icebreakerone · kipparker · Feb 20, 2024 · Feb 15, 2024 · Feb 15, 2024 · Feb 15, 2024
diff --git a/.github/templates/test/action.yml b/.github/templates/test/action.yml
@@ -0,0 +1,28 @@
+name: test
+description: Run python tests
+inputs:
+  folder: 
+    description: 'The folder to run tests in'
+    required: true
+
+runs:
+  using: "composite"
+  steps:
+    - name: Install ${{ inputs.folder }} dependencies
+      shell: bash
+      run: |
+        cd ${{ inputs.folder }}
+        pip install pipenv
+        pipenv install --dev
+    - name: Lint with ruff
+      shell: bash
+      run: |
+        # stop the build if there are Python syntax errors or undefined names
+        cd ${{ inputs.folder }}
+        pipenv run ruff .
+    - name: Run ${{ inputs.folder }} tests
+      shell: bash
+      run: |
+        # stop the build if there are Python syntax errors or undefined names
+        cd ${{ inputs.folder }}
+        pipenv run pytest .
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
diff --git a/.github/workflows/test_authentication.yml b/.github/workflows/test_authentication.yml
@@ -0,0 +1,17 @@
+name: Python tests authentication
+
+on: [push]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.12'
+      - name: Run tests
+        uses: ./.github/templates/test/
+        with:
+          folder: authentication
diff --git a/.github/workflows/test_resource.yml b/.github/workflows/test_resource.yml
@@ -0,0 +1,17 @@
+name: Python tests resource
+
+on: [push]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.12'
+      - name: Run tests
+        uses: ./.github/templates/test/
+        with:
+          folder: resource
diff --git a/README.md b/README.md
@@ -1,23 +1,36 @@
-# Perseus demo authentication api
+# Perseus demo energy provider
 
-Emulates authentication endpoints for the Perseus demo. These endpoints in production will be provided by an energy provider's authentication platform. Api documentation is available at https://perseus-demo-authentication.ib1.org/api-docs.
+Emulates authentication and resource api endpoints for the Perseus demo.
 
-The authentication api is responsible for authenticating and identifying its own users, and for handling and passing on requests from the client API to the FAPI API.
+## Authentication API
 
-## Run the dev server
+The authentication app is in the [authentication](authentication) directory. It provides endpoints for authenticating and identifying users, and for handling and passing on requests from the client API to the FAPI API.
+
+Authentication API documentation is available at https://perseus-demo-authentication.ib1.org/api-docs.
+
+## Resource API
+
+The resource api is in the [resource](resource) directory. It demonstrates how to protect an API endpoint using a certificate bound token obtained from the authentication API's interaction with the FAPI provider.
+
+Resource API documentation is available at https://perseus-demo-energy.ib1.org/api-docs.
+
+## Running a dev server
 
 ```bash
+cd authentication|resource
 pipenv install --dev
 pipenv run uvicorn api.main:app --reload
 ```
 
 ## Running the local docker environment
 
+The included docker compose file will bring up both APIs. It uses nginx to proxy requests to uvicorn, with nginx configuration to pass through client certificates to the backend, using the same header as used by AWS ALB (`x-amzn-mtls-clientcert`). It requires a set of certificates as generated by [scripts/certmaker.sh], which should be available in the `certs` directory
+
 ```bash
 docker-compose up
 ```
 
-The docker environment uses nginx to proxy requests to uvicorn, with nginx configuration to pass through client certificates to the backend, using the same header as used by AWS ALB (`x-amzn-mtls-clientcert`). It requires a set of certificates as generated by [scripts/certmaker.sh], which should be available in the `certs` directory.
+The environment variables in the docker compose file point to the FAPI api running on localhost port 8020 (http://host.docker.internal:8020). As the FAPI api is not running in the docker environment, you may need to change these environment variables to match your local environment. It will also work with the live FAPI api by changing these values to "https://perseus-demo-fapi.ib1.org".
 
 ## Testing the API with client.py
 

diff --git a/backend/.dockerignore → authentication/.dockerignore b/backend/.dockerignore → authentication/.dockerignore
diff --git a/backend/Dockerfile → authentication/Dockerfile b/backend/Dockerfile → authentication/Dockerfile
diff --git a/backend/Pipfile → authentication/Pipfile b/backend/Pipfile → authentication/Pipfile
@@ -9,16 +9,19 @@ pyjwt = "*"
 uvicorn = "*"
 requests = "*"
 python-jose = {extras = ["cryptography"] }
-passlib = {extras = ["bcrypt"] }
 python-multipart = "*"
+httpx = "*"
+bcrypt = "*"
 
 [dev-packages]
 black = "*"
 mypy = "*"
 ruff = "*"
 types-python-jose = "*"
-types-passlib = "*"
 types-requests = "*"
+pytest = "*"
+responses = "*"
+pytest-mock = "*"
 
 [requires]
 python_version = "3.12"