diff options
author | Yves Fischer <yvesf-git@xapek.org> | 2018-11-26 01:35:11 +0100 |
---|---|---|
committer | Yves Fischer <yvesf-git@xapek.org> | 2018-11-26 01:35:11 +0100 |
commit | 3b89dc69da0f88cf8e2290523fa50656ac2ebb5d (patch) | |
tree | 105313b862ca7d8a123a37c279508081744a90d9 /test | |
download | nginx-auth-totp-3b89dc69da0f88cf8e2290523fa50656ac2ebb5d.tar.gz nginx-auth-totp-3b89dc69da0f88cf8e2290523fa50656ac2ebb5d.zip |
Proof of concept with totp
Diffstat (limited to 'test')
-rw-r--r-- | test/etc/nginx.conf | 35 | ||||
-rwxr-xr-x | test/nginx.sh | 18 | ||||
-rwxr-xr-x | test/oathtool.sh | 6 | ||||
-rw-r--r-- | test/www/index.html | 58 | ||||
-rw-r--r-- | test/www/other_page.html | 57 |
5 files changed, 174 insertions, 0 deletions
diff --git a/test/etc/nginx.conf b/test/etc/nginx.conf new file mode 100644 index 0000000..3477353 --- /dev/null +++ b/test/etc/nginx.conf @@ -0,0 +1,35 @@ +# nginx -p . -c nginx.conf + +pid /tmp/nginx.example.pid; + +daemon off; + +events { + worker_connections 5; +} + +http { + access_log /dev/stdout; + error_log /dev/stderr; + + server { + server_name localhost; + + location /auth { + rewrite /auth/(.+) /$1 break; + proxy_pass http://127.0.0.1:8080; # This is the TOTP Server + proxy_set_header X-Totp-Secret baadf00d; + proxy_set_header X-Totp-Secret deadc0de; + } + + # This ensures that if the TOTP server returns 401 we redirect to login + error_page 401 = @error401; + location @error401 { + return 302 /auth/login$request_uri; + } + + location / { + auth_request /auth/check; + } + } +}
\ No newline at end of file diff --git a/test/nginx.sh b/test/nginx.sh new file mode 100755 index 0000000..d6926c0 --- /dev/null +++ b/test/nginx.sh @@ -0,0 +1,18 @@ +#!/bin/sh +set -x + +bwrap \ + --ro-bind /bin /bin \ + --ro-bind /usr /usr \ + --ro-bind /etc /etc \ + --ro-bind /lib /lib \ + --ro-bind /lib64 /lib64 \ + --ro-bind /run /run \ + --ro-bind etc /etc/nginx \ + --ro-bind www /usr/share/nginx/html \ + --dev /dev \ + --proc /proc \ + --dir /tmp \ + --dir /var/log/nginx \ + --dir /var/lib/nginx \ + /usr/sbin/nginx
\ No newline at end of file diff --git a/test/oathtool.sh b/test/oathtool.sh new file mode 100755 index 0000000..d1d3441 --- /dev/null +++ b/test/oathtool.sh @@ -0,0 +1,6 @@ +#!/bin/sh + +for key in baadf00d deadc0de; do + echo -n "$key: " + oathtool --totp=sha512 $key +done
\ No newline at end of file diff --git a/test/www/index.html b/test/www/index.html new file mode 100644 index 0000000..3ad444a --- /dev/null +++ b/test/www/index.html @@ -0,0 +1,58 @@ +<!DOCTYPE html> +<html><div id="saka-gui-root" style="position: absolute; left: 0px; top: 0px; width: 100%; height: 100%; z-index: 2147483647; opacity: 1; pointer-events: none;"><div><div><style> +@font-face { + font-family: Roboto; -moz-osx-font-smoothing: grayscale; -webkit-font-smoothing: antialiased; + font-style: normal; font-weight: normal; src: url(moz-extension://727c00b7-4391-4fd7-82e7-3d51bb518a34/Roboto-Regular.tff) format('tff'); +} +.saka-hint-body { + all: initial; +position: absolute; +z-index: 2147483647; +opacity: 0.85; +font-family: Roboto, sans-serif; +font-weight: 900; +padding: 0.15rem 0.25rem; +border: 0px solid; +text-align: center; +text-decoration: none; +text-transform: uppercase; +vertical-align: middle; +font-size: 12px; +color: #3ff5d5; +background-color: #000000; +border-color: #ff0000; +box-shadow: 0 3px 1px -2px rgba(0,0,0,.2), 0 2px 2px 0 rgba(0,0,0,.14), 0 1px 5px 0 rgba(0,0,0,.12); +border-radius: 4px; +transform: translate3d(0%, -50%, 0) +} +.saka-hint-normal-char { + +} +.saka-hint-active-char { + opacity: 0.5 +}</style><div style="position: absolute; left: 0px; top: 0px;"></div></div></div></div><head> +<meta http-equiv="content-type" content="text/html; charset=windows-1252"> +<title>Welcome to nginx!</title> +<style> + body { + width: 35em; + margin: 0 auto; + font-family: Tahoma, Verdana, Arial, sans-serif; + } +</style> +</head> +<body> +<h1>Welcome to nginx!</h1> +<p>If you see this page, the nginx web server is successfully installed and +working. Further configuration is required.</p> + +<p>For online documentation and support please refer to +<a href="http://nginx.org/">nginx.org</a>.<br> +Commercial support is available at +<a href="http://nginx.com/">nginx.com</a>.</p> + +<p><em>Thank you for using nginx.</em></p> + +<p><a href="other_page.html">look here other_page.html</a></p> + +</body></html>
\ No newline at end of file diff --git a/test/www/other_page.html b/test/www/other_page.html new file mode 100644 index 0000000..49656db --- /dev/null +++ b/test/www/other_page.html @@ -0,0 +1,57 @@ +<!DOCTYPE html> +<html><div id="saka-gui-root" style="position: absolute; left: 0px; top: 0px; width: 100%; height: 100%; z-index: 2147483647; opacity: 1; pointer-events: none;"><div><div><style> +@font-face { + font-family: Roboto; -moz-osx-font-smoothing: grayscale; -webkit-font-smoothing: antialiased; + font-style: normal; font-weight: normal; src: url(moz-extension://727c00b7-4391-4fd7-82e7-3d51bb518a34/Roboto-Regular.tff) format('tff'); +} +.saka-hint-body { + all: initial; +position: absolute; +z-index: 2147483647; +opacity: 0.85; +font-family: Roboto, sans-serif; +font-weight: 900; +padding: 0.15rem 0.25rem; +border: 0px solid; +text-align: center; +text-decoration: none; +text-transform: uppercase; +vertical-align: middle; +font-size: 12px; +color: #3ff5d5; +background-color: #000000; +border-color: #ff0000; +box-shadow: 0 3px 1px -2px rgba(0,0,0,.2), 0 2px 2px 0 rgba(0,0,0,.14), 0 1px 5px 0 rgba(0,0,0,.12); +border-radius: 4px; +transform: translate3d(0%, -50%, 0) +} +.saka-hint-normal-char { + +} +.saka-hint-active-char { + opacity: 0.5 +}</style><div style="position: absolute; left: 0px; top: 0px;"></div></div></div></div><head> +<meta http-equiv="content-type" content="text/html; charset=windows-1252"> +<title>Welcome to nginx!</title> +<style> + body { + width: 35em; + margin: 0 auto; + font-family: Tahoma, Verdana, Arial, sans-serif; + } +</style> +</head> +<body> +<h1>Welcome to nginx!</h1> +<p>If you see this page, the nginx web server is successfully installed and +working. Further configuration is required.</p> + +<p>For online documentation and support please refer to +<a href="http://nginx.org/">nginx.org</a>.<br> +Commercial support is available at +<a href="http://nginx.com/">nginx.com</a>.</p> + +<p><em>Thank you for using nginx.</em></p> + + +</body></html>
\ No newline at end of file |