.gitmodules | 2 +-
LICENSE | 2 +-
README.md | 2 +-
consent_provider/db.py | 2 +-
docs/conf.py | 4 +--
docs/helmchart.md | 26 ++++++++--------
docs/index.rst | 2 +-
docs/local_dev_remote_kratos.md | 10 +++----
docs/set-ssh-tunnel.sh | 4 +--
docs/usage.md | 2 +-
helmchart/single-sign-on/Chart.yaml | 2 +-
helmchart/single-sign-on/values.yaml | 30 +++++++++----------
login_provider/templates/login.html | 2 +-
login_provider/templates/skip.html | 2 +-
test/create-hydra-client.bash | 2 +-
test/integration_tests/Dockerfile | 2 +-
test/integration_tests/README.md | 2 +-
test/integration_tests/app.py | 2 +-
.../test/behave/features/login.feature | 6 ++--
.../test/behave/features/logout.feature | 6 ++--
.../reject_unauthorized_logins.feature | 2 +-
.../test/behave/features/remember_me.feature | 2 +-
23 files changed, 60 insertions(+), 60 deletions(-)
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index cdf6b78..06a3cdb 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,5 +1,5 @@
include:
- - remote: https://open.greenhost.net/openappstack/openappstack/raw/master/.gitlab/ci_templates/kaniko.yml
+ - remote: https://open.greenhost.net/stackspin/stackspin/raw/master/.gitlab/ci_templates/kaniko.yml
stages:
- build
@@ -96,7 +96,7 @@ behave-integration:
- --dangerous-force-http
- --dangerous-allow-insecure-redirect-urls
- "http://oidc:5000/callback"
- - name: open.greenhost.net:4567/openappstack/user-panel/backend:master
+ - name: open.greenhost.net:4567/stackspin/user-panel/backend:master
alias: backend
- name: ${CI_REGISTRY_IMAGE}/integration_test_app:${CI_COMMIT_REF_NAME}
alias: oidc
diff --git a/.gitmodules b/.gitmodules
index 42291c9..88b746c 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,3 +1,3 @@
[submodule "user-panel"]
path = user-panel
- url = https://open.greenhost.net/openappstack/user-panel.git
+ url = https://open.greenhost.net/stackspin/user-panel.git
diff --git a/LICENSE b/LICENSE
index a0bd49f..68a70de 100644
--- a/LICENSE
+++ b/LICENSE
@@ -186,7 +186,7 @@
same "printed page" as the copyright notice for easier
identification within third-party archives.
- Copyright 2019 openappstack
+ Copyright 2019 stackspin
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
diff --git a/README.md b/README.md
index 9f02f8f..04f479e 100644
--- a/README.md
+++ b/README.md
@@ -1 +1 @@
-Please refer to the [online documentation](https://docs.openappstack.net/projects/single-sign-on/) for all the details
+Please refer to the [online documentation](https://docs.stackspin.net/projects/single-sign-on/) for all the details
diff --git a/consent_provider/db.py b/consent_provider/db.py
index 2ad3e80..fa994ef 100644
--- a/consent_provider/db.py
+++ b/consent_provider/db.py
@@ -66,7 +66,7 @@ class User():
"name": self.username,
"preferred_username": self.username,
"email" : self.email,
- "openappstack_roles": self.roles}
+ "stackspin_roles": self.roles}
}
diff --git a/docs/conf.py b/docs/conf.py
index 758b3a7..f83f336 100644
--- a/docs/conf.py
+++ b/docs/conf.py
@@ -18,8 +18,8 @@
# -- Project information -----------------------------------------------------
project = 'single-sign-on'
-copyright = '2020, OpenAppStack'
-author = 'OpenAppStack'
+copyright = '2020, Stackspin'
+author = 'Stackspin'
# The full version, including alpha/beta/rc tags
with open('../VERSION') as version_file:
diff --git a/docs/helmchart.md b/docs/helmchart.md
index 5abda4e..d4625b0 100644
--- a/docs/helmchart.md
+++ b/docs/helmchart.md
@@ -4,7 +4,7 @@ Single sign-on adds an Authentication server to your k8s cluster, that can be us
applications within your cluster and by external applications to log in your users.
This chart also includes a minimalistic
-[user-panel](https://open.greenhost.net/openappstack/user-panel), which can be used to create
+[user-panel](https://open.greenhost.net/stackspin/user-panel), which can be used to create
new users, assign roles to users and grant users access to applications.
## Prerequisites
@@ -28,19 +28,19 @@ This table lists the variables you are most likely to change. Take a look at the
| Parameter | Description | Default |
| ------------------------------------ | ------------------------------------------------------- | ------------------------- |
-| `consentProvider.image.repository` | Name of image repository to be used for consent provider| open.greenhost.net:4567/openappstack/single-sign-on/consent_provider |
+| `consentProvider.image.repository` | Name of image repository to be used for consent provider| open.greenhost.net:4567/stackspin/single-sign-on/consent_provider |
| `consentProvider.image.tag` | Release version of consent provider image | master |
-| `loginProvider.image.repository` | Name of image repository to be used for login provider | open.greenhost.net:4567/openappstack/single-sign-on/login_provider |
+| `loginProvider.image.repository` | Name of image repository to be used for login provider | open.greenhost.net:4567/stackspin/single-sign-on/login_provider |
| `loginProvider.image.tag` | Release version of login provider image | master |
-| `singleSignOnHost` | **FQDN of the openID Connect / oAuth2 server** | **sso.oas.example.net** |
-| `userpanel.ingress.host` | **FQDN of the userpanel** | **admin.oas.example.net** |
+| `singleSignOnHost` | **FQDN of the openID Connect / oAuth2 server** | **sso.stackspin.example.net** |
+| `userpanel.ingress.host` | **FQDN of the userpanel** | **admin.stackspin.example.net** |
| `userbackend.username` | Username of the admin user | admin |
| `userbackend.password` | Password of the admin user | YouReallyNeedToChangeThis |
| `userbackend.email` | Email address of the admin user | admin@example.net |
| `userbackend.postgres.password` | Root pw of the psql DB | postgres |
-| `hydra.hydra.config.urls.self.issuer`| **Base URI of the oAuth server** | **https://sso.oas.example.net** |
-| `hydra.hydra.config.urls.login` | **URI that will be used for the login page** | **https://sso.oas.example.net/login** |
-| `hydra.hydra.config.urls.consent` | **URI that will be used for permission checks** | **https://sso.oas.example.net/consent** |
+| `hydra.hydra.config.urls.self.issuer`| **Base URI of the oAuth server** | **https://sso.stackspin.example.net** |
+| `hydra.hydra.config.urls.login` | **URI that will be used for the login page** | **https://sso.stackspin.example.net/login** |
+| `hydra.hydra.config.urls.consent` | **URI that will be used for permission checks** | **https://sso.stackspin.example.net/consent** |
| `hydra.hydra.config.secrets.system` | Secret that is used to generate secure tokens | YouReallyNeedToChangeThis |
| `oAuthClients` | A list of clients that need to be registered after installation. See [Registering clients](#registering-clients) for more info | user-panel configuration (**Change the `clientSecret`**!) |
@@ -70,13 +70,13 @@ clientName: user-panel
clientSecret: "YouReallyNeedToChangeThis"
# The url the browser will be redirected to by Hydra when the authentication process is
# completed
-redirectUri: "https://admin.oas.example.net/callback"
+redirectUri: "https://admin.stackspin.example.net/callback"
# A list of scopes the client needs access to
-scopes: "openid profile email openappstack_roles"
+scopes: "openid profile email stackspin_roles"
# A url that is displayed in the user-panel for the user to navigate to the application
-clientUri: "https://admin.oas.example.net"
+clientUri: "https://admin.stackspin.example.net"
# Point to a logo for the application that will be displayed in the user-panel
-clientLogoUri: "https://admin.oas.example.net/favicon.ico"
+clientLogoUri: "https://admin.stackspin.example.net/favicon.ico"
# Set the method that the oAUth client uses to authenticate agains the oAuth server i.e. to
# retrieve tokens or userinfo
tokenEndpointAuthMethod: "client_secret_basic"
@@ -94,7 +94,7 @@ To install the chart with the realease name `single-sign-on` first clone the rep
and then run helm install.
```
-$ git clone https://open.greenhost.net/openappstack/single-sign-on
+$ git clone https://open.greenhost.net/stackspin/single-sign-on
$ cd single-sign-on/helmchart/single-sign-on/
$ helm install -n single-sign-on .
```
diff --git a/docs/index.rst b/docs/index.rst
index 4f4c2f0..8b46d87 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -8,7 +8,7 @@ Welcome to single-sign-on's documentation!
This project provides a single sign on solution based on
[hydra](https://github.com/ory/hydra) and in combination with a [user
-panel](https://open.greenhost.net/openappstack/user-panel).
+panel](https://open.greenhost.net/stackspin/user-panel).
.. toctree::
:maxdepth: 2
diff --git a/docs/local_dev_remote_kratos.md b/docs/local_dev_remote_kratos.md
index 548756b..3ac7954 100644
--- a/docs/local_dev_remote_kratos.md
+++ b/docs/local_dev_remote_kratos.md
@@ -22,7 +22,7 @@ kratos. To use / add the kratos backend, the following needs to be done:
On your provisioning machine, make sure to checkout:
-`git@open.greenhost.net:openappstack/single-sign-on.git`
+`git@open.greenhost.net:stackspin/single-sign-on.git`
Be sure to check out the latest master. Or select a more modern brach if you
want to test / install (optional) improvements of the kratos system.
@@ -35,14 +35,14 @@ Once this is all fetched, installation can be done with the following steps:
to prevent this. We can suspend the service with:
```
-flux suspend source chart oas-single-sign-on
+flux suspend source chart stackspin-single-sign-on
```
2. Make a backup of the current keys and configuration values. We needs those
when we install the new version of the `single-sign-on` helmchart:
```
-helm get values single-sign-on -n oas > /to/a/path/my_cluster_values.yaml
+helm get values single-sign-on -n stackspin > /to/a/path/my_cluster_values.yaml
```
3. Install all helm dependencies
@@ -89,7 +89,7 @@ kratos:
```
cd helmchart/single-sign-on
-helm upgrade -f /to/a/path/my_cluster_values.yaml single-sign-on . -n oas --debug
+helm upgrade -f /to/a/path/my_cluster_values.yaml single-sign-on . -n stackspin --debug
```
This will install the latest version.
@@ -102,7 +102,7 @@ giving access to localhost port 8000 and 8080 for the admin/public port of
kratos.
```
-./set-ssh-tunnel.sh `oas.example.com`
+./set-ssh-tunnel.sh `stackspin.example.com`
```
(the tunnel goes to the kubernetes node, so *not* to your provisioning machine.
diff --git a/docs/set-ssh-tunnel.sh b/docs/set-ssh-tunnel.sh
index 127bc53..9e164fb 100755
--- a/docs/set-ssh-tunnel.sh
+++ b/docs/set-ssh-tunnel.sh
@@ -10,8 +10,8 @@ then
fi
-admin=`ssh $host -lroot kubectl get service -n oas|grep single-sign-on-kratos-admin | awk '{print $3'}`
-public=`ssh $host -lroot kubectl get service -n oas|grep single-sign-on-kratos-public | awk '{print $3}'`
+admin=`ssh $host -lroot kubectl get service -n stackspin|grep single-sign-on-kratos-admin | awk '{print $3'}`
+public=`ssh $host -lroot kubectl get service -n stackspin|grep single-sign-on-kratos-public | awk '{print $3}'`
echo "Admin port will be at localhost:8000, public port will be at localhost:
8080"
diff --git a/docs/usage.md b/docs/usage.md
index b29e86f..2d7c5cb 100644
--- a/docs/usage.md
+++ b/docs/usage.md
@@ -25,4 +25,4 @@ chapter](helmchart)
`single-sign-on` includese a simple `user-panel` to manage users. To read more
about this, see the [user panel
-documentation](https://docs.openappstack.net/projects/user-panel/)
+documentation](https://docs.stackspin.net/projects/user-panel/)
diff --git a/helmchart/single-sign-on/Chart.yaml b/helmchart/single-sign-on/Chart.yaml
index 05c0a91..1604d49 100644
--- a/helmchart/single-sign-on/Chart.yaml
+++ b/helmchart/single-sign-on/Chart.yaml
@@ -1,4 +1,4 @@
apiVersion: v1
-description: A Helm chart for OpenAppStack's Single sign-on components
+description: A Helm chart for Stackspin's Single sign-on components
name: single-sign-on
version: 0.3.0
diff --git a/helmchart/single-sign-on/values.yaml b/helmchart/single-sign-on/values.yaml
index 27dfcb7..8f8cc13 100644
--- a/helmchart/single-sign-on/values.yaml
+++ b/helmchart/single-sign-on/values.yaml
@@ -5,20 +5,20 @@ consentProvider:
# together in order to guarantee compatibility
tag: "master"
pullPolicy: "Always"
- repository: "open.greenhost.net:4567/openappstack/single-sign-on/consent_provider"
+ repository: "open.greenhost.net:4567/stackspin/single-sign-on/consent_provider"
podAnnotations: {}
loginProvider:
image:
tag: "master"
pullPolicy: "Always"
- repository: "open.greenhost.net:4567/openappstack/single-sign-on/login_provider"
+ repository: "open.greenhost.net:4567/stackspin/single-sign-on/login_provider"
podAnnotations: {}
# singleSignOnHost is the FQDN that will be used by the ingress to make the consent and
# the login provider accessible by user agents. For now it is recommended to set it to the
# same value as hydra.ingress.public.hosts[0].host
-singleSignOnHost: sso.oas.example.net
+singleSignOnHost: sso.stackspin.example.net
userpanel:
# userpanel.applicationName is the name of the application. This is a duplicate of
@@ -31,17 +31,17 @@ userpanel:
# together in order to guarantee compatibility
tag: "master"
pullPolicy: "Always"
- repository: "open.greenhost.net:4567/openappstack/user-panel/frontend"
+ repository: "open.greenhost.net:4567/stackspin/user-panel/frontend"
ingress:
# userpanel.ingress.host is the FQDN of the userpanel application
- host: admin.oas.example.net
+ host: admin.stackspin.example.net
podAnnotations: {}
userbackend:
image:
tag: "master"
pullPolicy: "Always"
- repository: "open.greenhost.net:4567/openappstack/user-panel/backend"
+ repository: "open.greenhost.net:4567/stackspin/user-panel/backend"
# userbackend.username is the username of the admin user that will be create
# after the installation of the user backend.
username: "admin"
@@ -191,14 +191,14 @@ hydra:
self:
# hydra.hydra.config.urls.self is the base url of hydra. It needs to match the FQDN
# specified in hydra.ingress.public
- issuer: https://sso.oas.example.net
+ issuer: https://sso.stackspin.example.net
# hydra.hydra.config.urls.login is the uri that users are redirect to perform the
# login operation. The FQDN used here needs to match the value of singleSignOnHost
- login: https://sso.oas.example.net/login
+ login: https://sso.stackspin.example.net/login
# hydra.hydra.config.urls.consent is the uri that users are redirect to trigger
# the consent/permission check. The FQDN used here needs to match the value of
# singleSignOnHost
- consent: https://sso.oas.example.net/consent
+ consent: https://sso.stackspin.example.net/consent
secrets:
# hydra.hydra.config.secret is used as a seed whenever cryptographic operations are
# performed by hydra i.e. creation of a token.
@@ -212,7 +212,7 @@ hydra:
hosts:
# hydra.ingress.public.hosts[0].hosts.host is the FQDN of the single sign-on system
# that will be used by oAuth clients to retrieve userinfo and redirect their users to.
- - host: sso.oas.example.net
+ - host: sso.stackspin.example.net
paths:
- path: /
pathType: ImplementationSpecific
@@ -220,7 +220,7 @@ hydra:
# oAuth2 only works via https. You really need to configure your ingress service to
# provide access to hydra via https.
- hosts:
- - sso.oas.example.net
+ - sso.stackspin.example.net
secretName: hydra-public.tls
# hydra.ingress.admin is the ingress resource that controls access to the hydra
# admin API server. It can be activated using the same options as in
@@ -239,15 +239,15 @@ oAuthClients:
clientSecret: "YouReallyNeedToChangeThis"
# oAuthClients[].redirectUri is the url the user will be redirected to by hydra when the
# authentication process is completed
- redirectUri: "https://admin.oas.example.net/callback"
+ redirectUri: "https://admin.stackspin.example.net/callback"
# oAuthClients[].scopes is a list of scopes the client need access to
- scopes: "openid profile email openappstack_roles"
+ scopes: "openid profile email stackspin_roles"
# oAuthClients[].clientUri is a url that is displayed for the user to navigate to the
# application
- clientUri: "https://admin.oas.example.net"
+ clientUri: "https://admin.stackspin.example.net"
# oAuthClients[].clientLogoUri is a url that points to a logo that will be displayed
# whenever refering to the application
- clientLogoUri: "https://admin.oas.example.net/favicon.ico"
+ clientLogoUri: "https://admin.stackspin.example.net/favicon.ico"
# oAuthClients[].tokenEndpointAuthMethod sets the method that the oAUth client uses to
# authenticate agains the oAuth server i.e. to retrieve tokens or userinfo
tokenEndpointAuthMethod: "client_secret_basic"
diff --git a/login_provider/templates/login.html b/login_provider/templates/login.html
index dfceb48..912d0bf 100644
--- a/login_provider/templates/login.html
+++ b/login_provider/templates/login.html
@@ -1,5 +1,5 @@
<!doctype html>
-<title>OAS authentication service</title>
+<title>Stackspin authentication service</title>
<div style='margin: 0 auto ; width: 350px; padding:20px; border-style:solid; border-color:#6c757d; border-width: 1px; background-color: #f8f9fa; font-family: "Segoe UI", Roboto; font-family: "Helvetica Neue", Arial; font-family: "Noto Sans", sans-serif;'>
{% if logo %}
<div style="position:relative; width: 350px; height:100px">
diff --git a/login_provider/templates/skip.html b/login_provider/templates/skip.html
index 64b2474..8effa54 100644
--- a/login_provider/templates/skip.html
+++ b/login_provider/templates/skip.html
@@ -1,5 +1,5 @@
<!doctype html>
-<title>OAS authentication service</title>
+<title>Stackspin authentication service</title>
<div style='margin: 0 auto ; width: 350px; padding:20px; border-style:solid; border-color:#6c757d; border-width: 1px; background-color: #f8f9fa; font-family: "Segoe UI", Roboto; font-family: "Helvetica Neue", Arial; font-family: "Noto Sans", sans-serif;'>
{% if logo %}
<div style="position:relative; width: 350px; height:100px">
diff --git a/test/create-hydra-client.bash b/test/create-hydra-client.bash
index 56f63e4..8297fdf 100755
--- a/test/create-hydra-client.bash
+++ b/test/create-hydra-client.bash
@@ -11,7 +11,7 @@ HOST_URL=$3
REDIRECT_URI=$4
POST_LOGOUT_REDIRECT_URI=$5
FRONTCHANNEL_LOGOUT_URI=$6
-SCOPES="openid profile email openappstack_roles"
+SCOPES="openid profile email stackspin_roles"
curl --request DELETE \
$HOST_URL/clients/$KEY;
diff --git a/test/integration_tests/Dockerfile b/test/integration_tests/Dockerfile
index dc40d13..7fa78c7 100644
--- a/test/integration_tests/Dockerfile
+++ b/test/integration_tests/Dockerfile
@@ -18,7 +18,7 @@ RUN pip3 install --no-cache-dir -r requirements.txt
COPY . .
-ENV BASE_URL https://sso.oas.example.net
+ENV BASE_URL https://sso.stackspin.example.net
ENV KEY testapp
ENV SECRET verysecret
diff --git a/test/integration_tests/README.md b/test/integration_tests/README.md
index d5c9101..3805ad5 100644
--- a/test/integration_tests/README.md
+++ b/test/integration_tests/README.md
@@ -5,7 +5,7 @@ work together according to [OpenID Connect Standards](https://openid.net/develop
The single sign-on application needs to be up and running. Instructions on how to accomplish
that can be found [in the
-documentation](https://docs.openappstack.net/projects/single-sign-on/en/latest/local_development.html).
+documentation](https://docs.stackspin.net/projects/single-sign-on/en/latest/local_development.html).
### Create oAuth Client
diff --git a/test/integration_tests/app.py b/test/integration_tests/app.py
index 61577d9..5d6e328 100644
--- a/test/integration_tests/app.py
+++ b/test/integration_tests/app.py
@@ -21,7 +21,7 @@ sso_client_auth = {"client_id": KEY, "client_secret": SECRET}
sso_auth_args = {
"client_id": KEY,
"response_type": ["code"],
- "scope": ["openid", "profile", "email", "openappstack_roles"],
+ "scope": ["openid", "profile", "email", "stackspin_roles"],
"nonce": "",
"state": "",
"redirect_uri": ""
diff --git a/test/integration_tests/test/behave/features/login.feature b/test/integration_tests/test/behave/features/login.feature
index 86a132a..3a8eca2 100644
--- a/test/integration_tests/test/behave/features/login.feature
+++ b/test/integration_tests/test/behave/features/login.feature
@@ -1,7 +1,7 @@
@oauth
Feature: Test login-provider function
- As an OAS user
- I want to be able to login to an OAS App
+ As a Stackspin user
+ I want to be able to login to a Stackspin App
And verify my userdata that is provided by OpenID Connect
Scenario: Open the oAuth application and Login witha valid user
@@ -18,7 +18,7 @@ Scenario: Get OpenID Connect userdata for testuser
When I open the oauth client "userinfo" URL
Then I expect that the "preferred_username" in the json output is the same as oauth variable "username"
And I expect that the "email" in the json output is the same as oauth variable "email"
- And I expect that the "openappstack_roles" in the json output contains the value of oauth variable "role"
+ And I expect that the "stackspin_roles" in the json output contains the value of oauth variable "role"
And I expect that the "name" in the json output is the same as oauth variable "username"
Scenario: Logout
diff --git a/test/integration_tests/test/behave/features/logout.feature b/test/integration_tests/test/behave/features/logout.feature
index 6df862e..de3c520 100644
--- a/test/integration_tests/test/behave/features/logout.feature
+++ b/test/integration_tests/test/behave/features/logout.feature
@@ -1,8 +1,8 @@
@oauth
Feature: Test logout-provider function
- As an OAS user
- I want to be able to use single-sign off triggered by an
- OAS APP. And verify that even though I selected remember me
+ As a Stackspin user
+ I want to be able to use single-sign off triggered by a
+ Stackspin APP. And verify that even though I selected remember me
my session was removed.
Scenario: Login with a valid user and remember session
diff --git a/test/integration_tests/test/behave/features/reject_unauthorized_logins.feature b/test/integration_tests/test/behave/features/reject_unauthorized_logins.feature
index fb1c063..2e1bd15 100644
--- a/test/integration_tests/test/behave/features/reject_unauthorized_logins.feature
+++ b/test/integration_tests/test/behave/features/reject_unauthorized_logins.feature
@@ -1,7 +1,7 @@
@oauth
Feature: Test features that prohibit unauthorized access
As an attacker or unauthorized user
- I want to to login to an OAS App
+ I want to to login to a Stackspin App
And the single sign-on will block my login attempts
Scenario: Login with a valid user without access to an application
diff --git a/test/integration_tests/test/behave/features/remember_me.feature b/test/integration_tests/test/behave/features/remember_me.feature
index d5b3e53..3c76afa 100644
--- a/test/integration_tests/test/behave/features/remember_me.feature
+++ b/test/integration_tests/test/behave/features/remember_me.feature
@@ -1,6 +1,6 @@
@oauth
Feature: Testing single sign-on sessions
- As an OAS user
+ As a Stackspin user
I want to login once to use an application
And I use my active single sign-on session to login again without providing credentials
--
GitLab