diff --git a/tests/integration-tests/README.md b/tests/integration-tests/README.md index c43e5bf390..8818910130 100644 --- a/tests/integration-tests/README.md +++ b/tests/integration-tests/README.md @@ -228,6 +228,7 @@ To configure the roles, you need to specify the following options: * `webhook`: [MANDATORY] the webhook object to use for this role. If not specified, the default webhook URL will be used. * `url`: [MANDATORY] the REST API URL of the agent to use for this role. * `apikey`: [OPTIONAL] the API key to use for this role. If not specified, the default API key will be used. API key authentication can also be disabled. +* `token`: [OPTIONAL] the JWT token to use for this role. To be used only for pre-configured remote instances of the agents with Keycloak authentication enabled. * `authHeader`: [OPTIONAL] the authentication header to use for this role. If not specified, the default authentication header will be used. `webhook` is a special object that contains the following options: @@ -286,6 +287,64 @@ To work with remote agents, you need to specify the following options: 2. Remote `apikey` of the agent (if configured) 3. Webhook configuration with the remote `url` (to be registered on the agent side) and `local_port` that will be opened locally. You have to use `ngrok` or similar tool to open the local port to the world and get the remote URL. +When we would like to test local agent VS remote agents, we need to open the local ports to the world. +We need to open 3 things: +1. REST service URL should be available to fetch credential definitions and credential schemas +2. DIDComm service URL should be available to send and receive DIDComm messages +3. Webhook URL should be available to receive webhook messages + +Here is an example ngrok configuration to open 3 ports: +```yaml +version: "2" +authtoken: ... + +tunnels: + rest_service7080: + proto: http + addr: 7080 + didcomm_service7070: + proto: http + addr: 7070 + webhook9999: + proto: http + addr: 9999 +``` + +Then, run `ngrok` as follows: +```shell +ngrok start --all +``` + +And you should see something like this: +```text +Session Status online +Account antonbaliasnikov@gmail.com (Plan: Free) +Update update available (version 3.5.0, Ctrl-U to update) +Version 3.4.0 +Region Europe (eu) +Latency - +Web Interface http://127.0.0.1:4040 +Forwarding https://5c0b-2001-818-dce2-c000-9c53-d0a3-15f2-ca59.ngrok-free.app -> http://localhost:7080 +Forwarding https://6908-2001-818-dce2-c000-9c53-d0a3-15f2-ca59.ngrok-free.app -> http://localhost:7070 +Forwarding https://90e7-2001-818-dce2-c000-9c53-d0a3-15f2-ca59.ngrok-free.app -> http://localhost:9999 +``` + +After that, you could configure your local agent as follows to provide the required URLs: +```yaml + { + version = "${OPEN_ENTERPRISE_AGENT_VERSION}" + http_port = 7080 + didcomm_port = 7070 + didcomm_service_url = "https://6908-2001-818-dce2-c000-9c53-d0a3-15f2-ca59.ngrok-free.app" + rest_service_url = "https://5c0b-2001-818-dce2-c000-9c53-d0a3-15f2-ca59.ngrok-free.app" + auth_enabled = true + prism_node = ${services.prism_node} + } +``` + +**Make sure `http_port` and `didcomm_port` are the same as in the `ngrok` configuration!** + +Next, you are able to configure your roles to use remote agents. Here is an example of the agent configuration for SIT environment: ```yaml { @@ -293,13 +352,28 @@ Here is an example of the agent configuration for SIT environment: url = "https://sit-prism-agent-issuer.atalaprism.io/prism-agent" apikey = "SIT_ENVIRONMENT_API_KEY_FOR_ISSUER" webhook = { - url = "https://b655-2001-818-dce2-c000-d992-94ce-ad1-d722.ngrok-free.app" + url = "https://90e7-2001-818-dce2-c000-9c53-d0a3-15f2-ca59.ngrok-free.app" init_required = true local_port = 9999 } } ``` +There is also an option to use JWT token instead of API key for authentication if the remote agent is configured to use Keycloak authentication. +Here is an example of the agent configuration for sandbox environment: +```yaml + { + name = "Issuer" + url = "https://sandbox-issuer.atalaprism.io/prism-agent" + token = "SANDBOX_ENVIRONMENT_BEARER_TOKEN_FOR_ISSUER" + webhook = { + url = "https://5868-2001-818-dce2-c000-9c53-d0a3-15f2-ca59.ngrok-free.app" + local_port = 9999 + init_required = true + } + } +``` + **Please note: `roles` section is MANDATORY. If you do not specify any role, then the tests will fail.** ## Running the tests diff --git a/tests/integration-tests/src/test/kotlin/config/Role.kt b/tests/integration-tests/src/test/kotlin/config/Role.kt index 304bb51d81..2edbff9eb0 100644 --- a/tests/integration-tests/src/test/kotlin/config/Role.kt +++ b/tests/integration-tests/src/test/kotlin/config/Role.kt @@ -6,6 +6,7 @@ data class Role( val name: String, val url: URL, val apikey: String?, + val token: String?, val authHeader: String = "apikey", val webhook: Webhook? ) diff --git a/tests/integration-tests/src/test/kotlin/config/services/Agent.kt b/tests/integration-tests/src/test/kotlin/config/services/Agent.kt index 08034eefac..6201dfb605 100644 --- a/tests/integration-tests/src/test/kotlin/config/services/Agent.kt +++ b/tests/integration-tests/src/test/kotlin/config/services/Agent.kt @@ -10,6 +10,7 @@ data class Agent( @ConfigAlias("http_port") val httpPort: Int, @ConfigAlias("didcomm_port") val didcommPort: Int, @ConfigAlias("didcomm_service_url") val didcommServiceUrl: String?, + @ConfigAlias("rest_service_url") val restServiceUrl: String?, @ConfigAlias("auth_enabled") val authEnabled: Boolean, @ConfigAlias("prism_node") val prismNode: PrismNode?, val keycloak: Keycloak?, @@ -26,6 +27,7 @@ data class Agent( "AGENT_DIDCOMM_PORT" to didcommPort.toString(), "DIDCOMM_SERVICE_URL" to (didcommServiceUrl ?: "http://host.docker.internal:${didcommPort}"), "AGENT_HTTP_PORT" to httpPort.toString(), + "REST_SERVICE_URL" to (restServiceUrl ?: "http://host.docker.internal:${httpPort}"), "PRISM_NODE_PORT" to (prismNode?.httpPort?.toString() ?: ""), "SECRET_STORAGE_BACKEND" to if (vault != null) "vault" else "postgres", "VAULT_HTTP_PORT" to (vault?.httpPort?.toString() ?: ""), diff --git a/tests/integration-tests/src/test/kotlin/features/Init.kt b/tests/integration-tests/src/test/kotlin/features/Init.kt index 6f4d8ceccb..60822257cf 100644 --- a/tests/integration-tests/src/test/kotlin/features/Init.kt +++ b/tests/integration-tests/src/test/kotlin/features/Init.kt @@ -104,6 +104,9 @@ fun initActors() { actor.remember("AUTH_KEY", role.apikey) actor.remember("AUTH_HEADER", role.authHeader) } + if (role.token != null) { + actor.remember("BEARER_TOKEN", role.token) + } if (role.webhook != null) { actor.whoCan(ListenToEvents.at(role.webhook.url, role.webhook.localPort)) if (role.webhook.initRequired) { diff --git a/tests/integration-tests/src/test/resources/containers/agent.yml b/tests/integration-tests/src/test/resources/containers/agent.yml index 45d209b0d9..56f0172a28 100644 --- a/tests/integration-tests/src/test/resources/containers/agent.yml +++ b/tests/integration-tests/src/test/resources/containers/agent.yml @@ -38,7 +38,7 @@ services: AGENT_DIDCOMM_PORT: AGENT_HTTP_PORT: DIDCOMM_SERVICE_URL: - REST_SERVICE_URL: "http://host.docker.internal:${AGENT_HTTP_PORT}" + REST_SERVICE_URL: API_KEY_ENABLED: # Secret storage configuration SECRET_STORAGE_BACKEND: