Skip to content

Commit

Permalink
feat: #990 added 50 dev urls for each cognito client (#996)
Browse files Browse the repository at this point in the history
  • Loading branch information
@MCatherine1994
MCatherine1994 authored Oct 25, 2023
1 parent c565197 commit 1286162
Show file tree
Hide file tree
Showing 5 changed files with 26 additions and 20 deletions.
8 changes: 4 additions & 4 deletions infrastructure/server/oidc_clients_fom.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,13 @@ resource "aws_cognito_user_pool_client" "dev_fom_oidc_client" {
allowed_oauth_flows = ["code"]
allowed_oauth_flows_user_pool_client = "true"
allowed_oauth_scopes = ["openid", "profile", "email"]
callback_urls = [
callback_urls = concat([
"https://oidcdebugggersecure-c6af30-dev.apps.gold.devops.gov.bc.ca/",
"http://localhost:4200/admin/search"
]
logout_urls = [
], [for i in range("${var.dev_pr_url_count}") : "https://fom-${i}.apps.silver.devops.gov.bc.ca/admin/search"])
logout_urls = concat([
"${var.cognito_app_client_logout_chain_url.dev}http://localhost:4200/admin/not-authorized?loggedout=true"
]
], [for i in range("${var.dev_pr_url_count}") : "${var.cognito_app_client_logout_chain_url.dev}https://fom-${i}.apps.silver.devops.gov.bc.ca/admin/not-authorized?loggedout=true"])
enable_propagate_additional_user_context_data = "false"
enable_token_revocation = "true"
explicit_auth_flows = ["ALLOW_REFRESH_TOKEN_AUTH"]
Expand Down
8 changes: 4 additions & 4 deletions infrastructure/server/oidc_clients_forest_client.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,13 @@ resource "aws_cognito_user_pool_client" "dev_forest_client_oidc_client" {
allowed_oauth_flows = ["code"]
allowed_oauth_flows_user_pool_client = "true"
allowed_oauth_scopes = ["openid", "profile", "email"]
callback_urls = [
callback_urls = concat([
"https://oidcdebugggersecure-c6af30-dev.apps.gold.devops.gov.bc.ca/",
"http://localhost:3000/dashboard",
]
logout_urls = [
], [for i in range("${var.dev_pr_url_count}") : "https://nr-forest-client-${i}-frontend.apps.silver.devops.gov.bc.ca/dashboard"])
logout_urls = concat([
"${var.cognito_app_client_logout_chain_url.dev}http://localhost:3000/"
]
], [for i in range("${var.dev_pr_url_count}") : "${var.cognito_app_client_logout_chain_url.dev}https://nr-forest-client-${i}-frontend.apps.silver.devops.gov.bc.ca/"])
enable_propagate_additional_user_context_data = "false"
enable_token_revocation = "true"
explicit_auth_flows = ["ALLOW_REFRESH_TOKEN_AUTH"]
Expand Down
8 changes: 4 additions & 4 deletions infrastructure/server/oidc_clients_silva.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,16 +3,16 @@ resource "aws_cognito_user_pool_client" "dev_silva_oidc_client" {
allowed_oauth_flows = ["code"]
allowed_oauth_flows_user_pool_client = "true"
allowed_oauth_scopes = ["openid", "profile", "email"]
callback_urls = [
callback_urls = concat([
"https://oidcdebugggersecure-c6af30-dev.apps.gold.devops.gov.bc.ca/",
"http://localhost:3000/dashboard",
"https://nr-results-exam-test-frontend.apps.silver.devops.gov.bc.ca/dashboard"
]
logout_urls = [
], [for i in range("${var.dev_pr_url_count}") : "https://nr-silva-${i}-frontend.apps.silver.devops.gov.bc.ca/dashboard"])
logout_urls = concat([
"${var.cognito_app_client_logout_chain_url.dev}https://oidcdebugggersecure-c6af30-dev.apps.gold.devops.gov.bc.ca/",
"${var.cognito_app_client_logout_chain_url.dev}http://localhost:3000/",
"${var.cognito_app_client_logout_chain_url.dev}https://nr-results-exam-test-frontend.apps.silver.devops.gov.bc.ca/"
]
], [for i in range("${var.dev_pr_url_count}") : "${var.cognito_app_client_logout_chain_url.dev}https://nr-silva-${i}-frontend.apps.silver.devops.gov.bc.ca/"])
enable_propagate_additional_user_context_data = "false"
enable_token_revocation = "true"
explicit_auth_flows = ["ALLOW_REFRESH_TOKEN_AUTH"]
Expand Down
16 changes: 8 additions & 8 deletions infrastructure/server/oidc_clients_spar.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,15 @@ resource "aws_cognito_user_pool_client" "dev_spar_oidc_client" {
allowed_oauth_flows = ["code"]
allowed_oauth_flows_user_pool_client = "true"
allowed_oauth_scopes = ["openid", "profile", "email"]
callback_urls = [
callback_urls = concat([
"https://oidcdebugggersecure-c6af30-dev.apps.gold.devops.gov.bc.ca/",
"http://localhost:3000/",
"http://localhost:3000/silent-check-sso"
]
logout_urls = [
], [for i in range("${var.dev_pr_url_count}") : "https://nr-spar-${i}-frontend.apps.silver.devops.gov.bc.ca/"])
logout_urls = concat([
"${var.cognito_app_client_logout_chain_url.dev}https://oidcdebugggersecure-c6af30-dev.apps.gold.devops.gov.bc.ca/",
"${var.cognito_app_client_logout_chain_url.dev}http://localhost:3000/"
]
], [for i in range("${var.dev_pr_url_count}") : "${var.cognito_app_client_logout_chain_url.dev}https://nr-spar-${i}-frontend.apps.silver.devops.gov.bc.ca/"])
enable_propagate_additional_user_context_data = "false"
enable_token_revocation = "true"
explicit_auth_flows = ["ALLOW_REFRESH_TOKEN_AUTH"]
Expand Down Expand Up @@ -43,10 +43,10 @@ resource "aws_cognito_user_pool_client" "test_spar_oidc_client" {
callback_urls = [
"http://localhost:3000/",
"https://oidcdebugggersecure-c6af30-dev.apps.gold.devops.gov.bc.ca/",
"https://nr-spar-webapp-test-frontend.apps.silver.devops.gov.bc.ca/"
"https://nr-spar-test-frontend.apps.silver.devops.gov.bc.ca/"
]
logout_urls = [
"${var.cognito_app_client_logout_chain_url.test}https://nr-spar-webapp-test-frontend.apps.silver.devops.gov.bc.ca/",
"${var.cognito_app_client_logout_chain_url.test}https://nr-spar-test-frontend.apps.silver.devops.gov.bc.ca/",
"${var.cognito_app_client_logout_chain_url.test}http://localhost:3000/"
]
enable_propagate_additional_user_context_data = "false"
Expand Down Expand Up @@ -78,10 +78,10 @@ resource "aws_cognito_user_pool_client" "prod_spar_oidc_client" {
allowed_oauth_flows_user_pool_client = "true"
allowed_oauth_scopes = ["openid", "profile", "email"]
callback_urls = [
"https://nr-spar-webapp-prod-frontend.apps.silver.devops.gov.bc.ca/"
"https://nr-spar-prod-frontend.apps.silver.devops.gov.bc.ca/"
]
logout_urls = [
"${var.cognito_app_client_logout_chain_url.prod}https://nr-spar-webapp-prod-frontend.apps.silver.devops.gov.bc.ca/"
"${var.cognito_app_client_logout_chain_url.prod}https://nr-spar-prod-frontend.apps.silver.devops.gov.bc.ca/"
]
enable_propagate_additional_user_context_data = "false"
enable_token_revocation = "true"
Expand Down
6 changes: 6 additions & 0 deletions infrastructure/server/variables_provided.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -334,4 +334,10 @@ variable "prod_override_bcsc_userinfo_proxy_endpoint" {
description = "Endpoint for Cognito to get userinfo data for BCSC PROD environment"
type = string
default = "not used unless overridden in terragrunt"
}

variable "dev_pr_url_count" {
description = "Number of pull request redirect urls of Cognito dev clients"
type = number
default = 50
}

0 comments on commit 1286162

Please sign in to comment.