tests/e2e: add forward auth e2e test (#11374)

* add nginx forward_auth e2e tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add envoy Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove even more duplicate code Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add traefik static config Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more cleanup, don't generate dex config cause they support env variables Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use default dex entrypoint to use templating Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove options that are always set as default Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix compose flag Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add caddy Signed-off-by: Jens Langhammer <jens@goauthentik.io> * merge python files Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use whoami api to check better Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix envoy config Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set invalidation flow Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix logout checks Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2024-10-16 18:01:59 +02:00
parent c4caef4c38
commit 89f251d559
24 changed files with 678 additions and 302 deletions
--- a/tests/e2e/proxy_forward_auth/traefik_single/config-static.yaml
+++ b/tests/e2e/proxy_forward_auth/traefik_single/config-static.yaml
@ -0,0 +1,57 @@
+# yaml-language-server: $schema=https://json.schemastore.org/traefik-v2.json
+api:
+  insecure: true
+  debug: true
+
+log:
+  level: debug
+accessLog:
+  filePath: /dev/stdout
+
+entryPoints:
+  web:
+    address: ":80"
+
+# Re-use the same config file to define everything
+providers:
+  file:
+    filename: /etc/traefik/traefik.yml
+
+http:
+  middlewares:
+    authentik:
+      forwardAuth:
+        address: http://ak-test-outpost:9000/outpost.goauthentik.io/auth/traefik
+        trustForwardHeader: true
+        authResponseHeaders:
+          - X-authentik-username
+          - X-authentik-groups
+          - X-authentik-email
+          - X-authentik-name
+          - X-authentik-uid
+          - X-authentik-jwt
+          - X-authentik-meta-jwks
+          - X-authentik-meta-outpost
+          - X-authentik-meta-provider
+          - X-authentik-meta-app
+          - X-authentik-meta-version
+  routers:
+    default-router:
+      rule: "Host(`localhost`)"
+      middlewares:
+        - authentik
+      priority: 10
+      service: app
+    default-router-auth:
+      rule: "Host(`localhost`) && PathPrefix(`/outpost.goauthentik.io/`)"
+      priority: 15
+      service: authentik
+  services:
+    app:
+      loadBalancer:
+        servers:
+          - url: http://ak-whoami
+    authentik:
+      loadBalancer:
+        servers:
+          - url: http://ak-test-outpost:9000/outpost.goauthentik.io