From f7f266437fb8351852e5eb563e010694a8495447 Mon Sep 17 00:00:00 2001 From: Gavin Jaeger-Freeborn Date: Wed, 30 Oct 2024 11:11:27 -0700 Subject: [PATCH 01/11] Added user definable variable substitutions Signed-off-by: Gavin Jaeger-Freeborn --- docker/docker-compose.yaml | 2 + docker/manage | 3 + docs/ConfigurationGuide.md | 31 ++++++-- oidc-controller/api/core/config.py | 4 ++ .../tests/test_variable_substitutions.py | 13 +++- .../variableSubstitutions.py | 70 +++++++++++++++++-- 6 files changed, 110 insertions(+), 13 deletions(-) diff --git a/docker/docker-compose.yaml b/docker/docker-compose.yaml index 3264c6ae..b92f0514 100644 --- a/docker/docker-compose.yaml +++ b/docker/docker-compose.yaml @@ -27,6 +27,7 @@ services: - CONTROLLER_PRESENTATION_EXPIRE_TIME=${CONTROLLER_PRESENTATION_EXPIRE_TIME} - CONTROLLER_PRESENTATION_CLEANUP_TIME=${CONTROLLER_PRESENTATION_CLEANUP_TIME} - CONTROLLER_SESSION_TIMEOUT_CONFIG_FILE=${CONTROLLER_SESSION_TIMEOUT_CONFIG_FILE} + - CONTROLLER_VARIABLE_SUBSTITUTION_OVERRIDE=${CONTROLLER_VARIABLE_SUBSTITUTION_OVERRIDE} - ACAPY_TENANCY=${AGENT_TENANT_MODE} - ACAPY_AGENT_URL=${AGENT_ENDPOINT} - ACAPY_ADMIN_URL=${AGENT_ADMIN_URL} @@ -45,6 +46,7 @@ services: volumes: - ../oidc-controller:/app:rw - ./oidc-controller/config/sessiontimeout.json:/home/aries/sessiontimeout.json + - ./oidc-controller/config/settings_override.py:/home/aries/settings_override.py networks: - vc_auth diff --git a/docker/manage b/docker/manage index 605bd308..668ca7f8 100755 --- a/docker/manage +++ b/docker/manage @@ -179,6 +179,9 @@ configureEnvironment() { # The path to the auth_session timeouts config file export CONTROLLER_SESSION_TIMEOUT_CONFIG_FILE="/home/aries/sessiontimeout.json" + # Extend Variable Substitutions + # export CONTROLLER_VARIABLE_SUBSTITUTION_OVERRIDE="/home/aries/settings_override.py" + #controller app settings export INVITATION_LABEL=${INVITATION_LABEL:-"VC-AuthN"} export SET_NON_REVOKED="True" diff --git a/docs/ConfigurationGuide.md b/docs/ConfigurationGuide.md index 0577e945..8f0562a8 100644 --- a/docs/ConfigurationGuide.md +++ b/docs/ConfigurationGuide.md @@ -125,12 +125,31 @@ and at runtime when the user navigates to the QR code page, the proof would incl See the `oidc-controller\api\verificationConfigs\variableSubstitutions.py` file for implementations. #### Customizing variables +For user defined variable substitutions users can set the environment +variable to point at a python file defining new substitutions. -In `oidc-controller\api\verificationConfigs\variableSubstitutions.py` there are the built-in variables above. -For an advanced use case, if you require further customization, it could be possible to just replace that `variableSubstitutions.py` file -in a VC-AuthN implementation and the newly introduced variables would be run if they are included in a proof request configuration. +##### User Defined Variable API +In `oidc-controller\api\verificationConfigs\variableSubstitutions.py` +you will find the method `add_variable_substitution` which can be used +to modify the existing instance of `VariableSubstitutionMap` named +`variable_substitution_map`. -For regular variables they can be added to the `static_map`, mapping your variable name to a function doing the operation. -For "dynamic" ones alter `__contains__` and `__getitem__` to use a regex to parse and extract what is needed. +Takes a valid regular expression `pattern` and a function who's +arguments correspond with each regex group `substitution_function`. Each +captured regex group will be passed to the function as a `str`. -The file `oidc-controller\api\verificationConfigs\helpers.py` contains the function that recurses through the config doing any substitutions, so it would pick up whatever is available in `variableSubstitutions.py` \ No newline at end of file +Here is an example python file that would define a new variable +substitution `$today_plus_x_times_y` which will add X days multiplied +by Y days to today's date + +```python +from datetime import datetime, timedelta + +def today_plus_times(added_days: str, multiplied_days: str) -> int: + return int( + ((datetime.today() + timedelta(days=int(added_days))) * timedelta(days=int(multiplied_days))) + ).strftime("%Y%m%d")) + +# variable_substitution_map will already be defined in variableSubstitutions.py +variable_substitution_map.add_variable_substitution(r"\$today_plus_(\d+)_times_(\d+)", today_plus_times) +``` diff --git a/oidc-controller/api/core/config.py b/oidc-controller/api/core/config.py index e3b1f40d..76f0efd7 100644 --- a/oidc-controller/api/core/config.py +++ b/oidc-controller/api/core/config.py @@ -8,6 +8,7 @@ from pathlib import Path from pydantic_settings import BaseSettings from pydantic import ConfigDict +from typing import Any import structlog @@ -227,6 +228,9 @@ class GlobalConfig(BaseSettings): ) SET_NON_REVOKED: bool = strtobool(os.environ.get("SET_NON_REVOKED", True)) + CONTROLLER_VARIABLE_SUBSTITUTION_OVERRIDE: str | None = os.environ.get( + "CONTROLLER_VARIABLE_SUBSTITUTION_OVERRIDE" + ) model_config = ConfigDict(case_sensitive=True) diff --git a/oidc-controller/api/verificationConfigs/tests/test_variable_substitutions.py b/oidc-controller/api/verificationConfigs/tests/test_variable_substitutions.py index 3c29d8f3..1270ce6c 100644 --- a/oidc-controller/api/verificationConfigs/tests/test_variable_substitutions.py +++ b/oidc-controller/api/verificationConfigs/tests/test_variable_substitutions.py @@ -1,4 +1,5 @@ import time +from typing_extensions import Callable import pytest from datetime import datetime, timedelta from api.verificationConfigs.variableSubstitutions import VariableSubstitutionMap @@ -27,7 +28,17 @@ def test_get_threshold_years_date(): expected_date = ( datetime.today().replace(year=datetime.today().year - years).strftime("%Y%m%d") ) - assert vsm.get_threshold_years_date(years) == int(expected_date) + assert vsm.get_threshold_years_date(str(years)) == int(expected_date) + + +def test_user_defined_func(): + vsm = VariableSubstitutionMap() + func: Callable[[int], int] = lambda x, y: int(x) + int(y) + vsm.add_variable_substitution(r"\$years since (\d+) (\d+)", func) + days = 10 + years = 22 + assert f"$years since {years} {days}" in vsm + assert vsm[f"$years since {years} {days}"]() == years + days def test_contains_static_variable(): diff --git a/oidc-controller/api/verificationConfigs/variableSubstitutions.py b/oidc-controller/api/verificationConfigs/variableSubstitutions.py index a00efcb0..1a305897 100644 --- a/oidc-controller/api/verificationConfigs/variableSubstitutions.py +++ b/oidc-controller/api/verificationConfigs/variableSubstitutions.py @@ -8,6 +8,15 @@ from datetime import datetime, timedelta import time import re +import copy + +import structlog +from typing_extensions import Callable +from ..core.config import settings + +logger: structlog.typing.FilteringBoundLogger = structlog.getLogger(__name__) + +SubstitutionFunction = Callable[..., int | str] class VariableSubstitutionMap: @@ -20,7 +29,25 @@ def __init__(self): "$tomorrow_int": self.get_tomorrow_date, } - def get_threshold_years_date(self, years: int) -> int: + self.user_static_map: dict[re.Pattern[str], SubstitutionFunction] = { + re.compile(r"\$threshold_years_(\d+)"): self.get_threshold_years_date + } + + def add_variable_substitution( + self, pattern: str, substitution_function: SubstitutionFunction + ): + """Takes a valid regular expression PATTERN and a function + who's arguments correspond with each regex group + SUBSTITUTION_FUNCTION. Each captured regex group will be + passed to the function as a str. + + Examples: + vsm.add_variable_substitution(r\"\\$years since (\\d+) (\\d+)\", lambda x, y: int(x) + int(y)) + vsm[f"$years since {10} {12}"] => 22 + """ + self.user_static_map[re.compile(pattern)] = substitution_function + + def get_threshold_years_date(self, years: str) -> int: """ Calculate the threshold date for a given number of years. @@ -30,7 +57,9 @@ def get_threshold_years_date(self, years: int) -> int: Returns: int: The current date minux X years in YYYYMMDD format. """ - threshold_date = datetime.today().replace(year=datetime.today().year - years) + threshold_date = datetime.today().replace( + year=datetime.today().year - int(years) + ) return int(threshold_date.strftime("%Y%m%d")) def get_now(self) -> int: @@ -63,16 +92,45 @@ def get_tomorrow_date(self) -> int: # For "dynamic" variables, use a regex to match the key and return a lambda function # So a proof request can use $threshold_years_X to get the years back for X years def __contains__(self, key: str) -> bool: - return key in self.static_map or re.match(r"\$threshold_years_(\d+)", key) + res = key in self.static_map + if not res: + for i in self.user_static_map.keys(): + if re.match(i, key): + return True + return res def __getitem__(self, key: str): if key in self.static_map: return self.static_map[key] - match = re.match(r"\$threshold_years_(\d+)", key) - if match: - return lambda: self.get_threshold_years_date(int(match.group(1))) + for i, j in self.user_static_map.items(): + if nmatch := re.match(i, key): + return lambda: j(*nmatch.groups()) raise KeyError(f"Key {key} not found in format_args_function_map") # Create an instance of the custom mapping class variable_substitution_map = VariableSubstitutionMap() + + +def apply_user_variables(): + try: + with open(settings.CONTROLLER_VARIABLE_SUBSTITUTION_OVERRIDE) as user_file: + og_substitution_map = copy.copy(variable_substitution_map.user_static_map) + except TypeError: + logger.warning("No user defined variable substitutions file provided") + return None + except FileNotFoundError: + logger.warning("User defined variable substitutions file could not be found") + return None + else: + exec(user_file.read()) + if len(variable_substitution_map.user_static_map) <= 1: + logger.info("No new user created variable substitution where found") + for pattern, func in variable_substitution_map.user_static_map.items(): + if pattern not in og_substitution_map: + logger.info( + f'New user created variable substitution: The pattern "{pattern.pattern}" is now mapped to the function {func.__name__}' + ) + + +apply_user_variables() From 4d5b0ba4c1bf6b2cf18734ee583462c51e16837a Mon Sep 17 00:00:00 2001 From: Gavin Jaeger-Freeborn Date: Wed, 30 Oct 2024 11:57:29 -0700 Subject: [PATCH 02/11] relocate exec to prevent accessing a closed file Signed-off-by: Gavin Jaeger-Freeborn --- docker/docker-compose.yaml | 2 +- docker/manage | 2 +- .../config/user_variable_substitution.py | 27 +++++++++++++++++++ .../variableSubstitutions.py | 5 ++-- 4 files changed, 32 insertions(+), 4 deletions(-) create mode 100644 docker/oidc-controller/config/user_variable_substitution.py diff --git a/docker/docker-compose.yaml b/docker/docker-compose.yaml index e366a007..ac2d29bb 100644 --- a/docker/docker-compose.yaml +++ b/docker/docker-compose.yaml @@ -46,7 +46,7 @@ services: volumes: - ../oidc-controller:/app:rw - ./oidc-controller/config/sessiontimeout.json:/home/aries/sessiontimeout.json - - ./oidc-controller/config/settings_override.py:/home/aries/settings_override.py + - ./oidc-controller/config/user_variable_substitution.py:/home/aries/user_variable_substitution.py networks: - vc_auth diff --git a/docker/manage b/docker/manage index 668ca7f8..3224f4c9 100755 --- a/docker/manage +++ b/docker/manage @@ -180,7 +180,7 @@ configureEnvironment() { export CONTROLLER_SESSION_TIMEOUT_CONFIG_FILE="/home/aries/sessiontimeout.json" # Extend Variable Substitutions - # export CONTROLLER_VARIABLE_SUBSTITUTION_OVERRIDE="/home/aries/settings_override.py" + # export CONTROLLER_VARIABLE_SUBSTITUTION_OVERRIDE="/home/aries/user_variable_substitution.py" #controller app settings export INVITATION_LABEL=${INVITATION_LABEL:-"VC-AuthN"} diff --git a/docker/oidc-controller/config/user_variable_substitution.py b/docker/oidc-controller/config/user_variable_substitution.py new file mode 100644 index 00000000..edb6d5c5 --- /dev/null +++ b/docker/oidc-controller/config/user_variable_substitution.py @@ -0,0 +1,27 @@ +raise Exception("new exception") + + +def sub_days_plus_one(days: str) -> int: + """Strings like '$sub_days_plus_one_4' will be replaced with the + final number icremented by one. In this case 5. + $sub_days_plus_one_4 -> 5 + $sub_days_plus_one_10 -> 10""" + return int(days) + 1 + + +variable_substitution_map.add_variable_substitution( + r"$sub_days_plus_one_(\d+)", sub_days_plus_one +) + + +def sub_string_for_sure(_: str) -> str: + """Turns strings like $sub_string_for_sure_something into the string 'sure' + $sub_string_for_sure_something -> sure + $sub_string_for_sure_i -> sure + """ + return "sure" + + +variable_substitution_map.add_variable_substitution( + r"$sub_string_for_sure_(.+)", sub_string_for_sure +) diff --git a/oidc-controller/api/verificationConfigs/variableSubstitutions.py b/oidc-controller/api/verificationConfigs/variableSubstitutions.py index 1a305897..689a6d86 100644 --- a/oidc-controller/api/verificationConfigs/variableSubstitutions.py +++ b/oidc-controller/api/verificationConfigs/variableSubstitutions.py @@ -115,7 +115,7 @@ def __getitem__(self, key: str): def apply_user_variables(): try: with open(settings.CONTROLLER_VARIABLE_SUBSTITUTION_OVERRIDE) as user_file: - og_substitution_map = copy.copy(variable_substitution_map.user_static_map) + code = user_file.read() except TypeError: logger.warning("No user defined variable substitutions file provided") return None @@ -123,7 +123,8 @@ def apply_user_variables(): logger.warning("User defined variable substitutions file could not be found") return None else: - exec(user_file.read()) + og_substitution_map = copy.copy(variable_substitution_map.user_static_map) + exec(code) if len(variable_substitution_map.user_static_map) <= 1: logger.info("No new user created variable substitution where found") for pattern, func in variable_substitution_map.user_static_map.items(): From 369698e969864ea5c7b6b173d9f2879ad9b6a07d Mon Sep 17 00:00:00 2001 From: Gavin Jaeger-Freeborn Date: Wed, 30 Oct 2024 12:00:38 -0700 Subject: [PATCH 03/11] Removed the default exception for user variable file Signed-off-by: Gavin Jaeger-Freeborn --- docker/oidc-controller/config/user_variable_substitution.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/docker/oidc-controller/config/user_variable_substitution.py b/docker/oidc-controller/config/user_variable_substitution.py index edb6d5c5..e86ec53b 100644 --- a/docker/oidc-controller/config/user_variable_substitution.py +++ b/docker/oidc-controller/config/user_variable_substitution.py @@ -1,6 +1,3 @@ -raise Exception("new exception") - - def sub_days_plus_one(days: str) -> int: """Strings like '$sub_days_plus_one_4' will be replaced with the final number icremented by one. In this case 5. From 99cba0d69f6a776c2c04acaa0b0b684add1493fc Mon Sep 17 00:00:00 2001 From: Gavin Jaeger-Freeborn Date: Wed, 30 Oct 2024 12:01:51 -0700 Subject: [PATCH 04/11] Add reference to where the example python file can be found Signed-off-by: Gavin Jaeger-Freeborn --- docs/ConfigurationGuide.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/ConfigurationGuide.md b/docs/ConfigurationGuide.md index 8f0562a8..00d53557 100644 --- a/docs/ConfigurationGuide.md +++ b/docs/ConfigurationGuide.md @@ -153,3 +153,5 @@ def today_plus_times(added_days: str, multiplied_days: str) -> int: # variable_substitution_map will already be defined in variableSubstitutions.py variable_substitution_map.add_variable_substitution(r"\$today_plus_(\d+)_times_(\d+)", today_plus_times) ``` + +For an example of this python file see `docker/oidc-controller/config/user_variable_substitution.py` From e13155754962b41a9078d6f95584ca014eaeb6ad Mon Sep 17 00:00:00 2001 From: Gavin Jaeger-Freeborn Date: Wed, 30 Oct 2024 12:08:13 -0700 Subject: [PATCH 05/11] Corrected minor doc errors Signed-off-by: Gavin Jaeger-Freeborn --- docker/oidc-controller/config/user_variable_substitution.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker/oidc-controller/config/user_variable_substitution.py b/docker/oidc-controller/config/user_variable_substitution.py index e86ec53b..631090af 100644 --- a/docker/oidc-controller/config/user_variable_substitution.py +++ b/docker/oidc-controller/config/user_variable_substitution.py @@ -1,8 +1,8 @@ def sub_days_plus_one(days: str) -> int: """Strings like '$sub_days_plus_one_4' will be replaced with the - final number icremented by one. In this case 5. + final number incremented by one. In this case 5. $sub_days_plus_one_4 -> 5 - $sub_days_plus_one_10 -> 10""" + $sub_days_plus_one_10 -> 11""" return int(days) + 1 From 350c2af4838cd1eeabd601674088548fe1ba3e68 Mon Sep 17 00:00:00 2001 From: Gavin Jaeger-Freeborn Date: Wed, 30 Oct 2024 12:10:19 -0700 Subject: [PATCH 06/11] Correct minor example errors Signed-off-by: Gavin Jaeger-Freeborn --- docker/oidc-controller/config/user_variable_substitution.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker/oidc-controller/config/user_variable_substitution.py b/docker/oidc-controller/config/user_variable_substitution.py index 631090af..d367fd57 100644 --- a/docker/oidc-controller/config/user_variable_substitution.py +++ b/docker/oidc-controller/config/user_variable_substitution.py @@ -7,7 +7,7 @@ def sub_days_plus_one(days: str) -> int: variable_substitution_map.add_variable_substitution( - r"$sub_days_plus_one_(\d+)", sub_days_plus_one + r"\$sub_days_plus_one_(\d+)", sub_days_plus_one ) @@ -20,5 +20,5 @@ def sub_string_for_sure(_: str) -> str: variable_substitution_map.add_variable_substitution( - r"$sub_string_for_sure_(.+)", sub_string_for_sure + r"\$sub_string_for_sure_(.+)", sub_string_for_sure ) From 7790306c85333acb70335adbab20bfe629a69d41 Mon Sep 17 00:00:00 2001 From: Gavin Jaeger-Freeborn Date: Thu, 31 Oct 2024 15:19:45 -0700 Subject: [PATCH 07/11] Added helm configuration settings Signed-off-by: Gavin Jaeger-Freeborn --- .../vc-authn-oidc/templates/deployment.yaml | 11 +++++++++ docker/manage | 2 +- .../config/user_variable_substitution.py | 24 ------------------- .../user_variable_substitution_example.py | 24 +++++++++++++++++++ docs/ConfigurationGuide.md | 2 +- .../variableSubstitutions.py | 5 ++++ 6 files changed, 42 insertions(+), 26 deletions(-) create mode 100644 docker/oidc-controller/config/user_variable_substitution_example.py diff --git a/charts/vc-authn-oidc/templates/deployment.yaml b/charts/vc-authn-oidc/templates/deployment.yaml index d22b91c0..464f2533 100644 --- a/charts/vc-authn-oidc/templates/deployment.yaml +++ b/charts/vc-authn-oidc/templates/deployment.yaml @@ -39,6 +39,12 @@ spec: - name: auth-session-ttl configMap: name: {{ include "global.fullname" . }}-session-timeout + - name: custom-variable-substitution + configMap: + name: {{ include "global.fullname" . }}-variable-substitution-config + items: + - key: user_variable_substitution.py + path: user_variable_substitution.py containers: - name: {{ .Chart.Name }} securityContext: @@ -72,6 +78,8 @@ spec: value: {{ .Values.controller.presentationExpireTime | quote }} # - name: CONTROLLER_SESSION_TIMEOUT_CONFIG_FILE # value: /home/aries/sessiontimeout.json + - name: CONTROLLER_VARIABLE_SUBSTITUTION_OVERRIDE + value: /home/aries/user_variable_substitution.py - name: CONTROLLER_PRESENTATION_CLEANUP_TIME value: {{ .Values.controller.sessionTimeout.duration | quote }} - name: ACAPY_AGENT_URL @@ -133,6 +141,9 @@ spec: - name: auth-session-ttl mountPath: /home/aries/sessiontimeout.json subPath: sessiontimeout.json + - name: custom-variable-substitution + mountPath: /home/aries/user_variable_substitution.py + subPath: sessiontimeout.json {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/docker/manage b/docker/manage index 3224f4c9..7157f855 100755 --- a/docker/manage +++ b/docker/manage @@ -180,7 +180,7 @@ configureEnvironment() { export CONTROLLER_SESSION_TIMEOUT_CONFIG_FILE="/home/aries/sessiontimeout.json" # Extend Variable Substitutions - # export CONTROLLER_VARIABLE_SUBSTITUTION_OVERRIDE="/home/aries/user_variable_substitution.py" + export CONTROLLER_VARIABLE_SUBSTITUTION_OVERRIDE="/home/aries/user_variable_substitution.py" #controller app settings export INVITATION_LABEL=${INVITATION_LABEL:-"VC-AuthN"} diff --git a/docker/oidc-controller/config/user_variable_substitution.py b/docker/oidc-controller/config/user_variable_substitution.py index d367fd57..e69de29b 100644 --- a/docker/oidc-controller/config/user_variable_substitution.py +++ b/docker/oidc-controller/config/user_variable_substitution.py @@ -1,24 +0,0 @@ -def sub_days_plus_one(days: str) -> int: - """Strings like '$sub_days_plus_one_4' will be replaced with the - final number incremented by one. In this case 5. - $sub_days_plus_one_4 -> 5 - $sub_days_plus_one_10 -> 11""" - return int(days) + 1 - - -variable_substitution_map.add_variable_substitution( - r"\$sub_days_plus_one_(\d+)", sub_days_plus_one -) - - -def sub_string_for_sure(_: str) -> str: - """Turns strings like $sub_string_for_sure_something into the string 'sure' - $sub_string_for_sure_something -> sure - $sub_string_for_sure_i -> sure - """ - return "sure" - - -variable_substitution_map.add_variable_substitution( - r"\$sub_string_for_sure_(.+)", sub_string_for_sure -) diff --git a/docker/oidc-controller/config/user_variable_substitution_example.py b/docker/oidc-controller/config/user_variable_substitution_example.py new file mode 100644 index 00000000..d367fd57 --- /dev/null +++ b/docker/oidc-controller/config/user_variable_substitution_example.py @@ -0,0 +1,24 @@ +def sub_days_plus_one(days: str) -> int: + """Strings like '$sub_days_plus_one_4' will be replaced with the + final number incremented by one. In this case 5. + $sub_days_plus_one_4 -> 5 + $sub_days_plus_one_10 -> 11""" + return int(days) + 1 + + +variable_substitution_map.add_variable_substitution( + r"\$sub_days_plus_one_(\d+)", sub_days_plus_one +) + + +def sub_string_for_sure(_: str) -> str: + """Turns strings like $sub_string_for_sure_something into the string 'sure' + $sub_string_for_sure_something -> sure + $sub_string_for_sure_i -> sure + """ + return "sure" + + +variable_substitution_map.add_variable_substitution( + r"\$sub_string_for_sure_(.+)", sub_string_for_sure +) diff --git a/docs/ConfigurationGuide.md b/docs/ConfigurationGuide.md index 00d53557..5a23ce48 100644 --- a/docs/ConfigurationGuide.md +++ b/docs/ConfigurationGuide.md @@ -154,4 +154,4 @@ def today_plus_times(added_days: str, multiplied_days: str) -> int: variable_substitution_map.add_variable_substitution(r"\$today_plus_(\d+)_times_(\d+)", today_plus_times) ``` -For an example of this python file see `docker/oidc-controller/config/user_variable_substitution.py` +For an example of this python file see `docker/oidc-controller/config/user_variable_substitution_example.py` diff --git a/oidc-controller/api/verificationConfigs/variableSubstitutions.py b/oidc-controller/api/verificationConfigs/variableSubstitutions.py index 689a6d86..f3e99d3e 100644 --- a/oidc-controller/api/verificationConfigs/variableSubstitutions.py +++ b/oidc-controller/api/verificationConfigs/variableSubstitutions.py @@ -127,11 +127,16 @@ def apply_user_variables(): exec(code) if len(variable_substitution_map.user_static_map) <= 1: logger.info("No new user created variable substitution where found") + + changes = 0 for pattern, func in variable_substitution_map.user_static_map.items(): if pattern not in og_substitution_map: logger.info( f'New user created variable substitution: The pattern "{pattern.pattern}" is now mapped to the function {func.__name__}' ) + changes += 1 + if changes == 0: + logger.info("No user created variable applied") apply_user_variables() From 0301fec5adc25c1e8e1c79e695b8b2fcb3bf19c4 Mon Sep 17 00:00:00 2001 From: Gavin Jaeger-Freeborn Date: Thu, 31 Oct 2024 15:23:55 -0700 Subject: [PATCH 08/11] Removed duplicate change checking Signed-off-by: Gavin Jaeger-Freeborn --- .../api/verificationConfigs/variableSubstitutions.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/oidc-controller/api/verificationConfigs/variableSubstitutions.py b/oidc-controller/api/verificationConfigs/variableSubstitutions.py index f3e99d3e..e956359f 100644 --- a/oidc-controller/api/verificationConfigs/variableSubstitutions.py +++ b/oidc-controller/api/verificationConfigs/variableSubstitutions.py @@ -128,15 +128,12 @@ def apply_user_variables(): if len(variable_substitution_map.user_static_map) <= 1: logger.info("No new user created variable substitution where found") - changes = 0 for pattern, func in variable_substitution_map.user_static_map.items(): if pattern not in og_substitution_map: logger.info( f'New user created variable substitution: The pattern "{pattern.pattern}" is now mapped to the function {func.__name__}' ) changes += 1 - if changes == 0: - logger.info("No user created variable applied") apply_user_variables() From 780ee499f3f121637e4e8bd05f7587a2ef751f65 Mon Sep 17 00:00:00 2001 From: Gavin Jaeger-Freeborn Date: Thu, 31 Oct 2024 15:25:29 -0700 Subject: [PATCH 09/11] missed a usage of changes Signed-off-by: Gavin Jaeger-Freeborn --- oidc-controller/api/verificationConfigs/variableSubstitutions.py | 1 - 1 file changed, 1 deletion(-) diff --git a/oidc-controller/api/verificationConfigs/variableSubstitutions.py b/oidc-controller/api/verificationConfigs/variableSubstitutions.py index e956359f..57fd863b 100644 --- a/oidc-controller/api/verificationConfigs/variableSubstitutions.py +++ b/oidc-controller/api/verificationConfigs/variableSubstitutions.py @@ -133,7 +133,6 @@ def apply_user_variables(): logger.info( f'New user created variable substitution: The pattern "{pattern.pattern}" is now mapped to the function {func.__name__}' ) - changes += 1 apply_user_variables() From 64c7fcdc0972847ddc5c07d2bd02bea1d6ad45e3 Mon Sep 17 00:00:00 2001 From: Gavin Jaeger-Freeborn Date: Tue, 5 Nov 2024 10:52:08 -0800 Subject: [PATCH 10/11] Corrected sub path Signed-off-by: Gavin Jaeger-Freeborn --- charts/vc-authn-oidc/templates/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/vc-authn-oidc/templates/deployment.yaml b/charts/vc-authn-oidc/templates/deployment.yaml index 464f2533..b49b0933 100644 --- a/charts/vc-authn-oidc/templates/deployment.yaml +++ b/charts/vc-authn-oidc/templates/deployment.yaml @@ -143,7 +143,7 @@ spec: subPath: sessiontimeout.json - name: custom-variable-substitution mountPath: /home/aries/user_variable_substitution.py - subPath: sessiontimeout.json + subPath: user_variable_substitution.py {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} From ec1ee82b75ad694775fda7f39158535f62517181 Mon Sep 17 00:00:00 2001 From: Gavin Jaeger-Freeborn Date: Tue, 5 Nov 2024 11:52:33 -0800 Subject: [PATCH 11/11] Add more clarification as to how variable substitutions will be loaded Signed-off-by: Gavin Jaeger-Freeborn --- docs/ConfigurationGuide.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/docs/ConfigurationGuide.md b/docs/ConfigurationGuide.md index 5a23ce48..652f7f70 100644 --- a/docs/ConfigurationGuide.md +++ b/docs/ConfigurationGuide.md @@ -155,3 +155,12 @@ variable_substitution_map.add_variable_substitution(r"\$today_plus_(\d+)_times_( ``` For an example of this python file see `docker/oidc-controller/config/user_variable_substitution_example.py` + +All that is necessary is the adding of substitution variables.These +changes will be applied by vc-authn during startup. The variable +`variable_substitution_map` **will already be defined**. + +After loading the python file during the service startup each new user +defined variable is logged for confirmation. Any failures to load +these changes will be logged. If no new definitions are found +indication of this will also be logged