Cleaned up local OIDC setup

rimi-itk · rimi-itk · commit e934729fe352 · 2026-01-21T09:35:01.000+01:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,8 @@ Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
 
+* [PR-591](https://github.com/itk-dev/deltag.aarhus.dk/pull/591)
+  Cleaned up local OIDC setup
 * [PR-587](https://github.com/itk-dev/deltag.aarhus.dk/pull/587)
   Cleaned up translations
 * [PR-586](https://github.com/itk-dev/hoeringsportal/pull/586)
diff --git a/docker-compose.oidc.yml b/docker-compose.oidc.yml
@@ -2,24 +2,17 @@ services:
   # https://github.com/geigerzaehler/oidc-provider-mock
   idp-citizen:
     image: ghcr.io/geigerzaehler/oidc-provider-mock:latest
-    profiles:
-      - oidc
-      - test
     # Let this container be accessible both internally and externally on the same domain.
     container_name: idp-citizen.${COMPOSE_DOMAIN}
     networks:
       - app
       - frontend
-    ports:
-      - "80"
     labels:
       - "traefik.enable=true"
       - "traefik.docker.network=frontend"
       - "traefik.http.routers.${COMPOSE_PROJECT_NAME}-idp.rule=Host(`idp-citizen.${COMPOSE_DOMAIN}`)"
     command:
       [
-        "--port",
-        "80",
         "--user-claims",
         '{"sub": "citizen1", "dk_ssn": "1111111111", "name": "Anders And", "zip": "1111"}',
         "--user-claims",
@@ -34,27 +27,19 @@ services:
         '{"sub": "aarhusianer", "dk_ssn": "2611740000", "name": "Betina Henningsentest"}',
       ]
 
-  # https://github.com/Soluto/oidc-server-mock
   idp-employee:
     image: ghcr.io/geigerzaehler/oidc-provider-mock:latest
-    profiles:
-      - oidc
-      - test
     # Let this container be accessible both internally and externally on the same domain.
     container_name: idp-employee.${COMPOSE_DOMAIN}
     networks:
       - app
       - frontend
-    ports:
-      - "80"
     labels:
       - "traefik.enable=true"
       - "traefik.docker.network=frontend"
       - "traefik.http.routers.${COMPOSE_PROJECT_NAME}_idp-employee.rule=Host(`idp-employee.${COMPOSE_DOMAIN}`)"
     command:
       [
-        "--port",
-        "80",
         "--user-claims",
         '{"sub": "user", "email": "user@example.com", "groups": ["authenticated"]}',
         "--user-claims",
@@ -78,7 +63,7 @@ services:
   idp_mock_api:
     image: dotronglong/faker:stable
     profiles:
-      - oidc
+      - oidc-api
     networks:
       - app
       - frontend
diff --git a/documentation/localDevelopment.md b/documentation/localDevelopment.md
@@ -111,8 +111,8 @@ Start docker
 ```sh
 docker compose pull
 docker compose up --detach
-# Note: If you want to start pretix and the mock OIDC IdP you have to enable the "pretix" and "oidc" profiles (cf. https://docs.docker.com/compose/profiles/):
-# docker compose --profile pretix --profile oidc up --detach
+# Note: If you want to start pretix you have to enable the "pretix" profile (cf. https://docs.docker.com/compose/profiles/):
+# docker compose --profile pretix up --detach
 docker compose exec phpfpm composer install
 docker compose exec phpfpm vendor/bin/drush --yes site:install --existing-config
 
diff --git a/documentation/openIdConnect.md b/documentation/openIdConnect.md
@@ -34,9 +34,9 @@ docker compose exec phpfpm vendor/bin/drush config:get --include-overridden open
 See the [Høringsportalen OpenID Connect module](../web/modules/custom/hoeringsportal_openid_connect/README.md) for
 details on configuring OpenID Connect authentification for citizens.
 
-For local testing we use [OpenId Connect Server Mock](https://github.com/Soluto/oidc-server-mock) for (almost) real
+For local testing we use [OpenID Provider Mock](https://github.com/geigerzaehler/oidc-provider-mock) for (almost) real
 OpenID Connect. Users and their claims are defined in
-[`docker-compose.override.yml`](../../../../docker-compose.override.yml).
+[`docker-compose.oidc.yml`](../../../../docker-compose.oidc.yml).
 
 ## Employee authentification
 
@@ -56,24 +56,16 @@ docker compose exec phpfpm vendor/bin/drush php:eval "\Drupal\taxonomy\Entity\Te
 ## Debugging OpenID Connect authentification
 
 ```sh
-docker compose --profile oidc up --detach
+docker compose up --detach
 ```
 
 ### Local OIDC test
 
-During (local) development we use [OpenId Connect Server Mock](https://github.com/Soluto/oidc-server-mock) (cf.
+During (local) development we use [OpenID Provider Mock](https://github.com/geigerzaehler/oidc-provider-mock) (cf.
 [`docker-compose.oidc.yml`](docker-compose.oidc.yml) which is
 [included](https://docs.docker.com/compose/how-tos/multiple-compose-files/include/) in
 [`docker-compose.override.yml`](docker-compose.override.yml)).
 
-#### Employees
-
-| Username            | Password             | Groups        |
-|---------------------|----------------------|---------------|
-| department1-admin   | department1-admin    | administrator |
-| department2-editor  | department2-editor   | editor        |
-| department3-editor  | department3-editor   | editor        |
-
 ## Debug OIDC
 
 During development it can be useful to see the user info we actually get during OpenID Connect authentification, and to
@@ -106,13 +98,13 @@ The json files with mock returns are located in the `mocks` folder in the root o
 To test if this works, patiently wait for:
 
 ```sh
-docker compose --profile oidc up --detach
+docker compose up --detach
 ```
 
 To test if it works, run (should return something starting with `HTTP/1.1 200 OK`)
 
 ```sh
-curl -d '{}' "http://$(docker compose --profile oidc port idp_mock_api 3030)/users"
+curl -d '{}' "http://$(docker compose port idp_mock_api 3030)/users"
 ```
 
 or
@@ -188,6 +180,6 @@ above config file (here, `userprincipalname`).
 ### Test delta sync
 
 ```sh
-docker compose --profile oidc up --detach
+docker compose --profile oidc-api up --detach
 ./test-delta-sync
 ```
