fix: use scope provided in the request context

* Set correct scope expected by SDK * Fix pipeline
Basis-Theory · May 21, 2024 · 0b8e733 · 0b8e733
1 parent 3eb6735
commit 0b8e733
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 9 deletions.
diff --git a/AzureKeyVaultEmulator/Startup.cs b/AzureKeyVaultEmulator/Startup.cs
@@ -82,8 +82,10 @@ public void ConfigureServices(IServiceCollection services)
                     {
                         OnChallenge = context =>
                         {
+                            var requestHostSplit = context.Request.Host.ToString().Split(".", 2);
+                            var scope = $"https://{requestHostSplit[^1]}/.default";
                             context.Response.Headers.Remove("WWW-Authenticate");
-                            context.Response.Headers["WWW-Authenticate"] = $"Bearer authorization=\"https://localhost:5001/foo/bar\", scope=\"foobar\", resource=\"https://vault.azure.net\"";
+                            context.Response.Headers["WWW-Authenticate"] = $"Bearer authorization=\"https://localhost:5001/foo/bar\", scope=\"{scope}\", resource=\"https://vault.azure.net\"";
                             return Task.CompletedTask;
                         }
                     };

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -10,7 +10,7 @@ services:
       - 5551:5551
       - 5550:5550
     volumes:
-      - $PWD/local-certs:/https
+      - $PWD/local-certs:/https:ro
     environment:
       - ASPNETCORE_ENVIRONMENT=Development
       - ASPNETCORE_URLS=https://+:5551

diff --git a/makefile b/makefile
@@ -1,7 +1,7 @@
 MAKEFLAGS += --silent
 
 verify:
-	docker-compose pull && ./scripts/verify.sh
+	./scripts/verify.sh
 
 acceptance-test:
 	./scripts/acceptancetest.sh

diff --git a/scripts/checks/dockercheck.sh b/scripts/checks/dockercheck.sh
@@ -2,8 +2,7 @@
 
 echo "Checking Docker..."
 
-EXPECTED_DOCKER="(18|19|20)\.[0-9]+\.[0-9]*"
-DISPLAY_DOCKER_REGEX=$(sed -e 's|\\\([.+?*()]\)|\1|g' -e 's|[.+?]\*|*|g' <<<${EXPECTED_DOCKER})
+EXPECTED_DOCKER="^[1-9][0-9]+\.[0-9]+\.[0-9]*"
 version=$(docker version --format '{{.Client.Version}}' 2>&1)
 
 if [[ $version == *"docker.sock"* ]]; then
@@ -15,6 +14,6 @@ fi
 if [[ "$version" =~ $EXPECTED_DOCKER ]]; then
     echo "Docker is OK"
 else
-    echo "Please Install Docker $DISPLAY_DOCKER_REGEX via Docker Desktop; https://www.docker.com/products/docker-desktop"
+    echo "Please Install Docker via Docker Desktop; https://www.docker.com/products/docker-desktop"
     exit 1
-fi
+fi
diff --git a/scripts/checks/dockercomposecheck.sh b/scripts/checks/dockercomposecheck.sh
@@ -2,7 +2,7 @@
 
 echo "Checking Docker Compose..."
 
-EXPECTED_COMPOSE_REGEX=1\.[1,2][0-9]\.[0-9]+
+EXPECTED_COMPOSE_REGEX=^[1-9][0-9]*\.[0-9]+\.[0-9]+
 DISPLAY_COMPOSE_REGEX=$(sed -e 's|\\\([.+?*()]\)|\1|g' -e 's|[.+?]\*|*|g' <<<${EXPECTED_COMPOSE_REGEX})
 
 version=$(docker-compose version --short 2>&1)
@@ -13,4 +13,4 @@ else
     echo "Current Docker Compose version is \"${version}\". Please Install Docker Compose matching \"${DISPLAY_COMPOSE_REGEX}\""
     echo "Docker Compose comes with Docker Desktop which can be downloaded here: https://www.docker.com/products/docker-desktop"
     exit 1
-fi
+fi