[Tests] Add mock-aai to the docker compose setup

[jbygdell]

Related issue(s) and PR(s)

Description

This PR adds the ls-aai-mock instance from the GDI starter-kit repo so we will be able to test auth fully.

How to test

make build-all
make sda-s3-up

Use a browser and go to http://localhost:8801/
It should be possible to complete the entire OIDC authentication circle.

The full test should work as normal.

make integrationtest-sda-s3-run

[pahatz]

It seems to work great and to have required a lot of tedious work.
I am missing a lot of information on choices here. I see a fixed image used from gitlab but I can't really understand the reasoning of the choices, whether we can depend on that to be updated, where is the repo etc.
It would be nice to have at least some context and links in the description.

[jbygdell]

It seems to work great and to have required a lot of tedious work. I am missing a lot of information on choices here. I see a fixed image used from gitlab but I can't really understand the reasoning of the choices, whether we can depend on that to be updated, where is the repo etc. It would be nice to have at least some context and links in the description.

Basically it is an implementation of the GDI starterkit repo in this compose setup. So in essence there is nothing that should be modified since it is here only so we can test the auth-OIDC circle.

[MalinAhlberg]

Nice! Works well when testing to log in, and seems to reduce a lot of tedious work in the future 👍 . I'm a bit unsure about the tests being removed, otherwise I think it looks very good!

[nanjiangshu]

Works well! Great job!

[aaperis]

Looks nice overall, just a couple of comments to discuss :-).

[nanjiangshu]

When I tried to run the integration test for sync, I found that the service oidc is failed with the following error

oidc  | create RSA key
oidc  | Traceback (most recent call last):
oidc  |   File "/oidc.py", line 313, in <module>
oidc  |     DATA = _generate_token()
oidc  |            ^^^^^^^^^^^^^^^^^
oidc  |   File "/oidc.py", line 57, in _generate_token
oidc  |     "kid": ec_key1.thumbprint()
oidc  |            ^^^^^^^^^^^^^^^^^^^^
oidc  |   File "/usr/local/lib/python3.11/site-packages/joserfc/rfc7517/models.py", line 163, in thumbprint
oidc  |     return thumbprint(self.dict_value, fields, self.thumbprint_digest_method)
oidc  |                       ^^^^^^^^^^^^^^^
oidc  |   File "/usr/local/lib/python3.11/site-packages/joserfc/rfc7517/models.py", line 142, in dict_value
oidc  |     data = self.binding.convert_raw_key_to_dict(self.raw_value, self.is_private)
oidc  |            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
oidc  |   File "/usr/local/lib/python3.11/site-packages/joserfc/rfc7517/pem.py", line 102, in convert_raw_key_to_dict
oidc  |     value = cls.export_public_key(raw_key)
oidc  |             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
oidc  |   File "/usr/local/lib/python3.11/site-packages/joserfc/rfc7518/ec_key.py", line 80, in export_public_key
oidc  |     numbers = key.public_numbers()
oidc  |               ^^^^^^^^^^^^^^^^^^
oidc  | AttributeError: 'cryptography.hazmat.bindings._rust.openssl.rsa.RSA' object has no attribute 'public_numbers'

I guess this is related to the change of the algorithm from EC to RSA.
Since there is a filtering in the workflow of sda-sync, the integration test for sync has not been triggered by the Github Action.

[jbygdell]

I guess this is related to the change of the algorithm from EC to RSA. Since there is a filtering in the workflow of sda-sync, the integration test for sync has not been triggered by the Github Action.

No it has not. And sync is about to be completely rewritten so I deem this a non issue for now.

[nanjiangshu]

Looks good!

[aaperis]

Nice